0nlinesecuremessagetrans.decofficesecurelfilex.sbs
Open in
urlscan Pro
172.232.53.88
Public Scan
Effective URL: https://0nlinesecuremessagetrans.decofficesecurelfilex.sbs/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3...
Submission Tags: falconsandbox
Submission: On December 05 via api from US — Scanned from FR
Summary
TLS certificate: Issued by E5 on December 5th 2024. Valid for: 3 months.
This is the only time 0nlinesecuremessagetrans.decofficesecurelfilex.sbs was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 10 | 172.232.53.88 172.232.53.88 | 63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud) | |
11 | 2 |
ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 172-232-53-88.ip.linodeusercontent.com
0nlinesecuremessagetrans.decofficesecurelfilex.sbs | |
0ffice.decofficesecurelfilex.sbs | |
3b382aa8-7eb3ac8c.decofficesecurelfilex.sbs | |
457cb5d4-7eb3ac8c.decofficesecurelfilex.sbs |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
decofficesecurelfilex.sbs
3 redirects
0nlinesecuremessagetrans.decofficesecurelfilex.sbs 0ffice.decofficesecurelfilex.sbs 457cb5d4-7eb3ac8c.decofficesecurelfilex.sbs Failed l1ve.decofficesecurelfilex.sbs Failed 3b382aa8-7eb3ac8c.decofficesecurelfilex.sbs |
216 KB |
11 | 1 |
Domain | Requested by | |
---|---|---|
5 | 0nlinesecuremessagetrans.decofficesecurelfilex.sbs |
2 redirects
457cb5d4-7eb3ac8c.decofficesecurelfilex.sbs
|
3 | 457cb5d4-7eb3ac8c.decofficesecurelfilex.sbs |
0nlinesecuremessagetrans.decofficesecurelfilex.sbs
|
1 | 3b382aa8-7eb3ac8c.decofficesecurelfilex.sbs |
0nlinesecuremessagetrans.decofficesecurelfilex.sbs
|
1 | 0ffice.decofficesecurelfilex.sbs | 1 redirects |
0 | l1ve.decofficesecurelfilex.sbs Failed |
0nlinesecuremessagetrans.decofficesecurelfilex.sbs
|
11 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
decofficesecurelfilex.sbs E5 |
2024-12-05 - 2025-03-05 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://0nlinesecuremessagetrans.decofficesecurelfilex.sbs/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2F0ffice.decofficesecurelfilex.sbs%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2F0ffice.decofficesecurelfilex.sbs%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638690170300842345.YjM5NjEyYjgtZjlkZC00YmQ3LTkxZGQtMTI2Y2MyMDNmYWRlMzUzYmEyNDctODMzNS00NWY0LThlYWItZmRiMjQwYWNiNTBi&ui_locales=fr-FR&mkt=fr-FR&client-request-id=9bcbec97-7ebf-4cdd-b14f-b5f0fe0eb19f&state=aaMWRae02owpm9RjjLA5nkE7R3h9pPvm5BZ7n6YTpFu_IrArd0Hqr_w6EVYd353cI7xcDESNEvL-yD60GuCfk6cNJ87K0TOzZNryZAPyQJqVTMoD5gGdyeEbDGcc9EHxZ0Yq6yvmD6cJaXut1VWeYV90CHkCX8ntqzgcsu30ySbjj6y1rkbofH8CfYS-PLWLIikmbStTO8bjoeF6YV4NQnpiNrnJ-IfR7LVCwwk0Vf2e9Rqe2LZW8Qw6QlaxH0_lSZE5YJKhtkh2xM-332WdVA&x-client-SKU=ID_NET8_0&x-client-ver=7.5.1.0
Frame ID: 8C15CCA9943078546CA9DB0F38E9229F
Requests: 11 HTTP requests in this frame
Screenshot
Page Title
Connectez-vous à votre comptePage URL History Show full URLs
-
http://0nlinesecuremessagetrans.decofficesecurelfilex.sbs/
HTTP 307
https://0nlinesecuremessagetrans.decofficesecurelfilex.sbs/ Page URL
-
https://0nlinesecuremessagetrans.decofficesecurelfilex.sbs/
HTTP 302
https://0nlinesecuremessagetrans.decofficesecurelfilex.sbs/ HTTP 302
https://0ffice.decofficesecurelfilex.sbs/login HTTP 302
https://0nlinesecuremessagetrans.decofficesecurelfilex.sbs/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&... Page URL
Detected technologies
jQuery (JavaScript Libraries) ExpandDetected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://0nlinesecuremessagetrans.decofficesecurelfilex.sbs/
HTTP 307
https://0nlinesecuremessagetrans.decofficesecurelfilex.sbs/ Page URL
-
https://0nlinesecuremessagetrans.decofficesecurelfilex.sbs/
HTTP 302
https://0nlinesecuremessagetrans.decofficesecurelfilex.sbs/ HTTP 302
https://0ffice.decofficesecurelfilex.sbs/login HTTP 302
https://0nlinesecuremessagetrans.decofficesecurelfilex.sbs/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2F0ffice.decofficesecurelfilex.sbs%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2F0ffice.decofficesecurelfilex.sbs%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=638690170300842345.YjM5NjEyYjgtZjlkZC00YmQ3LTkxZGQtMTI2Y2MyMDNmYWRlMzUzYmEyNDctODMzNS00NWY0LThlYWItZmRiMjQwYWNiNTBi&ui_locales=fr-FR&mkt=fr-FR&client-request-id=9bcbec97-7ebf-4cdd-b14f-b5f0fe0eb19f&state=aaMWRae02owpm9RjjLA5nkE7R3h9pPvm5BZ7n6YTpFu_IrArd0Hqr_w6EVYd353cI7xcDESNEvL-yD60GuCfk6cNJ87K0TOzZNryZAPyQJqVTMoD5gGdyeEbDGcc9EHxZ0Yq6yvmD6cJaXut1VWeYV90CHkCX8ntqzgcsu30ySbjj6y1rkbofH8CfYS-PLWLIikmbStTO8bjoeF6YV4NQnpiNrnJ-IfR7LVCwwk0Vf2e9Rqe2LZW8Qw6QlaxH0_lSZE5YJKhtkh2xM-332WdVA&x-client-SKU=ID_NET8_0&x-client-ver=7.5.1.0 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://0nlinesecuremessagetrans.decofficesecurelfilex.sbs/ HTTP 307
- https://0nlinesecuremessagetrans.decofficesecurelfilex.sbs/
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
0nlinesecuremessagetrans.decofficesecurelfilex.sbs/ Redirect Chain
|
165 KB 63 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
authorize
0nlinesecuremessagetrans.decofficesecurelfilex.sbs/common/oauth2/v2.0/ Redirect Chain
|
178 KB 64 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
converged.v2.login.min_nin8k2ycrbzww8zl5vxkaq2.css
457cb5d4-7eb3ac8c.decofficesecurelfilex.sbs/ests/2.1/content/cdnbundles/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
ConvergedLogin_PCore_h6TdaK6cfsrg175w47aRCA2.js
457cb5d4-7eb3ac8c.decofficesecurelfilex.sbs/shared/1.0/content/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
ux.converged.login.strings-fr.min_5ak7by3q3urdlt5likmn_w2.js
457cb5d4-7eb3ac8c.decofficesecurelfilex.sbs/ests/2.1/content/cdnbundles/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
Me.htm
l1ve.decofficesecurelfilex.sbs/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
converged.v2.login.min_nin8k2ycrbzww8zl5vxkaq2.css
3b382aa8-7eb3ac8c.decofficesecurelfilex.sbs/ests/2.1/content/cdnbundles/ |
111 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
watsonsupportwithjquery.3.5.min_dc940oomzau4rsu8qesnvg2.js
457cb5d4-7eb3ac8c.decofficesecurelfilex.sbs/ests/2.1/content/cdnbundles/ |
117 KB 40 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
frameworksupport.min_oadrnc13magb009k4d20lg2.js
457cb5d4-7eb3ac8c.decofficesecurelfilex.sbs/ests/2.1/content/cdnbundles/ |
12 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
watson.min_q5ptmu8aniymd4ftuqdkda2.js
457cb5d4-7eb3ac8c.decofficesecurelfilex.sbs/ests/2.1/content/cdnbundles/ |
9 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
watson
0nlinesecuremessagetrans.decofficesecurelfilex.sbs/common/handlers/ |
265 B 884 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- 457cb5d4-7eb3ac8c.decofficesecurelfilex.sbs
- URL
- https://457cb5d4-7eb3ac8c.decofficesecurelfilex.sbs/ests/2.1/content/cdnbundles/converged.v2.login.min_nin8k2ycrbzww8zl5vxkaq2.css
- Domain
- 457cb5d4-7eb3ac8c.decofficesecurelfilex.sbs
- URL
- https://457cb5d4-7eb3ac8c.decofficesecurelfilex.sbs/shared/1.0/content/js/ConvergedLogin_PCore_h6TdaK6cfsrg175w47aRCA2.js
- Domain
- 457cb5d4-7eb3ac8c.decofficesecurelfilex.sbs
- URL
- https://457cb5d4-7eb3ac8c.decofficesecurelfilex.sbs/ests/2.1/content/cdnbundles/ux.converged.login.strings-fr.min_5ak7by3q3urdlt5likmn_w2.js
- Domain
- l1ve.decofficesecurelfilex.sbs
- URL
- https://l1ve.decofficesecurelfilex.sbs/Me.htm?v=3
Verdicts & Comments Add Verdict or Comment
10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.decofficesecurelfilex.sbs/ | Name: ve70yu Value: "N2ViM2FjOGMtNTYxNi00Yzg2LWIwMDItYWFlYmY4YzgxY2I1OmM4YzM1N2M1LTE5M2YtNGZkOC1hNmI2LWVmMTdiZDE4ZmM2NA==" |
|
0ffice.decofficesecurelfilex.sbs/ | Name: OH.DCAffinity Value: OH-weu |
|
0ffice.decofficesecurelfilex.sbs/ | Name: OH.FLID Value: 87fcb7e0-f680-4aef-af7d-e0148c331fb8 |
|
0ffice.decofficesecurelfilex.sbs/ | Name: .AspNetCore.OpenIdConnect.Nonce.1UMUiTrhQFDjMwyt3OD03RwwrJcmWk7hw_oYzOHccTI6JdhY9X_tV057j-Fxk1cda7mIDgHhWXmNQQOyOgh7JQJ3MI5s67xq4FUQWi__LfyebGg8HjE4Nc9vpHnC4JeTjlZYvS8yMa4wr36E9xdv4aY2BDcOsMDvqfCaIagN2iyXHj-K3OK1X4yhwwkAOmcfKBP8MjfgJzWMeh2ACOocFHqIGkQfZTOIgfg9CE0eiX5k0REvD2pIknoAUpKLQ3T9 Value: N |
|
0ffice.decofficesecurelfilex.sbs/ | Name: .AspNetCore.Correlation.rES0V6Yts9QNoZZd-_sIwmapUI5DGYoHzU2d2V-H0uM Value: N |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
0ffice.decofficesecurelfilex.sbs
0nlinesecuremessagetrans.decofficesecurelfilex.sbs
3b382aa8-7eb3ac8c.decofficesecurelfilex.sbs
457cb5d4-7eb3ac8c.decofficesecurelfilex.sbs
l1ve.decofficesecurelfilex.sbs
457cb5d4-7eb3ac8c.decofficesecurelfilex.sbs
l1ve.decofficesecurelfilex.sbs
172.232.53.88
441bfa485fb0eb8ad2be7001209868b57c41769cae9512a774419f5882c093e6
56b4d9a9ae03158a99453a7b99aa86f6acc3e783134f44dd84625e70f8e65e49
68c2994e21a564345eb3b4091dd2334c9cbddb0aecda45ee963c6de2e1629b93
8a7314a652fc87cb66229552a1d0f7fe6c8e965b7bf07d715c11e7067a54acbf
a842e0a2e0c3d8f5bfb672a2206045a8426edabbf9b34e1328c6ab949c5196ba
a9c0e50702bafa4f823c37bd4b9ea766bb8abf8e2eb29a53097c6cf32f5519c5
ecce04e1f33e33535e9be697326bbfa5bf62f9ad1aa09f62a1c82840fb9e04ea