owa.darbeirut.com
Open in
urlscan Pro
217.138.107.115
Public Scan
Effective URL: https://owa.darbeirut.com/lm_auth_proxy?DoLMLogin?curl=L2fowa&curlid=2536219008-3723378099&curlmode=0
Submission: On November 03 via manual from QA — Scanned from GB
Summary
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on September 9th 2022. Valid for: a year.
This is the only time owa.darbeirut.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 8 | 217.138.107.115 217.138.107.115 | 20952 (VENUS-INT...) (VENUS-INTERNET-AS) | |
7 | 1 |
ASN20952 (VENUS-INTERNET-AS, GB)
PTR: mail.ipaadvisory.co.uk
owa.darbeirut.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
darbeirut.com
1 redirects
owa.darbeirut.com |
30 KB |
7 | 1 |
Domain | Requested by | |
---|---|---|
8 | owa.darbeirut.com |
1 redirects
owa.darbeirut.com
|
7 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
mfa.dar.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.darbeirut.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-09-09 - 2023-09-15 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://owa.darbeirut.com/lm_auth_proxy?DoLMLogin?curl=L2fowa&curlid=2536219008-3723378099&curlmode=0
Frame ID: 127632111308C5C0EA3D3C1B6FF2C3B0
Requests: 7 HTTP requests in this frame
Screenshot
Page Title
DAR Login ScreenPage URL History Show full URLs
-
https://owa.darbeirut.com/
HTTP 302
https://owa.darbeirut.com/lm_auth_proxy?DoLMLogin?curl=L2fowa&curlid=2536219008-3723378099&curlmode=0 Page URL
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: click to enable MFA
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://owa.darbeirut.com/
HTTP 302
https://owa.darbeirut.com/lm_auth_proxy?DoLMLogin?curl=L2fowa&curlid=2536219008-3723378099&curlmode=0 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
7 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
lm_auth_proxy
owa.darbeirut.com/ Redirect Chain
|
6 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lm_auth_proxy
owa.darbeirut.com/ |
3 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lm_auth_proxy
owa.darbeirut.com/ |
4 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lm_auth_proxy
owa.darbeirut.com/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lm_auth_proxy
owa.darbeirut.com/ |
12 KB 12 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lm_auth_proxy
owa.darbeirut.com/ |
258 B 305 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lm_auth_proxy
owa.darbeirut.com/ |
257 B 296 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
20 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| xx_msg10 string| xx_msg11 string| xx_msg15 string| xx_msg17 function| errmsg function| save_username function| save_usernames_dfa function| getCookie function| loadvalues function| no_password_form function| sso_setup0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
owa.darbeirut.com
217.138.107.115
209cdc6a49a109787b2db69b60118e1a1c501fe2aebe22008d5d1abf45912eb1
41456a126cea02631d4bec22eba37f82efd1115e5f6065a609f306cb5d4cca2c
6d1724f88dab686eaf6b7a4c71bc9d1c4ae15bc3edcc293a610e006fca63193c
837a30664e24000a2099e60472d3eaa5967befef0e5eb4ed3edacc98b1dd06a5
abf7540f02da8ca09e5fc8e2b37cb2aba72c146e0976c353e86604a829a2d7ee
d737498e0c2a6027ba9351a9ee53f192f4c90ffaa0c009b0fa37c0fe48911448
e5cea48109e2d5196e2bc4aff8300d8312481a08ed56e1286f3db953831bd3b4