urlscan.io logo urlscan.io
SecurityTrails logo

owa.darbeirut.com Open in urlscan Pro
217.138.107.115  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://owa.darbeirut.com/
Effective URL: https://owa.darbeirut.com/lm_auth_proxy?DoLMLogin?curl=L2fowa&curlid=2536219008-3723378099&curlmode=0
Submission: On November 03 via manual from QA — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 7 HTTP transactions. The main IP is 217.138.107.115, located in Gerrards Cross, United Kingdom and belongs to VENUS-INTERNET-AS, GB. The main domain is owa.darbeirut.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on September 9th 2022. Valid for: a year.
This is the only time owa.darbeirut.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 8 217.138.107.115 20952 (VENUS-INT...)
7 1
Apex Domain
Subdomains		 Transfer
8 darbeirut.com
owa.darbeirut.com
30 KB
7 1
Domain Requested by
8 owa.darbeirut.com 1 redirects owa.darbeirut.com
7 1

This site contains links to these domains. Also see Links.

Domain
mfa.dar.com
Subject Issuer Validity Valid
*.darbeirut.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-09 -
2023-09-15		 a year crt.sh

This page contains 1 frames:

Primary Page: https://owa.darbeirut.com/lm_auth_proxy?DoLMLogin?curl=L2fowa&curlid=2536219008-3723378099&curlmode=0
Frame ID: 127632111308C5C0EA3D3C1B6FF2C3B0
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

DAR Login Screen

Page URL History Show full URLs

  1. https://owa.darbeirut.com/ HTTP 302
    https://owa.darbeirut.com/lm_auth_proxy?DoLMLogin?curl=L2fowa&curlid=2536219008-3723378099&curlmode=0 Page URL

Page Statistics

7
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

29 kB
Transfer

29 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://owa.darbeirut.com/ HTTP 302
    https://owa.darbeirut.com/lm_auth_proxy?DoLMLogin?curl=L2fowa&curlid=2536219008-3723378099&curlmode=0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request lm_auth_proxy
owa.darbeirut.com/
Redirect Chain
  • https://owa.darbeirut.com/
  • https://owa.darbeirut.com/lm_auth_proxy?DoLMLogin?curl=L2fowa&curlid=2536219008-3723378099&curlmode=0
6 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://owa.darbeirut.com/lm_auth_proxy?DoLMLogin?curl=L2fowa&curlid=2536219008-3723378099&curlmode=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.138.107.115 Gerrards Cross, United Kingdom, ASN20952 (VENUS-INTERNET-AS, GB),
Reverse DNS
mail.ipaadvisory.co.uk
Software
WWW Server/1.1 /
Resource Hash
abf7540f02da8ca09e5fc8e2b37cb2aba72c146e0976c353e86604a829a2d7ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache,max-age=0,must-revalidate
content-length
6440
content-type
text/html
date
Thu, 03 Nov 2022 07:05:54 GMT
pragma
no-cache
server
WWW Server/1.1
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

content-length
68
content-type
text/html
date
Thu, 03 Nov 2022 07:05:54 GMT
location
/lm_auth_proxy?DoLMLogin?curl=L2fowa&curlid=2536219008-3723378099&curlmode=0
server
WWW Server/1.1
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
lm_auth_proxy
owa.darbeirut.com/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://owa.darbeirut.com/lm_auth_proxy?LMimage=kmgstyle.css
Requested by
Host: owa.darbeirut.com
URL: https://owa.darbeirut.com/lm_auth_proxy?DoLMLogin?curl=L2fowa&curlid=2536219008-3723378099&curlmode=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.138.107.115 Gerrards Cross, United Kingdom, ASN20952 (VENUS-INTERNET-AS, GB),
Reverse DNS
mail.ipaadvisory.co.uk
Software
WWW Server/1.1 /
Resource Hash
209cdc6a49a109787b2db69b60118e1a1c501fe2aebe22008d5d1abf45912eb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://owa.darbeirut.com/lm_auth_proxy?DoLMLogin?curl=L2fowa&curlid=2536219008-3723378099&curlmode=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 07:05:55 GMT
x-content-type-options
nosniff
server
WWW Server/1.1
content-length
2807
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
content-type
text/css
lm_auth_proxy
owa.darbeirut.com/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://owa.darbeirut.com/lm_auth_proxy?LMimage=lm_sso.js
Requested by
Host: owa.darbeirut.com
URL: https://owa.darbeirut.com/lm_auth_proxy?DoLMLogin?curl=L2fowa&curlid=2536219008-3723378099&curlmode=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.138.107.115 Gerrards Cross, United Kingdom, ASN20952 (VENUS-INTERNET-AS, GB),
Reverse DNS
mail.ipaadvisory.co.uk
Software
WWW Server/1.1 /
Resource Hash
837a30664e24000a2099e60472d3eaa5967befef0e5eb4ed3edacc98b1dd06a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://owa.darbeirut.com/lm_auth_proxy?DoLMLogin?curl=L2fowa&curlid=2536219008-3723378099&curlmode=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 07:05:55 GMT
x-content-type-options
nosniff
server
WWW Server/1.1
content-length
4382
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
content-type
text/javascript
lm_auth_proxy
owa.darbeirut.com/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://owa.darbeirut.com/lm_auth_proxy?LMimage=espblank.gif
Requested by
Host: owa.darbeirut.com
URL: https://owa.darbeirut.com/lm_auth_proxy?DoLMLogin?curl=L2fowa&curlid=2536219008-3723378099&curlmode=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.138.107.115 Gerrards Cross, United Kingdom, ASN20952 (VENUS-INTERNET-AS, GB),
Reverse DNS
mail.ipaadvisory.co.uk
Software
WWW Server/1.1 /
Resource Hash
e5cea48109e2d5196e2bc4aff8300d8312481a08ed56e1286f3db953831bd3b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://owa.darbeirut.com/lm_auth_proxy?DoLMLogin?curl=L2fowa&curlid=2536219008-3723378099&curlmode=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 07:05:55 GMT
x-content-type-options
nosniff
server
WWW Server/1.1
content-length
3183
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
content-type
image/gif
lm_auth_proxy
owa.darbeirut.com/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://owa.darbeirut.com/lm_auth_proxy?LMimage=espbottom.gif
Requested by
Host: owa.darbeirut.com
URL: https://owa.darbeirut.com/lm_auth_proxy?DoLMLogin?curl=L2fowa&curlid=2536219008-3723378099&curlmode=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.138.107.115 Gerrards Cross, United Kingdom, ASN20952 (VENUS-INTERNET-AS, GB),
Reverse DNS
mail.ipaadvisory.co.uk
Software
WWW Server/1.1 /
Resource Hash
41456a126cea02631d4bec22eba37f82efd1115e5f6065a609f306cb5d4cca2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://owa.darbeirut.com/lm_auth_proxy?DoLMLogin?curl=L2fowa&curlid=2536219008-3723378099&curlmode=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 07:05:55 GMT
x-content-type-options
nosniff
server
WWW Server/1.1
content-length
12282
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
content-type
image/gif
lm_auth_proxy
owa.darbeirut.com/ 		258 B
305 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://owa.darbeirut.com/lm_auth_proxy?LMimage=kmgleft.gif
Requested by
Host: owa.darbeirut.com
URL: https://owa.darbeirut.com/lm_auth_proxy?LMimage=kmgstyle.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.138.107.115 Gerrards Cross, United Kingdom, ASN20952 (VENUS-INTERNET-AS, GB),
Reverse DNS
mail.ipaadvisory.co.uk
Software
WWW Server/1.1 /
Resource Hash
6d1724f88dab686eaf6b7a4c71bc9d1c4ae15bc3edcc293a610e006fca63193c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://owa.darbeirut.com/lm_auth_proxy?LMimage=kmgstyle.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 07:05:55 GMT
x-content-type-options
nosniff
server
WWW Server/1.1
content-length
258
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
content-type
image/gif
lm_auth_proxy
owa.darbeirut.com/ 		257 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://owa.darbeirut.com/lm_auth_proxy?LMimage=kmgright.gif
Requested by
Host: owa.darbeirut.com
URL: https://owa.darbeirut.com/lm_auth_proxy?LMimage=kmgstyle.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.138.107.115 Gerrards Cross, United Kingdom, ASN20952 (VENUS-INTERNET-AS, GB),
Reverse DNS
mail.ipaadvisory.co.uk
Software
WWW Server/1.1 /
Resource Hash
d737498e0c2a6027ba9351a9ee53f192f4c90ffaa0c009b0fa37c0fe48911448
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://owa.darbeirut.com/lm_auth_proxy?LMimage=kmgstyle.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 07:05:55 GMT
x-content-type-options
nosniff
server
WWW Server/1.1
content-length
257
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
content-type
image/gif

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| xx_msg10 string| xx_msg11 string| xx_msg15 string| xx_msg17 function| errmsg function| save_username function| save_usernames_dfa function| getCookie function| loadvalues function| no_password_form function| sso_setup

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block