urlscan.io logo urlscan.io
SecurityTrails logo

signon.michaels.com Open in urlscan Pro
66.142.244.229  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://protect-us.mimecast.com/s/wVi8ClYVW5iz2l1LU9B_99?domain=michaels.my.salesforce.com
Effective URL: https://signon.michaels.com/FIM/sps/Salesforce/saml20/login
Submission: On April 29 via manual from IN
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 3 domains to perform 8 HTTP transactions. The main IP is 66.142.244.229, located in Irving, United States and belongs to MICHAELS-ATT-DS3, US. The main domain is signon.michaels.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on July 5th 2017. Valid for: 3 years.
This is the only time signon.michaels.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 207.211.31.64 14135 (NAVISITE-...)
2 13.110.9.206 14340 (SALESFORCE)
6 66.142.244.229 46202 (MICHAELS-...)
8 2
Apex Domain
Subdomains		 Transfer
6 michaels.com
signon.michaels.com
53 KB
2 salesforce.com
michaels.my.salesforce.com
8 KB
2 mimecast.com
protect-us.mimecast.com
1 KB
8 3
Domain Requested by
6 signon.michaels.com michaels.my.salesforce.com
signon.michaels.com
2 michaels.my.salesforce.com michaels.my.salesforce.com
2 protect-us.mimecast.com 2 redirects
8 3

This site contains links to these domains. Also see Links.

Domain
selfcare.michaels.com
Subject Issuer Validity Valid
*.my.salesforce.com
DigiCert SHA2 Secure Server CA		 2017-12-03 -
2020-12-02		 3 years crt.sh
signon.michaels.com
Entrust Certification Authority - L1K		 2017-07-05 -
2020-07-05		 3 years crt.sh

This page contains 1 frames:

Primary Page: https://signon.michaels.com/FIM/sps/Salesforce/saml20/login
Frame ID: 025333DF917BE4422EFAD45ED7A40150
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://protect-us.mimecast.com/s/wVi8ClYVW5iz2l1LU9B_99?domain=michaels.my.salesforce.com HTTP 307
    https://protect-us.mimecast.com/redirect/eNpdUlFv2jAQ_iuZH_oEwXYSkiChtVo3adrah1XtE1IUHAMG22dsZxSq_fddgKnq_BD... HTTP 307
    https://michaels.my.salesforce.com/emailaction/follower/2bsbkzbz9opigt8rmhroi72ol9p6l2zspnlnnelqj72xp3nqz99e3tn... Page URL
  2. https://michaels.my.salesforce.com/saml/authn-request.jsp?saml_request_id=_2CAAAAXJTmoWyME8wMUswMDAwMDA4T0k2AAA... Page URL
  3. https://signon.michaels.com/FIM/sps/Salesforce/saml20/login Page URL

Page Statistics

8
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

60 kB
Transfer

64 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://protect-us.mimecast.com/s/wVi8ClYVW5iz2l1LU9B_99?domain=michaels.my.salesforce.com HTTP 307
    https://protect-us.mimecast.com/redirect/eNpdUlFv2jAQ_iuZH_oEwXYSkiChtVo3adrah1XtE1IUHAMG22dsZxSq_fddgKnq_BDF333nu---eyNeuEhmRICWprWpaHV3kFrfdq1XQqYCDBkRDYLM2Ih4KaRyMSoj8V5UFaO05JxSijF8ho-IDKojs2pa1dMiZ8WIRBMfoUM-oZTjW8rhL8tSxmjK8pRVFEE3JGVFPSK91xjfxOjCbDFZTIwSm1bqkJpjGlotwwr8pa_FBDtWuhVRgV1MVqA1HKRfTPgyLHen5akGp9ax8mbjQZUcdO2mmp-Cs9paqffbkr-6zO5PdS2zaFk8uGxV7Fvaq36TZScF7RY-rzyYr0OhObsJDFQ3p_Q-R-HDeeE_pojaM_rhINqf0eLKze-5KRCVr3FOb6TZKdvNUVuM0n-79v4IUa2UaAdFSIlm_j7kuhymJwez1o0Yy6YPlDUsp83vDr_jsvny_HRX5XcZzxpO0ZQc47xEHlYwjI1x_mNGc15Oy7Jgw9RbtJW8pyGE0xygjRS7518_ERCYDkZ6cfHwAznYziNmwUunj7dXMf_ZRIa1WaMgZDoPUYo47tFO3CHRhnilhH65RcKL9BZsokJi4ZBcLFV2nRyhTxB_uC5D8hSxZki-W5F-Iucde4De4g6Rf2rJn79xeeZd HTTP 307
    https://michaels.my.salesforce.com/emailaction/follower/2bsbkzbz9opigt8rmhroi72ol9p6l2zspnlnnelqj72xp3nqz99e3tn1twp3f5qa0uiuh33zioajo?fromEmail=1&s1oid=00D41000000V2K6&s1nid=000000000000000&s1uid=00541000004D2m5&s1ext=0&emkind=chatterFollowerNotification&emtm=1588100722972 Page URL
  2. https://michaels.my.salesforce.com/saml/authn-request.jsp?saml_request_id=_2CAAAAXJTmoWyME8wMUswMDAwMDA4T0k2AAAA3vnMWC5l32Je_L3OKF79W8-u2CjsJHFQfK-8DWGqE4UzGkgkt1whtQu6wO-9PSWFOIKrLm-Hpgp7FVllKl1TrphyshT7dO2eEl3pAi4NEgLjMu65m-FubNBMBojqTJHtoY1ScuHnonTyiSMtfJhRDOM-fdqQLGpTu-s2vsw4FoOOjsqpA07pyFVpEZkMFkGFgXQWe0usoP1pSStc4a3URl_2Z0cOa1SeCWuNE-i4upG7hERMNk_gMnsajzPy9FWWVw&saml_acs=https%3A%2F%2Fmichaels.my.salesforce.com%3Fso%3D00D41000000V2K6%26sc%3D0LE410000008pL4&saml_binding_type=HttpPost&Issuer=https%3A%2F%2Fmichaels.my.salesforce.com&samlSsoConfig=0LE410000008pL4&RelayState=%2Femailaction%2Ffollower%2F2bsbkzbz9opigt8rmhroi72ol9p6l2zspnlnnelqj72xp3nqz99e3tn1twp3f5qa0uiuh33zioajo%3Fs1oid%3D00D41000000V2K6%26s1nid%3D000000000000000%26emkind%3DchatterFollowerNotification%26s1uid%3D00541000004D2m5%26emtm%3D1588100722972%26fromEmail%3D1%26s1ext%3D0 Page URL
  3. https://signon.michaels.com/FIM/sps/Salesforce/saml20/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://protect-us.mimecast.com/s/wVi8ClYVW5iz2l1LU9B_99?domain=michaels.my.salesforce.com HTTP 307
  • https://protect-us.mimecast.com/redirect/eNpdUlFv2jAQ_iuZH_oEwXYSkiChtVo3adrah1XtE1IUHAMG22dsZxSq_fddgKnq_BDF333nu---eyNeuEhmRICWprWpaHV3kFrfdq1XQqYCDBkRDYLM2Ih4KaRyMSoj8V5UFaO05JxSijF8ho-IDKojs2pa1dMiZ8WIRBMfoUM-oZTjW8rhL8tSxmjK8pRVFEE3JGVFPSK91xjfxOjCbDFZTIwSm1bqkJpjGlotwwr8pa_FBDtWuhVRgV1MVqA1HKRfTPgyLHen5akGp9ax8mbjQZUcdO2mmp-Cs9paqffbkr-6zO5PdS2zaFk8uGxV7Fvaq36TZScF7RY-rzyYr0OhObsJDFQ3p_Q-R-HDeeE_pojaM_rhINqf0eLKze-5KRCVr3FOb6TZKdvNUVuM0n-79v4IUa2UaAdFSIlm_j7kuhymJwez1o0Yy6YPlDUsp83vDr_jsvny_HRX5XcZzxpO0ZQc47xEHlYwjI1x_mNGc15Oy7Jgw9RbtJW8pyGE0xygjRS7518_ERCYDkZ6cfHwAznYziNmwUunj7dXMf_ZRIa1WaMgZDoPUYo47tFO3CHRhnilhH65RcKL9BZsokJi4ZBcLFV2nRyhTxB_uC5D8hSxZki-W5F-Iucde4De4g6Rf2rJn79xeeZd HTTP 307
  • https://michaels.my.salesforce.com/emailaction/follower/2bsbkzbz9opigt8rmhroi72ol9p6l2zspnlnnelqj72xp3nqz99e3tn1twp3f5qa0uiuh33zioajo?fromEmail=1&s1oid=00D41000000V2K6&s1nid=000000000000000&s1uid=00541000004D2m5&s1ext=0&emkind=chatterFollowerNotification&emtm=1588100722972

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set 2bsbkzbz9opigt8rmhroi72ol9p6l2zspnlnnelqj72xp3nqz99e3tn1twp3f5qa0uiuh33zioajo
michaels.my.salesforce.com/emailaction/follower/
Redirect Chain
  • https://protect-us.mimecast.com/s/wVi8ClYVW5iz2l1LU9B_99?domain=michaels.my.salesforce.com
  • https://protect-us.mimecast.com/redirect/eNpdUlFv2jAQ_iuZH_oEwXYSkiChtVo3adrah1XtE1IUHAMG22dsZxSq_fddgKnq_BDF333nu---eyNeuEhmRICWprWpaHV3kFrfdq1XQqYCDBkRDYLM2Ih4KaRyMSoj8V5UFaO05JxSijF8ho-IDKojs2pa...
  • https://michaels.my.salesforce.com/emailaction/follower/2bsbkzbz9opigt8rmhroi72ol9p6l2zspnlnnelqj72xp3nqz99e3tn1twp3f5qa0uiuh33zioajo?fromEmail=1&s1oid=00D41000000V2K6&s1nid=000000000000000&s1uid=0...
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://michaels.my.salesforce.com/emailaction/follower/2bsbkzbz9opigt8rmhroi72ol9p6l2zspnlnnelqj72xp3nqz99e3tn1twp3f5qa0uiuh33zioajo?fromEmail=1&s1oid=00D41000000V2K6&s1nid=000000000000000&s1uid=00541000004D2m5&s1ext=0&emkind=chatterFollowerNotification&emtm=1588100722972
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.110.9.206 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl4-ncg0-iad3.na75-ia2.my.salesforce.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536002; includeSubDomains

Request headers

Host
michaels.my.salesforce.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Set-Cookie
BrowserId=M_WBJ4mzEeqJObGEIO0XNA; domain=.salesforce.com; path=/; expires=Thu, 29-Apr-2021 00:48:55 GMT; Max-Age=31536000
Strict-Transport-Security
max-age=31536002; includeSubDomains
Public-Key-Pins-Report-Only
pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/00D41000000V2K6m";
Expect-CT
max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/00D41000000V2K6m"
Content-Security-Policy
upgrade-insecure-requests
X-Robots-Tag
none
Referrer-Policy
origin-when-cross-origin
Cache-Control
no-cache,must-revalidate,max-age=0,no-store,private
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Connection
close

Redirect headers

Location
https://michaels.my.salesforce.com/emailaction/follower/2bsbkzbz9opigt8rmhroi72ol9p6l2zspnlnnelqj72xp3nqz99e3tn1twp3f5qa0uiuh33zioajo?fromEmail=1&s1oid=00D41000000V2K6&s1nid=000000000000000&s1uid=00541000004D2m5&s1ext=0&emkind=chatterFollowerNotification&emtm=1588100722972
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Cache-control
no-store
Pragma
no-cache
X-Robots-Tag
noindex, nofollow
Content-Length
0
Date
Tue, 28 Apr 2020 20:48:54 -0400
Connection
Keep-Alive
authn-request.jsp
michaels.my.salesforce.com/saml/ 		7 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://michaels.my.salesforce.com/saml/authn-request.jsp?saml_request_id=_2CAAAAXJTmoWyME8wMUswMDAwMDA4T0k2AAAA3vnMWC5l32Je_L3OKF79W8-u2CjsJHFQfK-8DWGqE4UzGkgkt1whtQu6wO-9PSWFOIKrLm-Hpgp7FVllKl1TrphyshT7dO2eEl3pAi4NEgLjMu65m-FubNBMBojqTJHtoY1ScuHnonTyiSMtfJhRDOM-fdqQLGpTu-s2vsw4FoOOjsqpA07pyFVpEZkMFkGFgXQWe0usoP1pSStc4a3URl_2Z0cOa1SeCWuNE-i4upG7hERMNk_gMnsajzPy9FWWVw&saml_acs=https%3A%2F%2Fmichaels.my.salesforce.com%3Fso%3D00D41000000V2K6%26sc%3D0LE410000008pL4&saml_binding_type=HttpPost&Issuer=https%3A%2F%2Fmichaels.my.salesforce.com&samlSsoConfig=0LE410000008pL4&RelayState=%2Femailaction%2Ffollower%2F2bsbkzbz9opigt8rmhroi72ol9p6l2zspnlnnelqj72xp3nqz99e3tn1twp3f5qa0uiuh33zioajo%3Fs1oid%3D00D41000000V2K6%26s1nid%3D000000000000000%26emkind%3DchatterFollowerNotification%26s1uid%3D00541000004D2m5%26emtm%3D1588100722972%26fromEmail%3D1%26s1ext%3D0
Requested by
Host: michaels.my.salesforce.com
URL: https://michaels.my.salesforce.com/emailaction/follower/2bsbkzbz9opigt8rmhroi72ol9p6l2zspnlnnelqj72xp3nqz99e3tn1twp3f5qa0uiuh33zioajo?fromEmail=1&s1oid=00D41000000V2K6&s1nid=000000000000000&s1uid=00541000004D2m5&s1ext=0&emkind=chatterFollowerNotification&emtm=1588100722972
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.110.9.206 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl4-ncg0-iad3.na75-ia2.my.salesforce.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536002; includeSubDomains

Request headers

Host
michaels.my.salesforce.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://michaels.my.salesforce.com/emailaction/follower/2bsbkzbz9opigt8rmhroi72ol9p6l2zspnlnnelqj72xp3nqz99e3tn1twp3f5qa0uiuh33zioajo?fromEmail=1&s1oid=00D41000000V2K6&s1nid=000000000000000&s1uid=00541000004D2m5&s1ext=0&emkind=chatterFollowerNotification&emtm=1588100722972
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
BrowserId=M_WBJ4mzEeqJObGEIO0XNA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://michaels.my.salesforce.com/emailaction/follower/2bsbkzbz9opigt8rmhroi72ol9p6l2zspnlnnelqj72xp3nqz99e3tn1twp3f5qa0uiuh33zioajo?fromEmail=1&s1oid=00D41000000V2K6&s1nid=000000000000000&s1uid=00541000004D2m5&s1ext=0&emkind=chatterFollowerNotification&emtm=1588100722972

Response headers

Date
Wed, 29 Apr 2020 00:48:56 GMT
Strict-Transport-Security
max-age=31536002; includeSubDomains
Public-Key-Pins-Report-Only
pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/00D41000000V2K6m";
Expect-CT
max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/00D41000000V2K6m"
Content-Security-Policy
upgrade-insecure-requests
X-Robots-Tag
none
Referrer-Policy
origin-when-cross-origin
Cache-Control
no-cache,must-revalidate,max-age=0,no-store,private
Content-Type
text/html;charset=UTF-8
Pragma
no-cache
Vary
Accept-Encoding
Content-Encoding
gzip
Transfer-Encoding
chunked
Primary Request Cookie set login
signon.michaels.com/FIM/sps/Salesforce/saml20/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://signon.michaels.com/FIM/sps/Salesforce/saml20/login
Requested by
Host: michaels.my.salesforce.com
URL: https://michaels.my.salesforce.com/saml/authn-request.jsp?saml_request_id=_2CAAAAXJTmoWyME8wMUswMDAwMDA4T0k2AAAA3vnMWC5l32Je_L3OKF79W8-u2CjsJHFQfK-8DWGqE4UzGkgkt1whtQu6wO-9PSWFOIKrLm-Hpgp7FVllKl1TrphyshT7dO2eEl3pAi4NEgLjMu65m-FubNBMBojqTJHtoY1ScuHnonTyiSMtfJhRDOM-fdqQLGpTu-s2vsw4FoOOjsqpA07pyFVpEZkMFkGFgXQWe0usoP1pSStc4a3URl_2Z0cOa1SeCWuNE-i4upG7hERMNk_gMnsajzPy9FWWVw&saml_acs=https%3A%2F%2Fmichaels.my.salesforce.com%3Fso%3D00D41000000V2K6%26sc%3D0LE410000008pL4&saml_binding_type=HttpPost&Issuer=https%3A%2F%2Fmichaels.my.salesforce.com&samlSsoConfig=0LE410000008pL4&RelayState=%2Femailaction%2Ffollower%2F2bsbkzbz9opigt8rmhroi72ol9p6l2zspnlnnelqj72xp3nqz99e3tn1twp3f5qa0uiuh33zioajo%3Fs1oid%3D00D41000000V2K6%26s1nid%3D000000000000000%26emkind%3DchatterFollowerNotification%26s1uid%3D00541000004D2m5%26emtm%3D1588100722972%26fromEmail%3D1%26s1ext%3D0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
66.142.244.229 Irving, United States, ASN46202 (MICHAELS-ATT-DS3, US),
Reverse DNS
Software
WebSEAL/9.0.7.0 /
Resource Hash
89b7b7f0ca971613e5fc1a7545590d6cc68c65e35cffde0fa911edac0274d327
Security Headers
Name Value
Strict-Transport-Security

Request headers

Host
signon.michaels.com
Connection
keep-alive
Content-Length
6839
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
Origin
https://michaels.my.salesforce.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://michaels.my.salesforce.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
Origin
https://michaels.my.salesforce.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://michaels.my.salesforce.com/

Response headers

cteonnt-length
3885
content-type
text/html
date
Wed, 29 Apr 2020 00:48:57 GMT
p3p
CP="NON CUR OTPi OUR NOR UNI"
server
WebSEAL/9.0.7.0
cache-control
no-store
strict-transport-security
pragma
no-cache
Set-Cookie
PD-S-SESSION-ID=1_2_0_EAtc8BnQ4aTIVAnnkqCVYmAfYNGaX+LsUwSHyRU2-03TaO2z; Domain=.michaels.com; Path=/; Secure NSC_WJQ_TjhoPo.Njdibfmt.dpn=ffffffff090d1a0045525d5f4f58455e445a4a42378b;path=/;secure;httponly
Content-Encoding
gzip
Content-Length
1738
login.css
signon.michaels.com/public/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://signon.michaels.com/public/login.css
Requested by
Host: signon.michaels.com
URL: https://signon.michaels.com/FIM/sps/Salesforce/saml20/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
66.142.244.229 Irving, United States, ASN46202 (MICHAELS-ATT-DS3, US),
Reverse DNS
Software
WebSEAL/9.0.7.0 /
Resource Hash
febf275a7c09594e94ad05c7158b66bbff656a04366adeed7805e047e033f782
Security Headers
Name Value
Strict-Transport-Security

Request headers

Referer
https://signon.michaels.com/FIM/sps/Salesforce/saml20/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 Apr 2020 00:48:57 GMT
content-encoding
gzip
last-modified
Thu, 14 Mar 2019 04:22:02 GMT
server
WebSEAL/9.0.7.0
strict-transport-security
p3p
CP="NON CUR OTPi OUR NOR UNI"
transfer-encoding
chunked
content-type
text/css
ie10-viewport-bug-workaround.js
signon.michaels.com/public/ 		694 B
947 B 		Script
General
Check archive.org
Download Go to
Full URL
https://signon.michaels.com/public/ie10-viewport-bug-workaround.js
Requested by
Host: signon.michaels.com
URL: https://signon.michaels.com/FIM/sps/Salesforce/saml20/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
66.142.244.229 Irving, United States, ASN46202 (MICHAELS-ATT-DS3, US),
Reverse DNS
Software
WebSEAL/9.0.7.0 /
Resource Hash
ce01c41255d7e61cc44e865184559085737a98cf6911ef67f915692152b88852
Security Headers
Name Value
Strict-Transport-Security

Request headers

Referer
https://signon.michaels.com/FIM/sps/Salesforce/saml20/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 Apr 2020 00:48:57 GMT
last-modified
Wed, 02 Nov 2016 19:59:58 GMT
server
WebSEAL/9.0.7.0
content-type
application/x-javascript
content-length
694
strict-transport-security
p3p
CP="NON CUR OTPi OUR NOR UNI"
new_logo_2019.png
signon.michaels.com/public/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://signon.michaels.com/public/new_logo_2019.png
Requested by
Host: signon.michaels.com
URL: https://signon.michaels.com/FIM/sps/Salesforce/saml20/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
66.142.244.229 Irving, United States, ASN46202 (MICHAELS-ATT-DS3, US),
Reverse DNS
Software
WebSEAL/9.0.7.0 /
Resource Hash
09bec29752c1fc5d7e090b1ab1ce1b2191332f98d8e3499f9d7820c37a36d8c0
Security Headers
Name Value
Strict-Transport-Security

Request headers

Referer
https://signon.michaels.com/FIM/sps/Salesforce/saml20/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 Apr 2020 00:48:58 GMT
last-modified
Thu, 14 Mar 2019 04:21:43 GMT
server
WebSEAL/9.0.7.0
content-type
image/png
content-length
37734
strict-transport-security
p3p
CP="NON CUR OTPi OUR NOR UNI"
login-btn.png
signon.michaels.com/public/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://signon.michaels.com/public/login-btn.png
Requested by
Host: signon.michaels.com
URL: https://signon.michaels.com/FIM/sps/Salesforce/saml20/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
66.142.244.229 Irving, United States, ASN46202 (MICHAELS-ATT-DS3, US),
Reverse DNS
Software
WebSEAL/9.0.7.0 /
Resource Hash
d02d80a7045e2527334ca689389d2041a85f89a8a39e57021fa12056aefbae04
Security Headers
Name Value
Strict-Transport-Security

Request headers

Referer
https://signon.michaels.com/FIM/sps/Salesforce/saml20/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 Apr 2020 00:48:58 GMT
last-modified
Wed, 02 Nov 2016 19:59:58 GMT
server
WebSEAL/9.0.7.0
content-type
image/png
content-length
1702
strict-transport-security
p3p
CP="NON CUR OTPi OUR NOR UNI"
background.jpg
signon.michaels.com/public/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://signon.michaels.com/public/background.jpg
Requested by
Host: signon.michaels.com
URL: https://signon.michaels.com/FIM/sps/Salesforce/saml20/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
66.142.244.229 Irving, United States, ASN46202 (MICHAELS-ATT-DS3, US),
Reverse DNS
Software
WebSEAL/9.0.7.0 /
Resource Hash
c02220df858772cad5d01a08832b38bd8efb3235e400bc04e5b043268e178262
Security Headers
Name Value
Strict-Transport-Security

Request headers

Referer
https://signon.michaels.com/public/login.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 Apr 2020 00:48:58 GMT
last-modified
Thu, 20 Jul 2017 02:35:59 GMT
server
WebSEAL/9.0.7.0
content-type
image/jpeg
content-length
9461
strict-transport-security
p3p
CP="NON CUR OTPi OUR NOR UNI"

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate string| warningString string| errorCode

2 Cookies

Domain/Path Name / Value
signon.michaels.com/ Name: NSC_WJQ_TjhoPo.Njdibfmt.dpn
Value: ffffffff090d1a0045525d5f4f58455e445a4a42378b
.michaels.com/ Name: PD-S-SESSION-ID
Value: 1_2_0_EAtc8BnQ4aTIVAnnkqCVYmAfYNGaX+LsUwSHyRU2-03TaO2z

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536002; includeSubDomains