identity.symanteccloud.com
Open in
urlscan Pro
34.117.107.115
Public Scan
Submitted URL: https://clients.messagelabs.com/
Effective URL: https://identity.symanteccloud.com/Logon?rsid=a24220612aab418490014e7e7b43328e
Submission: On May 11 via automatic, source certstream-suspicious — Scanned from DE
Effective URL: https://identity.symanteccloud.com/Logon?rsid=a24220612aab418490014e7e7b43328e
Submission: On May 11 via automatic, source certstream-suspicious — Scanned from DE
Summary
This website contacted 1 IPs
in 1 countries
across 2 domains to perform 15 HTTP transactions.
The main IP is 34.117.107.115, located in
Kansas City, United States and
belongs to GOOGLE-CLOUD-PLATFORM, US.
The main domain is identity.symanteccloud.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on July 6th 2020. Valid for: 2 years.
This is the only time identity.symanteccloud.com was scanned on urlscan.io!
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on July 6th 2020. Valid for: 2 years.
This is the only time identity.symanteccloud.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 1 | 34.102.198.162 34.102.198.162 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
| 1 16 | 34.117.107.115 34.117.107.115 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
| 15 | 1 |
1
34.102.198.162
(Kansas City, United States)
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 162.198.102.34.bc.googleusercontent.com
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 162.198.102.34.bc.googleusercontent.com
| clients.messagelabs.com |
16
34.117.107.115
(Kansas City, United States)
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 115.107.117.34.bc.googleusercontent.com
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 115.107.117.34.bc.googleusercontent.com
| identity.symanteccloud.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 16 |
symanteccloud.com
1 redirects
identity.symanteccloud.com |
1020 KB |
| 1 |
messagelabs.com
1 redirects
clients.messagelabs.com |
613 B |
| 15 | 2 |
| Domain | Requested by | |
|---|---|---|
| 16 | identity.symanteccloud.com |
1 redirects
identity.symanteccloud.com
|
| 1 | clients.messagelabs.com | 1 redirects |
| 15 | 2 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.symantec.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| identity.symanteccloud.com DigiCert SHA2 Secure Server CA |
2020-07-06 - 2022-07-07 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://identity.symanteccloud.com/Logon?rsid=a24220612aab418490014e7e7b43328e
Frame ID: 2292F3CB0D575DF305C16746463617BE
Requests: 15 HTTP requests in this frame
Screenshot
Page Title
EinloggenPage URL History Show full URLs
-
https://clients.messagelabs.com/
HTTP 302
https://identity.symanteccloud.com/saml/redirect/sso?SAMLRequest=lZHBSsNAEIZfZdl7stmQtmZJAlEvhWqhVQ9eZLOZ2kCyG3... HTTP 302
https://identity.symanteccloud.com/Logon?rsid=a24220612aab418490014e7e7b43328e Page URL
Detected technologies
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery UI
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery-ui.*\.js
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
URL: http://www.symantec.com/about/profile/privacypolicy/
Title: Datenschutz
Title: Datenschutz
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://clients.messagelabs.com/
HTTP 302
https://identity.symanteccloud.com/saml/redirect/sso?SAMLRequest=lZHBSsNAEIZfZdl7stmQtmZJAlEvhWqhVQ9eZLOZ2kCyG3cmom%2fvpsVDEQpeh%2f8bvn%2bmQD30o6onOtodfEyAxNb3JX%2fLVpDrg1lG0BoZZXCTRU0uk0ibbNE2ZpnmWnP2Ah47Z0uexglna8QJ1hZJWwqjJE2jZBFJ%2bZTkKpEqW8WZTF85qxHBU%2bDunMVpAL8H%2f9kZeN5tSn4kGlEJYfoOLGE8AKJ%2bh143GBs3iFlYjA5JaMPZ19BbVKcSJZ%2b8VU5jh8rqgCkyal8%2fbFSQU6N35IzreVWcNP0ZvQ7pX1FezbGzkgWK8XsIHcGY3k3trFWI89aqCJ3abmaQPTq6hYPzcO0YIbS1W18fCPxFTl7m%2fqXLRFWIv6%2btfgA%3d&RelayState= HTTP 302
https://identity.symanteccloud.com/Logon?rsid=a24220612aab418490014e7e7b43328e Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
15 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
Logon
identity.symanteccloud.com/ Redirect Chain
|
10 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
Site.css
identity.symanteccloud.com/Content/identity.symanteccloud.com/ |
10 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
Forms.css
identity.symanteccloud.com/Content/identity.symanteccloud.com/ |
6 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
skeleton.css
identity.symanteccloud.com/Content/identity.symanteccloud.com/ |
10 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
jquery-3.6.0.js
identity.symanteccloud.com/Scripts/ |
292 KB 293 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
jquery-ui.js
identity.symanteccloud.com/Scripts/ |
535 KB 535 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
jquery.unobtrusive-ajax.js
identity.symanteccloud.com/Scripts/ |
8 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
jquery.validate.js
identity.symanteccloud.com/Scripts/ |
51 KB 51 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
jquery.validate.unobtrusive.js
identity.symanteccloud.com/Scripts/ |
18 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
jquery.password-strength.js
identity.symanteccloud.com/Scripts/ |
10 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
jquery.bubblepopup.v2.3.1.min.js
identity.symanteccloud.com/Scripts/ |
18 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
symantecFooter.png
identity.symanteccloud.com/Content/Common/Image/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
EmailSecurityBG.png
identity.symanteccloud.com/Content/Common/Image/ |
24 KB 24 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
logo_symantec.png
identity.symanteccloud.com/Content/Common/Image/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
SA______.woff2
identity.symanteccloud.com/Content/Common/SymFonts/ |
17 KB 17 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
12 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails function| $ function| jQuery function| OnFailure function| OnBegin function| OnComplete function| SetFocusRollover function| SetDefaultButton function| KeyPressHandler3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| clients.messagelabs.com/ | Name: GCLB Value: CJiO0fbrpJflOg |
|
| identity.symanteccloud.com/ | Name: ASP.NET_SessionId Value: adca69fa-406b-4db5-b75a-284c3468b096 |
|
| identity.symanteccloud.com/ | Name: GCLB Value: CI-28L3w3dS7zQE |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Strict-Transport-Security | max-age=31536000 |
| X-Content-Type-Options | nosniff |
| X-Frame-Options | DENY sameorigin |
| X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
clients.messagelabs.com
identity.symanteccloud.com
34.102.198.162
34.117.107.115
13ddd8d4faf41ec70828aef117e8d962072d479fe1a16bed76ab97b81bdc0a11
15ba62253e4efb204a7db011a5e174e0ee9431f45dc6f65f304a2886fe972410
249db2301aac6b42a9a775e26a98a70048a824dc1e574bb52c0caed140d8e3ab
29223fdf1c42ac27b10aea5dcd02513f507a22a83ed8d03e5f6bb7f1c41daaaf
586006a1c412994ea1ff4d47ab9765b378b9e05a6ee574f72307d006aa9d32ba
5ab4a9f8cdf864651ad43ad9423192da77465d23e1e5fda978ec50e410e6a502
7a0f44a32d1530ac1e5dc98de4bcf8adab1e329634dce5406469c8087787a425
9c212fa2e189eb47ee5094fe4a4dd373de4508683841f42eb33eb7a5943c9119
abca3daa703fdf69fff84cc44f631bc5f047cbb892fd5977f8076758a61d15f7
ccf7a3f62c5b7cd88e47b3a4171250e59ca99a2974d670e8221040ddeb8f74b1
d8ebb583cbd79062f766db6dc8dc01362405d437e6de93b4df2138abf03661b2
e15f0bfd76dffa70abb44d4bbf1549fab439e454be38be369dcc04c5d44b5f76
e35dc1823fb870316640e980fc7a33993b3f856d592a67bb4747b10a7342c94e
f6cbec4cafeef9295ab5da82ca1fbc2a6e1159d65e5d225d9a39decd14b5b787
fc9c0d0940901e387afa61338198b16b4a0f502eee45555805db201dd298b033