URL: https://vpn13.stclient.s-idc.net/
Submission: On July 20 via automatic, source certstream-suspicious — Scanned from JP

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 8 HTTP transactions. The main IP is 210.161.177.81, located in Machi, Japan and belongs to OCN NTT Communications Corporation, JP. The main domain is vpn13.stclient.s-idc.net.
TLS certificate: Issued by Entrust Certification Authority - L1M on July 27th 2021. Valid for: a year.
This is the only time vpn13.stclient.s-idc.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 210.161.177.81 4713 (OCN NTT C...)
8 2
Apex Domain
Subdomains
Transfer
3 s-idc.net
vpn13.stclient.s-idc.net
57 KB
8 1
Domain Requested by
3 vpn13.stclient.s-idc.net vpn13.stclient.s-idc.net
8 1

This site contains links to these domains. Also see Links.

Domain
www.vmware.com
Subject Issuer Validity Valid
vpn13.stclient.s-idc.net
Entrust Certification Authority - L1M
2021-07-27 -
2022-07-27
a year crt.sh

This page contains 1 frames:

Primary Page: https://vpn13.stclient.s-idc.net/
Frame ID: 1315B6461038FAE058BFCB63CA2D87F4
Requests: 8 HTTP requests in this frame

Screenshot

Page Title

VMware Horizon

Page Statistics

8
Requests

38 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

57 kB
Transfer

258 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
vpn13.stclient.s-idc.net/
6 KB
6 KB
Document
General
Full URL
https://vpn13.stclient.s-idc.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
210.161.177.81 Machi, Japan, ASN4713 (OCN NTT Communications Corporation, JP),
Reverse DNS
Software
/
Resource Hash
dae808ecb5a30f7430cd362c6ab93467edbac172398cc984bf35aa3fe652eedc
Security Headers
Name Value
Content-Security-Policy default-src 'self';font-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' data:;style-src 'self' 'unsafe-inline';frame-ancestors 'none'
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Content-Security-Policy
default-src 'self';font-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' data:;style-src 'self' 'unsafe-inline';frame-ancestors 'none'
Content-Type
text/html;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
content-length
5681
style.css
vpn13.stclient.s-idc.net/portal/webclient/
200 KB
50 KB
Stylesheet
General
Full URL
https://vpn13.stclient.s-idc.net/portal/webclient/style.css?v=16930311
Requested by
Host: vpn13.stclient.s-idc.net
URL: https://vpn13.stclient.s-idc.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
210.161.177.81 Machi, Japan, ASN4713 (OCN NTT Communications Corporation, JP),
Reverse DNS
Software
/
Resource Hash
e2494b0c561cc4b85242ee3aa93d37a848ce8815af0ba895259c7ed47a2d1534
Security Headers
Name Value
Content-Security-Policy child-src 'self' blob:;default-src 'self';connect-src 'self' wss:;font-src 'self' data:;img-src 'self' data: blob:;media-src 'self' blob:;object-src 'self' blob:;script-src 'self' 'unsafe-inline' 'unsafe-eval' data:;style-src 'self' 'unsafe-inline';frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://vpn13.stclient.s-idc.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Security-Policy
child-src 'self' blob:;default-src 'self';connect-src 'self' wss:;font-src 'self' data:;img-src 'self' data: blob:;media-src 'self' blob:;object-src 'self' blob:;script-src 'self' 'unsafe-inline' 'unsafe-eval' data:;style-src 'self' 'unsafe-inline';frame-ancestors 'self'
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 21 Sep 2020 09:36:34 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
private, max-age=31536000
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Accept-Ranges
bytes
content-length
50962
X-XSS-Protection
1; mode=block
main.js
vpn13.stclient.s-idc.net/portal/resources/
0
0

bg_image.jpg
vpn13.stclient.s-idc.net/portal/webclient/icons-16930311/
52 KB
0
Image
General
Full URL
https://vpn13.stclient.s-idc.net/portal/webclient/icons-16930311/bg_image.jpg
Requested by
Host: vpn13.stclient.s-idc.net
URL: https://vpn13.stclient.s-idc.net/portal/webclient/style.css?v=16930311
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
210.161.177.81 Machi, Japan, ASN4713 (OCN NTT Communications Corporation, JP),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy child-src 'self' blob:;default-src 'self';connect-src 'self' wss:;font-src 'self' data:;img-src 'self' data: blob:;media-src 'self' blob:;object-src 'self' blob:;script-src 'self' 'unsafe-inline' 'unsafe-eval' data:;style-src 'self' 'unsafe-inline';frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://vpn13.stclient.s-idc.net/portal/webclient/style.css?v=16930311
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Security-Policy
child-src 'self' blob:;default-src 'self';connect-src 'self' wss:;font-src 'self' data:;img-src 'self' data: blob:;media-src 'self' blob:;object-src 'self' blob:;script-src 'self' 'unsafe-inline' 'unsafe-eval' data:;style-src 'self' 'unsafe-inline';frame-ancestors 'self'
X-Content-Type-Options
nosniff
Last-Modified
Mon, 21 Sep 2020 09:36:34 GMT
ETag
W/"97445-1600680994000"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
private, max-age=60
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Accept-Ranges
bytes
content-length
97445
X-XSS-Protection
1; mode=block
logo.png
vpn13.stclient.s-idc.net/portal/webclient/icons-16930311/
0
0

icon_download.svg
vpn13.stclient.s-idc.net/portal/webclient/icons-16930311/
0
0

icon_html_access.svg
vpn13.stclient.s-idc.net/portal/webclient/icons-16930311/
0
0

vmware_logo_footer.svg
vpn13.stclient.s-idc.net/portal/webclient/icons-16930311/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
vpn13.stclient.s-idc.net
URL
https://vpn13.stclient.s-idc.net/portal/resources/main.js?v=16930311
Domain
vpn13.stclient.s-idc.net
URL
https://vpn13.stclient.s-idc.net/portal/webclient/icons-16930311/logo.png
Domain
vpn13.stclient.s-idc.net
URL
https://vpn13.stclient.s-idc.net/portal/webclient/icons-16930311/icon_download.svg
Domain
vpn13.stclient.s-idc.net
URL
https://vpn13.stclient.s-idc.net/portal/webclient/icons-16930311/icon_html_access.svg
Domain
vpn13.stclient.s-idc.net
URL
https://vpn13.stclient.s-idc.net/portal/webclient/icons-16930311/vmware_logo_footer.svg

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation

2 Cookies

Domain/Path Name / Value
vpn13.stclient.s-idc.net/ Name: JSESSIONID
Value: 5DC17AEA68F946ED86CB09DA646A9E86
vpn13.stclient.s-idc.net/ Name: UqZBpD3n3iPIDwJU
Value: v1iGxAgwSDd5S

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self';font-src 'self' data:;script-src 'self' 'unsafe-inline' 'unsafe-eval' data:;style-src 'self' 'unsafe-inline';frame-ancestors 'none'
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

vpn13.stclient.s-idc.net
vpn13.stclient.s-idc.net
210.161.177.81
dae808ecb5a30f7430cd362c6ab93467edbac172398cc984bf35aa3fe652eedc
e2494b0c561cc4b85242ee3aa93d37a848ce8815af0ba895259c7ed47a2d1534