accounts.cloud.com
Open in
urlscan Pro
40.115.64.138
Public Scan
Effective URL: https://accounts.cloud.com/core/login?ReturnUrl=%2Fcore%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DRtmydVjvjLZBbU3qU3b8...
Submission: On April 23 via manual — Scanned from NZ
Summary
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on July 1st 2022. Valid for: a year.
This is the only time accounts.cloud.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 54.164.44.169 54.164.44.169 | 14618 (AMAZON-AES) (AMAZON-AES) | |
2 2 | 54.208.132.223 54.208.132.223 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 1 | 20.193.35.83 20.193.35.83 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 14 | 40.115.64.138 40.115.64.138 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 172.217.194.97 172.217.194.97 | 15169 (GOOGLE) (GOOGLE) | |
1 | 13.35.8.97 13.35.8.97 | 16509 (AMAZON-02) (AMAZON-02) | |
3 | 172.217.194.121 172.217.194.121 | 15169 (GOOGLE) (GOOGLE) | |
18 | 4 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-44-169.compute-1.amazonaws.com
safehaven.adm.cloud.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-132-223.compute-1.amazonaws.com
safehaven.adm.cloud.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
accounts.cloud.com |
ASN15169 (GOOGLE, US)
PTR: si-in-f97.1e100.net
www.googletagmanager.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-35-8-97.sin5.r.cloudfront.net
citrix-cloud-content.customer.pendo.io |
ASN15169 (GOOGLE, US)
PTR: si-in-f121.1e100.net
citrix-cloud-data.customer.pendo.io |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
cloud.com
5 redirects
safehaven.adm.cloud.com — Cisco Umbrella Rank: 51976 citrix.cloud.com — Cisco Umbrella Rank: 54579 accounts.cloud.com — Cisco Umbrella Rank: 15146 |
2 MB |
4 |
pendo.io
citrix-cloud-content.customer.pendo.io — Cisco Umbrella Rank: 92117 citrix-cloud-data.customer.pendo.io — Cisco Umbrella Rank: 60547 |
139 KB |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114 |
63 KB |
18 | 3 |
Domain | Requested by | |
---|---|---|
14 | accounts.cloud.com |
1 redirects
accounts.cloud.com
|
3 | citrix-cloud-data.customer.pendo.io |
citrix-cloud-content.customer.pendo.io
|
3 | safehaven.adm.cloud.com | 3 redirects |
1 | citrix-cloud-content.customer.pendo.io |
accounts.cloud.com
|
1 | www.googletagmanager.com |
accounts.cloud.com
|
1 | citrix.cloud.com | 1 redirects |
18 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
onboarding.cloud.com |
docs.citrix.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
accounts.cloud.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-07-01 - 2023-06-30 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-04-03 - 2023-06-26 |
3 months | crt.sh |
citrix-cloud-content.customer.pendo.io Amazon RSA 2048 M02 |
2023-02-23 - 2023-11-16 |
9 months | crt.sh |
citrix-cloud-data.customer.pendo.io GTS CA 1D4 |
2023-03-03 - 2023-06-01 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://accounts.cloud.com/core/login?ReturnUrl=%2Fcore%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DRtmydVjvjLZBbU3qU3b8eQ%253D%253D%26redirect_uri%3Dhttps%253A%252F%252Fcitrix.cloud.com%252Foauth%26response_type%3Dcode%26scope%3Dopenid%2520email%2520profile%2520ctx_principal_aliases%2520offline_access%2520ctx_universal%2520ctx_adoid%2520allow_compressed_groups%26state%3Dhttps%253A%252F%252Fcitrix.cloud.com%252Foauth.05feb6a1-2a7f-4ee0-91ea-962e163c9233
Frame ID: A3DE06EFBDDE1929EB321E2095A7EBF9
Requests: 18 HTTP requests in this frame
Screenshot
Page Title
Citrix Secure Sign InPage URL History Show full URLs
-
http://safehaven.adm.cloud.com/
HTTP 301
https://safehaven.adm.cloud.com/ HTTP 302
https://safehaven.adm.cloud.com//admin_ui/mas/svc/html/main.html HTTP 302
https://citrix.cloud.com//login?redirectUrl=aHR0cHM6Ly9hZG0uY2xvdWQuY29tL2FkbWluX3VpL21hcy9zdmMvaHRtb... HTTP 302
https://accounts.cloud.com/core/connect/authorize?client_id=RtmydVjvjLZBbU3qU3b8eQ%3D%3D&redirect_uri=h... HTTP 302
https://accounts.cloud.com/core/login?ReturnUrl=%2Fcore%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3D... Page URL
Detected technologies
Google Tag Manager (Tag Managers) ExpandDetected patterns
- googletagmanager\.com/gtm\.js
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Sign up and try it free
Search URL Search Domain Scan URL
Title: Contact Citrix Support
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://safehaven.adm.cloud.com/
HTTP 301
https://safehaven.adm.cloud.com/ HTTP 302
https://safehaven.adm.cloud.com//admin_ui/mas/svc/html/main.html HTTP 302
https://citrix.cloud.com//login?redirectUrl=aHR0cHM6Ly9hZG0uY2xvdWQuY29tL2FkbWluX3VpL21hcy9zdmMvaHRtbC9tYWluLmh0bWw7UTBNdFVsTkJMVk5JUVRJMU5pMHlPekUyT0RJeU9ERTJOVFU3WXpSa05URmpNekEzWVdGaE1HRmtObUZtTkROaE9XRmpaRFU0TUdJek16TTdaalpKY0hOMlFsUkdlVVZaU0RNdk16QnVLMU5hYnpGcFZEaFRZVWhKYVhKNWFuVlNiakk0T1RCNWNYZG1Va2d6U0ZVeFVHMXpORTQwZVhkcGVtUmFjbUl3Y1dwdE4zbGFObWxLSzFwUVkxWlBORzQwYkZSRU9GVnVSRE5OWkZWak5WTlBaSEk1VG5CTlVGSTRSbXh4YVVOMk1teENPSGN6Y0V4VFZFSk1WR2RaZEVzNFFYWkVjRVExVlVkelZGcHBRVVpTUm1kVVVYcFhkVFZHZGs1VFVUaGtaSEJ3VVV0SmVHcDFjblJ5V0RsR1UwbzJXRWMxY0dOUE9FSkJhVzlCTjA5UWRGRTNZVlpKTVV0NGRGVlRWRlpzYlU1MVFWcEpTazFrY1ZCMk5ISnlZbUV2YkRoalJVUnBTbE5NWlV4NlIxTjNRa1ZOZG1nd1VGZERNM1F4V0RGdlZXWjJkVWMwTld4V1VVUk9WME16VDJwU1dtcEZZVzUxY0RkT1dtWkRTMkYwUjJKMlZrRmFPU3RVUlM5M1lUWlhPSEJFU0dGNllsTkpUSGxPY1RkNWJ6aG9OV2M0YlM4MWIxTnNlVmh3UnpsTlZEaG5QVDA3VFVGVA== HTTP 302
https://accounts.cloud.com/core/connect/authorize?client_id=RtmydVjvjLZBbU3qU3b8eQ%3D%3D&redirect_uri=https%3A%2F%2Fcitrix.cloud.com%2Foauth&response_type=code&scope=openid%20email%20profile%20ctx_principal_aliases%20offline_access%20ctx_universal%20ctx_adoid%20allow_compressed_groups&state=https%3A%2F%2Fcitrix.cloud.com%2Foauth.05feb6a1-2a7f-4ee0-91ea-962e163c9233 HTTP 302
https://accounts.cloud.com/core/login?ReturnUrl=%2Fcore%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DRtmydVjvjLZBbU3qU3b8eQ%253D%253D%26redirect_uri%3Dhttps%253A%252F%252Fcitrix.cloud.com%252Foauth%26response_type%3Dcode%26scope%3Dopenid%2520email%2520profile%2520ctx_principal_aliases%2520offline_access%2520ctx_universal%2520ctx_adoid%2520allow_compressed_groups%26state%3Dhttps%253A%252F%252Fcitrix.cloud.com%252Foauth.05feb6a1-2a7f-4ee0-91ea-962e163c9233 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
18 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
login
accounts.cloud.com/core/ Redirect Chain
|
4 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
common.js
accounts.cloud.com/identity/assets/ |
805 KB 805 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.js
accounts.cloud.com/identity/assets/ |
560 KB 560 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1.js
accounts.cloud.com/identity/assets/ |
31 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
2.js
accounts.cloud.com/identity/assets/ |
146 KB 147 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
5.js
accounts.cloud.com/identity/assets/ |
349 KB 349 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
258 KB 63 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
b4e0e33c7a311bd4f6eaa04efc2d42e9.svg
accounts.cloud.com/identity/assets/ |
7 KB 7 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
32e5254aa11e7847aec338fb567da2dd.svg
accounts.cloud.com/identity/assets/ |
1 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
c30db027aac89ba426ef2bbe1047648a.svg
accounts.cloud.com/identity/assets/ |
1 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
96ca2a24c1787dd7f2d08e4a01df959c.woff2
accounts.cloud.com/identity/assets/ |
32 KB 32 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
029f6f0129beaededd6e592095429d81.woff2
accounts.cloud.com/identity/assets/ |
32 KB 32 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bab5db784f9808fd1f54baf45ba0a790.woff
accounts.cloud.com/identity/assets/ |
15 KB 15 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
82ee13d8c71c9fe2af41c81666cc6e9d.woff2
accounts.cloud.com/identity/assets/ |
32 KB 32 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pendo.js
citrix-cloud-content.customer.pendo.io/agent/static/abed0313-153d-4162-49b1-18a3df280498/ |
416 KB 137 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
abed0313-153d-4162-49b1-18a3df280498
citrix-cloud-data.customer.pendo.io/data/ptm.gif/ |
42 B 280 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
abed0313-153d-4162-49b1-18a3df280498
citrix-cloud-data.customer.pendo.io/data/guide.json/ |
1 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
abed0313-153d-4162-49b1-18a3df280498
citrix-cloud-data.customer.pendo.io/data/guide.gif/ |
42 B 280 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
21 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless undefined| __REACT_DEVTOOLS_GLOBAL_HOOK__ object| webpackJsonp object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate function| Dict function| delay object| _ object| recaptchaOptions object| dataLayer object| google_tag_manager object| google_tag_data object| pendo object| visitor_data object| account_data11 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
accounts.cloud.com/core | Name: idsrv.xsrf Value: CfDJ8LclyOhazMdJkkZzS2eIseUqWFVXXiRXKxK7D-LK0JDH31JO8xrCvWbyYQmw-8qzJeuJloSiq5UZXi1L0nMqui_mvgHM43ZY9UZxLeEBEBg0_S5sNh6Po5gIM8HYpMlOYfsdt07Fkex9oSFgkjriU6s |
|
.cloud.com/ | Name: X-Cws-TransactionId Value: e1dd849d-9db8-4f93-839f-993670dfa5f0 |
|
.cloud.com/ | Name: navbarRedirect Value: aHR0cHM6Ly9hZG0uY2xvdWQuY29tL2FkbWluX3VpL21hcy9zdmMvaHRtbC9tYWluLmh0bWw7UTBNdFVsTkJMVk5JUVRJMU5pMHlPekUyT0RJeU9ERTJOVFU3WXpSa05URmpNekEzWVdGaE1HRmtObUZtTkROaE9XRmpaRFU0TUdJek16TTdaalpKY0hOMlFsUkdlVVZaU0RNdk16QnVLMU5hYnpGcFZEaFRZVWhKYVhKNWFuVlNiakk0T1RCNWNYZG1Va2d6U0ZVeFVHMXpORTQwZVhkcGVtUmFjbUl3Y1dwdE4zbGFObWxLSzFwUVkxWlBORzQwYkZSRU9GVnVSRE5OWkZWak5WTlBaSEk1VG5CTlVGSTRSbXh4YVVOMk1teENPSGN6Y0V4VFZFSk1WR2RaZEVzNFFYWkVjRVExVlVkelZGcHBRVVpTUm1kVVVYcFhkVFZHZGs1VFVUaGtaSEJ3VVV0SmVHcDFjblJ5V0RsR1UwbzJXRWMxY0dOUE9FSkJhVzlCTjA5UWRGRTNZVlpKTVV0NGRGVlRWRlpzYlU1MVFWcEpTazFrY1ZCMk5ISnlZbUV2YkRoalJVUnBTbE5NWlV4NlIxTjNRa1ZOZG1nd1VGZERNM1F4V0RGdlZXWjJkVWMwTld4V1VVUk9WME16VDJwU1dtcEZZVzUxY0RkT1dtWkRTMkYwUjJKMlZrRmFPU3RVUlM5M1lUWlhPSEJFU0dGNllsTkpUSGxPY1RkNWJ6aG9OV2M0YlM4MWIxTnNlVmh3UnpsTlZEaG5QVDA3VFVGVA%3D%3D |
|
.cloud.com/ | Name: isIdpInternal Value: false |
|
.cloud.com/ | Name: state Value: 05feb6a1-2a7f-4ee0-91ea-962e163c9233 |
|
.cloud.com/ | Name: idp Value: athena |
|
.cloud.com/ | Name: regionSessionId Value: YXVzdHJhbGlhc291dGhlYXN0OjRiNjM4N2M1LTg3YjgtNDZlNy05MTRkLTBiYzI4ZTMyMGVhZA%3D%3D |
|
.cloud.com/ | Name: X-ATH-SessionId Value: 4b6387c5-87b8-46e7-914d-0bc28e320ead |
|
.cloud.com/ | Name: language Value: en |
|
.cloud.com/ | Name: includeTracking Value: true |
|
.cloud.com/ | Name: uiTheme Value: console-vnext |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | frame-ancestors 'self' |
Strict-Transport-Security | max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
accounts.cloud.com
citrix-cloud-content.customer.pendo.io
citrix-cloud-data.customer.pendo.io
citrix.cloud.com
safehaven.adm.cloud.com
www.googletagmanager.com
13.35.8.97
172.217.194.121
172.217.194.97
20.193.35.83
40.115.64.138
54.164.44.169
54.208.132.223
0bcdf83b17380f3b4b9da9111be805788fafb6a64ad4a535f9b60168407795fe
3fb9615e273e70668cc983738fd97ee30a093dc13c83cf09f65a6ab0a5c422df
44077e6ceb62b989c9ef0d4659d5b6a261c31fdec49e317e8833a9fb9550e02c
49e888ef28ab2b921acedf92cc8fc8dd9f71956f1fb6f76bdb8ad3d69cde0e8e
4f73a6ca56452897589caff5a702199d8f1e372a172acbbe5b0af2aa0e312c1b
60cd5822d7e981cdfad593102e8fb818d04933593c85a7be99eb6c7acc708b0d
77527e9fb40b56a6a2826e95d5f997222e8132ff580edb4f69abf539bcfd1440
9461bfbc3a5280677dcfb7a6b2b8974fbaecf55036f35ad53373ba0ce9e1456d
999ec1849ce90f621f38c162a65d43a12cf90109330a2b5b5c2ce5da0cd8834e
a657dc21967cc110f043c1955a0269741d0a63bc1e89f150379aef01b1b1df41
b419e6b94d0a9bc07167898e4f48db276ae59a935545d360306fdfc0fe94e72b
bea988eeadc7c0ddf9644c2dce7efb35f1767eac0187c0967f8a2567473cbbfe
c984a566bf2196bf3b10c7996a866691834f2b9a63062344baa21f4522321f2f
d3fa2a3c3ab4022c954fd4f1f891be9acea7bd78c6ff6ebb1e8d031a63cfc1fc
d7cc490a16129b68ddd75590075bd80b99f69f26c9b993618d41a3c1338b3bbf
eb2423d9ac27b2c8974304b1bcdfc5031a84f3d5f22b31cb888127967c6bd906
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629