identity.symanteccloud.com Open in urlscan Pro
34.117.107.115 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://clients.messagelabs.com/
Effective URL:
https://identity.symanteccloud.com/Logon?rsid=262bd4daf78c4451aaeff29d75d490ae
Submission: On November 22 via automatic, source certstream-suspicious (November 22nd 2024, 6:29:17 pm UTC) — Scanned from DE

Summary HTTP 14 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 14 HTTP transactions. The main IP is 34.117.107.115, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is identity.symanteccloud.com.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on March 5th 2024. Valid for: a year.

This is the only time identity.symanteccloud.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	34.102.198.162 34.102.198.162	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 15	34.117.107.115 34.117.107.115	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
14	1

1 34.102.198.162 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 162.198.102.34.bc.googleusercontent.com

clients.messagelabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 34.117.107.115 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 115.107.117.34.bc.googleusercontent.com

identity.symanteccloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	symanteccloud.com 1 redirects identity.symanteccloud.com	996 KB
1	messagelabs.com 1 redirects clients.messagelabs.com	1 KB
14	2

	Domain	Requested by
15	identity.symanteccloud.com	1 redirects identity.symanteccloud.com
1	clients.messagelabs.com	1 redirects
14	2

This site contains links to these domains. Also see Links.

Domain
windows.microsoft.com
www.mozilla.org
www.google.com
support.apple.com
www.symantec.com

Subject Issuer	Validity	Valid
identity.symanteccloud.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-05` - `2025-04-05`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://identity.symanteccloud.com/Logon?rsid=262bd4daf78c4451aaeff29d75d490ae
Frame ID: D2AF2A079220FD4E580D3015214E3EE7
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://clients.messagelabs.com/ HTTP 302
https://identity.symanteccloud.com/saml/redirect/sso?SAMLRequest=lZHBSsNAEIZfJew92WSbpumSBKJeCtVCWz14ke1magPJbt... HTTP 302
https://identity.symanteccloud.com/Logon?rsid=262bd4daf78c4451aaeff29d75d490ae Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

14
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

995 kB
Transfer

994 kB
Size

3
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: http://windows.microsoft.com/en-us/internet-explorer/download-ie
Title: Get IE

Search URL Search Domain Scan URL

URL: http://www.mozilla.org/en-US/firefox/all/
Title: Get Firefox

Search URL Search Domain Scan URL

URL: https://www.google.com/chrome
Title: Get Chrome

Search URL Search Domain Scan URL

URL: http://support.apple.com/downloads/#internet
Title: Get Safari

Search URL Search Domain Scan URL

URL: http://www.symantec.com/about/profile/privacypolicy/
Title: Datenschutz

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://clients.messagelabs.com/ HTTP 302
https://identity.symanteccloud.com/saml/redirect/sso?SAMLRequest=lZHBSsNAEIZfJew92WSbpumSBKJeCtVCWz14ke1magPJbtyZiL69mxZBEQpeh%2f8bvn%2bmQNV3g6xHOpktvI2AFKzuSvYitM6VbkQ4F0kcplmWhfmxgXC2EGK2mM%2fzeHFgwRM4bK0pmYhiFqwQR1gZJGXIj2KRhkkSCrFPcimWMkmibJk%2bs6BGBEeeu7UGxx7cDtx7q%2bFxuy7ZiWhAybnuWjCEUQ%2bI6hU6dcBI255PwnywSFxpFnz0nUF5LlGy0RlpFbYojfKYJC139f1aejk5OEtW245VxVnTXdDrkPoWZdUUuygZoAg%2fe98RtO7s2ExaBb9srQrfqWknBoMHSzdwtA6uHcOHNmbj6iOB%2b5Gb7eP0V%2b5fugGvCv73tdUX&RelayState= HTTP 302
https://identity.symanteccloud.com/Logon?rsid=262bd4daf78c4451aaeff29d75d490ae Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request Logon Show response
identity.symanteccloud.com/
Redirect Chain

https://clients.messagelabs.com/
https://identity.symanteccloud.com/saml/redirect/sso?SAMLRequest=lZHBSsNAEIZfJew92WSbpumSBKJeCtVCWz14ke1magPJbtyZiL69mxZBEQpeh%2f8bvn%2bmQNV3g6xHOpktvI2AFKzuSvYitM6VbkQ4F0kcplmWhfmxgXC2EGK2mM%2fzeH...
https://identity.symanteccloud.com/Logon?rsid=262bd4daf78c4451aaeff29d75d490ae

10 KB
10 KB

72ms
72ms

Document
text/html

34.117.107.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.symanteccloud.com/Logon?rsid=262bd4daf78c4451aaeff29d75d490ae

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.107.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

115.107.117.34.bc.googleusercontent.com

Software

Resource Hash

fec36cf3dfb4fa63a4b513540e9647a2cb24a66882e2b4fef5d759092edb54ad

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' .symanteccloud.com .messagelabs.com; script-src 'self' 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY sameorigin
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
content-length: 10284
content-security-policy: default-src 'self' 'unsafe-inline' *.symanteccloud.com *.messagelabs.com; script-src 'self' 'unsafe-eval' 'unsafe-inline'
content-type: text/html; charset=utf-8
date: Fri, 22 Nov 2024 18:29:11 GMT
expires: -1
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000
via: 1.1 google
x-content-type-options: nosniff
x-frame-options: DENY sameorigin
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 161
content-security-policy: default-src 'self' 'unsafe-inline' *.symanteccloud.com *.messagelabs.com; script-src 'self' 'unsafe-eval' 'unsafe-inline'
content-type: text/html; charset=utf-8
date: Fri, 22 Nov 2024 18:29:11 GMT
location: /Logon?rsid=262bd4daf78c4451aaeff29d75d490ae
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000
via: 1.1 google
x-content-type-options: nosniff
x-frame-options: DENY sameorigin
x-xss-protection: 1; mode=block

GET
H3 200 Site.css
identity.symanteccloud.com/Content/identity.symanteccloud.com/ 10 KB
10 KB 54ms
54ms Stylesheet
text/css 34.117.107.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.symanteccloud.com/Content/identity.symanteccloud.com/Site.css

Requested by

Host: identity.symanteccloud.com
URL: https://identity.symanteccloud.com/Logon?rsid=262bd4daf78c4451aaeff29d75d490ae

Protocol

Security

QUIC, , AES_128_GCM

Server

34.117.107.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

115.107.117.34.bc.googleusercontent.com

Software

Resource Hash

e15f0bfd76dffa70abb44d4bbf1549fab439e454be38be369dcc04c5d44b5f76

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' .symanteccloud.com .messagelabs.com; script-src 'self' 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY, sameorigin
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://identity.symanteccloud.com/Logon?rsid=262bd4daf78c4451aaeff29d75d490ae

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' 'unsafe-inline' *.symanteccloud.com *.messagelabs.com; script-src 'self' 'unsafe-eval' 'unsafe-inline'
etag: "03672261e28da1:0"
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10612
x-xss-protection: 1; mode=block
date: Fri, 22 Nov 2024 18:29:12 GMT
content-type: text/css
last-modified: Wed, 06 Dec 2023 08:28:12 GMT
x-frame-options: DENY, sameorigin

GET
H3 200 Forms.css
identity.symanteccloud.com/Content/identity.symanteccloud.com/ 6 KB
6 KB 48ms
47ms Stylesheet
text/css 34.117.107.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.symanteccloud.com/Content/identity.symanteccloud.com/Forms.css

Requested by

Host: identity.symanteccloud.com
URL: https://identity.symanteccloud.com/Logon?rsid=262bd4daf78c4451aaeff29d75d490ae

Protocol

Security

QUIC, , AES_128_GCM

Server

34.117.107.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

115.107.117.34.bc.googleusercontent.com

Software

Resource Hash

9c212fa2e189eb47ee5094fe4a4dd373de4508683841f42eb33eb7a5943c9119

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' .symanteccloud.com .messagelabs.com; script-src 'self' 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY, sameorigin
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://identity.symanteccloud.com/Logon?rsid=262bd4daf78c4451aaeff29d75d490ae

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' 'unsafe-inline' *.symanteccloud.com *.messagelabs.com; script-src 'self' 'unsafe-eval' 'unsafe-inline'
etag: "03672261e28da1:0"
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6538
x-xss-protection: 1; mode=block
date: Fri, 22 Nov 2024 18:29:12 GMT
content-type: text/css
last-modified: Wed, 06 Dec 2023 08:28:12 GMT
x-frame-options: DENY, sameorigin

GET
H3 200 skeleton.css
identity.symanteccloud.com/Content/identity.symanteccloud.com/ 10 KB
10 KB 63ms
62ms Stylesheet
text/css 34.117.107.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.symanteccloud.com/Content/identity.symanteccloud.com/skeleton.css

Requested by

Host: identity.symanteccloud.com
URL: https://identity.symanteccloud.com/Logon?rsid=262bd4daf78c4451aaeff29d75d490ae

Protocol

Security

QUIC, , AES_128_GCM

Server

34.117.107.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

115.107.117.34.bc.googleusercontent.com

Software

Resource Hash

d8ebb583cbd79062f766db6dc8dc01362405d437e6de93b4df2138abf03661b2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' .symanteccloud.com .messagelabs.com; script-src 'self' 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY, sameorigin
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://identity.symanteccloud.com/Logon?rsid=262bd4daf78c4451aaeff29d75d490ae

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' 'unsafe-inline' *.symanteccloud.com *.messagelabs.com; script-src 'self' 'unsafe-eval' 'unsafe-inline'
etag: "03672261e28da1:0"
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9788
x-xss-protection: 1; mode=block
date: Fri, 22 Nov 2024 18:29:12 GMT
content-type: text/css
last-modified: Wed, 06 Dec 2023 08:28:12 GMT
x-frame-options: DENY, sameorigin

GET
H3 200 jquery-3.6.0.js Show response
identity.symanteccloud.com/Scripts/ 292 KB
293 KB 88ms
87ms Script
application/javascript 34.117.107.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.symanteccloud.com/Scripts/jquery-3.6.0.js

Requested by

Host: identity.symanteccloud.com
URL: https://identity.symanteccloud.com/Logon?rsid=262bd4daf78c4451aaeff29d75d490ae

Protocol

Security

QUIC, , AES_128_GCM

Server

34.117.107.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

115.107.117.34.bc.googleusercontent.com

Software

Resource Hash

29223fdf1c42ac27b10aea5dcd02513f507a22a83ed8d03e5f6bb7f1c41daaaf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' .symanteccloud.com .messagelabs.com; script-src 'self' 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY, sameorigin
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://identity.symanteccloud.com/Logon?rsid=262bd4daf78c4451aaeff29d75d490ae

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' 'unsafe-inline' *.symanteccloud.com *.messagelabs.com; script-src 'self' 'unsafe-eval' 'unsafe-inline'
etag: "03672261e28da1:0"
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 299461
x-xss-protection: 1; mode=block
date: Fri, 22 Nov 2024 18:29:12 GMT
content-type: application/javascript
last-modified: Wed, 06 Dec 2023 08:28:12 GMT
x-frame-options: DENY, sameorigin

GET
H3 200 jquery-ui.js Show response
identity.symanteccloud.com/Scripts/ 535 KB
535 KB 80ms
79ms Script
application/javascript 34.117.107.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.symanteccloud.com/Scripts/jquery-ui.js

Requested by

Host: identity.symanteccloud.com
URL: https://identity.symanteccloud.com/Logon?rsid=262bd4daf78c4451aaeff29d75d490ae

Protocol

Security

QUIC, , AES_128_GCM

Server

34.117.107.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

115.107.117.34.bc.googleusercontent.com

Software

Resource Hash

ccf7a3f62c5b7cd88e47b3a4171250e59ca99a2974d670e8221040ddeb8f74b1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' .symanteccloud.com .messagelabs.com; script-src 'self' 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY, sameorigin
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://identity.symanteccloud.com/Logon?rsid=262bd4daf78c4451aaeff29d75d490ae

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' 'unsafe-inline' *.symanteccloud.com *.messagelabs.com; script-src 'self' 'unsafe-eval' 'unsafe-inline'
etag: "03672261e28da1:0"
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 547780
x-xss-protection: 1; mode=block
date: Fri, 22 Nov 2024 18:29:12 GMT
content-type: application/javascript
last-modified: Wed, 06 Dec 2023 08:28:12 GMT
x-frame-options: DENY, sameorigin

GET
H3 200 jquery.unobtrusive-ajax.js Show response
identity.symanteccloud.com/Scripts/ 8 KB
8 KB 78ms
77ms Script
application/javascript 34.117.107.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.symanteccloud.com/Scripts/jquery.unobtrusive-ajax.js

Requested by

Host: identity.symanteccloud.com
URL: https://identity.symanteccloud.com/Logon?rsid=262bd4daf78c4451aaeff29d75d490ae

Protocol

Security

QUIC, , AES_128_GCM

Server

34.117.107.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

115.107.117.34.bc.googleusercontent.com

Software

Resource Hash

e784ec2530fa9d7a0719c7edf7e48f1f88e0715ff76b28a725a5929a23d660c1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' .symanteccloud.com .messagelabs.com; script-src 'self' 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY, sameorigin
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://identity.symanteccloud.com/Logon?rsid=262bd4daf78c4451aaeff29d75d490ae

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' 'unsafe-inline' *.symanteccloud.com *.messagelabs.com; script-src 'self' 'unsafe-eval' 'unsafe-inline'
etag: "03672261e28da1:0"
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8077
x-xss-protection: 1; mode=block
date: Fri, 22 Nov 2024 18:29:12 GMT
content-type: application/javascript
last-modified: Wed, 06 Dec 2023 08:28:12 GMT
x-frame-options: DENY, sameorigin

GET
H3 200 jquery.validate.js Show response
identity.symanteccloud.com/Scripts/ 51 KB
51 KB 54ms
53ms Script
application/javascript 34.117.107.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.symanteccloud.com/Scripts/jquery.validate.js

Requested by

Host: identity.symanteccloud.com
URL: https://identity.symanteccloud.com/Logon?rsid=262bd4daf78c4451aaeff29d75d490ae

Protocol

Security

QUIC, , AES_128_GCM

Server

34.117.107.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

115.107.117.34.bc.googleusercontent.com

Software

Resource Hash

c5d85d054886c5b1438c896e06123d5d18a0f530f2da3c46271047b1b40cef00

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' .symanteccloud.com .messagelabs.com; script-src 'self' 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY, sameorigin
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://identity.symanteccloud.com/Logon?rsid=262bd4daf78c4451aaeff29d75d490ae

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' 'unsafe-inline' *.symanteccloud.com *.messagelabs.com; script-src 'self' 'unsafe-eval' 'unsafe-inline'
etag: "03672261e28da1:0"
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52599
x-xss-protection: 1; mode=block
date: Fri, 22 Nov 2024 18:29:12 GMT
content-type: application/javascript
last-modified: Wed, 06 Dec 2023 08:28:12 GMT
x-frame-options: DENY, sameorigin

GET
H3 200 jquery.validate.unobtrusive.js Show response
identity.symanteccloud.com/Scripts/ 19 KB
19 KB 72ms
70ms Script
application/javascript 34.117.107.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.symanteccloud.com/Scripts/jquery.validate.unobtrusive.js

Requested by

Host: identity.symanteccloud.com
URL: https://identity.symanteccloud.com/Logon?rsid=262bd4daf78c4451aaeff29d75d490ae

Protocol

Security

QUIC, , AES_128_GCM

Server

34.117.107.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

115.107.117.34.bc.googleusercontent.com

Software

Resource Hash

5a5f54687c5afe41163691100c60a8095b106b1287813499f514c0dfd85fe682

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' .symanteccloud.com .messagelabs.com; script-src 'self' 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY, sameorigin
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://identity.symanteccloud.com/Logon?rsid=262bd4daf78c4451aaeff29d75d490ae

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' 'unsafe-inline' *.symanteccloud.com *.messagelabs.com; script-src 'self' 'unsafe-eval' 'unsafe-inline'
etag: "03672261e28da1:0"
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19798
x-xss-protection: 1; mode=block
date: Fri, 22 Nov 2024 18:29:12 GMT
content-type: application/javascript
last-modified: Wed, 06 Dec 2023 08:28:12 GMT
x-frame-options: DENY, sameorigin

GET
H3 200 symantecFooter.png
identity.symanteccloud.com/Content/Common/Image/ 4 KB
4 KB 181ms
180ms Image
image/png 34.117.107.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://identity.symanteccloud.com/Content/Common/Image/symantecFooter.png

Requested by

Host: identity.symanteccloud.com
URL: https://identity.symanteccloud.com/Logon?rsid=262bd4daf78c4451aaeff29d75d490ae

Protocol

Security

QUIC, , AES_128_GCM

Server

34.117.107.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

115.107.117.34.bc.googleusercontent.com

Software

Resource Hash

13ddd8d4faf41ec70828aef117e8d962072d479fe1a16bed76ab97b81bdc0a11

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' .symanteccloud.com .messagelabs.com; script-src 'self' 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY, sameorigin
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://identity.symanteccloud.com/Logon?rsid=262bd4daf78c4451aaeff29d75d490ae

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' 'unsafe-inline' *.symanteccloud.com *.messagelabs.com; script-src 'self' 'unsafe-eval' 'unsafe-inline'
etag: "03672261e28da1:0"
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3941
x-xss-protection: 1; mode=block
date: Fri, 22 Nov 2024 18:29:12 GMT
content-type: image/png
last-modified: Wed, 06 Dec 2023 08:28:12 GMT
x-frame-options: DENY, sameorigin

GET
H3 200 EmailSecurityBG.png
identity.symanteccloud.com/Content/Common/Image/ 24 KB
24 KB 46ms
45ms Image
image/png 34.117.107.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://identity.symanteccloud.com/Content/Common/Image/EmailSecurityBG.png

Requested by

Host: identity.symanteccloud.com
URL: https://identity.symanteccloud.com/Content/identity.symanteccloud.com/Site.css

Protocol

Security

QUIC, , AES_128_GCM

Server

34.117.107.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

115.107.117.34.bc.googleusercontent.com

Software

Resource Hash

5ab4a9f8cdf864651ad43ad9423192da77465d23e1e5fda978ec50e410e6a502

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' .symanteccloud.com .messagelabs.com; script-src 'self' 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY, sameorigin
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://identity.symanteccloud.com/Content/identity.symanteccloud.com/Site.css

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' 'unsafe-inline' *.symanteccloud.com *.messagelabs.com; script-src 'self' 'unsafe-eval' 'unsafe-inline'
etag: "03672261e28da1:0"
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24142
x-xss-protection: 1; mode=block
date: Fri, 22 Nov 2024 18:29:12 GMT
content-type: image/png
last-modified: Wed, 06 Dec 2023 08:28:12 GMT
x-frame-options: DENY, sameorigin

GET
H3 200 logo_symantec.png
identity.symanteccloud.com/Content/Common/Image/ 6 KB
6 KB 45ms
43ms Image
image/png 34.117.107.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://identity.symanteccloud.com/Content/Common/Image/logo_symantec.png

Requested by

Host: identity.symanteccloud.com
URL: https://identity.symanteccloud.com/Content/identity.symanteccloud.com/Site.css

Protocol

Security

QUIC, , AES_128_GCM

Server

34.117.107.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

115.107.117.34.bc.googleusercontent.com

Software

Resource Hash

e35dc1823fb870316640e980fc7a33993b3f856d592a67bb4747b10a7342c94e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' .symanteccloud.com .messagelabs.com; script-src 'self' 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY, sameorigin
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://identity.symanteccloud.com/Content/identity.symanteccloud.com/Site.css

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' 'unsafe-inline' *.symanteccloud.com *.messagelabs.com; script-src 'self' 'unsafe-eval' 'unsafe-inline'
etag: "03672261e28da1:0"
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6384
x-xss-protection: 1; mode=block
date: Fri, 22 Nov 2024 18:29:12 GMT
content-type: image/png
last-modified: Wed, 06 Dec 2023 08:28:12 GMT
x-frame-options: DENY, sameorigin

GET
H3 200 SA______.woff2
identity.symanteccloud.com/Content/Common/SymFonts/ 17 KB
17 KB 42ms
42ms Font
application/font-woff2 34.117.107.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.symanteccloud.com/Content/Common/SymFonts/SA______.woff2

Requested by

Host: identity.symanteccloud.com
URL: https://identity.symanteccloud.com/Content/identity.symanteccloud.com/Site.css

Protocol

Security

QUIC, , AES_128_GCM

Server

34.117.107.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

115.107.117.34.bc.googleusercontent.com

Software

Resource Hash

abca3daa703fdf69fff84cc44f631bc5f047cbb892fd5977f8076758a61d15f7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' .symanteccloud.com .messagelabs.com; script-src 'self' 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY, sameorigin
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://identity.symanteccloud.com
Referer: https://identity.symanteccloud.com/Content/identity.symanteccloud.com/Site.css

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' 'unsafe-inline' *.symanteccloud.com *.messagelabs.com; script-src 'self' 'unsafe-eval' 'unsafe-inline'
etag: "03672261e28da1:0"
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17424
x-xss-protection: 1; mode=block
date: Fri, 22 Nov 2024 18:29:12 GMT
content-type: application/font-woff2
last-modified: Wed, 06 Dec 2023 08:28:12 GMT
x-frame-options: DENY, sameorigin

GET
H3 200 favicon.ico
identity.symanteccloud.com/ 1 KB
1 KB 60ms
60ms Other
text/html 34.117.107.115
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.symanteccloud.com/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

34.117.107.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

115.107.117.34.bc.googleusercontent.com

Software

Resource Hash

69c7025da6050c746ba436b9d115b19dc99d6cb966edc2ddb1956d6364667a81

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' .symanteccloud.com .messagelabs.com; script-src 'self' 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY, sameorigin
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://identity.symanteccloud.com/Logon?rsid=262bd4daf78c4451aaeff29d75d490ae

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self' 'unsafe-inline' *.symanteccloud.com *.messagelabs.com; script-src 'self' 'unsafe-eval' 'unsafe-inline'
etag: "03672261e28da1:0"
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1313
x-xss-protection: 1; mode=block
date: Fri, 22 Nov 2024 18:29:12 GMT
content-type: text/html
last-modified: Wed, 06 Dec 2023 08:28:12 GMT
x-frame-options: DENY, sameorigin

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
clients.messagelabs.com/	1969-12-31 23:59:59	Name: GCLB Value: CKvbntak7da3vAEQAw
identity.symanteccloud.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: 3a1c86e1-25b3-46c1-ac9c-d9ee66249a60
identity.symanteccloud.com/	1969-12-31 23:59:59	Name: GCLB Value: COb_juSk4KvT3wEQAw

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' .symanteccloud.com .messagelabs.com; script-src 'self' 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY sameorigin
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

clients.messagelabs.com
identity.symanteccloud.com
34.102.198.162
34.117.107.115
13ddd8d4faf41ec70828aef117e8d962072d479fe1a16bed76ab97b81bdc0a11
29223fdf1c42ac27b10aea5dcd02513f507a22a83ed8d03e5f6bb7f1c41daaaf
5a5f54687c5afe41163691100c60a8095b106b1287813499f514c0dfd85fe682
5ab4a9f8cdf864651ad43ad9423192da77465d23e1e5fda978ec50e410e6a502
69c7025da6050c746ba436b9d115b19dc99d6cb966edc2ddb1956d6364667a81
9c212fa2e189eb47ee5094fe4a4dd373de4508683841f42eb33eb7a5943c9119
abca3daa703fdf69fff84cc44f631bc5f047cbb892fd5977f8076758a61d15f7
c5d85d054886c5b1438c896e06123d5d18a0f530f2da3c46271047b1b40cef00
ccf7a3f62c5b7cd88e47b3a4171250e59ca99a2974d670e8221040ddeb8f74b1
d8ebb583cbd79062f766db6dc8dc01362405d437e6de93b4df2138abf03661b2
e15f0bfd76dffa70abb44d4bbf1549fab439e454be38be369dcc04c5d44b5f76
e35dc1823fb870316640e980fc7a33993b3f856d592a67bb4747b10a7342c94e
e784ec2530fa9d7a0719c7edf7e48f1f88e0715ff76b28a725a5929a23d660c1
fec36cf3dfb4fa63a4b513540e9647a2cb24a66882e2b4fef5d759092edb54ad

identity.symanteccloud.com Open in urlscan Pro 34.117.107.115 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

14 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

1 IPs

1 Countries

995 kBTransfer

994 kBSize

3 Cookies

5 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

3 Cookies

Security Headers

Indicators

identity.symanteccloud.com Open in urlscan Pro
34.117.107.115 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

995 kB
Transfer

994 kB
Size

3
Cookies

14 HTTP transactions
0 data transactions