region-iad10.auth.scs.splunk.com
Open in
urlscan Pro
52.86.224.134
Public Scan
Effective URL: https://region-iad10.auth.scs.splunk.com/login?client_id=0oa1cakdfxAUM1Eyi4x7&code_challenge=GK87MTAOd0TkUNW4blBkKC_Pa0_sikTLzUNW5ap5L78&...
Submission: On September 22 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by R3 on August 4th 2021. Valid for: 3 months.
This is the only time region-iad10.auth.scs.splunk.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 34.235.195.110 34.235.195.110 | 14618 (AMAZON-AES) (AMAZON-AES) | |
4 | 13.32.99.101 13.32.99.101 | 16509 (AMAZON-02) (AMAZON-02) | |
1 5 | 52.86.224.134 52.86.224.134 | 14618 (AMAZON-AES) (AMAZON-AES) | |
8 | 2 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-235-195-110.compute-1.amazonaws.com
knlekswp.r.us-east-1.awstrack.me |
ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-101.fra60.r.cloudfront.net
console.scs.splunk.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-224-134.compute-1.amazonaws.com
blackstone.auth.scs.splunk.com | |
region-iad10.auth.scs.splunk.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
splunk.com
1 redirects
console.scs.splunk.com blackstone.auth.scs.splunk.com region-iad10.auth.scs.splunk.com |
2 MB |
1 |
awstrack.me
1 redirects
knlekswp.r.us-east-1.awstrack.me |
215 B |
8 | 2 |
Domain | Requested by | |
---|---|---|
4 | region-iad10.auth.scs.splunk.com |
console.scs.splunk.com
region-iad10.auth.scs.splunk.com |
4 | console.scs.splunk.com |
console.scs.splunk.com
|
1 | blackstone.auth.scs.splunk.com | 1 redirects |
1 | knlekswp.r.us-east-1.awstrack.me | 1 redirects |
8 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.splunk.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
console.scs.splunk.com Amazon |
2020-11-11 - 2021-12-10 |
a year | crt.sh |
*.auth.scs.splunk.com R3 |
2021-08-04 - 2021-11-02 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://region-iad10.auth.scs.splunk.com/login?client_id=0oa1cakdfxAUM1Eyi4x7&code_challenge=GK87MTAOd0TkUNW4blBkKC_Pa0_sikTLzUNW5ap5L78&code_challenge_method=S256&encode_state=true&inviteID=i614a426aaeaf78001c1149a8&nonce=23Daa1BTcpy9SzPcGo3AC5XNnPBDgxfOIEft5cMQRzx0wbaBJEJSDb1N9noHUE6k&redirect_uri=https%3A%2F%2Fconsole.scs.splunk.com®ion=region-iad10&response_type=code&scope=openid+email+profile+offline_access&state=1S0u14zG1O2Z9UYcDKKywiqo1NGN6M0WCodPiogXKYVhSc4fZyOy945cZ5dIRq8p&tenant=blackstone&requestId=85e671cf-7a0f-9f08-a7b5-04cc8694d7b1
Frame ID: BB63A16631FCCEB43BB56EA7578714F4
Requests: 8 HTTP requests in this frame
Screenshot
Page Title
Login - Splunk Cloud ServicesPage URL History Show full URLs
-
https://knlekswp.r.us-east-1.awstrack.me/L0/https:%2F%2Fconsole.scs.splunk.com%2Fsystem%2Fuser%2Faccept%3FinviteID=i6...
HTTP 302
https://console.scs.splunk.com/system/user/accept?inviteID=i614a426aaeaf78001c1149a8&tenantName=blackstone Page URL
-
https://blackstone.auth.scs.splunk.com/authorize?client_id=0oa1cakdfxAUM1Eyi4x7&code_challenge=GK87MTAOd0TkUNW4blBk...
HTTP 302
https://region-iad10.auth.scs.splunk.com/login?client_id=0oa1cakdfxAUM1Eyi4x7&code_challenge=GK87MTAOd0TkUNW4blBkKC_P... Page URL
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: here
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://knlekswp.r.us-east-1.awstrack.me/L0/https:%2F%2Fconsole.scs.splunk.com%2Fsystem%2Fuser%2Faccept%3FinviteID=i614a426aaeaf78001c1149a8%26tenantName=blackstone/1/0100017c0a13724d-04ab92c2-ed39-49c0-81c8-80be336d5932-000000/JQg5uhZaj5cy2ycNTV6qRsYrm9k=236
HTTP 302
https://console.scs.splunk.com/system/user/accept?inviteID=i614a426aaeaf78001c1149a8&tenantName=blackstone Page URL
-
https://blackstone.auth.scs.splunk.com/authorize?client_id=0oa1cakdfxAUM1Eyi4x7&code_challenge=GK87MTAOd0TkUNW4blBkKC_Pa0_sikTLzUNW5ap5L78&code_challenge_method=S256&redirect_uri=https%3A%2F%2Fconsole.scs.splunk.com&response_type=code&state=1S0u14zG1O2Z9UYcDKKywiqo1NGN6M0WCodPiogXKYVhSc4fZyOy945cZ5dIRq8p&nonce=23Daa1BTcpy9SzPcGo3AC5XNnPBDgxfOIEft5cMQRzx0wbaBJEJSDb1N9noHUE6k&scope=openid%20email%20profile%20offline_access&encode_state=1&tenant=blackstone&inviteID=i614a426aaeaf78001c1149a8
HTTP 302
https://region-iad10.auth.scs.splunk.com/login?client_id=0oa1cakdfxAUM1Eyi4x7&code_challenge=GK87MTAOd0TkUNW4blBkKC_Pa0_sikTLzUNW5ap5L78&code_challenge_method=S256&encode_state=true&inviteID=i614a426aaeaf78001c1149a8&nonce=23Daa1BTcpy9SzPcGo3AC5XNnPBDgxfOIEft5cMQRzx0wbaBJEJSDb1N9noHUE6k&redirect_uri=https%3A%2F%2Fconsole.scs.splunk.com®ion=region-iad10&response_type=code&scope=openid+email+profile+offline_access&state=1S0u14zG1O2Z9UYcDKKywiqo1NGN6M0WCodPiogXKYVhSc4fZyOy945cZ5dIRq8p&tenant=blackstone&requestId=85e671cf-7a0f-9f08-a7b5-04cc8694d7b1 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://knlekswp.r.us-east-1.awstrack.me/L0/https:%2F%2Fconsole.scs.splunk.com%2Fsystem%2Fuser%2Faccept%3FinviteID=i614a426aaeaf78001c1149a8%26tenantName=blackstone/1/0100017c0a13724d-04ab92c2-ed39-49c0-81c8-80be336d5932-000000/JQg5uhZaj5cy2ycNTV6qRsYrm9k=236 HTTP 302
- https://console.scs.splunk.com/system/user/accept?inviteID=i614a426aaeaf78001c1149a8&tenantName=blackstone
8 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
accept
console.scs.splunk.com/system/user/ Redirect Chain
|
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
env.js
console.scs.splunk.com/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendors~main~253ae210.1.8b73bbc9d2bd8896309a.js
console.scs.splunk.com/ |
2 MB 375 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main~01e7b97c.js
console.scs.splunk.com/ |
389 KB 85 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
login
region-iad10.auth.scs.splunk.com/ Redirect Chain
|
773 B 940 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
region-iad10.auth.scs.splunk.com/ |
1 MB 1 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
splunkdatasans-semibold.woff2
region-iad10.auth.scs.splunk.com/fonts/ |
20 KB 21 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
splunkdatasans-regular.woff2
region-iad10.auth.scs.splunk.com/fonts/ |
21 KB 21 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
14 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect boolean| originAgentCluster object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| _ number| 2f1acc6c3a606b082e5eef5e54414ffb0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=63072000; includeSubdomains; preload |
X-Content-Type-Options | nosniff |
X-Frame-Options | DENY |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
blackstone.auth.scs.splunk.com
console.scs.splunk.com
knlekswp.r.us-east-1.awstrack.me
region-iad10.auth.scs.splunk.com
13.32.99.101
34.235.195.110
52.86.224.134
0efbf7c32725b0e76edb4bff2e8e71272222dfb04c7871d8ab73a9cf00637a24
322d926828474efabad9da02f058a4bda40d165604ac6bda1355b6ed852fe2be
414d7bc2b5920eff83635ad3be744a9a8d55e43146bd98480b6b58b6819894a8
552ac5ab2a6ccfedf6d3587615aa921c181f4bcbf0f4bfc8c6594d73e98fc1a9
56873e94ad9e3ce46df5f45878aaaa57d99fdf48c8b812ed85c9a1c404ef9902
9f8a9acc283fbba0c7520c3e7b64f93972ee2d01a1d905182ac8decc63eb12d5
a8cbddc0f340a88f83aa024ff3af5d0d939563de1c089cbb3a531ea826591d72
f126cc8a3f5faaca87fff64d208cf522871d72cb0c68aac1e5b32ea8c53fcb02