sso.smartling.com Open in urlscan Pro
54.243.236.134 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://es.account-vicu.ourbranch.dev/
Effective URL:
https://sso.smartling.com/auth/realms/Smartling/protocol/openid-connect/auth?response_type=code&client_id=wa&redirect_uri=...
Submission: On September 22 via automatic, source certstream-suspicious (September 22nd 2023, 2:18:37 pm UTC) — Scanned from DE

Summary HTTP 12 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 12 HTTP transactions. The main IP is 54.243.236.134, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is sso.smartling.com.
TLS certificate: Issued by Amazon RSA 2048 M01 on April 11th 2023. Valid for: a year.

This is the only time sso.smartling.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	35.174.255.90 35.174.255.90	14618 (AMAZON-AES) (AMAZON-AES)
3 3	23.21.68.21 23.21.68.21	14618 (AMAZON-AES) (AMAZON-AES)
8	54.243.236.134 54.243.236.134	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
1	13.32.99.9 13.32.99.9	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:211... 2600:9000:211e:2c00:12:94b3:c380:93a1	16509 (AMAZON-02) (AMAZON-02)
12	6

1 35.174.255.90 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-174-255-90.compute-1.amazonaws.com

es.account-vicu.ourbranch.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.21.68.21 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-21-68-21.compute-1.amazonaws.com

dashboard.smartling.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 54.243.236.134 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-236-134.compute-1.amazonaws.com

sso.smartling.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.9 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-9.fra60.r.cloudfront.net

cdn.rollbar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:2c00:12:94b3:c380:93a1 (United States)

ASN16509 (AMAZON-02, US)

images.ctfassets.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	smartling.com 3 redirects dashboard.smartling.com — Cisco Umbrella Rank: 576482 sso.smartling.com	414 KB
1	ctfassets.net images.ctfassets.net — Cisco Umbrella Rank: 4381	2 MB
1	gstatic.com fonts.gstatic.com	33 KB
1	rollbar.com cdn.rollbar.com — Cisco Umbrella Rank: 18394	22 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 113	1 KB
1	ourbranch.dev 1 redirects es.account-vicu.ourbranch.dev	179 B
12	6

	Domain	Requested by
8	sso.smartling.com	sso.smartling.com
3	dashboard.smartling.com	3 redirects
1	images.ctfassets.net
1	fonts.gstatic.com	fonts.googleapis.com
1	cdn.rollbar.com	sso.smartling.com
1	fonts.googleapis.com	sso.smartling.com
1	es.account-vicu.ourbranch.dev	1 redirects
12	7

This site contains links to these domains. Also see Links.

Domain
help.smartling.com

Subject Issuer	Validity	Valid
sso.smartling.com Amazon RSA 2048 M01	`2023-04-11` - `2024-05-09`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
cdn.rollbar.com Amazon RSA 2048 M02	`2023-05-12` - `2024-06-09`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
images.ctfassets.net Amazon RSA 2048 M01	`2023-02-28` - `2024-02-16`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://sso.smartling.com/auth/realms/Smartling/protocol/openid-connect/auth?response_type=code&client_id=wa&redirect_uri=https%3A%2F%2Fdashboard.smartling.com%2Fsso%2Flogin.htm&state=10472%2Fd502f1cb-cf99-42c5-9811-352f5e5d3261&login=true
Frame ID: AB571A9144B56053BA9D880182B96ECD
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Log in to Smartling smartling-logoGoogle Login

Page URL History Show full URLs

https://es.account-vicu.ourbranch.dev/ HTTP 302
https://dashboard.smartling.com/protected_sites/check_permission.htm?siteId=91532&languageId=es&countryId=US... HTTP 302
https://dashboard.smartling.com/users/login.htm HTTP 302
https://dashboard.smartling.com/sso/login.htm HTTP 302
https://sso.smartling.com/auth/realms/Smartling/protocol/openid-connect/auth?response_type=code&client... Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

12
Requests

100 %
HTTPS

43 %
IPv6

6
Domains

7
Subdomains

6
IPs

2
Countries

2158 kB
Transfer

2211 kB
Size

8
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://help.smartling.com/hc/en-us/articles/18151963855899
Title: Learn More

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://es.account-vicu.ourbranch.dev/ HTTP 302
https://dashboard.smartling.com/protected_sites/check_permission.htm?siteId=91532&languageId=es&countryId=US&referer=https%3A%2F%2Fes.account-vicu.ourbranch.dev%2F HTTP 302
https://dashboard.smartling.com/users/login.htm HTTP 302
https://dashboard.smartling.com/sso/login.htm HTTP 302
https://sso.smartling.com/auth/realms/Smartling/protocol/openid-connect/auth?response_type=code&client_id=wa&redirect_uri=https%3A%2F%2Fdashboard.smartling.com%2Fsso%2Flogin.htm&state=10472%2Fd502f1cb-cf99-42c5-9811-352f5e5d3261&login=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request auth Show response
sso.smartling.com/auth/realms/Smartling/protocol/openid-connect/
Redirect Chain

https://es.account-vicu.ourbranch.dev/
https://dashboard.smartling.com/protected_sites/check_permission.htm?siteId=91532&languageId=es&countryId=US&referer=https%3A%2F%2Fes.account-vicu.ourbranch.dev%2F
https://dashboard.smartling.com/users/login.htm
https://dashboard.smartling.com/sso/login.htm
https://sso.smartling.com/auth/realms/Smartling/protocol/openid-connect/auth?response_type=code&client_id=wa&redirect_uri=https%3A%2F%2Fdashboard.smartling.com%2Fsso%2Flogin.htm&state=10472%2Fd502f...

22 KB
24 KB

595ms
229ms

Document
text/html

54.243.236.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.smartling.com/auth/realms/Smartling/protocol/openid-connect/auth?response_type=code&client_id=wa&redirect_uri=https%3A%2F%2Fdashboard.smartling.com%2Fsso%2Flogin.htm&state=10472%2Fd502f1cb-cf99-42c5-9811-352f5e5d3261&login=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.243.236.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-236-134.compute-1.amazonaws.com

Software

Resource Hash

be10d5e9b165d8dd5415fb8bbde4da0ced3f5858d3086a75195402b7ac92b957

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' https://cdn.rollbar.com/ https://www.google.com/ https://www.gstatic.com/ 'unsafe-inline'; object-src 'none'; img-src 'self' https://images.ctfassets.net/ data:; font-src 'self' https://fonts.gstatic.com/; frame-src https://*.smartling.com https://www.google.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN ALLOW-FROM https://dashboard.smartling.com
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, must-revalidate, max-age=0
content-security-policy: script-src 'self' https://cdn.rollbar.com/ https://www.google.com/ https://www.gstatic.com/ 'unsafe-inline'; object-src 'none'; img-src 'self' https://images.ctfassets.net/ data:; font-src 'self' https://fonts.gstatic.com/; frame-src https://*.smartling.com https://www.google.com
content-type: text/html
date: Fri, 22 Sep 2023 14:18:31 GMT
permissions-policy: geolocation=(self), camera=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN ALLOW-FROM https://dashboard.smartling.com
x-xss-protection: 1; mode=block

Redirect headers

Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Date: Fri, 22 Sep 2023 14:18:30 GMT
Expires: Fri, 22 Sep 2023 14:18:29 GMT
Location: https://sso.smartling.com/auth/realms/Smartling/protocol/openid-connect/auth?response_type=code&client_id=wa&redirect_uri=https%3A%2F%2Fdashboard.smartling.com%2Fsso%2Flogin.htm&state=10472%2Fd502f1cb-cf99-42c5-9811-352f5e5d3261&login=true
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: SAMEORIGIN
pragma: no-cache
strict-transport-security: max-age=63072000; includeSubDomains;
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 styles2020r17.css
sso.smartling.com/auth/resources/1.9.4.smartling-snapshot/login/smartling/css/ 14 KB
15 KB 114ms
113ms Stylesheet
text/css 54.243.236.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.smartling.com/auth/resources/1.9.4.smartling-snapshot/login/smartling/css/styles2020r17.css

Requested by

Host: sso.smartling.com
URL: https://sso.smartling.com/auth/realms/Smartling/protocol/openid-connect/auth?response_type=code&client_id=wa&redirect_uri=https%3A%2F%2Fdashboard.smartling.com%2Fsso%2Flogin.htm&state=10472%2Fd502f1cb-cf99-42c5-9811-352f5e5d3261&login=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.243.236.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-236-134.compute-1.amazonaws.com

Software

Resource Hash

23e358351849cbdcdc3c55bc54b1085162dc4ed24c913564dfa4a6317f557aba

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' https://cdn.rollbar.com/ https://www.google.com/ https://www.gstatic.com/ 'unsafe-inline'; object-src 'none'; img-src 'self' https://images.ctfassets.net/ data:; font-src 'self' https://fonts.gstatic.com/;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sso.smartling.com/auth/realms/Smartling/protocol/openid-connect/auth?response_type=code&client_id=wa&redirect_uri=https%3A%2F%2Fdashboard.smartling.com%2Fsso%2Flogin.htm&state=10472%2Fd502f1cb-cf99-42c5-9811-352f5e5d3261&login=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 14:18:31 GMT
content-security-policy: script-src 'self' https://cdn.rollbar.com/ https://www.google.com/ https://www.gstatic.com/ 'unsafe-inline'; object-src 'none'; img-src 'self' https://images.ctfassets.net/ data:; font-src 'self' https://fonts.gstatic.com/;
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
permissions-policy: geolocation=(self), camera=(), microphone=()
content-length: 14209
x-xss-protection: 1; mode=block

GET
H2 200 track.js Show response
sso.smartling.com/auth/resources/1.9.4.smartling-snapshot/login/smartling/js/ 8 KB
8 KB 113ms
112ms Script
text/javascript 54.243.236.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.smartling.com/auth/resources/1.9.4.smartling-snapshot/login/smartling/js/track.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.243.236.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-236-134.compute-1.amazonaws.com

Software

Resource Hash

ef1f3482ddc600659c154b2b2fa2d616626245c0edebaa7686efa01712935222

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' https://cdn.rollbar.com/ https://www.google.com/ https://www.gstatic.com/ 'unsafe-inline'; object-src 'none'; img-src 'self' https://images.ctfassets.net/ data:; font-src 'self' https://fonts.gstatic.com/;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sso.smartling.com/auth/realms/Smartling/protocol/openid-connect/auth?response_type=code&client_id=wa&redirect_uri=https%3A%2F%2Fdashboard.smartling.com%2Fsso%2Flogin.htm&state=10472%2Fd502f1cb-cf99-42c5-9811-352f5e5d3261&login=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 14:18:31 GMT
content-security-policy: script-src 'self' https://cdn.rollbar.com/ https://www.google.com/ https://www.gstatic.com/ 'unsafe-inline'; object-src 'none'; img-src 'self' https://images.ctfassets.net/ data:; font-src 'self' https://fonts.gstatic.com/;
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=2592000
permissions-policy: geolocation=(self), camera=(), microphone=()
content-length: 7833
x-xss-protection: 1; mode=block

GET
H2 200 main2020r17.js Show response
sso.smartling.com/auth/resources/1.9.4.smartling-snapshot/login/smartling/js/ 122 KB
123 KB 222ms
221ms Script
text/javascript 54.243.236.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.smartling.com/auth/resources/1.9.4.smartling-snapshot/login/smartling/js/main2020r17.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.243.236.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-236-134.compute-1.amazonaws.com

Software

Resource Hash

45947d13094666dafa4ca92c66f785277977fa5e3d7d98f731697aca928d9af7

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' https://cdn.rollbar.com/ https://www.google.com/ https://www.gstatic.com/ 'unsafe-inline'; object-src 'none'; img-src 'self' https://images.ctfassets.net/ data:; font-src 'self' https://fonts.gstatic.com/;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sso.smartling.com/auth/realms/Smartling/protocol/openid-connect/auth?response_type=code&client_id=wa&redirect_uri=https%3A%2F%2Fdashboard.smartling.com%2Fsso%2Flogin.htm&state=10472%2Fd502f1cb-cf99-42c5-9811-352f5e5d3261&login=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 14:18:31 GMT
content-security-policy: script-src 'self' https://cdn.rollbar.com/ https://www.google.com/ https://www.gstatic.com/ 'unsafe-inline'; object-src 'none'; img-src 'self' https://images.ctfassets.net/ data:; font-src 'self' https://fonts.gstatic.com/;
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=2592000
permissions-policy: geolocation=(self), camera=(), microphone=()
x-xss-protection: 1; mode=block

GET
H2 200 marketing03.js Show response
sso.smartling.com/auth/resources/1.9.4.smartling-snapshot/login/smartling/js/ 1 KB
2 KB 217ms
216ms Script
text/javascript 54.243.236.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.smartling.com/auth/resources/1.9.4.smartling-snapshot/login/smartling/js/marketing03.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.243.236.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-236-134.compute-1.amazonaws.com

Software

Resource Hash

53ac067f768077baa6e9aa7268013719b6c242dbc75ab4eeef2abd47a35470e7

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' https://cdn.rollbar.com/ https://www.google.com/ https://www.gstatic.com/ 'unsafe-inline'; object-src 'none'; img-src 'self' https://images.ctfassets.net/ data:; font-src 'self' https://fonts.gstatic.com/;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sso.smartling.com/auth/realms/Smartling/protocol/openid-connect/auth?response_type=code&client_id=wa&redirect_uri=https%3A%2F%2Fdashboard.smartling.com%2Fsso%2Flogin.htm&state=10472%2Fd502f1cb-cf99-42c5-9811-352f5e5d3261&login=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 14:18:31 GMT
content-security-policy: script-src 'self' https://cdn.rollbar.com/ https://www.google.com/ https://www.gstatic.com/ 'unsafe-inline'; object-src 'none'; img-src 'self' https://images.ctfassets.net/ data:; font-src 'self' https://fonts.gstatic.com/;
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=2592000
permissions-policy: geolocation=(self), camera=(), microphone=()
content-length: 1319
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 42ms
19ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:300,500,700,800&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

48c0ab2386452f4b0fb4264c386cc1c441a88094701f708d600e8794c0cc1b32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sso.smartling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 22 Sep 2023 14:18:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 22 Sep 2023 14:18:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 22 Sep 2023 14:18:31 GMT

GET
H2 200 smartling_rgb_horizontal.png
sso.smartling.com/auth/resources/1.9.4.smartling-snapshot/login/smartling/img/ 9 KB
9 KB 122ms
122ms Image
image/png 54.243.236.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sso.smartling.com/auth/resources/1.9.4.smartling-snapshot/login/smartling/img/smartling_rgb_horizontal.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.243.236.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-236-134.compute-1.amazonaws.com

Software

Resource Hash

3075b3599eb2072432321cef75217b847aee5834805ae065879cba8bd67c8e78

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' https://cdn.rollbar.com/ https://www.google.com/ https://www.gstatic.com/ 'unsafe-inline'; object-src 'none'; img-src 'self' https://images.ctfassets.net/ data:; font-src 'self' https://fonts.gstatic.com/;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sso.smartling.com/auth/realms/Smartling/protocol/openid-connect/auth?response_type=code&client_id=wa&redirect_uri=https%3A%2F%2Fdashboard.smartling.com%2Fsso%2Flogin.htm&state=10472%2Fd502f1cb-cf99-42c5-9811-352f5e5d3261&login=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 14:18:31 GMT
content-security-policy: script-src 'self' https://cdn.rollbar.com/ https://www.google.com/ https://www.gstatic.com/ 'unsafe-inline'; object-src 'none'; img-src 'self' https://images.ctfassets.net/ data:; font-src 'self' https://fonts.gstatic.com/;
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
permissions-policy: geolocation=(self), camera=(), microphone=()
content-length: 8877
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK rollbar.min.js Show response
cdn.rollbar.com/rollbarjs/refs/tags/v2.15.1/ 70 KB
22 KB 47ms
9ms Script
application/javascript 13.32.99.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.15.1/rollbar.min.js
Requested by: Host: sso.smartling.com
URL: https://sso.smartling.com/auth/resources/1.9.4.smartling-snapshot/login/smartling/js/track.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.9 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-9.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 59578557a8c9bb856abd74b7342cd6227f0b7dd3e67def02033d4c6353abdd10

Request headers

Referer: https://sso.smartling.com/
Origin: https://sso.smartling.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Sun, 23 Jul 2023 02:34:55 GMT
Content-Encoding: gzip
Via: 1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P3
Age: 5312617
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 14 Apr 2020 21:49:30 GMT
Server: AmazonS3
ETag: W/"c1d7e5891bb1e2f8d09dab2716834406"
Vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=30672000,public
X-Amz-Cf-Id: OZ5zRimwatWGmNpFz4Y8FVudvuDUkXxpZdUEPT9FDE_cIlPxn53Qsg==

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a36a02253daf66e7905b65a4fd08693b8420896dde159336ec0befb28d3c045b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 186 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 85150ac8fd9e2bff40136c805913c5959a3fbcab67a7aa13037d7d5ef1b814f3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 Background-Gradient.png
sso.smartling.com/auth/resources/1.9.4.smartling-snapshot/login/smartling/img/ 229 KB
230 KB 114ms
113ms Image
image/png 54.243.236.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sso.smartling.com/auth/resources/1.9.4.smartling-snapshot/login/smartling/img/Background-Gradient.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.243.236.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-236-134.compute-1.amazonaws.com

Software

Resource Hash

b70a98e098c533039d19ad52f22b63c256fccb6514d43a592491449f3dc4d989

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' https://cdn.rollbar.com/ https://www.google.com/ https://www.gstatic.com/ 'unsafe-inline'; object-src 'none'; img-src 'self' https://images.ctfassets.net/ data:; font-src 'self' https://fonts.gstatic.com/;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sso.smartling.com/auth/realms/Smartling/protocol/openid-connect/auth?response_type=code&client_id=wa&redirect_uri=https%3A%2F%2Fdashboard.smartling.com%2Fsso%2Flogin.htm&state=10472%2Fd502f1cb-cf99-42c5-9811-352f5e5d3261&login=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 14:18:31 GMT
content-security-policy: script-src 'self' https://cdn.rollbar.com/ https://www.google.com/ https://www.gstatic.com/ 'unsafe-inline'; object-src 'none'; img-src 'self' https://images.ctfassets.net/ data:; font-src 'self' https://fonts.gstatic.com/;
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
permissions-policy: geolocation=(self), camera=(), microphone=()
x-xss-protection: 1; mode=block

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
33 KB 31ms
7ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,500,700,800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sso.smartling.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 18:19:05 GMT
x-content-type-options: nosniff
age: 71966
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Sep 2024 18:19:05 GMT

GET
H2 200 feature Show response
sso.smartling.com/sso-apps/api/marketing/ 531 B
1 KB 211ms
211ms Fetch
application/json 54.243.236.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.smartling.com/sso-apps/api/marketing/feature

Requested by

Host: sso.smartling.com
URL: https://sso.smartling.com/auth/resources/1.9.4.smartling-snapshot/login/smartling/js/marketing03.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.243.236.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-243-236-134.compute-1.amazonaws.com

Software

Resource Hash

98a4283033ecb7bb4f722f89be7f2a6d7988309459f3007600b57202e0b357d5

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' https://cdn.rollbar.com/ https://www.google.com/ https://www.gstatic.com/ 'unsafe-inline'; object-src 'none'; img-src 'self' https://images.ctfassets.net/ data:; font-src 'self' https://fonts.gstatic.com/;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sso.smartling.com/auth/realms/Smartling/protocol/openid-connect/auth?response_type=code&client_id=wa&redirect_uri=https%3A%2F%2Fdashboard.smartling.com%2Fsso%2Flogin.htm&state=10472%2Fd502f1cb-cf99-42c5-9811-352f5e5d3261&login=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Sep 2023 14:18:31 GMT
content-security-policy: script-src 'self' https://cdn.rollbar.com/ https://www.google.com/ https://www.gstatic.com/ 'unsafe-inline'; object-src 'none'; img-src 'self' https://images.ctfassets.net/ data:; font-src 'self' https://fonts.gstatic.com/;
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: geolocation=(self), camera=(), microphone=()
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 _Dashboard_login_-_1728x968__3Q230918_-_Introducing_the_GPT-Powered_Translation_Beta_2x.jpg
images.ctfassets.net/a8pkciehvm1g/5QccuQcEBcKXPuIfHaJbqc/080a80f8c99e11fcec30d59e18bc6395/ 2 MB
2 MB 52ms
10ms Image
image/jpeg 2600:9000:211e:2c00:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/a8pkciehvm1g/5QccuQcEBcKXPuIfHaJbqc/080a80f8c99e11fcec30d59e18bc6395/_Dashboard_login_-_1728x968__3Q230918_-_Introducing_the_GPT-Powered_Translation_Beta_2x.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:2c00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 523d6643cb427730d44dddbe9f9dadbb3dd271b7c423f734ae64e5915886c58b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sso.smartling.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:50:10 GMT
via: 1.1 e6959f77d21557f69683da8f0cd5578a.cloudfront.net (CloudFront)
last-modified: Tue, 19 Sep 2023 16:47:09 GMT
server: Contentful Images API
x-amz-cf-pop: FRA56-C2
age: 77303
etag: "8a7f2830ce7daf1c9ebf83740117b708"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 1727846
x-amz-cf-id: g9bkdbhXoS07T4VdJRPJsNPYwMVNtNuJ5iyvkCWaGM3TiW0i7MZpuQ==

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sso.smartling.com/auth/realms/Smartling	1969-12-31 23:59:59	Name: KC_RESTART Value: eyJhbGciOiJIUzI1NiJ9.eyJjcyI6IjdiZjNlM2QxLTczMmQtNDAxNC1iYWVhLTViOTNlMjk3NWVhYiIsImNpZCI6IndhIiwicHR5Ijoib3BlbmlkLWNvbm5lY3QiLCJydXJpIjoiaHR0cHM6Ly9kYXNoYm9hcmQuc21hcnRsaW5nLmNvbS9zc28vbG9naW4uaHRtIiwiYWN0IjoiQVVUSEVOVElDQVRFIiwibm90ZXMiOnsiYWN0aW9uX2tleSI6ImJkYTk4NThkLTE4OTEtNDU5Ni04NDg3LTdhMDYzODBmMDU1ZCIsImF1dGhfdHlwZSI6ImNvZGUiLCJpc3MiOiJodHRwczovL3Nzby5zbWFydGxpbmcuY29tL2F1dGgvcmVhbG1zL1NtYXJ0bGluZyIsInJlc3BvbnNlX3R5cGUiOiJjb2RlIiwicmVkaXJlY3RfdXJpIjoiaHR0cHM6Ly9kYXNoYm9hcmQuc21hcnRsaW5nLmNvbS9zc28vbG9naW4uaHRtIiwic3RhdGUiOiIxMDQ3Mi9kNTAyZjFjYi1jZjk5LTQyYzUtOTgxMS0zNTJmNWU1ZDMyNjEifX0.FkuOQh4rtIi_LMFn2XyPzvd9snr9tEGWkZbAUcwwfZU
sso.smartling.com/sso-apps	1969-12-31 23:59:59	Name: JSESSIONID Value: 2BEE17749508EF10AC997BF8F4FE867F-prod_d.777ab9cf1fad
sso.smartling.com/auth	1969-12-31 23:59:59	Name: JSESSIONID Value: 2BEE17749508EF10AC997BF8F4FE867F-prod_d.777ab9cf1fad
dashboard.smartling.com/sso	1969-12-31 23:59:59	Name: OAuth_Token_Request_State Value: 10472/d502f1cb-cf99-42c5-9811-352f5e5d3261
.smartling.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: 2BEE17749508EF10AC997BF8F4FE867F-prod_d
dashboard.smartling.com/	1969-12-31 23:59:59	Name: SmartlingLanguage Value: en_US
sso.smartling.com/	1970-01-20 15:06:37	Name: AWSALB Value: hEMAzzYqtX3oXZvoNU1Lh1Fea/9MifewS1IugexN8zy7pgV3L2UVthXetOX5enG9PD5QbW/rTc2KPwHz0Hr/RzfwURBejHgQ/bQzE9baG9ZlR4asP4hv0O7Tk0LR
sso.smartling.com/	1970-01-20 15:06:37	Name: AWSALBCORS Value: hEMAzzYqtX3oXZvoNU1Lh1Fea/9MifewS1IugexN8zy7pgV3L2UVthXetOX5enG9PD5QbW/rTc2KPwHz0Hr/RzfwURBejHgQ/bQzE9baG9ZlR4asP4hv0O7Tk0LR

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	script-src 'self' https://cdn.rollbar.com/ https://www.google.com/ https://www.gstatic.com/ 'unsafe-inline'; object-src 'none'; img-src 'self' https://images.ctfassets.net/ data:; font-src 'self' https://fonts.gstatic.com/; frame-src https://*.smartling.com https://www.google.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN ALLOW-FROM https://dashboard.smartling.com
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.rollbar.com
dashboard.smartling.com
es.account-vicu.ourbranch.dev
fonts.googleapis.com
fonts.gstatic.com
images.ctfassets.net
sso.smartling.com
13.32.99.9
23.21.68.21
2600:9000:211e:2c00:12:94b3:c380:93a1
2a00:1450:4001:806::200a
2a00:1450:4001:829::2003
35.174.255.90
54.243.236.134
23e358351849cbdcdc3c55bc54b1085162dc4ed24c913564dfa4a6317f557aba
3075b3599eb2072432321cef75217b847aee5834805ae065879cba8bd67c8e78
45947d13094666dafa4ca92c66f785277977fa5e3d7d98f731697aca928d9af7
48c0ab2386452f4b0fb4264c386cc1c441a88094701f708d600e8794c0cc1b32
523d6643cb427730d44dddbe9f9dadbb3dd271b7c423f734ae64e5915886c58b
53ac067f768077baa6e9aa7268013719b6c242dbc75ab4eeef2abd47a35470e7
59578557a8c9bb856abd74b7342cd6227f0b7dd3e67def02033d4c6353abdd10
85150ac8fd9e2bff40136c805913c5959a3fbcab67a7aa13037d7d5ef1b814f3
98a4283033ecb7bb4f722f89be7f2a6d7988309459f3007600b57202e0b357d5
a36a02253daf66e7905b65a4fd08693b8420896dde159336ec0befb28d3c045b
b70a98e098c533039d19ad52f22b63c256fccb6514d43a592491449f3dc4d989
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
be10d5e9b165d8dd5415fb8bbde4da0ced3f5858d3086a75195402b7ac92b957
ef1f3482ddc600659c154b2b2fa2d616626245c0edebaa7686efa01712935222

sso.smartling.com Open in urlscan Pro 54.243.236.134 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

12 Requests

100 %HTTPS

43 %IPv6

6 Domains

7 Subdomains

6 IPs

2 Countries

2158 kBTransfer

2211 kBSize

8 Cookies

1 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

8 Cookies

Security Headers

Indicators

sso.smartling.com Open in urlscan Pro
54.243.236.134 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

43 %
IPv6

6
Domains

7
Subdomains

6
IPs

2
Countries

2158 kB
Transfer

2211 kB
Size

8
Cookies

12 HTTP transactions
2 data transactions