cloud.sophos.com - urlscan.io

Summary

This website contacted 3 IPs in 3 countries across 2 domains to perform 6 HTTP transactions. The main IP is 52.16.109.117, located in Dublin, Ireland and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is cloud.sophos.com.
TLS certificate: Issued by GlobalSign Extended Validation CA - S... on January 24th 2017. Valid for: 2 years.

This is the only time cloud.sophos.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	52.16.109.117 52.16.109.117	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
4	117.121.250.34 117.121.250.34	22822 (LLNW) (LLNW - Limelight Networks)
1	216.58.214.110 216.58.214.110	15169 (GOOGLE) (GOOGLE - Google LLC)
6	3

2 52.16.109.117 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-16-109-117.eu-west-1.compute.amazonaws.com

cloud.sophos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 117.121.250.34 (Australia)

ASN22822 (LLNW - Limelight Networks, Inc., US)
PTR: https-117-121-250-34.sin.llnw.net

cloud-assets.sophos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.214.110 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s05-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	sophos.com 1 redirects cloud.sophos.com cloud-assets.sophos.com	176 KB
1	google-analytics.com www.google-analytics.com	14 KB
6	2

	Domain	Requested by
4	cloud-assets.sophos.com	cloud.sophos.com
2	cloud.sophos.com	1 redirects
1	www.google-analytics.com	cloud.sophos.com
6	3

This site contains no links.

Subject Issuer	Validity	Valid
www.cloud.sophos.com GlobalSign Extended Validation CA - SHA256 - G3	`2017-01-24` - `2019-03-25`	2 years	crt.sh
downloads.sophos.com GlobalSign Organization Validation CA - SHA256 - G2	`2017-03-28` - `2019-05-14`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://cloud.sophos.com/idp/authenticate?backtrack=/manage/self-service
Frame ID: 467472FE4E1072C5F199B5D51AAF14F1
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://cloud.sophos.com/manage/self-service HTTP 302
https://cloud.sophos.com/idp/authenticate?backtrack=/manage/self-service Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

Page Statistics

6
Requests

83 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

3
Countries

189 kB
Transfer

697 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://cloud.sophos.com/manage/self-service HTTP 302
https://cloud.sophos.com/idp/authenticate?backtrack=/manage/self-service Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set authenticate Show response
cloud.sophos.com/idp/
Redirect Chain

https://cloud.sophos.com/manage/self-service
https://cloud.sophos.com/idp/authenticate?backtrack=/manage/self-service

6 KB
7 KB

55ms
55ms

Document
text/html

52.16.109.117
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud.sophos.com/idp/authenticate?backtrack=/manage/self-service

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.16.109.117 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-16-109-117.eu-west-1.compute.amazonaws.com

Software

- /

Resource Hash

8538343bb7dbc2697b8c619b2c9026beeed77c9613fcfb86e9bf6aa6cae16d87

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Public-Key-Pins	pin-sha256="JBnHTGEpBFfw06YuLmYFcSB/DDbQrtL/UVqoqUmc2o0="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: cloud.sophos.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Cache-Control: no-cache
Cookie: JSESSIONID=AA60D734E2637B36B5E9FC3DAADCC162; AWSELB=A7F5AB1F106D24C4EE9B76712CA6992226FD9005BD366757F8626C48E39E43BE964493E0A9017BC4BECDA8D0D888666436E23DE70618D8F08981A533175FFA31411ADC1A852FB0B04E2C33F87F6B2A9FFDD9C86F32
Connection: keep-alive
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'none'
X-Content-Type-Options: nosniff
Server: -
Cache-Control: no-store,no-cache,must-revalidate,max-age=0;
Date: Tue, 24 Apr 2018 14:11:36 GMT
X-Frame-Options: DENY
Content-Language: en-US
Set-Cookie: JSESSIONID=5F2BEBB2CBEA243151631967AE8C05C4; Path=/; HttpOnly AWSELB=A7F5AB1F106D24C4EE9B76712CA6992226FD9005BD72E2547327643573D058586FEAAAFEFB5E685F8FA97E2FE7AF18A566E1782B714E4B6FF4612F029D49390090CB080EFFEE195A9E7CC54E18D5E6D18C4AB8DDF7;PATH=/;HTTPONLY
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Content-Type: text/html;charset=UTF-8
Content-Length: 6461
X-XSS-Protection: 1
Public-Key-Pins: pin-sha256="JBnHTGEpBFfw06YuLmYFcSB/DDbQrtL/UVqoqUmc2o0="; max-age=5184000; includeSubDomains

Redirect headers

Location: /idp/authenticate?backtrack=/manage/self-service
Set-Cookie: JSESSIONID=AA60D734E2637B36B5E9FC3DAADCC162; Path=/; HttpOnly AWSELB=A7F5AB1F106D24C4EE9B76712CA6992226FD9005BD366757F8626C48E39E43BE964493E0A9017BC4BECDA8D0D888666436E23DE70618D8F08981A533175FFA31411ADC1A852FB0B04E2C33F87F6B2A9FFDD9C86F32;PATH=/;HTTPONLY
Date: Tue, 24 Apr 2018 14:11:36 GMT
Server: -
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK sophos.css
cloud-assets.sophos.com/assets/540ab992a5b620bae8ca7b4a54e206f8fcbbbfe2/ssp/ 601 KB
111 KB 245ms
244ms Stylesheet
text/css 117.121.250.34
Limelight Networks

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud-assets.sophos.com/assets/540ab992a5b620bae8ca7b4a54e206f8fcbbbfe2/ssp/sophos.css
Requested by: Host: cloud.sophos.com
URL: https://cloud.sophos.com/idp/authenticate?backtrack=/manage/self-service
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 117.121.250.34 , Australia, ASN22822 (LLNW - Limelight Networks, Inc., US),
Reverse DNS: https-117-121-250-34.sin.llnw.net
Software: Apache /
Resource Hash: fe492a650776b2a50290a86cc4f69b7dd30b0004d565a4d7b01230f5713ea435

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: cloud-assets.sophos.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://cloud.sophos.com/idp/authenticate?backtrack=/manage/self-service
Connection: keep-alive
Cache-Control: no-cache
Referer: https://cloud.sophos.com/idp/authenticate?backtrack=/manage/self-service
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date: Tue, 24 Apr 2018 14:11:37 GMT
Content-Encoding: gzip
Last-Modified: Fri, 20 Apr 2018 15:22:37 GMT
Server: Apache
Age: 206878
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, s-maxage=2592000, max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 113372

GET
S 200 analytics.js Show response
www.google-analytics.com/ 34 KB
14 KB 6ms
5ms Script
text/javascript 216.58.214.110
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cloud.sophos.com
URL: https://cloud.sophos.com/idp/authenticate?backtrack=/manage/self-service

Protocol

SPDY

Server

216.58.214.110 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s05-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

2218bbf47b340278b7b696dbe3af4eed89edffa709c19abd6747b18147c3a675

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cloud.sophos.com/idp/authenticate?backtrack=/manage/self-service
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 12 Apr 2018 18:13:11 GMT
server: Golfe2
age: 5369
date: Tue, 24 Apr 2018 12:42:08 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 14353
expires: Tue, 24 Apr 2018 14:42:08 GMT

GET
H/1.1 200
OK sophos-central-white.cdc4a6d3.png
cloud-assets.sophos.com/assets/540ab992a5b620bae8ca7b4a54e206f8fcbbbfe2/images/ 3 KB
3 KB 245ms
244ms Image
image/png 117.121.250.34
Limelight Networks

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloud-assets.sophos.com/assets/540ab992a5b620bae8ca7b4a54e206f8fcbbbfe2/images/sophos-central-white.cdc4a6d3.png
Requested by: Host: cloud.sophos.com
URL: https://cloud.sophos.com/idp/authenticate?backtrack=/manage/self-service
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 117.121.250.34 , Australia, ASN22822 (LLNW - Limelight Networks, Inc., US),
Reverse DNS: https-117-121-250-34.sin.llnw.net
Software: Apache /
Resource Hash: 8eda5d1331671e5df2736e4140eaf55e3acc7f9ba5c62d36b94bb16665b7be23

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: cloud-assets.sophos.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://cloud-assets.sophos.com/assets/540ab992a5b620bae8ca7b4a54e206f8fcbbbfe2/ssp/sophos.css
Connection: keep-alive
Cache-Control: no-cache
Referer: https://cloud-assets.sophos.com/assets/540ab992a5b620bae8ca7b4a54e206f8fcbbbfe2/ssp/sophos.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date: Tue, 24 Apr 2018 14:11:37 GMT
Last-Modified: Fri, 20 Apr 2018 14:54:36 GMT
Server: Apache
Age: 249245
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, s-maxage=2592000, max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3179

GET
H/1.1 200
OK flama-light-webfont.c7b47be7.woff
cloud-assets.sophos.com/assets/540ab992a5b620bae8ca7b4a54e206f8fcbbbfe2/fonts/ 26 KB
26 KB 170ms
169ms Font
application/octet-stream 117.121.250.34
Limelight Networks

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud-assets.sophos.com/assets/540ab992a5b620bae8ca7b4a54e206f8fcbbbfe2/fonts/flama-light-webfont.c7b47be7.woff
Requested by: Host: cloud.sophos.com
URL: https://cloud.sophos.com/idp/authenticate?backtrack=/manage/self-service
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 117.121.250.34 , Australia, ASN22822 (LLNW - Limelight Networks, Inc., US),
Reverse DNS: https-117-121-250-34.sin.llnw.net
Software: Apache /
Resource Hash: f02048fc30cf09f21fabfee36fb76feb7c239a3b6b0a011e6c5ab4c91422fd0b

Request headers

Pragma: no-cache
Origin: https://cloud.sophos.com
Accept-Encoding: gzip, deflate
Host: cloud-assets.sophos.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept: */*
Referer: https://cloud-assets.sophos.com/assets/540ab992a5b620bae8ca7b4a54e206f8fcbbbfe2/ssp/sophos.css
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Referer: https://cloud-assets.sophos.com/assets/540ab992a5b620bae8ca7b4a54e206f8fcbbbfe2/ssp/sophos.css
Origin: https://cloud.sophos.com

Response headers

Date: Tue, 24 Apr 2018 14:11:37 GMT
Last-Modified: Fri, 20 Apr 2018 14:54:36 GMT
Server: Apache
Age: 327401
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: public, s-maxage=2592000, max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 26244
Expires: Sun, 20 May 2018 19:14:56 GMT

GET
H/1.1 200
OK flama-basic-webfont.ff487258.woff
cloud-assets.sophos.com/assets/540ab992a5b620bae8ca7b4a54e206f8fcbbbfe2/fonts/ 27 KB
28 KB 169ms
169ms Font
application/octet-stream 117.121.250.34
Limelight Networks

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud-assets.sophos.com/assets/540ab992a5b620bae8ca7b4a54e206f8fcbbbfe2/fonts/flama-basic-webfont.ff487258.woff
Requested by: Host: cloud.sophos.com
URL: https://cloud.sophos.com/idp/authenticate?backtrack=/manage/self-service
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 117.121.250.34 , Australia, ASN22822 (LLNW - Limelight Networks, Inc., US),
Reverse DNS: https-117-121-250-34.sin.llnw.net
Software: Apache /
Resource Hash: d3203f4d50dca180c40bf900ee8ffd048ce869d511c2d1f44b909615f5ade8b1

Request headers

Pragma: no-cache
Origin: https://cloud.sophos.com
Accept-Encoding: gzip, deflate
Host: cloud-assets.sophos.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept: */*
Referer: https://cloud-assets.sophos.com/assets/540ab992a5b620bae8ca7b4a54e206f8fcbbbfe2/ssp/sophos.css
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Referer: https://cloud-assets.sophos.com/assets/540ab992a5b620bae8ca7b4a54e206f8fcbbbfe2/ssp/sophos.css
Origin: https://cloud.sophos.com

Response headers

Date: Tue, 24 Apr 2018 14:11:37 GMT
Last-Modified: Fri, 20 Apr 2018 14:54:36 GMT
Server: Apache
Age: 327402
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: public, s-maxage=2592000, max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 28024
Expires: Sun, 20 May 2018 19:14:55 GMT

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.sophos.com/	1970-01-18 15:31:05	Name: _gid Value: GA1.2.670129921.1524579098
.sophos.com/	1970-01-19 09:00:51	Name: _ga Value: GA1.2.92602009.1524579098
cloud.sophos.com/	1969-12-31 23:59:59	Name: AWSELB Value: A7F5AB1F106D24C4EE9B76712CA6992226FD9005BD72E2547327643573D058586FEAAAFEFB5E685F8FA97E2FE7AF18A566E1782B714E4B6FF4612F029D49390090CB080EFFEE195A9E7CC54E18D5E6D18C4AB8DDF7
cloud.sophos.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: 5F2BEBB2CBEA243151631967AE8C05C4

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'none'
Public-Key-Pins	pin-sha256="JBnHTGEpBFfw06YuLmYFcSB/DDbQrtL/UVqoqUmc2o0="; max-age=5184000; includeSubDomains
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cloud-assets.sophos.com
cloud.sophos.com
www.google-analytics.com
117.121.250.34
216.58.214.110
52.16.109.117
2218bbf47b340278b7b696dbe3af4eed89edffa709c19abd6747b18147c3a675
8538343bb7dbc2697b8c619b2c9026beeed77c9613fcfb86e9bf6aa6cae16d87
8eda5d1331671e5df2736e4140eaf55e3acc7f9ba5c62d36b94bb16665b7be23
d3203f4d50dca180c40bf900ee8ffd048ce869d511c2d1f44b909615f5ade8b1
f02048fc30cf09f21fabfee36fb76feb7c239a3b6b0a011e6c5ab4c91422fd0b
fe492a650776b2a50290a86cc4f69b7dd30b0004d565a4d7b01230f5713ea435

cloud.sophos.com Open in urlscan Pro 52.16.109.117 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

6 Requests

83 %HTTPS

0 %IPv6

2 Domains

3 Subdomains

3 IPs

3 Countries

189 kBTransfer

697 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

4 Cookies

Security Headers

Indicators

cloud.sophos.com Open in urlscan Pro
52.16.109.117 Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

83 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

3
Countries

189 kB
Transfer

697 kB
Size

4
Cookies

6 HTTP transactions
0 data transactions