region-iad10.auth.scs.splunk.com
Open in
urlscan Pro
50.16.220.75
Public Scan
Effective URL: https://region-iad10.auth.scs.splunk.com/login?client_id=0oa1cakdfxAUM1Eyi4x7&code_challenge=THn4hT16e6CffLuc8WZi1NeUqISYcyegjqEq6GlMJy8&...
Submission: On August 26 via manual from US
Summary
TLS certificate: Issued by R3 on August 4th 2021. Valid for: 3 months.
This is the only time region-iad10.auth.scs.splunk.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 34.194.248.184 34.194.248.184 | 14618 (AMAZON-AES) (AMAZON-AES) | |
4 | 13.224.96.59 13.224.96.59 | 16509 (AMAZON-02) (AMAZON-02) | |
1 5 | 50.16.220.75 50.16.220.75 | 14618 (AMAZON-AES) (AMAZON-AES) | |
8 | 2 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-248-184.compute-1.amazonaws.com
knlekswp.r.us-east-1.awstrack.me |
ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-59.zrh50.r.cloudfront.net
console.scs.splunk.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-220-75.compute-1.amazonaws.com
danaher.auth.scs.splunk.com | |
region-iad10.auth.scs.splunk.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
splunk.com
1 redirects
console.scs.splunk.com danaher.auth.scs.splunk.com region-iad10.auth.scs.splunk.com |
2 MB |
1 |
awstrack.me
1 redirects
knlekswp.r.us-east-1.awstrack.me |
212 B |
8 | 2 |
Domain | Requested by | |
---|---|---|
4 | region-iad10.auth.scs.splunk.com |
console.scs.splunk.com
region-iad10.auth.scs.splunk.com |
4 | console.scs.splunk.com |
console.scs.splunk.com
|
1 | danaher.auth.scs.splunk.com | 1 redirects |
1 | knlekswp.r.us-east-1.awstrack.me | 1 redirects |
8 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.splunk.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
console.scs.splunk.com Amazon |
2020-11-11 - 2021-12-10 |
a year | crt.sh |
*.auth.scs.splunk.com R3 |
2021-08-04 - 2021-11-02 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://region-iad10.auth.scs.splunk.com/login?client_id=0oa1cakdfxAUM1Eyi4x7&code_challenge=THn4hT16e6CffLuc8WZi1NeUqISYcyegjqEq6GlMJy8&code_challenge_method=S256&encode_state=true&inviteID=i6126d598fd613c001f92117d&nonce=qX78ayqYcf57aRV3rtZNKTvZeRHxv3333FprFO2RaTeL7R5EhRu8YIp9UwAGXPPS&redirect_uri=https%3A%2F%2Fconsole.scs.splunk.com®ion=region-iad10&response_type=code&scope=openid+email+profile+offline_access&state=7dfpygTnIIZCJ8chU3E5c0MUFJLYN7DG1ZdqpKQ6E72YNQgj8kQLecdn60x6xItP&tenant=danaher&requestId=636cade8-3e83-9d2a-92ff-4fa348bd471a
Frame ID: E49AAF05A5B582D1E0359BCB5CB06F8B
Requests: 8 HTTP requests in this frame
Screenshot
Page Title
Login - Splunk Cloud ServicesPage URL History Show full URLs
-
https://knlekswp.r.us-east-1.awstrack.me/L0/https:%2F%2Fconsole.scs.splunk.com%2Fsystem%2Fuser%2Faccept%3FinviteID=i6...
HTTP 302
https://console.scs.splunk.com/system/user/accept?inviteID=i6126d598fd613c001f92117d&tenantName=danaher Page URL
-
https://danaher.auth.scs.splunk.com/authorize?client_id=0oa1cakdfxAUM1Eyi4x7&code_challenge=THn4hT16e6CffLuc8WZi...
HTTP 302
https://region-iad10.auth.scs.splunk.com/login?client_id=0oa1cakdfxAUM1Eyi4x7&code_challenge=THn4hT16e6CffLuc8WZi1NeU... Page URL
Detected technologies
Amazon Web Services (PaaS) ExpandDetected patterns
- headers via /\(CloudFront\)$/i
- headers server /^AmazonS3$/i
Amazon Cloudfront (CDN) Expand
Detected patterns
- headers via /\(CloudFront\)$/i
Amazon S3 (Miscellaneous) Expand
Detected patterns
- headers server /^AmazonS3$/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: here
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://knlekswp.r.us-east-1.awstrack.me/L0/https:%2F%2Fconsole.scs.splunk.com%2Fsystem%2Fuser%2Faccept%3FinviteID=i6126d598fd613c001f92117d%26tenantName=danaher/1/0100017b7fb25ebc-145cf2ce-bcb8-457d-943b-a436c3cd2329-000000/qGItqPdeEnyUSl4l0g0_UWSsYIU=233
HTTP 302
https://console.scs.splunk.com/system/user/accept?inviteID=i6126d598fd613c001f92117d&tenantName=danaher Page URL
-
https://danaher.auth.scs.splunk.com/authorize?client_id=0oa1cakdfxAUM1Eyi4x7&code_challenge=THn4hT16e6CffLuc8WZi1NeUqISYcyegjqEq6GlMJy8&code_challenge_method=S256&redirect_uri=https%3A%2F%2Fconsole.scs.splunk.com&response_type=code&state=7dfpygTnIIZCJ8chU3E5c0MUFJLYN7DG1ZdqpKQ6E72YNQgj8kQLecdn60x6xItP&nonce=qX78ayqYcf57aRV3rtZNKTvZeRHxv3333FprFO2RaTeL7R5EhRu8YIp9UwAGXPPS&scope=openid%20email%20profile%20offline_access&encode_state=1&tenant=danaher&inviteID=i6126d598fd613c001f92117d
HTTP 302
https://region-iad10.auth.scs.splunk.com/login?client_id=0oa1cakdfxAUM1Eyi4x7&code_challenge=THn4hT16e6CffLuc8WZi1NeUqISYcyegjqEq6GlMJy8&code_challenge_method=S256&encode_state=true&inviteID=i6126d598fd613c001f92117d&nonce=qX78ayqYcf57aRV3rtZNKTvZeRHxv3333FprFO2RaTeL7R5EhRu8YIp9UwAGXPPS&redirect_uri=https%3A%2F%2Fconsole.scs.splunk.com®ion=region-iad10&response_type=code&scope=openid+email+profile+offline_access&state=7dfpygTnIIZCJ8chU3E5c0MUFJLYN7DG1ZdqpKQ6E72YNQgj8kQLecdn60x6xItP&tenant=danaher&requestId=636cade8-3e83-9d2a-92ff-4fa348bd471a Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://knlekswp.r.us-east-1.awstrack.me/L0/https:%2F%2Fconsole.scs.splunk.com%2Fsystem%2Fuser%2Faccept%3FinviteID=i6126d598fd613c001f92117d%26tenantName=danaher/1/0100017b7fb25ebc-145cf2ce-bcb8-457d-943b-a436c3cd2329-000000/qGItqPdeEnyUSl4l0g0_UWSsYIU=233 HTTP 302
- https://console.scs.splunk.com/system/user/accept?inviteID=i6126d598fd613c001f92117d&tenantName=danaher
8 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
accept
console.scs.splunk.com/system/user/ Redirect Chain
|
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
env.js
console.scs.splunk.com/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendors~main~253ae210.1.f7426d5f5b8d8c7cdad9.js
console.scs.splunk.com/ |
2 MB 375 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main~01e7b97c.js
console.scs.splunk.com/ |
383 KB 84 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
login
region-iad10.auth.scs.splunk.com/ Redirect Chain
|
773 B 940 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
region-iad10.auth.scs.splunk.com/ |
1 MB 1 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
splunkdatasans-semibold.woff2
region-iad10.auth.scs.splunk.com/fonts/ |
20 KB 21 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
splunkdatasans-regular.woff2
region-iad10.auth.scs.splunk.com/fonts/ |
21 KB 21 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
23 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| _ number| 2f1acc6c3a606b082e5eef5e54414ffb0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=63072000; includeSubdomains; preload |
X-Content-Type-Options | nosniff |
X-Frame-Options | DENY |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
console.scs.splunk.com
danaher.auth.scs.splunk.com
knlekswp.r.us-east-1.awstrack.me
region-iad10.auth.scs.splunk.com
13.224.96.59
34.194.248.184
50.16.220.75
0efbf7c32725b0e76edb4bff2e8e71272222dfb04c7871d8ab73a9cf00637a24
414d7bc2b5920eff83635ad3be744a9a8d55e43146bd98480b6b58b6819894a8
48e925d2fef013c25c893b84820ecd53e4d13a4c98083fb406b233ff416d301d
552ac5ab2a6ccfedf6d3587615aa921c181f4bcbf0f4bfc8c6594d73e98fc1a9
56873e94ad9e3ce46df5f45878aaaa57d99fdf48c8b812ed85c9a1c404ef9902
b4a7106ce22b27e2b38ea772c8fe31be7201b93c7c013d52b88a3c8ff1f2b9d9
c6bd2e02bab7d7820ab42434345d82b0213128e3bbc705216478514423921f97
e5f33daf1462ff1b85a4022e2369e3e2f7d02e8aaa5edec387986c0e47ddf83e