weblogin.med.umich.edu
Open in
urlscan Pro
141.214.9.172
Public Scan
Effective URL: https://weblogin.med.umich.edu/nidp/saml2/sso
Submission: On June 28 via api from US — Scanned from ES
Summary
TLS certificate: Issued by InCommon RSA Server CA 2 on January 5th 2024. Valid for: a year.
This is the only time weblogin.med.umich.edu was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 6 | 23.23.46.132 23.23.46.132 | 14618 (AMAZON-AES) (AMAZON-AES) | |
10 | 141.214.9.172 141.214.9.172 | 36375 (UMICH-AS-5) (UMICH-AS-5) | |
1 | 2a04:4e42:200... 2a04:4e42:200::485 | 54113 (FASTLY) (FASTLY) | |
15 | 4 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-46-132.compute-1.amazonaws.com
splunk-es.med.umich.edu |
ASN36375 (UMICH-AS-5, US)
PTR: weblogin.med.umich.edu
weblogin.med.umich.edu |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
umich.edu
3 redirects
splunk-es.med.umich.edu weblogin.med.umich.edu — Cisco Umbrella Rank: 605219 |
192 KB |
1 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 381 |
26 KB |
15 | 2 |
Domain | Requested by | |
---|---|---|
10 | weblogin.med.umich.edu |
weblogin.med.umich.edu
|
6 | splunk-es.med.umich.edu |
3 redirects
splunk-es.med.umich.edu
|
1 | cdn.jsdelivr.net |
weblogin.med.umich.edu
|
15 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
lvl2.med.umich.edu |
spg.umich.edu |
safecomputing.umich.edu |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.michmed.splunkcloud.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-09-21 - 2024-09-21 |
a year | crt.sh |
weblogin.med.umich.edu InCommon RSA Server CA 2 |
2024-01-05 - 2025-01-04 |
a year | crt.sh |
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3 |
2023-09-27 - 2024-10-28 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://weblogin.med.umich.edu/nidp/saml2/sso
Frame ID: 78AA53C8C4951FBE1EB3321F0F538635
Requests: 15 HTTP requests in this frame
Screenshot
Page Title
Access ManagerPage URL History Show full URLs
-
https://splunk-es.med.umich.edu/
HTTP 303
https://splunk-es.med.umich.edu/en-US/ HTTP 303
https://splunk-es.med.umich.edu/en-US/account/login?return_to=%2Fen-US%2F Page URL
- https://weblogin.med.umich.edu/nidp/saml2/sso Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jsDelivr (CDN) Expand
Detected patterns
- <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
- //cdn\.jsdelivr\.net/
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
Title: Need Help?
Search URL Search Domain Scan URL
Title: SPG 601.07
Search URL Search Domain Scan URL
Title: Permitted
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://splunk-es.med.umich.edu/
HTTP 303
https://splunk-es.med.umich.edu/en-US/ HTTP 303
https://splunk-es.med.umich.edu/en-US/account/login?return_to=%2Fen-US%2F Page URL
- https://weblogin.med.umich.edu/nidp/saml2/sso Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://splunk-es.med.umich.edu/ HTTP 303
- https://splunk-es.med.umich.edu/en-US/ HTTP 303
- https://splunk-es.med.umich.edu/en-US/account/login?return_to=%2Fen-US%2F
- https://splunk-es.med.umich.edu/favicon.ico HTTP 303
- https://splunk-es.med.umich.edu/en-US/favicon.ico
15 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
login
splunk-es.med.umich.edu/en-US/account/ Redirect Chain
|
6 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
progress-bar-animation.gif
splunk-es.med.umich.edu/en-US/static/@9/img/splunk/ |
7 KB 7 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
Primary Request
sso
weblogin.med.umich.edu/nidp/saml2/ |
17 KB 18 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
splunk-es.med.umich.edu/en-US/ Redirect Chain
|
21 KB 21 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js
weblogin.med.umich.edu/nidp/javascript/ |
87 KB 88 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
smart-app-banner.css
weblogin.med.umich.edu/nidp/javascript/ |
6 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
smart-app-banner.js
weblogin.med.umich.edu/nidp/javascript/ |
17 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ux_access.css
weblogin.med.umich.edu/nidp/css/ |
9 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
[NAM30IND41BDQydj5tXAceWQMDcykoQ3Aha2huFWtzMGppHmsFUwAzUVgd.png
weblogin.med.umich.edu/nidp/images/pool/[NAM30IND41BDQydj5tXAceWQMDcykoQ3Aha2huFWtzMGppHmsFUwAzUVgd/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
[NAM30IND41LjR3biJyFAk~3D.jpg
weblogin.med.umich.edu/nidp/images/pool/[NAM30IND41KSlwe3R~2FU0w~3D/ |
11 KB 11 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
content.jsp
weblogin.med.umich.edu/nidp/jsp/ |
279 B 821 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
weblogin.med.umich.edu/ |
120 B 408 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sso
weblogin.med.umich.edu/nidp/saml2/ |
6 KB 6 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
idm_ux_access.css
weblogin.med.umich.edu/nidp/images/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/ |
158 KB 26 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- weblogin.med.umich.edu
- URL
- https://weblogin.med.umich.edu/nidp/images/idm_ux_access.css
Verdicts & Comments Add Verdict or Comment
26 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
undefined| event object| fence object| sharedStorage function| $ function| jQuery function| SmartBanner function| run undefined| banner function| updateQueryString function| getToContent function| postToContent function| goToHelp function| setHelpUrl function| setFederationsHelp function| setLogTicketHelp function| isNumberKey function| isEnterKey function| isSpaceKey function| isKey function| setGlobalMessage function| closeAmFooter function| submitForm function| optionClick function| onLoadFocus function| getCookie function| clickImage3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
weblogin.med.umich.edu/nidp | Name: JSESSIONID Value: 9886415BD22FAD52B89B25159F253D17 |
|
weblogin.med.umich.edu/nidp | Name: UrnNovellNidpClusterMemberId Value: ~03~02fdf~1B~16~11utw |
|
splunk-es.med.umich.edu/ | Name: session_id_8443 Value: 1ad09edfac5da7c896fe36c82044cc81c3eec939 |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.jsdelivr.net
splunk-es.med.umich.edu
weblogin.med.umich.edu
weblogin.med.umich.edu
141.214.9.172
23.23.46.132
2a04:4e42:200::485
1c2c60fd62cf87e2e9accb60c272a71595c19628c8d58e59bdd8fa3b92403a51
2e59299eb53c5660403414b582e028cf4bdc390e032e13ba77ba298f5b4cb6b1
36fe791c39651515f68dcf1e21c6278c7e2fee2d296858bc910f6adffd3cb492
421a48026eb519f50163e69113760bee7b507a253d0c80bb7f78c630ec77e972
4c77c74613758a7605089c24ca00ee64fc3d2aaa0d9e9017fe4effb458e797a8
4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601
5583adc0bc966885e846a19995e89fe5c81b23193299347b20d2e8d5cd5fc296
5f5b83dcdacae574215b3f142339212c0b5f5449dea7f18e72fa45fb5382e3d2
62453b00c98edb023972a0d346e39050defc81197027da6324cd96d936b664e1
67037b80c615b13fefdbd77e334aa36111cfa60d80fb4e387358fd589b686eec
80f04717f32ea0320c5e8618fbacedd1fee3a8775ad8292140a6113551d4b5b0
a0173a8acc04d73584a6fcf5da8591821b83bb0b91665e9d0110b8f1d4a835a7