login.ucsc.edu - urlscan.io

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 4 HTTP transactions. The main IP is 52.43.177.201, located in Boardman, United States and belongs to . The main domain is login.ucsc.edu. The Cisco Umbrella rank of the primary domain is 807917.
TLS certificate: Issued by InCommon RSA Server CA on September 20th 2023. Valid for: a year.

This is the only time login.ucsc.edu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4 4	35.168.153.230 35.168.153.230	14618 (AMAZON-AES) (AMAZON-AES)
1 4	52.43.177.201 52.43.177.201	() ()
1	3.5.82.178 3.5.82.178	16509 (AMAZON-02) (AMAZON-02)
4	3

4 35.168.153.230 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-168-153-230.compute-1.amazonaws.com

canvas.ucsc.edu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.43.177.201 (Boardman, United States) 1 redirects

ASN- ()
PTR: ec2-52-43-177-201.us-west-2.compute.amazonaws.com

login.ucsc.edu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.5.82.178 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-r-w.amazonaws.com

ucsc-public-web.s3-us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	ucsc.edu 5 redirects canvas.ucsc.edu login.ucsc.edu — Cisco Umbrella Rank: 807917	79 KB
1	amazonaws.com ucsc-public-web.s3-us-west-2.amazonaws.com	1 MB
4	2

	Domain	Requested by
4	login.ucsc.edu	1 redirects login.ucsc.edu
4	canvas.ucsc.edu	4 redirects
1	ucsc-public-web.s3-us-west-2.amazonaws.com	login.ucsc.edu
4	3

This site contains links to these domains. Also see Links.

Domain
cruzid.ucsc.edu
its.ucsc.edu

Subject Issuer	Validity	Valid
login.prd.idm.aws.ucsc.edu InCommon RSA Server CA	`2023-09-20` - `2024-09-19`	a year	crt.sh
*.s3-us-west-2.amazonaws.com Amazon RSA 2048 M01	`2024-01-23` - `2024-12-31`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://login.ucsc.edu/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Frame ID: CEB49168AC479658E650F7FDD2A049D1
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

CruzID Gold Login

Page URL History Show full URLs

http://canvas.ucsc.edu/ HTTP 301
https://canvas.ucsc.edu/ HTTP 302
https://canvas.ucsc.edu/login HTTP 302
https://canvas.ucsc.edu/login/saml HTTP 302
https://login.ucsc.edu/idp/profile/SAML2/Redirect/SSO?SAMLRequest=fZJBTwIxEIXv%2FopN77vtLguSBkgQYiR... HTTP 302
https://login.ucsc.edu/idp/profile/SAML2/Redirect/SSO?execution=e1s1 Page URL

Page Statistics

4
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

1
Countries

1272 kB
Transfer

1292 kB
Size

7
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://cruzid.ucsc.edu/idmuser_self_service
Title: Forgot Password

Search URL Search Domain Scan URL

URL: https://its.ucsc.edu/get-help/index.html
Title: Get Help

Search URL Search Domain Scan URL

URL: https://its.ucsc.edu/terms/conditions.html
Title: Terms & Conditions

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://canvas.ucsc.edu/ HTTP 301
https://canvas.ucsc.edu/ HTTP 302
https://canvas.ucsc.edu/login HTTP 302
https://canvas.ucsc.edu/login/saml HTTP 302
https://login.ucsc.edu/idp/profile/SAML2/Redirect/SSO?SAMLRequest=fZJBTwIxEIXv%2FopN77vtLguSBkgQYiRBISx68GJKd4Amu%2B3aaVH%2FvWXRgAc5djpvvnmvHaCoq4aPvdvrFbx7QBd91pVG3l4MibeaG4EKuRY1IHeSF%2BPHOc8SxhtrnJGmIheS6wqBCNYpo0k0mw7JG2Mgup18G7NyI%2BO83%2B3GoheOaT8Vmx7L%2B71bQaIXsBg0QxJGBCGih5lGJ7QLJZblMcvijK1Zh%2Bcp73RfSTQNPpQWrlXtnWuQU1qZndKJlygTKD1VZUODg62qgB4XzOgKSmVBOloUCxKNf3edGI2%2BBluAPSgJz6v5eaYU%2BiDwPLRl0GMQJFr%2BxHOndKn07noym1MT8of1ehkvF8WajAbHObz1a0dHYgC2JBXcWy%2Bdt5BIU7e8bEAv2wenh30KoNl0aSolv6J7Y2vh%2Ft8jTdK2osp427Zyr7EBqbYKyhBIVZmPiQXhYEgCHwgdnaB%2FP9Do5hs%3D HTTP 302
https://login.ucsc.edu/idp/profile/SAML2/Redirect/SSO?execution=e1s1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request SSO Show response
login.ucsc.edu/idp/profile/SAML2/Redirect/
Redirect Chain

http://canvas.ucsc.edu/
https://canvas.ucsc.edu/
https://canvas.ucsc.edu/login
https://canvas.ucsc.edu/login/saml
https://login.ucsc.edu/idp/profile/SAML2/Redirect/SSO?SAMLRequest=fZJBTwIxEIXv%2FopN77vtLguSBkgQYiRBISx68GJKd4Amu%2B3aaVH%2FvWXRgAc5djpvvnmvHaCoq4aPvdvrFbx7QBd91pVG3l4MibeaG4EKuRY1IHeSF%2BPHOc8Sxht...
https://login.ucsc.edu/idp/profile/SAML2/Redirect/SSO?execution=e1s1

2 KB
3 KB

224ms
223ms

Document
text/html

52.43.177.201

General

Check archive.org

Show headers Download Go to

Full URL

https://login.ucsc.edu/idp/profile/SAML2/Redirect/SSO?execution=e1s1

Protocol

H2

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.43.177.201 Boardman, United States, ASN (),

Reverse DNS

ec2-52-43-177-201.us-west-2.compute.amazonaws.com

Software

Jetty(9.4.45.v20220203) /

Resource Hash

f6c62c088f963170d4d9e3f10beddbc779efd68ac5afe5973d8d468988c29a2e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
Strict-Transport-Security	max-age=0
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
content-length: 2475
content-security-policy: frame-ancestors 'none';
content-type: text/html;charset=utf-8
date: Tue, 20 Feb 2024 03:41:36 GMT
server: Jetty(9.4.45.v20220203)
strict-transport-security: max-age=0
x-frame-options: DENY

Redirect headers

cache-control: no-store
content-length: 0
content-security-policy: frame-ancestors 'none';
date: Tue, 20 Feb 2024 03:41:36 GMT
expires
location: https://login.ucsc.edu/idp/profile/SAML2/Redirect/SSO?execution=e1s1
server: Jetty(9.4.45.v20220203)
strict-transport-security: max-age=0
x-frame-options: DENY

GET
H2 200 login.css
login.ucsc.edu/idp/css/ 61 KB
61 KB 437ms
437ms Stylesheet
text/css 52.43.177.201

General

Check archive.org

Show headers Download Go to

Full URL: https://login.ucsc.edu/idp/css/login.css?v=1.1
Requested by: Host: login.ucsc.edu
URL: https://login.ucsc.edu/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.43.177.201 Boardman, United States, ASN (),
Reverse DNS: ec2-52-43-177-201.us-west-2.compute.amazonaws.com
Software: Jetty(9.4.45.v20220203) /
Resource Hash: f6adfd5f0aef140c9f3e6cdfa59e21efacbe3823089efc89e2148ba57637ba96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.ucsc.edu/idp/profile/SAML2/Redirect/SSO?execution=e1s1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 03:41:37 GMT
last-modified: Fri, 05 May 2023 00:36:04 GMT
server: Jetty(9.4.45.v20220203)
accept-ranges: bytes
content-length: 62324
content-type: text/css;charset=utf-8

GET
H2 200 login-logo.png
login.ucsc.edu/images/ 10 KB
10 KB 655ms
654ms Image
image/png 52.43.177.201

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://login.ucsc.edu/images/login-logo.png
Requested by: Host: login.ucsc.edu
URL: https://login.ucsc.edu/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.43.177.201 Boardman, United States, ASN (),
Reverse DNS: ec2-52-43-177-201.us-west-2.compute.amazonaws.com
Software: Jetty(9.4.45.v20220203) /
Resource Hash: 8432ece395eba5119747ff6ace8b955d14c8cca333aa4ea665723aad18a8fce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.ucsc.edu/idp/profile/SAML2/Redirect/SSO?execution=e1s1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 03:41:37 GMT
cache-control: no-store,no-cache,must-revalidate
last-modified: Thu, 30 Mar 2023 02:36:54 GMT
server: Jetty(9.4.45.v20220203)
accept-ranges: bytes
content-length: 9749
content-type: image/png

GET
H/1.1 200
OK morning-fog-cowell.jpeg
ucsc-public-web.s3-us-west-2.amazonaws.com/idm/shib/images/ 1 MB
1 MB 874ms
322ms Image
image/jpeg 3.5.82.178
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ucsc-public-web.s3-us-west-2.amazonaws.com/idm/shib/images/morning-fog-cowell.jpeg
Requested by: Host: login.ucsc.edu
URL: https://login.ucsc.edu/idp/css/login.css?v=1.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.82.178 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 625b318e6620180f9d3b9df47ea37819a7918e08c785cd2d4a2187a48096c5fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.ucsc.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Tue, 20 Feb 2024 03:41:39 GMT
x-amz-version-id: null
Last-Modified: Tue, 16 Jul 2019 16:41:28 GMT
Server: AmazonS3
x-amz-request-id: 946QK6P3JGBEGGFS
ETag: "3c0eee2353c0709a570b756a9509380a"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 1225883
x-amz-id-2: OVhPyZU1uje72/x5k30YgQ7akXMUl1dqj7jjls8ERjpHWtx3D4v/xhWval+PoTz+Fta7R4Qr5g20YS65Qo2kWw==

GET
DATA 200
OK truncated
/ 22 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cdb352ad99e51d5da96edfa73d28cb1c70df483e78cec70d377b81de171cf96d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
login.ucsc.edu/idp	1969-12-31 23:59:59	Name: JSESSIONID Value: node07qoxswogmbbl1m9i2nbtt0lir659823.node0
canvas.ucsc.edu/	1969-12-31 23:59:59	Name: log_session_id Value: d0773874a6eed339949f714159299fdc
canvas.ucsc.edu/	1969-12-31 23:59:59	Name: _legacy_normandy_session Value: TTu4pK75n_G6TlUL1j4b0A.QAquwYSaLMe5hpigMqY67mwf2t-JPfKGfLduWlZ5y_JHtJxxZ9w9KEfj0lgNWb49fmId8xEOkM3Y8GJgdJKKBjyF3f22kXn8MSSCfTEZvW7BdfOrDITsgKoJy4wHehAdVuJ_xuHNnlv0oVvPL5h8OA.hqy5twyXoZm1LzDak2EocarNOUM.ZdQfbg
canvas.ucsc.edu/	1969-12-31 23:59:59	Name: canvas_session Value: TTu4pK75n_G6TlUL1j4b0A.QAquwYSaLMe5hpigMqY67mwf2t-JPfKGfLduWlZ5y_JHtJxxZ9w9KEfj0lgNWb49fmId8xEOkM3Y8GJgdJKKBjyF3f22kXn8MSSCfTEZvW7BdfOrDITsgKoJy4wHehAdVuJ_xuHNnlv0oVvPL5h8OA.hqy5twyXoZm1LzDak2EocarNOUM.ZdQfbg
canvas.ucsc.edu/	1969-12-31 23:59:59	Name: _csrf_token Value: oDr7KtUQDT7oZZ5HvmYmOVRdHiN90OL%2Fx3A0EOMd8LTYfJhe4nhfDJg1pi7QNhUAEThxVEmBgby2AlhZ0yzE8Q%3D%3D
login.ucsc.edu/	1970-01-20 18:43:25	Name: AWSALB Value: W0589/BRZMtprOvdqzNfg/KFWW/2sefF//Pg5TlP4tKbeq7zoPDl0N/Uq0ck1RgHV8gLdhwXmAh29GvCLnAwrVuHPgAQVHeeeP0gJHGCFaI73eJuef7pWpuWbx79
login.ucsc.edu/	1970-01-20 18:43:25	Name: AWSALBCORS Value: W0589/BRZMtprOvdqzNfg/KFWW/2sefF//Pg5TlP4tKbeq7zoPDl0N/Uq0ck1RgHV8gLdhwXmAh29GvCLnAwrVuHPgAQVHeeeP0gJHGCFaI73eJuef7pWpuWbx79

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'none';
Strict-Transport-Security	max-age=0
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

canvas.ucsc.edu
login.ucsc.edu
ucsc-public-web.s3-us-west-2.amazonaws.com
3.5.82.178
35.168.153.230
52.43.177.201
625b318e6620180f9d3b9df47ea37819a7918e08c785cd2d4a2187a48096c5fc
8432ece395eba5119747ff6ace8b955d14c8cca333aa4ea665723aad18a8fce0
cdb352ad99e51d5da96edfa73d28cb1c70df483e78cec70d377b81de171cf96d
f6adfd5f0aef140c9f3e6cdfa59e21efacbe3823089efc89e2148ba57637ba96
f6c62c088f963170d4d9e3f10beddbc779efd68ac5afe5973d8d468988c29a2e

login.ucsc.edu Open in urlscan Pro 52.43.177.201 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

4 Requests

100 %HTTPS

0 %IPv6

2 Domains

3 Subdomains

3 IPs

1 Countries

1272 kBTransfer

1292 kBSize

7 Cookies

3 Outgoing links

Page URL History

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

7 Cookies

Security Headers

Indicators

login.ucsc.edu Open in urlscan Pro
52.43.177.201 Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

1
Countries

1272 kB
Transfer

1292 kB
Size

7
Cookies

4 HTTP transactions
1 data transactions