www.pin1.harvard.edu
Open in
urlscan Pro
3.225.100.130
Public Scan
Effective URL: https://www.pin1.harvard.edu/cas/login?service=https%3A%2F%2Fkey-idp.iam.harvard.edu%2Fidp%2FAuthn%2FExternal%3Fconversation%...
Submission: On October 31 via api from US — Scanned from DE
Summary
TLS certificate: Issued by InCommon RSA Server CA 2 on September 7th 2023. Valid for: a year.
This is the only time www.pin1.harvard.edu was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 4 | 20.22.122.58 20.22.122.58 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
3 3 | 54.82.195.166 54.82.195.166 | 14618 (AMAZON-AES) (AMAZON-AES) | |
14 | 3.225.100.130 3.225.100.130 | 14618 (AMAZON-AES) (AMAZON-AES) | |
17 | 2 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
harvardtotalrewards.ehr.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-82-195-166.compute-1.amazonaws.com
key-idp.iam.harvard.edu |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-100-130.compute-1.amazonaws.com
www.pin1.harvard.edu |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
harvard.edu
3 redirects
key-idp.iam.harvard.edu — Cisco Umbrella Rank: 863021 www.pin1.harvard.edu — Cisco Umbrella Rank: 359161 |
1 MB |
4 |
ehr.com
1 redirects
harvardtotalrewards.ehr.com |
11 KB |
17 | 2 |
Domain | Requested by | |
---|---|---|
14 | www.pin1.harvard.edu |
www.pin1.harvard.edu
|
4 | harvardtotalrewards.ehr.com | 1 redirects |
3 | key-idp.iam.harvard.edu | 3 redirects |
17 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
harvardtotalrewards.ehr.com GlobalSign RSA OV SSL CA 2018 |
2022-11-05 - 2023-12-07 |
a year | crt.sh |
hk20-key-auth.iam.harvard.edu InCommon RSA Server CA 2 |
2023-09-07 - 2024-10-07 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.pin1.harvard.edu/cas/login?service=https%3A%2F%2Fkey-idp.iam.harvard.edu%2Fidp%2FAuthn%2FExternal%3Fconversation%3De1s1%26entityId%3Dhttps%3A%2F%2Fharvardtotalrewards.ehr.com
Frame ID: 7B95F340FCCE1B126AFA8E3F24895A81
Requests: 17 HTTP requests in this frame
Screenshot
Page Title
HarvardKey - Harvard University Authentication ServicePage URL History Show full URLs
-
https://harvardtotalrewards.ehr.com/default.ashx
HTTP 302
https://harvardtotalrewards.ehr.com/default.ashx?CLASSNAME=LOGIN&NOUSER=TRUE Page URL
- https://harvardtotalrewards.ehr.com/default.ashx?CLASSNAME=LOGINCHOICE Page URL
- https://harvardtotalrewards.ehr.com/default.ashx?CLASSNAME=SPSAML&TARGET=harvard-estmt&RELAYSTATE= Page URL
-
https://key-idp.iam.harvard.edu/idp/profile/SAML2/POST/SSO
HTTP 302
https://key-idp.iam.harvard.edu/idp/profile/SAML2/POST/SSO?execution=e1s1 HTTP 302
https://key-idp.iam.harvard.edu/idp/Authn/External?conversation=e1s1 HTTP 302
https://www.pin1.harvard.edu/cas/login?service=https%3A%2F%2Fkey-idp.iam.harvard.edu%2Fidp%2FAuthn%2FExte... Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Material Design Lite (Web Frameworks) Expand
Detected patterns
- (?:/([\d.]+))?/material(?:\.min)?\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://harvardtotalrewards.ehr.com/default.ashx
HTTP 302
https://harvardtotalrewards.ehr.com/default.ashx?CLASSNAME=LOGIN&NOUSER=TRUE Page URL
- https://harvardtotalrewards.ehr.com/default.ashx?CLASSNAME=LOGINCHOICE Page URL
- https://harvardtotalrewards.ehr.com/default.ashx?CLASSNAME=SPSAML&TARGET=harvard-estmt&RELAYSTATE= Page URL
-
https://key-idp.iam.harvard.edu/idp/profile/SAML2/POST/SSO
HTTP 302
https://key-idp.iam.harvard.edu/idp/profile/SAML2/POST/SSO?execution=e1s1 HTTP 302
https://key-idp.iam.harvard.edu/idp/Authn/External?conversation=e1s1 HTTP 302
https://www.pin1.harvard.edu/cas/login?service=https%3A%2F%2Fkey-idp.iam.harvard.edu%2Fidp%2FAuthn%2FExternal%3Fconversation%3De1s1%26entityId%3Dhttps%3A%2F%2Fharvardtotalrewards.ehr.com Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://harvardtotalrewards.ehr.com/default.ashx HTTP 302
- https://harvardtotalrewards.ehr.com/default.ashx?CLASSNAME=LOGIN&NOUSER=TRUE
17 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
default.ashx
harvardtotalrewards.ehr.com/ Redirect Chain
|
561 B 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
default.ashx
harvardtotalrewards.ehr.com/ |
634 B 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
default.ashx
harvardtotalrewards.ehr.com/ |
6 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
login
www.pin1.harvard.edu/cas/ Redirect Chain
|
22 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
normalize.css
www.pin1.harvard.edu/cas/webjars/normalize.css/8.0.1/ |
6 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap-grid.min.css
www.pin1.harvard.edu/cas/webjars/bootstrap/5.2.0/css/ |
52 KB 53 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
material-components-web.min.css
www.pin1.harvard.edu/cas/webjars/material-components-web/14.0.0/dist/ |
484 KB 485 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
materialdesignicons.min.css
www.pin1.harvard.edu/cas/webjars/mdi__font/6.5.95/css/ |
298 KB 299 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cas.css
www.pin1.harvard.edu/cas/css/ |
23 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
www.pin1.harvard.edu/cas/webjars/jquery/3.6.1/ |
88 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
es5-shim.min.js
www.pin1.harvard.edu/cas/webjars/es5-shim/4.5.9/ |
25 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css-vars-ponyfill.min.js
www.pin1.harvard.edu/cas/webjars/css-vars-ponyfill/2.4.7/dist/ |
23 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
material-components-web.min.js
www.pin1.harvard.edu/cas/webjars/material-components-web/14.0.0/dist/ |
469 KB 80 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cas.js
www.pin1.harvard.edu/cas/js/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
material.js
www.pin1.harvard.edu/cas/js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
harvard-logo.svg
www.pin1.harvard.edu/cas/images/ |
19 KB 20 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
materialdesignicons-webfont.woff2
www.pin1.harvard.edu/cas/webjars/mdi__font/6.5.95/fonts/ |
353 KB 354 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture12 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
key-idp.iam.harvard.edu/idp | Name: JSESSIONID Value: A080C2CAE95ACF407948D5E6BF098728 |
|
harvardtotalrewards.ehr.com/ | Name: ApplicationGatewayAffinityCORS Value: 90c10411c7abc9ffa32fa938941667e8 |
|
harvardtotalrewards.ehr.com/ | Name: ApplicationGatewayAffinity Value: 90c10411c7abc9ffa32fa938941667e8 |
|
harvardtotalrewards.ehr.com/ | Name: HarvardTCSApp Value: Nh-%93%1d%a9%e9%11g%95%d5%b3Y%9e%f8%5d%8a%1eC%b0%1d%da4%a5%02.%b7Y%22%7f%c2%22%5d%22%ce'%95%de%cb%9a%18%f7%7d%bf%aa%94%0b%ae |
|
harvardtotalrewards.ehr.com/ | Name: HarvardTCSSessionHistory_Insert Value: False |
|
harvardtotalrewards.ehr.com/ | Name: HarvardTCSSessionHistory_Key Value: 118ddec1-0e2a-48d9-8bff-40fbd87455f5 |
|
harvardtotalrewards.ehr.com/ | Name: HarvardTCSSessionHistory_Id Value: 37936947 |
|
key-idp.iam.harvard.edu/ | Name: AWSALB Value: 24y/pnhZK7Izwc8oSZEqfqOg/UdI5DWssP0HcVDOVFFLjnyhYow0mzqjZ0zbpdNEnnEDKbHgcW740SBNlnHgDtRLYGnIbWS5p8ETG+/7i/FqbUa7HXJPj3/vthT7 |
|
key-idp.iam.harvard.edu/ | Name: AWSALBCORS Value: 24y/pnhZK7Izwc8oSZEqfqOg/UdI5DWssP0HcVDOVFFLjnyhYow0mzqjZ0zbpdNEnnEDKbHgcW740SBNlnHgDtRLYGnIbWS5p8ETG+/7i/FqbUa7HXJPj3/vthT7 |
|
www.pin1.harvard.edu/ | Name: org.springframework.web.servlet.i18n.CookieLocaleResolver.LOCALE Value: de-DE |
|
www.pin1.harvard.edu/ | Name: AWSALB Value: yEScvQ2CumfE2LuNTQtgEmg+sc9LEqrwp6wi01OotsN7BQeUVQ+Wjqr+NoxZJkxDSpGKjYCi4J7eKp3FKQwv1aKSBbO7R+bME7iJy49xaWbLgs0P/JFXAYfsYi8y |
|
www.pin1.harvard.edu/ | Name: AWSALBCORS Value: yEScvQ2CumfE2LuNTQtgEmg+sc9LEqrwp6wi01OotsN7BQeUVQ+Wjqr+NoxZJkxDSpGKjYCi4J7eKp3FKQwv1aKSBbO7R+bME7iJy49xaWbLgs0P/JFXAYfsYi8y |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
harvardtotalrewards.ehr.com
key-idp.iam.harvard.edu
www.pin1.harvard.edu
20.22.122.58
3.225.100.130
54.82.195.166
177aaab3f1a92ff971f4cee66f727e238ad41e0a7ce1011d9e659c9e4c7b5091
1cf36bece3f4f81a1f4627b4fd5753fd45f0710b936ad14e021e67564f320500
50271f9d1fb53bfd2074827218441de193a0f5bdb94f6a20b3e76d1fa91b41b7
546b78ced02bec2833dfe5d971b2a05de728b6b6e1f7b7431f904c08cd458b11
580818700724d42d7fcc4979b0197971fca1c6d2e0286769237a0ac897df5512
60f82e183aa0e791c1f3eb5bac905b5ae885f49f9708aeec8ec71a8b014c4f12
6f86fc78cc07771bc52e67130abd8a01a4fbe788918d6fb223b5d42e1c55331a
7d39b3a102c4a05c628e5ec77f07cbe97ac479a1921fd1aeea2b9a3545b637bf
96ed7d7306c022f2650918608702d9b9e9c5a3a0dd037a3032b6a704626c066b
a0ce90bd1740672470318728e23f790940230ed884a294840004ed1efd1534a1
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
b2e3147a2d14599b0bd2753556910af4d494e8b0f9dca7e98432f71a01c1bc01
c38d4bdf71df14bef6049fc0035894a6dc072f6704cd9a12758616d52c7e91d4
d2f7d9fde94b19472e94dfb276ce6f8992a480339e53ba50909fa4ad639bde03
d40bed4be0d472f02d991e3344ca3b13b94bc9dd2e73dc353afabefbc43f7af3
f031ccb7e4d8b3591570ef91fa86584eb1d8218c0750e0a1890b2a29bd814f78
f04e08b36e901f46c3e765a8429701f91fed71642da73942a23af26d477b331a