shib.oit.duke.edu
Open in
urlscan Pro
152.3.72.35
Public Scan
Effective URL: https://shib.oit.duke.edu/idp/authn/external?conversation=e1s1
Submission Tags: falconsandbox
Submission: On February 05 via api from US — Scanned from CA
Summary
TLS certificate: Issued by InCommon RSA Server CA 2 on March 20th 2023. Valid for: a year.
This is the only time shib.oit.duke.edu was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
5 6 | 52.229.116.165 52.229.116.165 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
2 2 | 152.3.100.93 152.3.100.93 | 13371 (DUKE-INTE...) (DUKE-INTERCHANGE) | |
2 11 | 152.3.72.35 152.3.72.35 | 13371 (DUKE-INTE...) (DUKE-INTERCHANGE) | |
11 | 3 |
ASN13371 (DUKE-INTERCHANGE, US)
PTR: web-software-02.oit.duke.edu
software.duke.edu |
ASN13371 (DUKE-INTERCHANGE, US)
PTR: shib-v3-fitz.oit.duke.edu
shib.oit.duke.edu |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
duke.edu
4 redirects
software.duke.edu shib.oit.duke.edu — Cisco Umbrella Rank: 389275 beacon.oit.duke.edu Failed |
287 KB |
6 |
onthehub.com
5 redirects
dukeoit.onthehub.com |
3 KB |
11 | 2 |
Domain | Requested by | |
---|---|---|
11 | shib.oit.duke.edu |
2 redirects
shib.oit.duke.edu
|
6 | dukeoit.onthehub.com | 5 redirects |
2 | software.duke.edu | 2 redirects |
0 | beacon.oit.duke.edu Failed | |
11 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
shib.oit.duke.edu InCommon RSA Server CA 2 |
2023-03-20 - 2024-04-19 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://shib.oit.duke.edu/idp/authn/external?conversation=e1s1
Frame ID: AEB15D82FA42C626F0CAF2EAD9ECC367
Requests: 11 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://dukeoit.onthehub.com/ Page URL
-
http://dukeoit.onthehub.com/Default.aspx
HTTP 301
https://dukeoit.onthehub.com/Default.aspx HTTP 302
https://dukeoit.onthehub.com/WebStore/Welcome.aspx HTTP 301
https://dukeoit.onthehub.com/WebStore/ProductsByMajorVersionList.aspx HTTP 302
https://dukeoit.onthehub.com/WebStore/Security/Signin.aspx?rurl=%2fWebStore%2fProductsByMajorVersionList.... HTTP 302
https://software.duke.edu/vmware_redirect.php?action=signin HTTP 302
https://software.duke.edu/Shibboleth.sso/Login?target=https%3A%2F%2Fsoftware.duke.edu%2Fvmware_redirec... HTTP 302
https://shib.oit.duke.edu/idp/profile/SAML2/Redirect/SSO?SAMLRequest=fZLLboMwEEV%2FBXkfDAhQsAISTRaNlDZ... HTTP 302
https://shib.oit.duke.edu/idp/profile/SAML2/Redirect/SSO?execution=e1s1 HTTP 302
https://shib.oit.duke.edu/idp/authn/external?conversation=e1s1 Page URL
Detected technologies
Font Awesome (Font Scripts) ExpandDetected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://dukeoit.onthehub.com/ Page URL
-
http://dukeoit.onthehub.com/Default.aspx
HTTP 301
https://dukeoit.onthehub.com/Default.aspx HTTP 302
https://dukeoit.onthehub.com/WebStore/Welcome.aspx HTTP 301
https://dukeoit.onthehub.com/WebStore/ProductsByMajorVersionList.aspx HTTP 302
https://dukeoit.onthehub.com/WebStore/Security/Signin.aspx?rurl=%2fWebStore%2fProductsByMajorVersionList.aspx HTTP 302
https://software.duke.edu/vmware_redirect.php?action=signin HTTP 302
https://software.duke.edu/Shibboleth.sso/Login?target=https%3A%2F%2Fsoftware.duke.edu%2Fvmware_redirect.php HTTP 302
https://shib.oit.duke.edu/idp/profile/SAML2/Redirect/SSO?SAMLRequest=fZLLboMwEEV%2FBXkfDAhQsAISTRaNlDZRoF10UxmYFKvGph7Tx9%2BXhFRNF83ad87MPfICeSd7lg%2B2VXt4GwCt89lJhez0kJLBKKY5CmSKd4DM1qzI7zYscD3WG211rSVxckQwVmi11AqHDkwB5l3U8LDfpKS1tkdGKeqD%2FeAG3GZ4BReagRatqCotwbYuoqZHcEB326Ikzmq8RCh%2BZF4Qxryrhf0liKan4xkHIeE8vodGGKgtLYotcdarlDz7EFRBEsVVcuBBktTxPIy4Bz7EYTyHuhpjiAOsFVqubEoCLwhnXjDzotKPmB%2Bz0Hsizu7c9kaoRqiX62qqKYTstix3s6nSIxg81RkDJFscBbPTYnOh%2FDqW%2F3gm2b9WF%2FSCPK3p2f2IWq92Wor6y8ml1B9LA9xCSnxCs2nk7zfIvgE%3D&RelayState=cookie%3A1707146200_e16d HTTP 302
https://shib.oit.duke.edu/idp/profile/SAML2/Redirect/SSO?execution=e1s1 HTTP 302
https://shib.oit.duke.edu/idp/authn/external?conversation=e1s1 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
dukeoit.onthehub.com/ |
109 B 453 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
external
shib.oit.duke.edu/idp/authn/ Redirect Chain
|
19 KB 19 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fonts.css
shib.oit.duke.edu/idp/css/ |
37 KB 37 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
shib.css
shib.oit.duke.edu/idp/css/ |
4 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login.css
shib.oit.duke.edu/idp/css/ |
4 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-3.2.1.min.js
shib.oit.duke.edu/idp/js/ |
85 KB 85 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
boomerang-oit.js
shib.oit.duke.edu/idp/js/ |
41 KB 41 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dukelogo-white.png
shib.oit.duke.edu/idp/img/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Open-Sans-regular.woff2
shib.oit.duke.edu/idp/font/Open-Sans-regular/ |
10 KB 10 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fontawesome-webfont.woff2
shib.oit.duke.edu/idp/font/font-awesome/ |
75 KB 76 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
image-l.gif
beacon.oit.duke.edu/images/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- beacon.oit.duke.edu
- URL
- https://beacon.oit.duke.edu/images/image-l.gif?t=17071462043120.8613323016700083
Verdicts & Comments Add Verdict or Comment
0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
shib.oit.duke.edu/idp | Name: JSESSIONID Value: 8E3D45A2951194C522D01EEB93DED72A |
|
dukeoit.onthehub.com/ | Name: ASP.NET_SessionId Value: xfop2wdhp0opxip4y4zzhous |
|
software.duke.edu/ | Name: _shibstate_1707146200_e16d Value: https%3A%2F%2Fsoftware.duke.edu%2Fvmware_redirect.php |
|
software.duke.edu/ | Name: _opensaml_req_cookie%3A1707146200_e16d Value: _1e2b2956b9fa299c6845a0e1e6468ecb |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | frame-ancestors 'self' |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
beacon.oit.duke.edu
dukeoit.onthehub.com
shib.oit.duke.edu
software.duke.edu
beacon.oit.duke.edu
152.3.100.93
152.3.72.35
52.229.116.165
010bdfefb185378d585e58113f8afc7c741d0d45ee510a23e2fbd4a525f03d4f
2c586e826c14d1f9fbe6f731151307cb149a5d218f4c0ec0589338d52bf90bcb
4e15372f6bc83889ef6bee541ed03b3d176e9a21a02bd7a933f4f0b5f5b69465
65f6e1aa6535b391426d610736fc92fb244002b7430fbadcd3b6a2892222b8a5
6c7d9787b1784a5245fc99b0c296214cec303739753b3c9d2ddf01f49a1a5b4b
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8afea0eebbebfd019a11474d02d3b035d7dd3ff74396c38b8a2ba270b0af481d
cf985ff20a778554fe674150eaeaff989639128204717a576acdd2c5875fb703
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
fbbe6b4fb770b8a4c5860451df8ded85f57254ce6536e19d638801fbf477c4d1