certauth.shell.com
Open in
urlscan Pro
63.32.199.134
Public Scan
Effective URL: https://certauth.shell.com/idp/5hSBq/resumeSAML20/idp/SSO.ping
Submission Tags: falconsandbox
Submission: On January 12 via api from US — Scanned from DE
Summary
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on January 4th 2022. Valid for: a year.
This is the only time certauth.shell.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
5 | 3.217.28.104 3.217.28.104 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 2a00:1450:400... 2a00:1450:4001:831::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a02:26f0:f7:... 2a02:26f0:f7::5c7b:e024 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2a02:26f0:df:... 2a02:26f0:df:69f::19fd | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 1 | 2600:1f18:257... 2600:1f18:257:8000:e64a:1536:6ed0:7803 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 5 | 52.49.40.111 52.49.40.111 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 63.32.199.134 63.32.199.134 | 16509 (AMAZON-02) (AMAZON-02) | |
18 | 7 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-217-28-104.compute-1.amazonaws.com
3.217.28.104 |
ASN14618 (AMAZON-AES, US)
sdu-prod-portal.auth.us-east-1.amazoncognito.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-40-111.eu-west-1.compute.amazonaws.com
sso.shell.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-199-134.eu-west-1.compute.amazonaws.com
certauth.shell.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
shell.com
1 redirects
sso.shell.com — Cisco Umbrella Rank: 920967 certauth.shell.com |
320 KB |
3 |
typekit.net
use.typekit.net — Cisco Umbrella Rank: 455 p.typekit.net — Cisco Umbrella Rank: 565 |
18 KB |
1 |
amazoncognito.com
sdu-prod-portal.auth.us-east-1.amazoncognito.com Failed |
2 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37 |
868 B |
18 | 4 |
Domain | Requested by | |
---|---|---|
5 | sso.shell.com |
1 redirects
certauth.shell.com
sso.shell.com |
2 | use.typekit.net |
3.217.28.104
use.typekit.net |
1 | certauth.shell.com |
3.217.28.104
|
1 | sdu-prod-portal.auth.us-east-1.amazoncognito.com |
3.217.28.104
|
1 | p.typekit.net |
use.typekit.net
|
1 | fonts.googleapis.com |
3.217.28.104
|
18 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
upload.video.google.com GTS CA 1C3 |
2021-12-08 - 2022-03-02 |
3 months | crt.sh |
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1 |
2021-08-16 - 2022-08-16 |
a year | crt.sh |
*.typekit.net DigiCert TLS RSA SHA256 2020 CA1 |
2021-12-05 - 2022-12-06 |
a year | crt.sh |
certauth.shell.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-01-04 - 2023-01-03 |
a year | crt.sh |
sso.shell.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-02-17 - 2022-02-21 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://certauth.shell.com/idp/5hSBq/resumeSAML20/idp/SSO.ping
Frame ID: CD553FA91B95032F3673F5F9AC9C1FA0
Requests: 18 HTTP requests in this frame
Screenshot
Page Title
Select Authentication SystemPage URL History Show full URLs
- http://3.217.28.104/ Page URL
-
https://sdu-prod-portal.auth.us-east-1.amazoncognito.com/oauth2/authorize?redirect_uri=https%3A%2F%2Fapps.aws-us-east-1.prod.sdu-rds....
HTTP 302
https://sso.shell.com/idp/SSO.saml2?SAMLRequest=fZHNbsIwEITvfYrIdydxGtHUIkGoFAmJioqfHnpBVrwQS4mdeh... HTTP 302
https://certauth.shell.com/idp/5hSBq/resumeSAML20/idp/SSO.ping Page URL
Detected technologies
jQuery (JavaScript Libraries) ExpandDetected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://3.217.28.104/ Page URL
-
https://sdu-prod-portal.auth.us-east-1.amazoncognito.com/oauth2/authorize?redirect_uri=https%3A%2F%2Fapps.aws-us-east-1.prod.sdu-rds.com%2Fsuccess&response_type=code&client_id=2uf04gds8m5f8r4nbb8mmrt008&state=ntteQFyajB1AeKDZDYOnDkwIuatgyaM7&scope=&identity_provider=Prod-Ping
HTTP 302
https://sso.shell.com/idp/SSO.saml2?SAMLRequest=fZHNbsIwEITvfYrIdydxGtHUIkGoFAmJioqfHnpBVrwQS4mdeh3U8vQ1gaJy4WhrZmf3m%2BHou6mD%0AA1hURueEhTEJQJdGKr3PyWY9pRkZFQ9DFE2dtHzcuUov4asDdMEYEazzvhejsWvArsAeVAmb5Twn%0AlXMt8ihC2dHWGklbY52oQ%2BEnhB1SEOgoC0Ujjsbn7bVyJixNE%2FVJkZKtBWz9YCDBxKcpLVy%2F4nUw%0AmhArqOve5fXRarUIezcJZpOcbHcZiJSVTzQTg2eaSsloVqY7KiCTwORjCenOSxE7mGl0QrucJHGS%0A0JhRlqwZ40nM0zTMBtknCT7%2BGCUnRp6aRn6mkpPOam4EKuRaNIDclXw1fptzL%2BX%2BeGdKU5PiDJH3%0AgTaYGtsId997%2BlGS7nopB%2B2U%2B7nJvm8XfwWR4iQ7s%2BYX2Bxbfu1hu69e4T1Lj4th9H%2FL4vK8bb74%0ABQ%3D%3D&RelayState=ZXlKMWMyVnlVRzl2YkVsa0lqb2lkWE10WldGemRDMHhYMmRvUldWUU9EUjZUeUlzSW5CeWIzWnBaR1Z5VG1GdFpTSTZJbEJ5YjJRdFVHbHVaeUlzSW1Oc2FXVnVkRWxrSWpvaU1uVm1NRFJuWkhNNGJUVm1PSEkwYm1KaU9HMXRjblF3TURnaUxDSnlaV1JwY21WamRGVlNTU0k2SW1oMGRIQnpPaTh2WVhCd2N5NWhkM010ZFhNdFpXRnpkQzB4TG5CeWIyUXVjMlIxTFhKa2N5NWpiMjB2YzNWalkyVnpjeUlzSW5KbGMzQnZibk5sVkhsd1pTSTZJbU52WkdVaUxDSndjbTkyYVdSbGNsUjVjR1VpT2lKVFFVMU1JaXdpYzJOdmNHVnpJanBiSW1GM2N5NWpiMmR1YVhSdkxuTnBaMjVwYmk1MWMyVnlMbUZrYldsdUlpd2liM0JsYm1sa0lpd2ljSEp2Wm1sc1pTSmRMQ0p6ZEdGMFpTSTZJbTUwZEdWUlJubGhha0l4UVdWTFJGcEVXVTl1Ukd0M1NYVmhkR2Q1WVUwM0lpd2lZMjlrWlVOb1lXeHNaVzVuWlNJNmJuVnNiQ3dpWTI5a1pVTm9ZV3hzWlc1blpVMWxkR2h2WkNJNmJuVnNiQ3dpYm05dVkyVWlPaUkyZFVoRE9FRk9PVkZtVjBadWVWUnBkSGRRZVZCclUyRnpRbEJJVFZoNVowNU5UbkpTVEd0TVN6ZFFjVlZXUVhJeFZXaFlNa2hYYVVVeFNIUmZRMVF6VDIxamNXOTFXRlpoTVcxbU1IbHdkVlEwTTA1TlpsaHJXa1ZqWW5SR1RDMUxPVTlTV1dSb2NrTnhhVnB5VFRacWFrTk1OVWxxVUdzNGJrRTRlRlprYVhSR1RWaHFZazVKZFZkdFdVWjRaMlZyY1RaNVpIcERkMnhxZWsxUWNubzJNblV3ZVVOTGNrazJPVFFpTENKelpYSjJaWEpJYjNOMFVHOXlkQ0k2SW5Oa2RTMXdjbTlrTFhCdmNuUmhiQzVoZFhSb0xuVnpMV1ZoYzNRdE1TNWhiV0Y2YjI1amIyZHVhWFJ2TG1OdmJTSXNJbU55WldGMGFXOXVWR2x0WlZObFkyOXVaSE1pT2pFMk5ERTVPRFkwTkRRc0luTmxjM05wYjI0aU9tNTFiR3dzSW5WelpYSkJkSFJ5YVdKMWRHVnpJanB1ZFd4c0xDSnpkR0YwWlVadmNreHBibXRwYm1kVFpYTnphVzl1SWpwbVlXeHpaWDA9OjhQUjFuWi9NVjBDTGlQcCsyY09TQXNRckR0aEJuT3ZWNlUzMWZNRjVvdTQ9OjM%3D HTTP 302
https://certauth.shell.com/idp/5hSBq/resumeSAML20/idp/SSO.ping Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
18 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
3.217.28.104/ |
779 B 689 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon
fonts.googleapis.com/ |
569 B 868 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles.beb5abcca22510a3b549.css
3.217.28.104/ |
66 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
runtime.ec2944dd8b20ec099bf3.js
3.217.28.104/ |
1 KB 969 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
polyfills.2db331e3a70039908b6b.js
3.217.28.104/ |
58 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.80d9d69e99f54456a564.js
3.217.28.104/ |
4 MB 758 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loq7ffg.css
use.typekit.net/ |
3 KB 948 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p.css
p.typekit.net/ |
5 B 181 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
use.typekit.net/af/620bf8/00000000000000000000e7fe/27/ |
17 KB 17 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
authorize
sdu-prod-portal.auth.us-east-1.amazoncognito.com/oauth2/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
SSO.ping
certauth.shell.com/idp/5hSBq/resumeSAML20/idp/ Redirect Chain
|
5 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.css
sso.shell.com/assets/css/ |
150 KB 150 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-2.2.0.min.js
sso.shell.com/assets/scripts/ |
84 KB 84 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Shell.jpg
sso.shell.com/assets/images/ |
66 KB 66 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
powered-by-ping-identity.svg
sso.shell.com/assets/images/ |
13 KB 13 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
ProximaNova-Regular.otf
sso.shell.com/assets/fonts/proxima-nova/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
iconfont.ttf
sso.shell.com/assets/fonts/icons/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
iconfont.woff
sso.shell.com/assets/fonts/icons/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- sdu-prod-portal.auth.us-east-1.amazoncognito.com
- URL
- https://sdu-prod-portal.auth.us-east-1.amazoncognito.com/oauth2/authorize?redirect_uri=https%3A%2F%2Fapps.aws-us-east-1.prod.sdu-rds.com%2Fsuccess&response_type=code&client_id=2uf04gds8m5f8r4nbb8mmrt008&state=ntteQFyajB1AeKDZDYOnDkwIuatgyaM7&scope=aws.cognito.signin.user.admin%20openid&identity_provider=Prod-Ping
- Domain
- sso.shell.com
- URL
- https://sso.shell.com/assets/fonts/proxima-nova/ProximaNova-Regular.otf
- Domain
- sso.shell.com
- URL
- https://sso.shell.com/assets/fonts/icons/iconfont.ttf?-sa9xtz
- Domain
- sso.shell.com
- URL
- https://sso.shell.com/assets/fonts/icons/iconfont.woff?-sa9xtz
Verdicts & Comments Add Verdict or Comment
5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onsecuritypolicyviolation object| onslotchange function| $ function| jQuery function| postOk6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
sdu-prod-portal.auth.us-east-1.amazoncognito.com/ | Name: XSRF-TOKEN Value: b4f5228a-a5ca-4297-ad4b-b8fbcb552d79 |
|
sdu-prod-portal.auth.us-east-1.amazoncognito.com/ | Name: csrf-state Value: 6uHC8AN9QfWFnyTitwPyPkSasBPHMXygNMNrRLkLK7PqUVAr1UhX2HWiE1Ht_CT3OmcqouXVa1mf0ypuT43NMfXkZEcbtFL-K9ORYdhrCqiZrM6jjCL5IjPk8nA8xVditFMXjbNIuWmYFxgekq6ydzCwljzMPrz62u0yCKrI694 |
|
sdu-prod-portal.auth.us-east-1.amazoncognito.com/ | Name: csrf-state-legacy Value: 6uHC8AN9QfWFnyTitwPyPkSasBPHMXygNMNrRLkLK7PqUVAr1UhX2HWiE1Ht_CT3OmcqouXVa1mf0ypuT43NMfXkZEcbtFL-K9ORYdhrCqiZrM6jjCL5IjPk8nA8xVditFMXjbNIuWmYFxgekq6ydzCwljzMPrz62u0yCKrI694 |
|
.shell.com/ | Name: PF Value: 5o1pGcTToSwFHIHaMPUcSM |
|
sso.shell.com/ | Name: AWSALB Value: PXIZIbKBDjcC0xuG6NEqluAoCILrftjF0FsXYjkElcuKqT50Xk/G8Z7MliD3+aUsZGY+3lN0zTtXwTXHuvMxIGgJxIcMNOTd8+fB8BjaMO5KzRMUccVVdIlVzDu6 |
|
sso.shell.com/ | Name: AWSALBCORS Value: PXIZIbKBDjcC0xuG6NEqluAoCILrftjF0FsXYjkElcuKqT50Xk/G8Z7MliD3+aUsZGY+3lN0zTtXwTXHuvMxIGgJxIcMNOTd8+fB8BjaMO5KzRMUccVVdIlVzDu6 |
6 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
certauth.shell.com
fonts.googleapis.com
p.typekit.net
sdu-prod-portal.auth.us-east-1.amazoncognito.com
sso.shell.com
use.typekit.net
sdu-prod-portal.auth.us-east-1.amazoncognito.com
sso.shell.com
2600:1f18:257:8000:e64a:1536:6ed0:7803
2a00:1450:4001:831::200a
2a02:26f0:df:69f::19fd
2a02:26f0:f7::5c7b:e024
3.217.28.104
52.49.40.111
63.32.199.134
01fd8df555c0530ef6a5e5afcc0fb5b64eca998dcce0335bfd111f20ff9727c5
0ac4af02e0e1866b2623c397b73421ce2dcd2c51d4d41b8c714a28ed3cbfa1cb
0bd793094a5b39c7094cfd3980fb57d1899b66066d91328793fe06ea9c4e0ce7
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1caedf6852bfd964e2ef6d65a28bfb37593fd44063fb7a2791dae4e382e85386
2f26240300ee305559a12a3b92f36ba1ef6c64dbe62d6f593836e33219bf4b94
35ba3dc7f619cf06aaae6ffa52df3e35b0801ba1504d11909f84db5f075fdd43
788b2492ecc7de4022b4431e83f7f39239f53e40327577956b150dd40ee6feb5
8fa73ad0b9417ac75f861e9e22eeec8b91f0cf67560047162a1b1fdbe5116fe2
a239b8fd73dc14fa6f278a755442c775c5eb4068c68b926c194b7dd0e8df0f97
b5bcd0fdcdad780bb4abd4f095cf1291ebe4eb23a273012200fef06f2fe14995
d44a3249e2be052d683c7b58d03890937199b056a6313bd7ae0834281a70a2d6
d73d31474272410e06ab23ee6a3eb9a79bdf642e2e81246f7594884e109b93b9
eb3d5f2600910179bef8b0709214b7c721ea66e92ebb35bc282264beb2631eaf