idpprod.nc.gov Open in urlscan Pro
204.211.136.231 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://s3.ariba.com/Sourcing/Main/ad/viewMessage/ariba.sourcing.util.messaging.MessageDirectAction?messageId=NWzqAOp...
Effective URL:
https://idpprod.nc.gov:8443/nidp/saml2/sso?id=6&sid=0&option=credential&sid=0
Submission: On March 29 via manual (March 29th 2021, 3:33:03 pm UTC) from US

Summary HTTP 16 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 16 HTTP transactions. The main IP is 204.211.136.231, located in Hope Mills, United States and belongs to NCIH, US. The main domain is idpprod.nc.gov.
TLS certificate: Issued by DigiCert Global CA G2 on April 3rd 2020. Valid for: a year.

This is the only time idpprod.nc.gov was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 6	216.109.104.15 216.109.104.15	16561 (ARIBANETWORK) (ARIBANETWORK)
12	204.211.136.231 204.211.136.231	6559 (NCIH) (NCIH)
16	2

6 216.109.104.15 (United States) 2 redirects

ASN16561 (ARIBANETWORK, US)

s3.ariba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 204.211.136.231 (Hope Mills, United States)

ASN6559 (NCIH, US)
PTR: idpprod.nc.gov

idpprod.nc.gov	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	nc.gov idpprod.nc.gov	299 KB
6	ariba.com 2 redirects s3.ariba.com	8 KB
16	2

	Domain	Requested by
12	idpprod.nc.gov	idpprod.nc.gov
6	s3.ariba.com	2 redirects
16	2

This site contains links to these domains. Also see Links.

Domain
files.nc.gov
ncidsspr.nc.gov
ncid.nc.gov

Subject Issuer	Validity	Valid
s3.ariba.com DigiCert ECC Secure Server CA	`2019-11-06` - `2021-11-09`	2 years	crt.sh
idpprod.nc.gov DigiCert Global CA G2	`2020-04-03` - `2021-04-15`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://idpprod.nc.gov:8443/nidp/saml2/sso?id=6&sid=0&option=credential&sid=0
Frame ID: 515E2D0B0519442E0F33A65104DE02D8
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://s3.ariba.com/Sourcing/Main/ad/viewMessage/ariba.sourcing.util.messaging.MessageDirectActi... HTTP 302
https://s3.ariba.com/Sourcing/nr/C7_UI3/Main/ad/viewMessage/ariba.sourcing.util.messaging.Message... HTTP 302
https://s3.ariba.com/Sourcing/Main/ad/viewMessage/ariba.sourcing.util.messaging.MessageDirectActi... Page URL
https://s3.ariba.com/Buyer/Main/ad/loginPage/SSOActions?realm=ncgov Page URL
https://s3.ariba.com/Buyer/nr/C5_UI4/Main/ad/loginPage/SSOActions Page URL
https://s3.ariba.com/Buyer/Main/ad/loginPage/SSOActions Page URL
https://idpprod.nc.gov:8443/nidp/saml2/sso?ret=https%3A%2F%2Fs3.ariba.com%2FBuyer%2FMain%2Fad%2FsamlAuth... Page URL
https://idpprod.nc.gov:8443/nidp/saml2/sso?id=6&sid=0&option=credential&sid=0 Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

16
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

306 kB
Transfer

305 kB
Size

2
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://files.nc.gov/ncdit/documents/files/NCID-Post-Upgrade-Tips.pdf
Title: NCID Tips

Search URL Search Domain Scan URL

URL: https://ncidsspr.nc.gov/sspr/public/ForgottenUsername
Title: Forgot Username

Search URL Search Domain Scan URL

URL: https://ncidsspr.nc.gov/sspr/public/ForgottenPassword
Title: Forgot Password

Search URL Search Domain Scan URL

URL: https://ncid.nc.gov/ncid/
Title: Need Help?

Search URL Search Domain Scan URL

URL: https://ncid.nc.gov/ncidsspr/
Title: Register!

Search URL Search Domain Scan URL

URL: https://ncid.nc.gov/privacy
Title: Privacy and Other Policies

Search URL Search Domain Scan URL

URL: https://ncid.nc.gov/support/default.aspx
Title: Contact Us

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://s3.ariba.com/Sourcing/Main/ad/viewMessage/ariba.sourcing.util.messaging.MessageDirectAction?messageId=NWzqAOpD3FhhAP&realm=ncgov&awsso_un=panorris&passwordadapter=PasswordAdapter1 HTTP 302
https://s3.ariba.com/Sourcing/nr/C7_UI3/Main/ad/viewMessage/ariba.sourcing.util.messaging.MessageDirectAction?passwordadapter=PasswordAdapter1&awsso_un=panorris&realm=ncgov&messageId=NWzqAOpD3FhhAP HTTP 302
https://s3.ariba.com/Sourcing/Main/ad/viewMessage/ariba.sourcing.util.messaging.MessageDirectAction?passwordadapter=PasswordAdapter1&awsso_un=panorris&realm=ncgov&messageId=NWzqAOpD3FhhAP Page URL
https://s3.ariba.com/Buyer/Main/ad/loginPage/SSOActions?realm=ncgov Page URL
https://s3.ariba.com/Buyer/nr/C5_UI4/Main/ad/loginPage/SSOActions Page URL
https://s3.ariba.com/Buyer/Main/ad/loginPage/SSOActions Page URL
https://idpprod.nc.gov:8443/nidp/saml2/sso?ret=https%3A%2F%2Fs3.ariba.com%2FBuyer%2FMain%2Fad%2FsamlAuth%2FSSOActions%3Frealm%3Dncgov&externalSite=true Page URL
https://idpprod.nc.gov:8443/nidp/saml2/sso?id=6&sid=0&option=credential&sid=0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://s3.ariba.com/Sourcing/Main/ad/viewMessage/ariba.sourcing.util.messaging.MessageDirectAction?messageId=NWzqAOpD3FhhAP&realm=ncgov&awsso_un=panorris&passwordadapter=PasswordAdapter1 HTTP 302
https://s3.ariba.com/Sourcing/nr/C7_UI3/Main/ad/viewMessage/ariba.sourcing.util.messaging.MessageDirectAction?passwordadapter=PasswordAdapter1&awsso_un=panorris&realm=ncgov&messageId=NWzqAOpD3FhhAP HTTP 302
https://s3.ariba.com/Sourcing/Main/ad/viewMessage/ariba.sourcing.util.messaging.MessageDirectAction?passwordadapter=PasswordAdapter1&awsso_un=panorris&realm=ncgov&messageId=NWzqAOpD3FhhAP

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200

ariba.sourcing.util.messaging.MessageDirectAction Show response
s3.ariba.com/Sourcing/Main/ad/viewMessage/
Redirect Chain

https://s3.ariba.com/Sourcing/Main/ad/viewMessage/ariba.sourcing.util.messaging.MessageDirectAction?messageId=NWzqAOpD3FhhAP&realm=ncgov&awsso_un=panorris&passwordadapter=PasswordAdapter1
https://s3.ariba.com/Sourcing/nr/C7_UI3/Main/ad/viewMessage/ariba.sourcing.util.messaging.MessageDirectAction?passwordadapter=PasswordAdapter1&awsso_un=panorris&realm=ncgov&messageId=NWzqAOpD3FhhAP
https://s3.ariba.com/Sourcing/Main/ad/viewMessage/ariba.sourcing.util.messaging.MessageDirectAction?passwordadapter=PasswordAdapter1&awsso_un=panorris&realm=ncgov&messageId=NWzqAOpD3FhhAP

2 KB
2 KB

202ms
202ms

Document
text/html

216.109.104.15
ARIBANETWORK

General

Check archive.org

Show headers Download Go to

Full URL

https://s3.ariba.com/Sourcing/Main/ad/viewMessage/ariba.sourcing.util.messaging.MessageDirectAction?passwordadapter=PasswordAdapter1&awsso_un=panorris&realm=ncgov&messageId=NWzqAOpD3FhhAP

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

216.109.104.15 , United States, ASN16561 (ARIBANETWORK, US),

Reverse DNS

Software

Apache /

Resource Hash

f6f97828f822f06f3b1e7347448dfac8069fb79f6cdc683e6bad9e5a1e88f855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Host: s3.ariba.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: JSESSIONID=F707738E7FB66A6D0B98E06CF9B1CA2F.Node24app727snv
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 29 Mar 2021 15:32:44 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1; mode=block
cache-control: no-store, no-cache, must-revalidate, private
pragma: no-cache
expires: -1
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1162
Keep-Alive: timeout=30, max=98
Connection: Keep-Alive

Redirect headers

Date: Mon, 29 Mar 2021 15:32:44 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1; mode=block
Location: /Sourcing/Main/ad/viewMessage/ariba.sourcing.util.messaging.MessageDirectAction?passwordadapter=PasswordAdapter1&awsso_un=panorris&realm=ncgov&messageId=NWzqAOpD3FhhAP
Content-Length: 0
Set-Cookie: JSESSIONID=F707738E7FB66A6D0B98E06CF9B1CA2F.Node24app727snv; Path=/Sourcing; Secure; HttpOnly; SameSite=None
Keep-Alive: timeout=30, max=99
Connection: Keep-Alive

POST
H/1.1 200 SSOActions Show response
s3.ariba.com/Buyer/Main/ad/loginPage/ 2 KB
1 KB 197ms
196ms Document
text/html 216.109.104.15
ARIBANETWORK

General

Check archive.org

Show headers Download Go to

Full URL

https://s3.ariba.com/Buyer/Main/ad/loginPage/SSOActions?realm=ncgov

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

216.109.104.15 , United States, ASN16561 (ARIBANETWORK, US),

Reverse DNS

Software

Apache /

Resource Hash

b40cede62083efcd24f558888e1ff916987154a12cc95f57d56a6af29a17bae7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Host: s3.ariba.com
Connection: keep-alive
Content-Length: 1197
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
Origin: https://s3.ariba.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://s3.ariba.com/Sourcing/Main/ad/viewMessage/ariba.sourcing.util.messaging.MessageDirectAction?passwordadapter=PasswordAdapter1&awsso_un=panorris&realm=ncgov&messageId=NWzqAOpD3FhhAP
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
Origin: https://s3.ariba.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://s3.ariba.com/Sourcing/Main/ad/viewMessage/ariba.sourcing.util.messaging.MessageDirectAction?passwordadapter=PasswordAdapter1&awsso_un=panorris&realm=ncgov&messageId=NWzqAOpD3FhhAP

Response headers

Date: Mon, 29 Mar 2021 15:32:45 GMT
Server: Apache
cache-control: no-store, no-cache, must-revalidate, private
pragma: no-cache
expires: -1
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1149
Keep-Alive: timeout=30, max=97
Connection: Keep-Alive
Strict-Transport-Security: max-age=31536000

POST
H/1.1 200 Cookie set SSOActions Show response
s3.ariba.com/Buyer/nr/C5_UI4/Main/ad/loginPage/ 2 KB
1 KB 205ms
204ms Document
text/html 216.109.104.15
ARIBANETWORK

General

Check archive.org

Show headers Download Go to

Full URL

https://s3.ariba.com/Buyer/nr/C5_UI4/Main/ad/loginPage/SSOActions

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

216.109.104.15 , United States, ASN16561 (ARIBANETWORK, US),

Reverse DNS

Software

Apache /

Resource Hash

1e9ecc5a704a45acadc7017ae1e9f80d254729c7b90559453659543074640976

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Host: s3.ariba.com
Connection: keep-alive
Content-Length: 1184
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
Origin: https://s3.ariba.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://s3.ariba.com/Buyer/Main/ad/loginPage/SSOActions?realm=ncgov
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
Origin: https://s3.ariba.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://s3.ariba.com/Buyer/Main/ad/loginPage/SSOActions?realm=ncgov

Response headers

Date: Mon, 29 Mar 2021 15:32:44 GMT
Server: Apache
Content-Type: text/html;charset=ISO-8859-1
Set-Cookie: JSESSIONID=403B3CC8539AE7819D1ECD13A663465A.Node15app734snv; Path=/Buyer; Secure; HttpOnly; SameSite=None
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 981
Keep-Alive: timeout=30, max=96
Connection: Keep-Alive
Strict-Transport-Security: max-age=31536000

POST
H/1.1 200 Cookie set SSOActions Show response
s3.ariba.com/Buyer/Main/ad/loginPage/ 3 KB
3 KB 218ms
217ms Document
text/html 216.109.104.15
ARIBANETWORK

General

Check archive.org

Show headers Download Go to

Full URL

https://s3.ariba.com/Buyer/Main/ad/loginPage/SSOActions

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

216.109.104.15 , United States, ASN16561 (ARIBANETWORK, US),

Reverse DNS

Software

Apache /

Resource Hash

53d92934b170a3957ea63dfa3b26842585e3907dea45c318e13657c638870da0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Host: s3.ariba.com
Connection: keep-alive
Content-Length: 1184
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
Origin: https://s3.ariba.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://s3.ariba.com/Buyer/nr/C5_UI4/Main/ad/loginPage/SSOActions
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: JSESSIONID=403B3CC8539AE7819D1ECD13A663465A.Node15app734snv
Upgrade-Insecure-Requests: 1
Origin: https://s3.ariba.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://s3.ariba.com/Buyer/nr/C5_UI4/Main/ad/loginPage/SSOActions

Response headers

Date: Mon, 29 Mar 2021 15:32:44 GMT
Server: Apache
cache-control: no-store, no-cache, must-revalidate, private
pragma: no-cache
expires: -1
Content-Type: text/html;charset=UTF-8
Set-Cookie: AWSSOAU=; path=/Buyer/Main/ad; secure; HttpOnly; expires=Tue, 10-Oct-2000 10:10:10 GMT AWSSOSL=; path=/Buyer/Main/ad; secure; HttpOnly; expires=Tue, 10-Oct-2000 10:10:10 GMT AWSSOPT=; path=/Buyer/Main/ad; secure; HttpOnly; expires=Tue, 10-Oct-2000 10:10:10 GMT AWSSOAI=; path=/; secure; HttpOnly; expires=Tue, 10-Oct-2000 10:10:10 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1891
Keep-Alive: timeout=30, max=95
Connection: Keep-Alive
Strict-Transport-Security: max-age=31536000

POST
H/1.1 200
OK Cookie set sso Show response
idpprod.nc.gov/nidp/saml2/ 426 B
796 B 731ms
119ms Document
text/html 204.211.136.231
NCIH

General

Check archive.org

Show headers Download Go to

Full URL: https://idpprod.nc.gov:8443/nidp/saml2/sso?ret=https%3A%2F%2Fs3.ariba.com%2FBuyer%2FMain%2Fad%2FsamlAuth%2FSSOActions%3Frealm%3Dncgov&externalSite=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.211.136.231 Hope Mills, United States, ASN6559 (NCIH, US),
Reverse DNS: idpprod.nc.gov
Software: Apache-Coyote/1.1 /
Resource Hash: 1fa830bdfb31cb5ab2afdde7f44026fca4e2c944d7d897ad9e0ea117da91c8f2

Request headers

Host: idpprod.nc.gov:8443
Connection: keep-alive
Content-Length: 2368
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
Origin: https://s3.ariba.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://s3.ariba.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
Origin: https://s3.ariba.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://s3.ariba.com/

Response headers

Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=7E745D7267A16661839629D1733438FC; Path=/nidp; Secure; HttpOnly UrnNovellNidpClusterMemberId=~03~02fdc~1E~16~17kww~0B; Path=/nidp; Secure; HttpOnly
Pragma: No-cache
Cache-Control: no-cache
Content-Type: text/html;charset=UTF-8
Content-Length: 426
Date: Mon, 29 Mar 2021 15:32:46 GMT

POST
H/1.1 200
OK Primary Request sso Show response
idpprod.nc.gov/nidp/saml2/ 8 KB
8 KB 120ms
119ms Document
text/html 204.211.136.231
NCIH

General

Check archive.org

Show headers Download Go to

Full URL: https://idpprod.nc.gov:8443/nidp/saml2/sso?id=6&sid=0&option=credential&sid=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.211.136.231 Hope Mills, United States, ASN6559 (NCIH, US),
Reverse DNS: idpprod.nc.gov
Software: Apache-Coyote/1.1 /
Resource Hash: 7deca890f330ca03d2c1de90b6600874fdff5a779c2ee63c38a0deb49f1aaf59

Request headers

Host: idpprod.nc.gov:8443
Connection: keep-alive
Content-Length: 0
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
Origin: https://idpprod.nc.gov:8443
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://idpprod.nc.gov:8443/nidp/saml2/sso?ret=https%3A%2F%2Fs3.ariba.com%2FBuyer%2FMain%2Fad%2FsamlAuth%2FSSOActions%3Frealm%3Dncgov&externalSite=true
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: JSESSIONID=7E745D7267A16661839629D1733438FC; UrnNovellNidpClusterMemberId=~03~02fdc~1E~16~17kww~0B
Upgrade-Insecure-Requests: 1
Origin: https://idpprod.nc.gov:8443
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://idpprod.nc.gov:8443/nidp/saml2/sso?ret=https%3A%2F%2Fs3.ariba.com%2FBuyer%2FMain%2Fad%2FsamlAuth%2FSSOActions%3Frealm%3Dncgov&externalSite=true

Response headers

Server: Apache-Coyote/1.1
via-ESP: null,NIDPLOGGING.600105004 session33-7E745D7267A16661839629D1733438FC null,NIDPLOGGING.600105004 session33-7E745D7267A16661839629D1733438FC,NIDPLOGGING.600105002 session220-7E745D7267A16661839629D1733438FC
Pragma: No-cache
Cache-Control: no-cache
Content-Type: text/html;charset=UTF-8
Content-Length: 7706
Date: Mon, 29 Mar 2021 15:32:46 GMT

GET
H/1.1 200
OK login_jsp.css
idpprod.nc.gov/nidp/css/ 642 B
867 B 119ms
117ms Stylesheet
text/css 204.211.136.231
NCIH

General

Check archive.org

Show headers Download Go to

Full URL: https://idpprod.nc.gov:8443/nidp/css/login_jsp.css
Requested by: Host: idpprod.nc.gov
URL: https://idpprod.nc.gov:8443/nidp/saml2/sso?id=6&sid=0&option=credential&sid=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.211.136.231 Hope Mills, United States, ASN6559 (NCIH, US),
Reverse DNS: idpprod.nc.gov
Software: Apache-Coyote/1.1 /
Resource Hash: 406ea3ea21407d9c71181bfa7a936c4f4d7f837a4be4fa91a54473c2c0a04ad8

Request headers

Referer: https://idpprod.nc.gov:8443/nidp/saml2/sso?id=6&sid=0&option=credential&sid=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 29 Mar 2021 15:32:46 GMT
Last-Modified: Thu, 08 Mar 2018 15:27:28 GMT
Server: Apache-Coyote/1.1
Accept-Ranges: bytes
ETag: W/"642-1520522848000"
Content-Length: 642
Content-Type: text/css

GET
H/1.1 404
Not Found jquery-1.8.2.min.js
idpprod.nc.gov/nidp/javascript/ 0
0 353ms
117ms Script
text/html 204.211.136.231
NCIH

General

Check archive.org

Show headers Download Go to

Full URL: https://idpprod.nc.gov:8443/nidp/javascript/jquery-1.8.2.min.js
Requested by: Host: idpprod.nc.gov
URL: https://idpprod.nc.gov:8443/nidp/saml2/sso?id=6&sid=0&option=credential&sid=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.211.136.231 Hope Mills, United States, ASN6559 (NCIH, US),
Reverse DNS: idpprod.nc.gov
Software: Apache-Coyote/1.1 /
Resource Hash

Request headers

Referer: https://idpprod.nc.gov:8443/nidp/saml2/sso?id=6&sid=0&option=credential&sid=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 29 Mar 2021 15:32:46 GMT
Server: Apache-Coyote/1.1
Content-Length: 120
Content-Type: text/html

GET
H/1.1 200
OK jquery.min.js Show response
idpprod.nc.gov/nidp/javascript/ 95 KB
95 KB 353ms
116ms Script
text/javascript 204.211.136.231
NCIH

General

Check archive.org

Show headers Download Go to

Full URL: https://idpprod.nc.gov:8443/nidp/javascript/jquery.min.js
Requested by: Host: idpprod.nc.gov
URL: https://idpprod.nc.gov:8443/nidp/saml2/sso?id=6&sid=0&option=credential&sid=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.211.136.231 Hope Mills, United States, ASN6559 (NCIH, US),
Reverse DNS: idpprod.nc.gov
Software: Apache-Coyote/1.1 /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

Referer: https://idpprod.nc.gov:8443/nidp/saml2/sso?id=6&sid=0&option=credential&sid=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 29 Mar 2021 15:32:46 GMT
Last-Modified: Thu, 08 Mar 2018 15:27:26 GMT
Server: Apache-Coyote/1.1
Accept-Ranges: bytes
ETag: W/"97163-1520522846000"
Content-Length: 97163
Content-Type: text/javascript

GET
H/1.1 200
OK bootstrap.min.css
idpprod.nc.gov/nidp/css/ 118 KB
119 KB 240ms
121ms Stylesheet
text/css 204.211.136.231
NCIH

General

Check archive.org

Show headers Download Go to

Full URL: https://idpprod.nc.gov:8443/nidp/css/bootstrap.min.css
Requested by: Host: idpprod.nc.gov
URL: https://idpprod.nc.gov:8443/nidp/saml2/sso?id=6&sid=0&option=credential&sid=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.211.136.231 Hope Mills, United States, ASN6559 (NCIH, US),
Reverse DNS: idpprod.nc.gov
Software: Apache-Coyote/1.1 /
Resource Hash: f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

Referer: https://idpprod.nc.gov:8443/nidp/saml2/sso?id=6&sid=0&option=credential&sid=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 29 Mar 2021 15:32:46 GMT
Last-Modified: Tue, 08 Nov 2016 14:08:57 GMT
Server: Apache-Coyote/1.1
Accept-Ranges: bytes
ETag: W/"121200-1478614137000"
Content-Length: 121200
Content-Type: text/css

GET
H/1.1 200
OK ncid_custom.css
idpprod.nc.gov/nidp/css/ 1 KB
2 KB 352ms
116ms Stylesheet
text/css 204.211.136.231
NCIH

General

Check archive.org

Show headers Download Go to

Full URL: https://idpprod.nc.gov:8443/nidp/css/ncid_custom.css
Requested by: Host: idpprod.nc.gov
URL: https://idpprod.nc.gov:8443/nidp/saml2/sso?id=6&sid=0&option=credential&sid=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.211.136.231 Hope Mills, United States, ASN6559 (NCIH, US),
Reverse DNS: idpprod.nc.gov
Software: Apache-Coyote/1.1 /
Resource Hash: 3715358ac77baabd2624a299f604f10b146d60b41ae811b1cd642f6342e82d9e

Request headers

Referer: https://idpprod.nc.gov:8443/nidp/saml2/sso?id=6&sid=0&option=credential&sid=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 29 Mar 2021 15:32:46 GMT
Last-Modified: Mon, 27 Aug 2018 19:33:47 GMT
Server: Apache-Coyote/1.1
Accept-Ranges: bytes
ETag: W/"1327-1535398427000"
Content-Length: 1327
Content-Type: text/css

GET
H/1.1 200
OK login_jsp.js Show response
idpprod.nc.gov/nidp/javascript/ 226 B
458 B 354ms
117ms Script
text/javascript 204.211.136.231
NCIH

General

Check archive.org

Show headers Download Go to

Full URL: https://idpprod.nc.gov:8443/nidp/javascript/login_jsp.js
Requested by: Host: idpprod.nc.gov
URL: https://idpprod.nc.gov:8443/nidp/saml2/sso?id=6&sid=0&option=credential&sid=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.211.136.231 Hope Mills, United States, ASN6559 (NCIH, US),
Reverse DNS: idpprod.nc.gov
Software: Apache-Coyote/1.1 /
Resource Hash: 40df1bdbef3257dd2e9d42fc273f8750de7e18a03e8dad18ab9ad33973bec13d

Request headers

Referer: https://idpprod.nc.gov:8443/nidp/saml2/sso?id=6&sid=0&option=credential&sid=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 29 Mar 2021 15:32:46 GMT
Last-Modified: Thu, 08 Mar 2018 15:27:26 GMT
Server: Apache-Coyote/1.1
Accept-Ranges: bytes
ETag: W/"226-1520522846000"
Content-Length: 226
Content-Type: text/javascript

GET
H/1.1 200
OK respond.js Show response
idpprod.nc.gov/nidp/javascript/ 10 KB
10 KB 361ms
117ms Script
text/javascript 204.211.136.231
NCIH

General

Check archive.org

Show headers Download Go to

Full URL: https://idpprod.nc.gov:8443/nidp/javascript/respond.js
Requested by: Host: idpprod.nc.gov
URL: https://idpprod.nc.gov:8443/nidp/saml2/sso?id=6&sid=0&option=credential&sid=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.211.136.231 Hope Mills, United States, ASN6559 (NCIH, US),
Reverse DNS: idpprod.nc.gov
Software: Apache-Coyote/1.1 /
Resource Hash: 2b3a2c8c64cb04fc366c855d46ef267322625b4e62ccbe17bdd66d79a7296ec6

Request headers

Referer: https://idpprod.nc.gov:8443/nidp/saml2/sso?id=6&sid=0&option=credential&sid=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 29 Mar 2021 15:32:46 GMT
Last-Modified: Thu, 08 Mar 2018 15:27:26 GMT
Server: Apache-Coyote/1.1
Accept-Ranges: bytes
ETag: W/"10164-1520522846000"
Content-Length: 10164
Content-Type: text/javascript

GET
H/1.1 200
OK ncidLogin1.png
idpprod.nc.gov/nidp/img/ 17 KB
17 KB 117ms
117ms Image
image/png 204.211.136.231
NCIH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idpprod.nc.gov:8443/nidp/img/ncidLogin1.png
Requested by: Host: idpprod.nc.gov
URL: https://idpprod.nc.gov:8443/nidp/saml2/sso?id=6&sid=0&option=credential&sid=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.211.136.231 Hope Mills, United States, ASN6559 (NCIH, US),
Reverse DNS: idpprod.nc.gov
Software: Apache-Coyote/1.1 /
Resource Hash: c4ef15f628aa5e9329f1acbd0eb8038c18dbf0d16ce89f63cfc97d55f2229c2f

Request headers

Referer: https://idpprod.nc.gov:8443/nidp/saml2/sso?id=6&sid=0&option=credential&sid=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 29 Mar 2021 15:32:46 GMT
Last-Modified: Fri, 11 Aug 2017 19:00:25 GMT
Server: Apache-Coyote/1.1
Accept-Ranges: bytes
ETag: W/"16940-1502478025000"
Content-Length: 16940
Content-Type: image/png

GET
H/1.1 200
OK ncflag.png
idpprod.nc.gov/nidp/img/ 4 KB
5 KB 117ms
117ms Image
image/png 204.211.136.231
NCIH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idpprod.nc.gov:8443/nidp/img/ncflag.png
Requested by: Host: idpprod.nc.gov
URL: https://idpprod.nc.gov:8443/nidp/saml2/sso?id=6&sid=0&option=credential&sid=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.211.136.231 Hope Mills, United States, ASN6559 (NCIH, US),
Reverse DNS: idpprod.nc.gov
Software: Apache-Coyote/1.1 /
Resource Hash: 3e2a13ec81322643a3d2c089d828e1ceafbc4d1d2c1ee9be074c5d08e694b221

Request headers

Referer: https://idpprod.nc.gov:8443/nidp/saml2/sso?id=6&sid=0&option=credential&sid=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 29 Mar 2021 15:32:47 GMT
Last-Modified: Fri, 11 Aug 2017 19:00:25 GMT
Server: Apache-Coyote/1.1
Accept-Ranges: bytes
ETag: W/"4508-1502478025000"
Content-Length: 4508
Content-Type: image/png

GET
H/1.1 200
OK sealsmall.png
idpprod.nc.gov/nidp/img/ 42 KB
42 KB 117ms
116ms Image
image/png 204.211.136.231
NCIH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idpprod.nc.gov:8443/nidp/img/sealsmall.png
Requested by: Host: idpprod.nc.gov
URL: https://idpprod.nc.gov:8443/nidp/saml2/sso?id=6&sid=0&option=credential&sid=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.211.136.231 Hope Mills, United States, ASN6559 (NCIH, US),
Reverse DNS: idpprod.nc.gov
Software: Apache-Coyote/1.1 /
Resource Hash: 7e35fd63cf9cf2eb509016d14b1f23d2e7fc19b750a1ea448d563fe6a5764776

Request headers

Referer: https://idpprod.nc.gov:8443/nidp/saml2/sso?id=6&sid=0&option=credential&sid=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 29 Mar 2021 15:32:47 GMT
Last-Modified: Fri, 11 Aug 2017 19:00:25 GMT
Server: Apache-Coyote/1.1
Accept-Ranges: bytes
ETag: W/"42944-1502478025000"
Content-Length: 42944
Content-Type: image/png

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			idpprod.nc.gov/nidp	1969-12-31 23:59:59	Name: UrnNovellNidpClusterMemberId Value: ~03~02fdc~1E~16~17kww~0B
			idpprod.nc.gov/nidp	1969-12-31 23:59:59	Name: JSESSIONID Value: 7E745D7267A16661839629D1733438FC

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

idpprod.nc.gov
s3.ariba.com
204.211.136.231
216.109.104.15
1e9ecc5a704a45acadc7017ae1e9f80d254729c7b90559453659543074640976
1fa830bdfb31cb5ab2afdde7f44026fca4e2c944d7d897ad9e0ea117da91c8f2
2b3a2c8c64cb04fc366c855d46ef267322625b4e62ccbe17bdd66d79a7296ec6
3715358ac77baabd2624a299f604f10b146d60b41ae811b1cd642f6342e82d9e
3e2a13ec81322643a3d2c089d828e1ceafbc4d1d2c1ee9be074c5d08e694b221
406ea3ea21407d9c71181bfa7a936c4f4d7f837a4be4fa91a54473c2c0a04ad8
40df1bdbef3257dd2e9d42fc273f8750de7e18a03e8dad18ab9ad33973bec13d
53d92934b170a3957ea63dfa3b26842585e3907dea45c318e13657c638870da0
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
7deca890f330ca03d2c1de90b6600874fdff5a779c2ee63c38a0deb49f1aaf59
7e35fd63cf9cf2eb509016d14b1f23d2e7fc19b750a1ea448d563fe6a5764776
b40cede62083efcd24f558888e1ff916987154a12cc95f57d56a6af29a17bae7
c4ef15f628aa5e9329f1acbd0eb8038c18dbf0d16ce89f63cfc97d55f2229c2f
f6f97828f822f06f3b1e7347448dfac8069fb79f6cdc683e6bad9e5a1e88f855
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

idpprod.nc.gov Open in urlscan Pro 204.211.136.231 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

16 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

306 kBTransfer

305 kBSize

2 Cookies

7 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

idpprod.nc.gov Open in urlscan Pro
204.211.136.231 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

306 kB
Transfer

305 kB
Size

2
Cookies

16 HTTP transactions
0 data transactions