urlscan.io logo urlscan.io
SecurityTrails logo

authentication.oit.duke.edu Open in urlscan Pro
152.3.72.142  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://authentication.oit.duke.edu/
Effective URL: https://authentication.oit.duke.edu/manager
Submission: On May 15 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 1 domains to perform 6 HTTP transactions. The main IP is 152.3.72.142, located in Durham, United States and belongs to DUKE-INTERCHANGE, US. The main domain is authentication.oit.duke.edu.
TLS certificate: Issued by COMODO RSA Extended Validation Secure... on May 18th 2018. Valid for: 2 years.
This is the only time authentication.oit.duke.edu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 5 152.3.72.142 13371 (DUKE-INTE...)
2 152.3.72.35 13371 (DUKE-INTE...)
6 3
Apex Domain
Subdomains		 Transfer
7 duke.edu
authentication.oit.duke.edu
shib.oit.duke.edu
448 KB
6 1
Domain Requested by
5 authentication.oit.duke.edu 1 redirects authentication.oit.duke.edu
shib.oit.duke.edu
2 shib.oit.duke.edu authentication.oit.duke.edu
6 2
Subject Issuer Validity Valid
authentication.oit.duke.edu
COMODO RSA Extended Validation Secure Server CA		 2018-05-18 -
2020-05-17		 2 years crt.sh
shib.oit.duke.edu
InCommon RSA Server CA		 2020-03-09 -
2022-03-09		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://authentication.oit.duke.edu/manager
Frame ID: AED5CC5702545DD90D38F78ABCA9F053
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://authentication.oit.duke.edu/ HTTP 302
    https://authentication.oit.duke.edu/manager Page URL

Detected technologies

Overall confidence: 50%
Detected patterns
  • meta csrf-param /^authenticity_token$/i
Overall confidence: 100%
Detected patterns
  • headers server /CentOS/i
Overall confidence: 100%
Detected patterns
  • headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i
Overall confidence: 50%
Detected patterns
  • meta csrf-param /^authenticity_token$/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

6
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

3
IPs

1
Countries

461 kB
Transfer

458 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://authentication.oit.duke.edu/ HTTP 302
    https://authentication.oit.duke.edu/manager Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set manager
authentication.oit.duke.edu/
Redirect Chain
  • https://authentication.oit.duke.edu/
  • https://authentication.oit.duke.edu/manager
32 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://authentication.oit.duke.edu/manager
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
152.3.72.142 Durham, United States, ASN13371 (DUKE-INTERCHANGE, US),
Reverse DNS
authentication-fitz.oit.duke.edu
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips Phusion_Passenger/5.1.1 / Phusion Passenger 5.1.1
Resource Hash
577844aea106650b4f1fade1f9e3a0ec7504c0a9dcac23a41ae38d172a21ad8d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
authentication.oit.duke.edu
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 15 May 2020 16:31:39 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips Phusion_Passenger/5.1.1
Cache-Control
max-age=0, private, must-revalidate
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Runtime
0.006712
X-Request-Id
56c8eb6c-f52e-45e8-8ddc-ae3efa49dbed
X-Powered-By
Phusion Passenger 5.1.1
Set-Cookie
_authentication_manager_session=aThpTHVycmJJWmlVMWNFWTNwWkpZYjFnWGNYOWlrWk44VlpWZUVqR2ZLaTZLUlpLYVhLblRXVHZMMytUUFpEaStGeWIxSE1GSkFFb0J0cm5WWXhzL1NLYnprdWkreGxEbVZPalhiQ2JiWG9PTm5TR1VFSm5IcVp6WmhRUUFEWXlBVCtnaWNjaFdEUFB0QkVOQU5meTFnPT0tLTdtOEhJR2w4RkdlZkFpMFRpMkFTK0E9PQ%3D%3D--a182f42d0022965f09c5852046f19cca7ec0b37d; path=/; HttpOnly
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
ETag
W/"577844aea106650b4f1fade1f9e3a0ec"
Status
200 OK
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8

Redirect headers

Date
Fri, 15 May 2020 16:31:39 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips Phusion_Passenger/5.1.1
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Location
https://authentication.oit.duke.edu/manager
Content-Length
227
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
bundle.js
shib.oit.duke.edu/idms-assets/dist/ 		380 KB
380 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shib.oit.duke.edu/idms-assets/dist/bundle.js
Requested by
Host: authentication.oit.duke.edu
URL: https://authentication.oit.duke.edu/manager
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
152.3.72.35 Durham, United States, ASN13371 (DUKE-INTERCHANGE, US),
Reverse DNS
shib-v3-fitz.oit.duke.edu
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips /
Resource Hash
9f2a43a2320db50c9cf0f75bc776cd61333c307001d6097ad531a56e3c08d961

Request headers

Referer
https://authentication.oit.duke.edu/manager
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 15 May 2020 16:31:40 GMT
Last-Modified
Mon, 28 Oct 2019 18:59:38 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips
ETag
"5eece-595fd19fa570e"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
388814
application-af1894f73f073e1bc5d73c6cdff0df6fb9c73ad5ed1f5b63241743d0a8ca7388.css
authentication.oit.duke.edu/manager/assets/ 		5 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://authentication.oit.duke.edu/manager/assets/application-af1894f73f073e1bc5d73c6cdff0df6fb9c73ad5ed1f5b63241743d0a8ca7388.css
Requested by
Host: authentication.oit.duke.edu
URL: https://authentication.oit.duke.edu/manager
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
152.3.72.142 Durham, United States, ASN13371 (DUKE-INTERCHANGE, US),
Reverse DNS
authentication-fitz.oit.duke.edu
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips Phusion_Passenger/5.1.1 /
Resource Hash
af1894f73f073e1bc5d73c6cdff0df6fb9c73ad5ed1f5b63241743d0a8ca7388
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Referer
https://authentication.oit.duke.edu/manager
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 15 May 2020 16:31:39 GMT
Last-Modified
Tue, 12 May 2020 21:19:05 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips Phusion_Passenger/5.1.1
ETag
"1215-5a57a03638440"
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
4629
application-389e4b76ed88e8bac23c5f21fdfa1017781a8eabe277d9ba2ce7a2e1819d18d8.js
authentication.oit.duke.edu/manager/assets/ 		22 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://authentication.oit.duke.edu/manager/assets/application-389e4b76ed88e8bac23c5f21fdfa1017781a8eabe277d9ba2ce7a2e1819d18d8.js
Requested by
Host: authentication.oit.duke.edu
URL: https://authentication.oit.duke.edu/manager
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
152.3.72.142 Durham, United States, ASN13371 (DUKE-INTERCHANGE, US),
Reverse DNS
authentication-fitz.oit.duke.edu
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips Phusion_Passenger/5.1.1 /
Resource Hash
389e4b76ed88e8bac23c5f21fdfa1017781a8eabe277d9ba2ce7a2e1819d18d8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Referer
https://authentication.oit.duke.edu/manager
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 15 May 2020 16:31:39 GMT
Last-Modified
Tue, 12 May 2020 21:19:05 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips Phusion_Passenger/5.1.1
ETag
"59eb-5a57a03638440"
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
23019
duke.png
shib.oit.duke.edu/idms-assets/dist/public/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shib.oit.duke.edu/idms-assets/dist/public/images/duke.png
Requested by
Host: authentication.oit.duke.edu
URL: https://authentication.oit.duke.edu/manager
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
152.3.72.35 Durham, United States, ASN13371 (DUKE-INTERCHANGE, US),
Reverse DNS
shib-v3-fitz.oit.duke.edu
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips /
Resource Hash
6bb31661e37b5ee699e98942dfa1caf981cb034113fd3fc7752de1de7646a273

Request headers

Referer
https://authentication.oit.duke.edu/manager
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 15 May 2020 16:31:40 GMT
Last-Modified
Thu, 29 Mar 2018 15:30:15 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips
ETag
"15ee-5688ecce39789"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
5614
truncated
/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3b98b0dc3bed9d40f43e64adba5de47c76895338a96f0a5a314676cd6287eca9

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
Origin
https://authentication.oit.duke.edu

Response headers

Content-Type
font/woff2
sps
authentication.oit.duke.edu/spreg/ 		207 B
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://authentication.oit.duke.edu/spreg/sps
Requested by
Host: shib.oit.duke.edu
URL: https://shib.oit.duke.edu/idms-assets/dist/bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
152.3.72.142 Durham, United States, ASN13371 (DUKE-INTERCHANGE, US),
Reverse DNS
authentication-fitz.oit.duke.edu
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips Phusion_Passenger/5.1.1 /
Resource Hash
83ffbb3affb85be9736893cfe8053d5216c54f7652ed7ca1bb5209ffc523d640
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://authentication.oit.duke.edu/manager
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 15 May 2020 16:31:41 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips Phusion_Passenger/5.1.1
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
207
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Content-Type
text/html; charset=iso-8859-1

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| setImmediate function| clearImmediate function| SearchIndex object| FontAwesomeConfig object| ___FONT_AWESOME___ object| FontAwesome function| $ function| Bloodhound function| myCallback function| validateCert function| toggleSpFields function| addSpAttribute function| addSpField function| deleteSpField function| searchPotentalMatches function| reg_logic function| fieldCheck function| radioCheck function| vendorCheck function| samlCheck function| format_groups function| validateGroups function| groupCallback function| addOauthField function| deleteOauthField function| disableOauthTokenFields function| initialOauthHideShow function| oauthCredentialsToggle function| removeFormItems function| submitOauthForm function| toggleOauthFields function| toggleRefreshTokenOptions function| validateClientId function| validateNumber function| validateOauthForm function| validateOauthCheckboxSet function| validateTextField function| isURL function| showSpErrors function| regErrorMsg function| validateSingleValueItems function| validateMultivalueItems function| checkMultiAttrPresence function| checkOwners function| checkAcs function| validateCertOnSubmit function| validateGroupsOnSubmit function| validateSpOption function| checkDuplicateReg function| getSpList function| checkNewGroups function| checkNewSpForm function| handleGroupsAndAttrs function| checkEditGroups function| checkEntityIdEdit function| checkEditSpForm undefined| oauthErrors string| pageErrors number| questionCounter undefined| newHtml object| tags

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block