urlscan.io logo urlscan.io
SecurityTrails logo

shib.ncsu.edu Open in urlscan Pro
35.170.168.182  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://moodle-restore.delta.ncsu.edu/
Effective URL: https://shib.ncsu.edu/idp/profile/SAML2/POST/SSO?execution=e1s2
Submission: On November 01 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 3 domains to perform 17 HTTP transactions. The main IP is 35.170.168.182, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is shib.ncsu.edu. The Cisco Umbrella rank of the primary domain is 496333.
TLS certificate: Issued by InCommon RSA Server CA 2 on July 25th 2024. Valid for: a year.
This is the only time shib.ncsu.edu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    152.46.3.102 (United States)

ASN81 (NCREN, US)
PTR: p01-mdl-rstr-01.delta.ncsu.edu
moodle-restore.delta.ncsu.edu
6    35.170.168.182 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-170-168-182.compute-1.amazonaws.com
shib.ncsu.edu
7    2600:9000:26db:8e00:17:820a:e680:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.ncsu.edu
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2600:9000:2251:7c00:18:1a2e:2c00:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.ncsu.edu
Apex Domain
Subdomains		 Transfer
16 ncsu.edu
moodle-restore.delta.ncsu.edu
shib.ncsu.edu — Cisco Umbrella Rank: 496333
cdn.ncsu.edu — Cisco Umbrella Rank: 127336
www.ncsu.edu — Cisco Umbrella Rank: 373250
150 KB
2 gstatic.com
fonts.gstatic.com
22 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 412
29 KB
17 3
Domain Requested by
7 cdn.ncsu.edu shib.ncsu.edu
cdn.ncsu.edu
6 shib.ncsu.edu 2 redirects shib.ncsu.edu
2 fonts.gstatic.com cdn.ncsu.edu
2 moodle-restore.delta.ncsu.edu
1 www.ncsu.edu
1 ajax.googleapis.com shib.ncsu.edu
17 6

This site contains links to these domains. Also see Links.

Domain
go.ncsu.edu
help.ncsu.edu
oit.ncsu.edu
ncsu.edu
accessibility.ncsu.edu
www.ncsu.edu
policies.ncsu.edu
Subject Issuer Validity Valid
p20-moodle-restore-01.delta.ncsu.edu
InCommon ECC Server CA 2		 2023-12-30 -
2024-12-29		 a year crt.sh
shib.ncsu.edu
InCommon RSA Server CA 2		 2024-07-25 -
2025-08-25		 a year crt.sh
cdn.ncsu.edu
InCommon RSA Server CA 2		 2023-12-18 -
2025-01-17		 a year crt.sh
upload.video.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
www.ncsu.edu
InCommon RSA Server CA 2		 2024-01-25 -
2025-02-24		 a year crt.sh

This page contains 1 frames:

Primary Page: https://shib.ncsu.edu/idp/profile/SAML2/POST/SSO?execution=e1s2
Frame ID: C6975F4EFD3EDDDF446D770C5E303920
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

NC State Shibboleth Login

Page URL History Show full URLs

  1. https://moodle-restore.delta.ncsu.edu/ Page URL
  2. https://shib.ncsu.edu/idp/profile/SAML2/POST/SSO HTTP 302
    https://shib.ncsu.edu/idp/profile/SAML2/POST/SSO?execution=e1s1 Page URL
  3. https://shib.ncsu.edu/idp/profile/SAML2/POST/SSO?execution=e1s1 HTTP 302
    https://shib.ncsu.edu/idp/profile/SAML2/POST/SSO?execution=e1s2 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

6
Subdomains

6
IPs

2
Countries

200 kB
Transfer

391 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://moodle-restore.delta.ncsu.edu/ Page URL
  2. https://shib.ncsu.edu/idp/profile/SAML2/POST/SSO HTTP 302
    https://shib.ncsu.edu/idp/profile/SAML2/POST/SSO?execution=e1s1 Page URL
  3. https://shib.ncsu.edu/idp/profile/SAML2/POST/SSO?execution=e1s1 HTTP 302
    https://shib.ncsu.edu/idp/profile/SAML2/POST/SSO?execution=e1s2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://shib.ncsu.edu/idp/profile/SAML2/POST/SSO HTTP 302
  • https://shib.ncsu.edu/idp/profile/SAML2/POST/SSO?execution=e1s1

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
moodle-restore.delta.ncsu.edu/ 		5 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://moodle-restore.delta.ncsu.edu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
152.46.3.102 , United States, ASN81 (NCREN, US),
Reverse DNS
p01-mdl-rstr-01.delta.ncsu.edu
Software
Apache/2.4.37 (CentOS Stream) OpenSSL/1.1.1k /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Cache-Control
no-cache, no-store, must-revalidate, private
Connection
Keep-Alive
Content-Length
5387
Content-Type
text/html; charset=UTF-8
Date
Fri, 01 Nov 2024 13:03:52 GMT
Expires
01-Jan-1997 12:00:00 GMT
Keep-Alive
timeout=5, max=100
Pragma
no-cache
Server
Apache/2.4.37 (CentOS Stream) OpenSSL/1.1.1k
SSO
shib.ncsu.edu/idp/profile/SAML2/POST/
Redirect Chain
  • https://shib.ncsu.edu/idp/profile/SAML2/POST/SSO
  • https://shib.ncsu.edu/idp/profile/SAML2/POST/SSO?execution=e1s1
3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://shib.ncsu.edu/idp/profile/SAML2/POST/SSO?execution=e1s1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.170.168.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-170-168-182.compute-1.amazonaws.com
Software
Jetty(11.0.24) /
Resource Hash
022b58917dd93465780bc82645c08507757db8e591b7270f35471b86aa3b66e9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; base-uri 'none'; script-src-attr 'unsafe-hashes' 'sha256-CU5bbwwZt8WqIjaiQQa4SGuJ/yRr2WF3ekUKdF7VneY=' script-src-elem 'nonce-_7ad702a0abaa3d40d79f6d2adc4cc00a'
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://moodle-restore.delta.ncsu.edu
Referer
https://moodle-restore.delta.ncsu.edu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control
no-store
content-length
3494
content-security-policy
frame-ancestors 'none'; base-uri 'none'; script-src-attr 'unsafe-hashes' 'sha256-CU5bbwwZt8WqIjaiQQa4SGuJ/yRr2WF3ekUKdF7VneY=' script-src-elem 'nonce-_7ad702a0abaa3d40d79f6d2adc4cc00a'
content-type
text/html;charset=utf-8
date
Fri, 01 Nov 2024 13:03:52 GMT
server
Jetty(11.0.24)
strict-transport-security
max-age=31536000
x-frame-options
DENY

Redirect headers

cache-control
no-store
content-length
0
content-security-policy
frame-ancestors 'none'; base-uri 'none';
date
Fri, 01 Nov 2024 13:03:52 GMT
expires
location
https://shib.ncsu.edu/idp/profile/SAML2/POST/SSO?execution=e1s1
server
Jetty(11.0.24)
strict-transport-security
max-age=31536000
x-frame-options
DENY
favicon.ico
moodle-restore.delta.ncsu.edu/ 		5 KB
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://moodle-restore.delta.ncsu.edu/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
152.46.3.102 , United States, ASN81 (NCREN, US),
Reverse DNS
p01-mdl-rstr-01.delta.ncsu.edu
Software
Apache/2.4.37 (CentOS Stream) OpenSSL/1.1.1k /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://moodle-restore.delta.ncsu.edu/

Response headers

Cache-Control
no-cache, no-store, must-revalidate, private
Pragma
no-cache
Connection
Keep-Alive
Expires
01-Jan-1997 12:00:00 GMT
Content-Length
5387
Keep-Alive
timeout=5, max=99
Date
Fri, 01 Nov 2024 13:03:52 GMT
Content-Type
text/html; charset=UTF-8
Server
Apache/2.4.37 (CentOS Stream) OpenSSL/1.1.1k
placeholder.css
shib.ncsu.edu/idp/css/ 		15 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://shib.ncsu.edu/idp/css/placeholder.css
Requested by
Host: shib.ncsu.edu
URL: https://shib.ncsu.edu/idp/profile/SAML2/POST/SSO?execution=e1s1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.170.168.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-170-168-182.compute-1.amazonaws.com
Software
Jetty(11.0.24) /
Resource Hash
c93a51d8dd2b8a15d7ac940e6d9ac27af352b90aa4f90f4f1ba88e28dff7c1db

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://shib.ncsu.edu/idp/profile/SAML2/POST/SSO?execution=e1s1

Response headers

accept-ranges
bytes
content-length
15299
date
Fri, 01 Nov 2024 13:03:52 GMT
content-type
text/css
last-modified
Mon, 07 Oct 2024 15:13:56 GMT
server
Jetty(11.0.24)
Primary Request SSO
shib.ncsu.edu/idp/profile/SAML2/POST/
Redirect Chain
  • https://shib.ncsu.edu/idp/profile/SAML2/POST/SSO?execution=e1s1
  • https://shib.ncsu.edu/idp/profile/SAML2/POST/SSO?execution=e1s2
8 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://shib.ncsu.edu/idp/profile/SAML2/POST/SSO?execution=e1s2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.170.168.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-170-168-182.compute-1.amazonaws.com
Software
Jetty(11.0.24) /
Resource Hash
05534abd627fa5d6612b5f8b7800d0ffcbc06c698b3587a934de1ff9a88f9d83
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; base-uri 'none'; script-src-elem 'nonce-_0c1e5ee93502924e4902063d9b186c32' https://cdn.ncsu.edu https://ajax.googleapis.com
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://shib.ncsu.edu
Referer
https://shib.ncsu.edu/idp/profile/SAML2/POST/SSO?execution=e1s1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control
no-store
content-length
8084
content-security-policy
frame-ancestors 'none'; base-uri 'none'; script-src-elem 'nonce-_0c1e5ee93502924e4902063d9b186c32' https://cdn.ncsu.edu https://ajax.googleapis.com
content-type
text/html;charset=utf-8
date
Fri, 01 Nov 2024 13:03:53 GMT
server
Jetty(11.0.24)
strict-transport-security
max-age=31536000
x-frame-options
DENY

Redirect headers

cache-control
no-store
content-length
0
content-security-policy
frame-ancestors 'none'; base-uri 'none';
date
Fri, 01 Nov 2024 13:03:53 GMT
location
https://shib.ncsu.edu/idp/profile/SAML2/POST/SSO?execution=e1s2
server
Jetty(11.0.24)
strict-transport-security
max-age=31536000
x-frame-options
DENY
favicon.ico
shib.ncsu.edu/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://shib.ncsu.edu/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.170.168.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-170-168-182.compute-1.amazonaws.com
Software
Jetty(11.0.24) /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://shib.ncsu.edu/idp/profile/SAML2/POST/SSO?execution=e1s1

Response headers

cache-control
max-age=360000,public
content-length
1150
date
Fri, 01 Nov 2024 13:03:53 GMT
content-type
image/x-icon
last-modified
Thu, 24 Oct 2024 12:04:52 GMT
server
Jetty(11.0.24)
bootstrap.min.css
cdn.ncsu.edu/brand-assets/bootstrap/css/ 		124 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.ncsu.edu/brand-assets/bootstrap/css/bootstrap.min.css
Requested by
Host: shib.ncsu.edu
URL: https://shib.ncsu.edu/idp/profile/SAML2/POST/SSO?execution=e1s2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:8e00:17:820a:e680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b5ec1f60dde94e414e0c205bba2636933595c64d6a4b61baf5cd90350f9fbb04

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://shib.ncsu.edu/

Response headers

content-encoding
gzip
etag
W/"7dec41afcb2e09a5f1bfbd7ede5272eb"
age
18
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
26sBBTE8lSa17jrTrluzWAl53WusurwVYzQiIS2JZfrcObaSSBZjkw==
date
Fri, 01 Nov 2024 13:03:36 GMT
content-type
text/css
vary
Accept-Encoding
last-modified
Wed, 12 Jun 2024 13:20:11 GMT
x-amz-meta-s3cmd-attrs
atime:1718198253/ctime:1718198253/gid:108/gname:ncsu/md5:7dec41afcb2e09a5f1bfbd7ede5272eb/mode:33276/mtime:1718198253/uid:27926/uname:brabec
via
1.1 3f7bbc22c659b2b7470c819d073f58b6.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
MUC50-P3
server
AmazonS3
x-amz-server-side-encryption
AES256
style_405.css
cdn.ncsu.edu/shibboleth/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.ncsu.edu/shibboleth/css/style_405.css
Requested by
Host: shib.ncsu.edu
URL: https://shib.ncsu.edu/idp/profile/SAML2/POST/SSO?execution=e1s2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:8e00:17:820a:e680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5b62980197fdc4923ab5171bc88492dad5e09751875665d6249a1187525ee884

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://shib.ncsu.edu/

Response headers

content-encoding
gzip
etag
W/"a55b05bbbcb3dd376c08cd168dff1124"
age
2
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
Wz2a_9TsAKyIA5ybq0Pk1EkKlkW-D4NuGJlol1to3_abYAo1atQ0AA==
date
Fri, 01 Nov 2024 13:03:52 GMT
content-type
text/css
vary
accept-encoding
last-modified
Fri, 26 May 2023 14:10:25 GMT
x-amz-meta-s3cmd-attrs
atime:1685109992/ctime:1685109992/gid:108/gname:ncsu/md5:a55b05bbbcb3dd376c08cd168dff1124/mode:33276/mtime:1685109992/uid:27926/uname:brabec
via
1.1 3f7bbc22c659b2b7470c819d073f58b6.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
MUC50-P3
server
AmazonS3
x-amz-server-side-encryption
AES256
toggle.js
cdn.ncsu.edu/shibboleth/inc/ 		170 B
691 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ncsu.edu/shibboleth/inc/toggle.js
Requested by
Host: shib.ncsu.edu
URL: https://shib.ncsu.edu/idp/profile/SAML2/POST/SSO?execution=e1s2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:8e00:17:820a:e680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
85fd2cd4a855b1a6708a2c85f1b66a960a432168577fe5cd10cb2ae831d07cf7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://shib.ncsu.edu/

Response headers

x-amz-meta-s3cmd-attrs
atime:1617802450/ctime:1617802450/gid:108/gname:ncsu/md5:cc76be57d2107ee5ff5c0a8f4a9d0be3/mode:33188/mtime:1617802450/uid:27926/uname:brabec
etag
"cc76be57d2107ee5ff5c0a8f4a9d0be3"
access-control-allow-methods
GET, HEAD
via
1.1 3f7bbc22c659b2b7470c819d073f58b6.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
x-cache
RefreshHit from cloudfront
content-length
170
x-amz-cf-id
vDw2PHL9CMmp97OEgCNPTatQkyXkb4wIyYB3nykoX93ChP7n0cH6KA==
date
Fri, 01 Nov 2024 13:03:54 GMT
content-type
application/javascript
last-modified
Fri, 12 Nov 2021 16:35:07 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P3
vary
accept-encoding
ncstate-brick-2x1.jpg
cdn.ncsu.edu/brand-assets/logos/ 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ncsu.edu/brand-assets/logos/ncstate-brick-2x1.jpg
Requested by
Host: shib.ncsu.edu
URL: https://shib.ncsu.edu/idp/profile/SAML2/POST/SSO?execution=e1s2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:8e00:17:820a:e680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b223921cf364ccf6e6f54047544ee5001b9bf42d0ffd430222f5e353ba68946e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://shib.ncsu.edu/

Response headers

x-amz-meta-s3cmd-attrs
atime:1470235981/ctime:1470235981/gid:1000/gname:temp/md5:7993f902c0bbda5bb81bfe2ae761129a/mode:33188/mtime:1470235981/uid:21600/uname:csthomp2
etag
"7993f902c0bbda5bb81bfe2ae761129a"
access-control-allow-methods
GET, HEAD
via
1.1 3f7bbc22c659b2b7470c819d073f58b6.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
x-cache
RefreshHit from cloudfront
content-length
58686
x-amz-cf-id
94uuziO-BTehkDcru9-E41djRimqN7wFIeQe03szh4sKRkQb4loxoQ==
date
Fri, 01 Nov 2024 13:03:54 GMT
content-type
image/jpeg
last-modified
Thu, 18 Jan 2018 21:22:01 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P3
vary
Accept-Encoding
tower-150ppi.png
cdn.ncsu.edu/shibboleth/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ncsu.edu/shibboleth/tower-150ppi.png
Requested by
Host: shib.ncsu.edu
URL: https://shib.ncsu.edu/idp/profile/SAML2/POST/SSO?execution=e1s2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:8e00:17:820a:e680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5d76559b66ab54a9719d500f56a39c7a64480d4826cca319fdd39c751678cb52

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://shib.ncsu.edu/

Response headers

x-amz-meta-s3cmd-attrs
atime:1616448536/ctime:1616448536/gid:108/gname:ncsu/md5:0e14d351916ef84fe6e279705dcaba6b/mode:33188/mtime:1616448536/uid:27926/uname:brabec
etag
"0e14d351916ef84fe6e279705dcaba6b"
access-control-allow-methods
GET, HEAD
via
1.1 3f7bbc22c659b2b7470c819d073f58b6.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
x-cache
RefreshHit from cloudfront
content-length
1191
x-amz-cf-id
8bco8JXgxO4A9ogRxnudTJkJudMK6jKxfpZNHKTVEmu_PUT4WUu0Yg==
date
Fri, 01 Nov 2024 13:03:54 GMT
content-type
image/png
last-modified
Tue, 30 Mar 2021 13:20:53 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P3
vary
accept-encoding
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.0/ 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.0/jquery.min.js
Requested by
Host: shib.ncsu.edu
URL: https://shib.ncsu.edu/idp/profile/SAML2/POST/SSO?execution=e1s2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f284353a7cc4d97f6fe20a5155131bd43587a0f1c98a56eeaf52cff72910f47d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://shib.ncsu.edu/

Response headers

content-encoding
gzip
age
164220
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Thu, 30 Oct 2025 15:26:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Oct 2024 15:26:54 GMT
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
29478
x-xss-protection
0
server
sffe
bootstrap.min.js
cdn.ncsu.edu/brand-assets/bootstrap/js/ 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ncsu.edu/brand-assets/bootstrap/js/bootstrap.min.js
Requested by
Host: shib.ncsu.edu
URL: https://shib.ncsu.edu/idp/profile/SAML2/POST/SSO?execution=e1s2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:8e00:17:820a:e680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f82ca9c95147d2daff19bb83e99d143b87e6ebb4d49a0881f34aaaf4f678e239

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://shib.ncsu.edu/

Response headers

content-encoding
gzip
x-amz-meta-s3cmd-attrs
atime:1469715952/ctime:1469715952/gid:108/gname:ncsu/md5:0807d9353b291a9aefcfe5bbf2dfa536/mode:33188/mtime:1469715952/uid:21600/uname:csthomp2
etag
W/"0807d9353b291a9aefcfe5bbf2dfa536"
age
270
access-control-allow-methods
GET, HEAD
via
1.1 3f7bbc22c659b2b7470c819d073f58b6.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-id
u_mFAXaO-IkoVDjLHd0wb1F3bI46-_M0I49FdxwIW4wnaNo2memhUg==
date
Fri, 01 Nov 2024 13:03:54 GMT
content-type
application/javascript
last-modified
Fri, 16 Mar 2018 18:07:38 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P3
vary
Accept-Encoding
KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v29/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
Requested by
Host: cdn.ncsu.edu
URL: https://cdn.ncsu.edu/brand-assets/bootstrap/css/bootstrap.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b276a3df6dcdcd6c00183988721ddac6786ef8ffbc664e87e8c34dac70ca199
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://shib.ncsu.edu
Referer
https://cdn.ncsu.edu/

Response headers

age
164437
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 30 Oct 2025 15:23:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Oct 2024 15:23:17 GMT
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
11132
x-xss-protection
0
server
sffe
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQk6YvM.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v19/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQk6YvM.woff2
Requested by
Host: cdn.ncsu.edu
URL: https://cdn.ncsu.edu/brand-assets/bootstrap/css/bootstrap.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49a1b4e1296645aa2f513c87a0e5fe56a305a7ed678c2f6499631ec1f3b35856
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://shib.ncsu.edu
Referer
https://cdn.ncsu.edu/

Response headers

age
164442
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 30 Oct 2025 15:23:12 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Oct 2024 15:23:12 GMT
last-modified
Tue, 15 Sep 2020 18:08:42 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
10968
x-xss-protection
0
server
sffe
ncsu-icons.woff
cdn.ncsu.edu/brand-assets/icons/ 		6 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.ncsu.edu/brand-assets/icons/ncsu-icons.woff?1682537864
Requested by
Host: cdn.ncsu.edu
URL: https://cdn.ncsu.edu/brand-assets/bootstrap/css/bootstrap.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:8e00:17:820a:e680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a556ab569c49e643e27b938e048f53d89af95c53aeab395f43e6e02419664c3d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://shib.ncsu.edu
Referer
https://cdn.ncsu.edu/brand-assets/bootstrap/css/bootstrap.min.css

Response headers

etag
"3c5fe87d76b625faf6cad57a36ec15bc"
age
73
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
9u3Apn57pFI3Tjcqaw-bt9F8YmddnJWlY7MWWRgwQYrNxWrs2WNpjg==
date
Fri, 01 Nov 2024 13:03:54 GMT
content-type
application/font-woff
last-modified
Fri, 16 Mar 2018 18:07:41 GMT
vary
Accept-Encoding
x-amz-meta-s3cmd-attrs
atime:1496860112/ctime:1496860112/gid:108/gname:ncsu/md5:3c5fe87d76b625faf6cad57a36ec15bc/mode:33188/mtime:1496860112/uid:21600/uname:csthomp2
via
1.1 bc8243121fd94c5b2714caac07caccde.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
5660
x-amz-cf-pop
MUC50-P3
server
AmazonS3
favicon.ico
www.ncsu.edu/ 		27 KB
13 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.ncsu.edu/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:7c00:18:1a2e:2c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
2f07d57d8b93ece8e58b79238826df36fd306ab2e78d5943384962070d080cb7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://shib.ncsu.edu/

Response headers

x-storage
Memory
content-encoding
gzip
age
1292317
expires
Sat, 16 Nov 2024 14:05:17 GMT
x-cacheable
YES
x-varnish
15938212 884742
x-cache
Hit from cloudfront
x-amz-cf-id
2goDDqt_CYJIMR94i33UCz6J6nh0_pFEAbSHs5iEuK-sYWwR7fLIpw==
date
Thu, 17 Oct 2024 14:05:17 GMT
content-type
image/vnd.microsoft.icon
last-modified
Mon, 14 Nov 2022 14:53:57 GMT
vary
Accept-Encoding
strict-transport-security
max-age=63072000
cache-control
public, s-max-age=3600
via
1.1 varnish (Varnish/6.6), 1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
12723
x-amz-cf-pop
FRA60-P3
server
Apache

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| togglePassword function| oneClickSubmit function| $ function| jQuery

6 Cookies

Domain/Path Name / Value
moodle-restore.delta.ncsu.edu/ Name: _opensaml_req_ss%3Amem%3Ab4ff2b4f07eb67d2122c5695ce996352d202ef1e0c659cbca5cec86ce9209030
Value: _899e197892b42df38c6139bb96ca6943
moodle-restore.delta.ncsu.edu/ Name: _opensaml_req_ss%3Amem%3Afe6f22a41379456429ae74cd608056405822323a15943ff4e971cb8255a39f71
Value: _fbd8818d11ba318d4501336c02822a9c
shib.ncsu.edu/ Name: __Host-JSESSIONID
Value: node01cqmp3oqwhgzm1eebketj86vpk552509.node0
shib.ncsu.edu/ Name: AWSALB
Value: qQhWv3TkuyVcR1pWkJqKlholaZ6lOq46xjdtlSty8qK0WfMVItDvcyBXf7Ie1eRwgyzP0TtLpMuq2PTpAj9qyQOZf8v/0Kg2BjAr9Vmede4NHllD5D7c+xN+ED87
shib.ncsu.edu/ Name: AWSALBCORS
Value: qQhWv3TkuyVcR1pWkJqKlholaZ6lOq46xjdtlSty8qK0WfMVItDvcyBXf7Ie1eRwgyzP0TtLpMuq2PTpAj9qyQOZf8v/0Kg2BjAr9Vmede4NHllD5D7c+xN+ED87
www.ncsu.edu/ Name: flb
Value: iws-wsproxy-200|ZxFhO