urlscan.io logo urlscan.io
SecurityTrails logo

sso.unc.edu Open in urlscan Pro
152.2.64.79  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://csgold.onecard.unc.edu/
Effective URL: https://sso.unc.edu/idp/profile/SAML2/Redirect/SSO?SAMLRequest=pVLPT8IwFP5Xlt5Zt4GIDSNBOEiiQhh68GK69k2adO3s6xT%2Fewc...
Submission Tags: phish.gg anti.fish automated Search All
Submission: On October 25 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 1 HTTP transactions. The main IP is 152.2.64.79, located in Morrisville, United States and belongs to UNC-CH, US. The main domain is sso.unc.edu. The Cisco Umbrella rank of the primary domain is 838399.
TLS certificate: Issued by InCommon RSA Server CA 2 on August 21st 2023. Valid for: a year.
This is the only time sso.unc.edu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 3 152.2.165.34 36850 (UNC-CH)
1 152.2.64.79 36850 (UNC-CH)
1 2
Apex Domain
Subdomains		 Transfer
4 unc.edu
csgold.onecard.unc.edu
sso.unc.edu — Cisco Umbrella Rank: 838399
10 KB
1 1
Domain Requested by
3 csgold.onecard.unc.edu 3 redirects
1 sso.unc.edu
1 2

This site contains links to these domains. Also see Links.

Domain
www.brightcloud.com
Subject Issuer Validity Valid
sso.unc.edu
InCommon RSA Server CA 2		 2023-08-21 -
2024-08-20		 a year crt.sh

This page contains 1 frames:

Primary Page: https://sso.unc.edu/idp/profile/SAML2/Redirect/SSO?SAMLRequest=pVLPT8IwFP5Xlt5Zt4GIDSNBOEiiQhh68GK69k2adO3s6xT%2FewcMJFHx4LX93vfrvSHyUldsXPu1WcJrDeiDTakNst1HSmpnmOWokBleAjIvWDa%2Bu2VJGLHKWW%2BF1SQYI4LzypqJNViX4DJwb0rAw%2FI2JWvvK2SUCnyxWobWgOBOhrURIciaZmuV51aDX4eIlm7ZE7qYZysSTBs7yvAt8RdNAzrOKlnRxkWhNLSDS5DKgfA0y%2BYkmE1T8tzv5jlAbyCTqNvvFvEgHvT6UhSX%2FArEVSwbGGINM4OeG5%2BSJEq6nTjqJBerOGFRn11cPpFg0Ya9VkYq83K%2BmXwPQnazWi06%2BzCP4HAXpAGQ0XDbL9sJu5PGz9PyQ81k9EepeCx1SE%2BU9rIVu2%2BoZ9OF1Up8BGOt7fvEAfeQkpjQA6i9B5C762g262HjW%2BOnTxPd%2BFpC8Z8YB9%2BHZZYFb43%2FpDTa%2F%2F1qkX6%2F6tEn&RelayState=ss%3Amem%3A9018d5b6f8093a2151b931174f4054ee543e5e54107878b22e1c79214ee4a2e7&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=sBvV9BkYqvCKfKV7ZQ2ffzi%2FWNZIfOn1qladea%2Fdxpudt5FsxE%2FAeWA4WBgHFOQtN6E5lNaJ5z0ql2bZGqUzKZ5eTP%2B%2Bu1Brz%2BQJ90ycVnnz1%2F68qQWY%2FfMOGt6%2BmFymxPT8ctKTGExju6s3wnn7PAURhD7f47UJ3sppTK8%2BPbjVT8ZpTZQe9EAwrXWuXQERnk4k2hki3r75do7uzF0e53myX%2Bbo4lDNTWOosYgBqxzGKKvXeIFDMpo2dH%2BIv2RcWlkZtoIjzsYzBjZZmb%2F2qvglVbi1prar%2Bbsnj0xSZ%2FABEOxwVS0Fcrk8mmuubYy9uZw8WvyL2IuncaJr8b5Zz87IZKykBSEg7bv25fmGX2Ak8%2BS%2BElJFIdyTa5M2YR%2BzcJQ1W7vGpO2VpWBxF59QUKR4ka%2FX9wi5CkBaFWrpOj1Vxqmsbjm%2B8gcPf9L4lPDHWjWiAjCZTDgbPWKR9U0Hke9uFEIjnMGGAL80WTFoAx8Dxr4VOIVFG9eFsDSBELYb
Frame ID: 5215CAD9280120F52379BA5A75FB1B27
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The University of North Carolina at Chapel Hill - Rejected Request

Page URL History Show full URLs

  1. http://csgold.onecard.unc.edu/ HTTP 302
    https://csgold.onecard.unc.edu/ HTTP 302
    https://csgold.onecard.unc.edu/login/sso.php HTTP 302
    https://sso.unc.edu/idp/profile/SAML2/Redirect/SSO?SAMLRequest=pVLPT8IwFP5Xlt5Zt4GIDSNBOEiiQhh68... Page URL

Page Statistics

1
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

2
IPs

1
Countries

8 kB
Transfer

12 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://csgold.onecard.unc.edu/ HTTP 302
    https://csgold.onecard.unc.edu/ HTTP 302
    https://csgold.onecard.unc.edu/login/sso.php HTTP 302
    https://sso.unc.edu/idp/profile/SAML2/Redirect/SSO?SAMLRequest=pVLPT8IwFP5Xlt5Zt4GIDSNBOEiiQhh68GK69k2adO3s6xT%2FewcMJFHx4LX93vfrvSHyUldsXPu1WcJrDeiDTakNst1HSmpnmOWokBleAjIvWDa%2Bu2VJGLHKWW%2BF1SQYI4LzypqJNViX4DJwb0rAw%2FI2JWvvK2SUCnyxWobWgOBOhrURIciaZmuV51aDX4eIlm7ZE7qYZysSTBs7yvAt8RdNAzrOKlnRxkWhNLSDS5DKgfA0y%2BYkmE1T8tzv5jlAbyCTqNvvFvEgHvT6UhSX%2FArEVSwbGGINM4OeG5%2BSJEq6nTjqJBerOGFRn11cPpFg0Ya9VkYq83K%2BmXwPQnazWi06%2BzCP4HAXpAGQ0XDbL9sJu5PGz9PyQ81k9EepeCx1SE%2BU9rIVu2%2BoZ9OF1Up8BGOt7fvEAfeQkpjQA6i9B5C762g262HjW%2BOnTxPd%2BFpC8Z8YB9%2BHZZYFb43%2FpDTa%2F%2F1qkX6%2F6tEn&RelayState=ss%3Amem%3A9018d5b6f8093a2151b931174f4054ee543e5e54107878b22e1c79214ee4a2e7&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=sBvV9BkYqvCKfKV7ZQ2ffzi%2FWNZIfOn1qladea%2Fdxpudt5FsxE%2FAeWA4WBgHFOQtN6E5lNaJ5z0ql2bZGqUzKZ5eTP%2B%2Bu1Brz%2BQJ90ycVnnz1%2F68qQWY%2FfMOGt6%2BmFymxPT8ctKTGExju6s3wnn7PAURhD7f47UJ3sppTK8%2BPbjVT8ZpTZQe9EAwrXWuXQERnk4k2hki3r75do7uzF0e53myX%2Bbo4lDNTWOosYgBqxzGKKvXeIFDMpo2dH%2BIv2RcWlkZtoIjzsYzBjZZmb%2F2qvglVbi1prar%2Bbsnj0xSZ%2FABEOxwVS0Fcrk8mmuubYy9uZw8WvyL2IuncaJr8b5Zz87IZKykBSEg7bv25fmGX2Ak8%2BS%2BElJFIdyTa5M2YR%2BzcJQ1W7vGpO2VpWBxF59QUKR4ka%2FX9wi5CkBaFWrpOj1Vxqmsbjm%2B8gcPf9L4lPDHWjWiAjCZTDgbPWKR9U0Hke9uFEIjnMGGAL80WTFoAx8Dxr4VOIVFG9eFsDSBELYb Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

1 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request SSO
sso.unc.edu/idp/profile/SAML2/Redirect/
Redirect Chain
  • http://csgold.onecard.unc.edu/
  • https://csgold.onecard.unc.edu/
  • https://csgold.onecard.unc.edu/login/sso.php
  • https://sso.unc.edu/idp/profile/SAML2/Redirect/SSO?SAMLRequest=pVLPT8IwFP5Xlt5Zt4GIDSNBOEiiQhh68GK69k2adO3s6xT%2FewcMJFHx4LX93vfrvSHyUldsXPu1WcJrDeiDTakNst1HSmpnmOWokBleAjIvWDa%2Bu2VJGLHKWW%2BF1SQY...
8 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sso.unc.edu/idp/profile/SAML2/Redirect/SSO?SAMLRequest=pVLPT8IwFP5Xlt5Zt4GIDSNBOEiiQhh68GK69k2adO3s6xT%2FewcMJFHx4LX93vfrvSHyUldsXPu1WcJrDeiDTakNst1HSmpnmOWokBleAjIvWDa%2Bu2VJGLHKWW%2BF1SQYI4LzypqJNViX4DJwb0rAw%2FI2JWvvK2SUCnyxWobWgOBOhrURIciaZmuV51aDX4eIlm7ZE7qYZysSTBs7yvAt8RdNAzrOKlnRxkWhNLSDS5DKgfA0y%2BYkmE1T8tzv5jlAbyCTqNvvFvEgHvT6UhSX%2FArEVSwbGGINM4OeG5%2BSJEq6nTjqJBerOGFRn11cPpFg0Ya9VkYq83K%2BmXwPQnazWi06%2BzCP4HAXpAGQ0XDbL9sJu5PGz9PyQ81k9EepeCx1SE%2BU9rIVu2%2BoZ9OF1Up8BGOt7fvEAfeQkpjQA6i9B5C762g262HjW%2BOnTxPd%2BFpC8Z8YB9%2BHZZYFb43%2FpDTa%2F%2F1qkX6%2F6tEn&RelayState=ss%3Amem%3A9018d5b6f8093a2151b931174f4054ee543e5e54107878b22e1c79214ee4a2e7&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=sBvV9BkYqvCKfKV7ZQ2ffzi%2FWNZIfOn1qladea%2Fdxpudt5FsxE%2FAeWA4WBgHFOQtN6E5lNaJ5z0ql2bZGqUzKZ5eTP%2B%2Bu1Brz%2BQJ90ycVnnz1%2F68qQWY%2FfMOGt6%2BmFymxPT8ctKTGExju6s3wnn7PAURhD7f47UJ3sppTK8%2BPbjVT8ZpTZQe9EAwrXWuXQERnk4k2hki3r75do7uzF0e53myX%2Bbo4lDNTWOosYgBqxzGKKvXeIFDMpo2dH%2BIv2RcWlkZtoIjzsYzBjZZmb%2F2qvglVbi1prar%2Bbsnj0xSZ%2FABEOxwVS0Fcrk8mmuubYy9uZw8WvyL2IuncaJr8b5Zz87IZKykBSEg7bv25fmGX2Ak8%2BS%2BElJFIdyTa5M2YR%2BzcJQ1W7vGpO2VpWBxF59QUKR4ka%2FX9wi5CkBaFWrpOj1Vxqmsbjm%2B8gcPf9L4lPDHWjWiAjCZTDgbPWKR9U0Hke9uFEIjnMGGAL80WTFoAx8Dxr4VOIVFG9eFsDSBELYb
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
152.2.64.79 Morrisville, United States, ASN36850 (UNC-CH, US),
Reverse DNS
ssop.isis.unc.edu
Software
BigIP /
Resource Hash
2c3f2a862e1ed7d3a968eeea1b9467235c8884445e70a2a386eb62704774cd4e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Length
8112
Server
BigIP

Redirect headers

Cache-Control
private,no-store,no-cache,max-age=0
Connection
Keep-Alive
Content-Length
1496
Content-Type
text/html; charset=iso-8859-1
Date
Wed, 25 Oct 2023 12:06:57 GMT
Expires
Wed, 01 Jan 1997 12:00:00 GMT
Keep-Alive
timeout=15, max=99
Location
https://sso.unc.edu/idp/profile/SAML2/Redirect/SSO?SAMLRequest=pVLPT8IwFP5Xlt5Zt4GIDSNBOEiiQhh68GK69k2adO3s6xT%2FewcMJFHx4LX93vfrvSHyUldsXPu1WcJrDeiDTakNst1HSmpnmOWokBleAjIvWDa%2Bu2VJGLHKWW%2BF1SQYI4LzypqJNViX4DJwb0rAw%2FI2JWvvK2SUCnyxWobWgOBOhrURIciaZmuV51aDX4eIlm7ZE7qYZysSTBs7yvAt8RdNAzrOKlnRxkWhNLSDS5DKgfA0y%2BYkmE1T8tzv5jlAbyCTqNvvFvEgHvT6UhSX%2FArEVSwbGGINM4OeG5%2BSJEq6nTjqJBerOGFRn11cPpFg0Ya9VkYq83K%2BmXwPQnazWi06%2BzCP4HAXpAGQ0XDbL9sJu5PGz9PyQ81k9EepeCx1SE%2BU9rIVu2%2BoZ9OF1Up8BGOt7fvEAfeQkpjQA6i9B5C762g262HjW%2BOnTxPd%2BFpC8Z8YB9%2BHZZYFb43%2FpDTa%2F%2F1qkX6%2F6tEn&RelayState=ss%3Amem%3A9018d5b6f8093a2151b931174f4054ee543e5e54107878b22e1c79214ee4a2e7&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=sBvV9BkYqvCKfKV7ZQ2ffzi%2FWNZIfOn1qladea%2Fdxpudt5FsxE%2FAeWA4WBgHFOQtN6E5lNaJ5z0ql2bZGqUzKZ5eTP%2B%2Bu1Brz%2BQJ90ycVnnz1%2F68qQWY%2FfMOGt6%2BmFymxPT8ctKTGExju6s3wnn7PAURhD7f47UJ3sppTK8%2BPbjVT8ZpTZQe9EAwrXWuXQERnk4k2hki3r75do7uzF0e53myX%2Bbo4lDNTWOosYgBqxzGKKvXeIFDMpo2dH%2BIv2RcWlkZtoIjzsYzBjZZmb%2F2qvglVbi1prar%2Bbsnj0xSZ%2FABEOxwVS0Fcrk8mmuubYy9uZw8WvyL2IuncaJr8b5Zz87IZKykBSEg7bv25fmGX2Ak8%2BS%2BElJFIdyTa5M2YR%2BzcJQ1W7vGpO2VpWBxF59QUKR4ka%2FX9wi5CkBaFWrpOj1Vxqmsbjm%2B8gcPf9L4lPDHWjWiAjCZTDgbPWKR9U0Hke9uFEIjnMGGAL80WTFoAx8Dxr4VOIVFG9eFsDSBELYb
Server
Apache
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3a79daa8b7cda0f78f0792440e72b6dbe64f44f7b8d3a993bb5eb2b6f3bd9d29

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/gif

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Domain/Path Name / Value
csgold.onecard.unc.edu/ Name: defaultlang
Value: bfg6pm6j4g4uh6efa7chaktkq9

1 Console Messages

Source Level URL
Text
network error URL: https://sso.unc.edu/idp/profile/SAML2/Redirect/SSO?SAMLRequest=pVLPT8IwFP5Xlt5Zt4GIDSNBOEiiQhh68GK69k2adO3s6xT%2FewcMJFHx4LX93vfrvSHyUldsXPu1WcJrDeiDTakNst1HSmpnmOWokBleAjIvWDa%2Bu2VJGLHKWW%2BF1SQYI4LzypqJNViX4DJwb0rAw%2FI2JWvvK2SUCnyxWobWgOBOhrURIciaZmuV51aDX4eIlm7ZE7qYZysSTBs7yvAt8RdNAzrOKlnRxkWhNLSDS5DKgfA0y%2BYkmE1T8tzv5jlAbyCTqNvvFvEgHvT6UhSX%2FArEVSwbGGINM4OeG5%2BSJEq6nTjqJBerOGFRn11cPpFg0Ya9VkYq83K%2BmXwPQnazWi06%2BzCP4HAXpAGQ0XDbL9sJu5PGz9PyQ81k9EepeCx1SE%2BU9rIVu2%2BoZ9OF1Up8BGOt7fvEAfeQkpjQA6i9B5C762g262HjW%2BOnTxPd%2BFpC8Z8YB9%2BHZZYFb43%2FpDTa%2F%2F1qkX6%2F6tEn&RelayState=ss%3Amem%3A9018d5b6f8093a2151b931174f4054ee543e5e54107878b22e1c79214ee4a2e7&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=sBvV9BkYqvCKfKV7ZQ2ffzi%2FWNZIfOn1qladea%2Fdxpudt5FsxE%2FAeWA4WBgHFOQtN6E5lNaJ5z0ql2bZGqUzKZ5eTP%2B%2Bu1Brz%2BQJ90ycVnnz1%2F68qQWY%2FfMOGt6%2BmFymxPT8ctKTGExju6s3wnn7PAURhD7f47UJ3sppTK8%2BPbjVT8ZpTZQe9EAwrXWuXQERnk4k2hki3r75do7uzF0e53myX%2Bbo4lDNTWOosYgBqxzGKKvXeIFDMpo2dH%2BIv2RcWlkZtoIjzsYzBjZZmb%2F2qvglVbi1prar%2Bbsnj0xSZ%2FABEOxwVS0Fcrk8mmuubYy9uZw8WvyL2IuncaJr8b5Zz87IZKykBSEg7bv25fmGX2Ak8%2BS%2BElJFIdyTa5M2YR%2BzcJQ1W7vGpO2VpWBxF59QUKR4ka%2FX9wi5CkBaFWrpOj1Vxqmsbjm%2B8gcPf9L4lPDHWjWiAjCZTDgbPWKR9U0Hke9uFEIjnMGGAL80WTFoAx8Dxr4VOIVFG9eFsDSBELYb
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

csgold.onecard.unc.edu
sso.unc.edu
152.2.165.34
152.2.64.79
2c3f2a862e1ed7d3a968eeea1b9467235c8884445e70a2a386eb62704774cd4e
3a79daa8b7cda0f78f0792440e72b6dbe64f44f7b8d3a993bb5eb2b6f3bd9d29