urlscan.io logo urlscan.io
SecurityTrails logo

samba.huji.ac.il Open in urlscan Pro
128.139.30.66  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://samba.huji.ac.il/+CSCO+00756767633A2F2F6279712E706E2E756877762E6E702E7679++/samba/-CSCO-3h--clients/anyconnect-wi...
Effective URL: https://samba.huji.ac.il/+CSCOE+/logon.html
Submission: On May 07 via api from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 3 HTTP transactions. The main IP is 128.139.30.66, located in Jerusalem, Israel and belongs to MACHBA-AS ILAN, IL. The main domain is samba.huji.ac.il.
TLS certificate: Issued by TERENA SSL High Assurance CA 3 on March 17th 2019. Valid for: 2 years.
This is the only time samba.huji.ac.il was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 128.139.30.66 378 (MACHBA-AS...)
3 1
Apex Domain
Subdomains		 Transfer
4 huji.ac.il
samba.huji.ac.il
10 KB
3 1
Domain Requested by
4 samba.huji.ac.il 1 redirects samba.huji.ac.il
3 1

This site contains links to these domains. Also see Links.

Domain
ca.huji.ac.il
rap.huji.ac.il
Subject Issuer Validity Valid
samba.huji.ac.il
TERENA SSL High Assurance CA 3		 2019-03-17 -
2021-06-09		 2 years crt.sh

This page contains 2 frames:

Primary Page: https://samba.huji.ac.il/+CSCOE+/logon.html
Frame ID: 8751BA45B567A9DEF5E8B576C18AA9A2
Requests: 2 HTTP requests in this frame

Frame: https://samba.huji.ac.il/+CSCOE+/blank.html
Frame ID: BCC7435B83C97CACF2603DD0543615DC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://samba.huji.ac.il/+CSCO+00756767633A2F2F6279712E706E2E756877762E6E702E7679++/samba/-CSCO-3h--c... HTTP 302
    https://samba.huji.ac.il/+CSCOE+/logon.html Page URL

Page Statistics

3
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

10 kB
Transfer

35 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://samba.huji.ac.il/+CSCO+00756767633A2F2F6279712E706E2E756877762E6E702E7679++/samba/-CSCO-3h--clients/anyconnect-win.exe HTTP 302
    https://samba.huji.ac.il/+CSCOE+/logon.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set logon.html
samba.huji.ac.il/+CSCOE+/
Redirect Chain
  • https://samba.huji.ac.il/+CSCO+00756767633A2F2F6279712E706E2E756877762E6E702E7679++/samba/-CSCO-3h--clients/anyconnect-win.exe
  • https://samba.huji.ac.il/+CSCOE+/logon.html
11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://samba.huji.ac.il/+CSCOE+/logon.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
128.139.30.66 Jerusalem, Israel, ASN378 (MACHBA-AS ILAN, IL),
Reverse DNS
samba.huji.ac.il
Software
/
Resource Hash
70cc58e401100612bc301b95abffc23584da760b48c6f79f8221554c89c9d66c
Security Headers
Name Value
Strict-Transport-Security max-age=16070401; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Host
samba.huji.ac.il
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
csc_next=%2F%2BCSCO%2B00756767633A2F2F6279712E706E2E756877762E6E702E7679%2B%2B%2Fsamba%2Fclients%2Fanyconnect%2Dwin%2Eexe
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Content-Encoding
gzip
Cache-Control
no-store
Pragma
no-cache
Connection
Keep-Alive
Date
Thu, 07 May 2020 12:45:04 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=16070401; includeSubDomains
Set-Cookie
webvpn=; expires=Thu, 01 Jan 1970 22:00:00 GMT; path=/; secure webvpnc=; expires=Thu, 01 Jan 1970 22:00:00 GMT; path=/; secure webvpn_as=; expires=Thu, 01 Jan 1970 22:00:00 GMT; path=/; secure webvpn_portal=; expires=Thu, 01 Jan 1970 22:00:00 GMT; path=/; secure webvpnSharePoint=; expires=Thu, 01 Jan 1970 22:00:00 GMT; path=/; secure samlPreauthSessionHash=; expires=Thu, 01 Jan 1970 22:00:00 GMT; path=/; secure acSamlv2Token=; expires=Thu, 01 Jan 1970 22:00:00 GMT; path=/; secure acSamlv2Error=; expires=Thu, 01 Jan 1970 22:00:00 GMT; path=/; secure webvpnlogin=1; path=/; secure webvpnLang=en; path=/; secure

Redirect headers

Content-Type
text/html
Transfer-Encoding
chunked
Cache-Control
no-store
Pragma
no-cache
Date
Thu, 07 May 2020 12:45:04 GMT
Location
/+CSCOE+/logon.html
Set-Cookie
csc_next=%2F%2BCSCO%2B00756767633A2F2F6279712E706E2E756877762E6E702E7679%2B%2B%2Fsamba%2Fclients%2Fanyconnect%2Dwin%2Eexe; path=/; secure; HttpOnly
win.js
samba.huji.ac.il/+CSCOE+/ 		24 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://samba.huji.ac.il/+CSCOE+/win.js
Requested by
Host: samba.huji.ac.il
URL: https://samba.huji.ac.il/+CSCOE+/logon.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
128.139.30.66 Jerusalem, Israel, ASN378 (MACHBA-AS ILAN, IL),
Reverse DNS
samba.huji.ac.il
Software
/
Resource Hash
56a34d69c74856589cda233ce475e6d50a291f5190cc7313bcba5b020cd32a73
Security Headers
Name Value
Strict-Transport-Security max-age=16070401; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://samba.huji.ac.il/+CSCOE+/logon.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 07 May 2020 12:45:05 GMT
Content-Encoding
gzip
X-Frame-Options
SAMEORIGIN
Connection
Keep-Alive
Content-Type
application/javascript
Cache-Control
no-store
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=16070401; includeSubDomains
blank.html
samba.huji.ac.il/+CSCOE+/ Frame BCC7 		13 B
310 B 		Document
General
Check archive.org
Download Go to
Full URL
https://samba.huji.ac.il/+CSCOE+/blank.html
Requested by
Host: samba.huji.ac.il
URL: https://samba.huji.ac.il/+CSCOE+/logon.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
128.139.30.66 Jerusalem, Israel, ASN378 (MACHBA-AS ILAN, IL),
Reverse DNS
samba.huji.ac.il
Software
/
Resource Hash
7b4f72a40bd21934680f085afe8a30bf85acff1a8365af43102025c4ccf52b73
Security Headers
Name Value
Strict-Transport-Security max-age=16070401; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Host
samba.huji.ac.il
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://samba.huji.ac.il/+CSCOE+/logon.html
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
csc_next=%2F%2BCSCO%2B00756767633A2F2F6279712E706E2E756877762E6E702E7679%2B%2B%2Fsamba%2Fclients%2Fanyconnect%2Dwin%2Eexe; webvpnlogin=1; webvpnLang=en
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://samba.huji.ac.il/+CSCOE+/logon.html

Response headers

Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Cache-Control
no-store
Pragma
no-cache
Connection
Keep-Alive
Date
Thu, 07 May 2020 12:45:05 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=16070401; includeSubDomains

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate number| blinkCounter undefined| dap function| scrollToLogonForm function| dap_message function| blinkDapMessage function| showDapMessage function| hideDapMessage function| csco_ShowLoginForm function| csco_ShowLanguageSelector function| base64_encode function| updateLogonForm function| PrefillError number| caps number| shift object| keyset object| arVersion number| version function| fixPNG function| csco_kbdo function| csco_kbdx function| keyboardContent object| border_window object| shadow_window function| createWindow function| switchCase function| keyPressed function| setFocus function| onSubmit undefined| WEBVPN_old_onfocus function| calculateTopPosition function| calculateLeftPosition function| popupKeyboard function| hideKeyboard function| hookupKeyboard function| injectKeyboard function| createBlankWindow function| injectForm function| assignFormValues function| showWindow function| hideWindow function| stickHotspot function| AsyncRequest function| CSCO_Format function| disableButton function| validate_username function| formSubmit string| full_custom_focus_field

3 Cookies

Domain/Path Name / Value
samba.huji.ac.il/ Name: webvpnLang
Value: en
samba.huji.ac.il/ Name: webvpnlogin
Value: 1
samba.huji.ac.il/ Name: csc_next
Value: %2F%2BCSCO%2B00756767633A2F2F6279712E706E2E756877762E6E702E7679%2B%2B%2Fsamba%2Fclients%2Fanyconnect%2Dwin%2Eexe

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=16070401; includeSubDomains
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

samba.huji.ac.il
128.139.30.66
56a34d69c74856589cda233ce475e6d50a291f5190cc7313bcba5b020cd32a73
70cc58e401100612bc301b95abffc23584da760b48c6f79f8221554c89c9d66c
7b4f72a40bd21934680f085afe8a30bf85acff1a8365af43102025c4ccf52b73