sso-stage.dce.harvard.edu Open in urlscan Pro
3.229.20.81  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response sso-stage.dce.harvard.edu/	640 B 1 KB	363ms 122ms	Document text/html	3.229.20.81 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://sso-stage.dce.harvard.edu/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.229.20.81 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-229-20-81.compute-1.amazonaws.com Software / Resource Hash f3f566e149f374c72c0d4b0d12826a094397f9380998e9edc14c656234f12024 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-headers Content-Type, Authorization access-control-allow-methods GET,PUT,POST,DELETE access-control-allow-origin * cache-control private, no-cache, no-store, must-revalidate content-length 640 content-type text/html; charset=UTF-8 date Fri, 23 Jun 2023 19:58:52 GMT etag W/"280-1880f475c78" expires -1 last-modified Fri, 12 May 2023 09:25:15 GMT pragma no-cache strict-transport-security max-age=15552000; includeSubDomains x-content-type-options nosniff x-dns-prefetch-control off x-download-options noopen x-frame-options SAMEORIGIN x-request-id 8475470c-6222-464d-8b0c-d09c7bc45f69 x-xss-protection 1; mode=block
GET		dll.vendor.dev.css sso-stage.dce.harvard.edu/dll/	0 0
GET H2	200	bundle.css sso-stage.dce.harvard.edu/dev/	8 KB 8 KB	345ms 344ms	Stylesheet text/css	3.229.20.81 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://sso-stage.dce.harvard.edu/dev/bundle.css?rev=7df92cb880b890279460 Requested by Host: sso-stage.dce.harvard.edu URL: https://sso-stage.dce.harvard.edu/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.229.20.81 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-229-20-81.compute-1.amazonaws.com Software / Resource Hash 18f4159fd95fde630257c5e888ee9506ab209f085812e47ee50d78a47b89e9de Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://sso-stage.dce.harvard.edu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Fri, 23 Jun 2023 19:58:52 GMT strict-transport-security max-age=15552000; includeSubDomains x-content-type-options nosniff x-dns-prefetch-control off content-length 8052 x-xss-protection 1; mode=block x-request-id f576ac88-d8de-4848-baa0-5e8f07dfed15 pragma no-cache last-modified Fri, 12 May 2023 09:25:15 GMT etag W/"1f74-1880f475c78" x-download-options noopen x-frame-options SAMEORIGIN access-control-allow-methods GET,PUT,POST,DELETE content-type text/css; charset=UTF-8 access-control-allow-origin * cache-control private, no-cache, no-store, must-revalidate accept-ranges bytes access-control-allow-headers Content-Type, Authorization expires -1
GET H2	200	dll.vendor.dev.js Show response sso-stage.dce.harvard.edu/dll/	1 MB 1 MB	345ms 345ms	Script application/javascript	3.229.20.81 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://sso-stage.dce.harvard.edu/dll/dll.vendor.dev.js?rev=7df92cb880b890279460 Requested by Host: sso-stage.dce.harvard.edu URL: https://sso-stage.dce.harvard.edu/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.229.20.81 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-229-20-81.compute-1.amazonaws.com Software / Resource Hash cc5c2ac32f5f767610e1f35ff09234f126258bdfb095af1a38cb598c8955774e Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://sso-stage.dce.harvard.edu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Fri, 23 Jun 2023 19:58:52 GMT strict-transport-security max-age=15552000; includeSubDomains x-content-type-options nosniff x-dns-prefetch-control off content-length 1457519 x-xss-protection 1; mode=block x-request-id e771cdd0-8906-42f2-8fe9-637b9aece315 pragma no-cache last-modified Thu, 20 Apr 2023 10:16:40 GMT etag W/"163d6f-1879e2a8740" x-download-options noopen x-frame-options SAMEORIGIN access-control-allow-methods GET,PUT,POST,DELETE content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, no-cache, no-store, must-revalidate accept-ranges bytes access-control-allow-headers Content-Type, Authorization expires -1
GET H2	200	7df92cb880b890279460.bundle.js Show response sso-stage.dce.harvard.edu/dev/	194 KB 195 KB	124ms 123ms	Script application/javascript	3.229.20.81 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://sso-stage.dce.harvard.edu/dev/7df92cb880b890279460.bundle.js Requested by Host: sso-stage.dce.harvard.edu URL: https://sso-stage.dce.harvard.edu/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.229.20.81 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-229-20-81.compute-1.amazonaws.com Software / Resource Hash d021dfbbc3caf135b72a44a81a5c064efaa556f7a34f106dac4c3420bec993be Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://sso-stage.dce.harvard.edu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Fri, 23 Jun 2023 19:58:52 GMT strict-transport-security max-age=15552000; includeSubDomains x-content-type-options nosniff x-dns-prefetch-control off content-length 198381 x-xss-protection 1; mode=block x-request-id 2310ef01-63d5-4533-b436-0accd85bb0be pragma no-cache last-modified Fri, 12 May 2023 09:25:15 GMT etag W/"306ed-1880f475c78" x-download-options noopen x-frame-options SAMEORIGIN access-control-allow-methods GET,PUT,POST,DELETE content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, no-cache, no-store, must-revalidate accept-ranges bytes access-control-allow-headers Content-Type, Authorization expires -1
GET H2	200	853.7df92cb880b890279460.bundle.js Show response sso-stage.dce.harvard.edu/dev/	2 KB 2 KB	121ms 121ms	Script application/javascript	3.229.20.81 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://sso-stage.dce.harvard.edu/dev/853.7df92cb880b890279460.bundle.js Requested by Host: sso-stage.dce.harvard.edu URL: https://sso-stage.dce.harvard.edu/dev/7df92cb880b890279460.bundle.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.229.20.81 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-229-20-81.compute-1.amazonaws.com Software / Resource Hash 2ca5af1e9e6a4900d55acc2fd07593c57248c9aeced319ee986fee61d49f46b8 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://sso-stage.dce.harvard.edu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Fri, 23 Jun 2023 19:58:53 GMT strict-transport-security max-age=15552000; includeSubDomains x-content-type-options nosniff x-dns-prefetch-control off content-length 1722 x-xss-protection 1; mode=block x-request-id a69e68c5-2aec-44b3-9dcf-afbe2261a8bd pragma no-cache last-modified Fri, 12 May 2023 09:25:15 GMT etag W/"6ba-1880f475c78" x-download-options noopen x-frame-options SAMEORIGIN access-control-allow-methods GET,PUT,POST,DELETE content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, no-cache, no-store, must-revalidate accept-ranges bytes access-control-allow-headers Content-Type, Authorization expires -1
GET H2	200	dce_logo.png sso-stage.dce.harvard.edu/assets/images/	31 KB 32 KB	121ms 120ms	Image image/png	3.229.20.81 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://sso-stage.dce.harvard.edu/assets/images/dce_logo.png Requested by Host: sso-stage.dce.harvard.edu URL: https://sso-stage.dce.harvard.edu/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.229.20.81 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-229-20-81.compute-1.amazonaws.com Software / Resource Hash a8d193ff7c71c36b18b4f39ce12ac113bcbe6468df0f9759877798130004003e Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://sso-stage.dce.harvard.edu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Fri, 23 Jun 2023 19:58:53 GMT strict-transport-security max-age=15552000; includeSubDomains x-content-type-options nosniff x-dns-prefetch-control off content-length 31747 x-xss-protection 1; mode=block x-request-id 5d018631-2ccb-409c-90af-a560973c9d12 pragma no-cache last-modified Fri, 12 May 2023 09:25:15 GMT etag W/"7c03-1880f475c78" x-download-options noopen x-frame-options SAMEORIGIN access-control-allow-methods GET,PUT,POST,DELETE content-type image/png access-control-allow-origin * cache-control private, no-cache, no-store, must-revalidate accept-ranges bytes access-control-allow-headers Content-Type, Authorization expires -1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

sso-stage.dce.harvard.edu

URL

https://sso-stage.dce.harvard.edu/dll/dll.vendor.dev.css?rev=7df92cb880b890279460

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend function| vendor object| webpackChunkreactjs_frontend_app object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			sso-stage.dce.harvard.edu/	1970-01-20 12:45:51	Name: sessionId Value: s%3ArYFjFWvZ9I0UkCg1mJZx0g6uQweqILRs.yg4HyhT4pLGM72JVsqrwvXJYA3yvJcE5YVWrMaNxZb8

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://sso-stage.dce.harvard.edu/ Message: Refused to apply style from 'https://sso-stage.dce.harvard.edu/dll/dll.vendor.dev.css?rev=7df92cb880b890279460' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

sso-stage.dce.harvard.edu
sso-stage.dce.harvard.edu
3.229.20.81
18f4159fd95fde630257c5e888ee9506ab209f085812e47ee50d78a47b89e9de
2ca5af1e9e6a4900d55acc2fd07593c57248c9aeced319ee986fee61d49f46b8
a8d193ff7c71c36b18b4f39ce12ac113bcbe6468df0f9759877798130004003e
cc5c2ac32f5f767610e1f35ff09234f126258bdfb095af1a38cb598c8955774e
d021dfbbc3caf135b72a44a81a5c064efaa556f7a34f106dac4c3420bec993be
f3f566e149f374c72c0d4b0d12826a094397f9380998e9edc14c656234f12024