GET idp.pennkey.upenn.edu/idp/profile/SAML2/Redirect/SSO?execution=e1s1
302 Found 3.4 kB URL User Request GET HTTPS
idp.pennkey.upenn.edu/idp/profile/SAML2/Redirect/SSO?execution=e1s1
IP / ASN
54.84.8.51
#14618 AMAZON-AES
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-04
Times Seen 5648691
Size 3.4 kB (3390 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Internet2
Subject weblogin.pennkey.upenn.edu
Fingerprint CE:02:F2:7F:D3:F6:AE:45:0D:21:84:6F:96:40:A8:20:CA:53:F9:06
Validity Sun, 01 Jun 2025 00:00:00 GMT - Mon, 01 Jun 2026 23:59:59 GMT
GET /idp/profile/SAML2/Redirect/SSO?execution=e1s1 HTTP/1.1
Host: idp.pennkey.upenn.edu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID=53E78ADB0708393F0D138903FF070439
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Sun, 20 Jul 2025 07:16:49 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Location: https://weblogin.pennkey.upenn.edu/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Content-Length: 264
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
GET weblogin.pennkey.upenn.edu/idp/profile/SAML2/Redirect/SSO?execution=e1s1
200 200 3.4 kB URL User Request GET HTTPS
weblogin.pennkey.upenn.edu/idp/profile/SAML2/Redirect/SSO?execution=e1s1
IP / ASN
54.84.8.51
#14618 AMAZON-AES
Resource Info
File type HTML document, ASCII text
First Seen 2025-06-08
Last Seen 2025-07-20
Times Seen 2
Size 3.4 kB (3390 bytes)
MD5 e51c0775d0e94d93d4608def224dc8ee
SHA1 4b9ddeb2f86065d8d8f58993b2e47caa4621938b
SHA256 a13254e72719143d1cf0af70a4aa04997cace18347207e547b1872c87ffb1bea
Certificate Info
Issuer Internet2
Subject weblogin.pennkey.upenn.edu
Fingerprint CE:02:F2:7F:D3:F6:AE:45:0D:21:84:6F:96:40:A8:20:CA:53:F9:06
Validity Sun, 01 Jun 2025 00:00:00 GMT - Mon, 01 Jun 2026 23:59:59 GMT
GET /idp/profile/SAML2/Redirect/SSO?execution=e1s1 HTTP/1.1
Host: weblogin.pennkey.upenn.edu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID=53E78ADB0708393F0D138903FF070439
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 200
Date: Sun, 20 Jul 2025 07:16:49 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Cache-Control: no-store
Content-Type: text/html;charset=utf-8
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
302 Found 3.4 kB URL User Request GET HTTP
upennhub.org/
IP / ASN
162.255.119.100
#22612 NAMECHEAP-NET
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-04
Times Seen 5648691
Size 3.4 kB (3390 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert suricata low ET INFO Namecheap URL Forward
suricata low ET INFO Namecheap URL Forward
GET / HTTP/1.1
Host: upennhub.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Sun, 20 Jul 2025 07:16:48 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 48
Connection: keep-alive
Location: https://canvas.upenn.edu/
X-Served-By: Namecheap URL Forward
Server: namecheap-nginx
GET canvas.upenn.edu/login/saml
302 Found 3.4 kB URL User Request GET HTTPS
canvas.upenn.edu/login/saml
IP / ASN
35.172.38.110
#14618 AMAZON-AES
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-04
Times Seen 5648691
Size 3.4 kB (3390 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Let's Encrypt
Subject canvas.upenn.edu
Fingerprint 97:47:64:96:73:16:B4:9B:78:32:6F:EB:F3:3D:A7:8A:31:5B:FB:8A
Validity Mon, 07 Jul 2025 00:55:29 GMT - Sun, 05 Oct 2025 00:55:28 GMT
GET /login/saml HTTP/1.1
Host: canvas.upenn.edu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: _csrf_token=oP1MRIvdKXG1k0r7jxO9CGssoMGvQ5nZF%2BLSa3PyjmD4hz03%2FLxOQNHDEMvYe%2FVKD12UqtV06JN2qaIYI5fnWQ%3D%3D; log_session_id=ce5ff23ea8649a651f9f4a3c9618eb82; _legacy_normandy_session=CXI-bnju8ldWc4YkTWYadA.FlJ-IcwRCNgVUItmd4dQKE9v21U3JwbtLH-mOhrisaHaGge0aISkXbB7cNVMhb1sRG3iFVfqOAc8Imens0j5KolyGXI4IFDelqDCSyXk5Dtu7Ijilbg7K4-TQkyXdMXLtIJYfsRBUdtxFekkDAH_ew.8I7maaEB0XKY07VCc3z-H7uA0vI.aHyX4A; canvas_session=CXI-bnju8ldWc4YkTWYadA.FlJ-IcwRCNgVUItmd4dQKE9v21U3JwbtLH-mOhrisaHaGge0aISkXbB7cNVMhb1sRG3iFVfqOAc8Imens0j5KolyGXI4IFDelqDCSyXk5Dtu7Ijilbg7K4-TQkyXdMXLtIJYfsRBUdtxFekkDAH_ew.8I7maaEB0XKY07VCc3z-H7uA0vI.aHyX4A
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Sun, 20 Jul 2025 07:16:49 GMT
content-type: text/html; charset=utf-8
location: https://idp.pennkey.upenn.edu/idp/profile/SAML2/Redirect/SSO?SAMLRequest=fVNNj9MwEL3zKyLfE6dR2GyttlJphai0sFVTOHBBjj3ZtXDs4LGX7r%2FHSVvIge0tmpk378OTBfJO92wd%2FLM5wK8A6JNTpw2ysbEkwRlmOSpkhneAzAtWrz8%2FsCLLWe%2Bst8JqMoHcRnBEcF5ZQ5Lddkl%2BFHIO86aUKeQ5T0tZFWlT3c9S0d5XedMUdyUvSfINHEbMksQVEYgYYGfQc%2BNjKS%2Fep3mVFvkxr9jsjpXz7yTZRh%2FKcD%2Binr3vkVGqZJ%2F1YMxPeM3C8JGBDEOVRiOt0kAHnQU9gFQOhKd1%2FUiS9VXyxhoMHbga3IsS8PXw8G%2B14OaF42Srtk%2FK0CEQkuwvMX1QRirzdDuh5jyE7NPxuE%2F3j%2FWRrBbDHjb6dquBMjKeqVSMwQXhg4NM2G4kLBZ0Or84v%2FCXyLTb7q1W4jX5aF3H%2FdtCZtlsrCiZtuMoCwZ7EKpVIGMkWtvfGwfcw5JEfiD0SnO5IZDjRcXIPJx8srFdz53C4TXgxIW%2FeppObXS8jgO0q5sHJJgY5mJ5Iuni%2BL%2Fbzr03lP3tTn%2BA1bs%2F
server: Apache
x-session-id: ce5ff23ea8649a651f9f4a3c9618eb82
x-request-context-id: b3716b42-f285-4c96-83e9-4cda31268a45
vary: Accept-Encoding
content-encoding: br
x-canvas-meta: q=5848;a=96678;g=iSEp4yPWglXrea6ydolZgTRVSAJt0vfsUKzJp9hS;s=25;c=cluster20;z=us-east-1e;o=login/saml;n=new;st=ce8c7a4e93da49659615e95c4aafbc13-cc06f5f4b2d845b2-0;b=2052356;m=2052356;u=0.03;y=0.00;d=0.00;
pragma: no-cache
content-security-policy: frame-ancestors 'self' canvas.upenn.edu wharton.instructure.com wharton.staging.instructure.com wharton.beta.instructure.com wharton.test.instructure.com penngse.instructure.com penngse.staging.instructure.com penngse.beta.instructure.com penngse.test.instructure.com upenn.instructure.com upenn.staging.instructure.com upenn.beta.instructure.com upenn.test.instructure.com;
cache-control: no-store
strict-transport-security: max-age=63072000
referrer-policy: no-referrer-when-downgrade
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-download-options: noopen
x-runtime: 0.043968
x-content-type-options: nosniff
set-cookie: _csrf_token=b1jfB1iEZppz8mJPskX3%2FbUfImlfLWvxCEa%2BBx8ARho3Iq50L%2BUBqxeiOH%2FlLb%2B%2F0W4WAiUaGrtpDc50T2UvIw%3D%3D; path=/; secure
log_session_id=ce5ff23ea8649a651f9f4a3c9618eb82; path=/; secure; httponly
x-request-processor: 00f167851696136e6
x-a11y-ally: Dana Danger Grey
status: 302 Found
p3p: CP="None, see http://www.instructure.com/privacy-policy"
X-Firefox-Spdy: h2
GET canvas.upenn.edu/login
302 Found 3.4 kB URL User Request GET HTTPS
canvas.upenn.edu/login
IP / ASN
35.172.38.110
#14618 AMAZON-AES
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-04
Times Seen 5648691
Size 3.4 kB (3390 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Let's Encrypt
Subject canvas.upenn.edu
Fingerprint 97:47:64:96:73:16:B4:9B:78:32:6F:EB:F3:3D:A7:8A:31:5B:FB:8A
Validity Mon, 07 Jul 2025 00:55:29 GMT - Sun, 05 Oct 2025 00:55:28 GMT
GET /login HTTP/1.1
Host: canvas.upenn.edu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: _csrf_token=dCDyjW%2BJZQjQ%2BStisG6k4ufIS6%2FIY28ITFSLFrntz1gsWoP%2BGOgCObSpcVLnBuygg7l%2FxLJUHkItH%2Ftl6YimYQ%3D%3D; log_session_id=ce5ff23ea8649a651f9f4a3c9618eb82; _legacy_normandy_session=CXI-bnju8ldWc4YkTWYadA.FlJ-IcwRCNgVUItmd4dQKE9v21U3JwbtLH-mOhrisaHaGge0aISkXbB7cNVMhb1sRG3iFVfqOAc8Imens0j5KolyGXI4IFDelqDCSyXk5Dtu7Ijilbg7K4-TQkyXdMXLtIJYfsRBUdtxFekkDAH_ew.8I7maaEB0XKY07VCc3z-H7uA0vI.aHyX4A; canvas_session=CXI-bnju8ldWc4YkTWYadA.FlJ-IcwRCNgVUItmd4dQKE9v21U3JwbtLH-mOhrisaHaGge0aISkXbB7cNVMhb1sRG3iFVfqOAc8Imens0j5KolyGXI4IFDelqDCSyXk5Dtu7Ijilbg7K4-TQkyXdMXLtIJYfsRBUdtxFekkDAH_ew.8I7maaEB0XKY07VCc3z-H7uA0vI.aHyX4A
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Sun, 20 Jul 2025 07:16:48 GMT
content-type: text/html; charset=utf-8
location: https://canvas.upenn.edu/login/saml
server: Apache
x-session-id: ce5ff23ea8649a651f9f4a3c9618eb82
x-request-context-id: 533d76cf-3dcc-4a74-962e-3505db2b6018
vary: Accept-Encoding
content-encoding: br
x-canvas-meta: q=6253;a=96678;g=iSEp4yPWglXrea6ydolZgTRVSAJt0vfsUKzJp9hS;s=25;c=cluster20;z=us-east-1c;o=login;n=new;st=7575f5b2187f473eafa32a3aab8f9bbb-8b08c8be2cc34b7b-0;b=1917636;m=1917636;u=0.01;y=0.00;d=0.00;
pragma: no-cache
content-security-policy: frame-ancestors 'self' canvas.upenn.edu wharton.instructure.com wharton.staging.instructure.com wharton.beta.instructure.com wharton.test.instructure.com penngse.instructure.com penngse.staging.instructure.com penngse.beta.instructure.com penngse.test.instructure.com upenn.instructure.com upenn.staging.instructure.com upenn.beta.instructure.com upenn.test.instructure.com;
cache-control: no-store
strict-transport-security: max-age=63072000
referrer-policy: no-referrer-when-downgrade
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-download-options: noopen
x-runtime: 0.027628
x-content-type-options: nosniff
set-cookie: _csrf_token=oP1MRIvdKXG1k0r7jxO9CGssoMGvQ5nZF%2BLSa3PyjmD4hz03%2FLxOQNHDEMvYe%2FVKD12UqtV06JN2qaIYI5fnWQ%3D%3D; path=/; secure
log_session_id=ce5ff23ea8649a651f9f4a3c9618eb82; path=/; secure; httponly
x-request-processor: 00db0ca6c115dea70
x-a11y-ally: Dana Danger Grey
status: 302 Found
p3p: CP="None, see http://www.instructure.com/privacy-policy"
X-Firefox-Spdy: h2
GET idp.pennkey.upenn.edu/idp/profile/SAML2/Redirect/SSO?SAMLRequest=fVNNj9MwEL3zKyLfE6dR2GyttlJphai0sFVTOHBBjj3ZtXDs4LGX7r%2FHSVvIge0tmpk378OTBfJO92wd%2FLM5wK8A6JNTpw2ysbEkwRlmOSpkhneAzAtWrz8%2FsCLLWe%2Bst8JqMoHcRnBEcF5ZQ5Lddkl%2BFHIO86aUKeQ5T0tZFWlT3c9S0d5XedMUdyUvSfINHEbMksQVEYgYYGfQc%2BNjKS%2Fep3mVFvkxr9jsjpXz7yTZRh%2FKcD%2Binr3vkVGqZJ%2F1YMxPeM3C8JGBDEOVRiOt0kAHnQU9gFQOhKd1%2FUiS9VXyxhoMHbga3IsS8PXw8G%2B14OaF42Srtk%2FK0CEQkuwvMX1QRirzdDuh5jyE7NPxuE%2F3j%2FWRrBbDHjb6dquBMjKeqVSMwQXhg4NM2G4kLBZ0Or84v%2FCXyLTb7q1W4jX5aF3H%2FdtCZtlsrCiZtuMoCwZ7EKpVIGMkWtvfGwfcw5JEfiD0SnO5IZDjRcXIPJx8srFdz53C4TXgxIW%2FeppObXS8jgO0q5sHJJgY5mJ5Iuni%2BL%2Fbzr03lP3tTn%2BA1bs%2F
302 302 3.4 kB URL User Request GET HTTPS
idp.pennkey.upenn.edu/idp/profile/SAML2/Redirect/SSO?SAMLRequest=fVNNj9MwEL3zKyLfE6dR2GyttlJphai0sFVTOHBBjj3ZtXDs4LGX7r%2FHSVvIge0tmpk378OTBfJO92wd%2FLM5wK8A6JNTpw2ysbEkwRlmOSpkhneAzAtWrz8%2FsCLLWe%2Bst8JqMoHcRnBEcF5ZQ5Lddkl%2BFHIO86aUKeQ5T0tZFWlT3c9S0d5XedMUdyUvSfINHEbMksQVEYgYYGfQc%2BNjKS%2Fep3mVFvkxr9jsjpXz7yTZRh%2FKcD%2Binr3vkVGqZJ%2F1YMxPeM3C8JGBDEOVRiOt0kAHnQU9gFQOhKd1%2FUiS9VXyxhoMHbga3IsS8PXw8G%2B14OaF42Srtk%2FK0CEQkuwvMX1QRirzdDuh5jyE7NPxuE%2F3j%2FWRrBbDHjb6dquBMjKeqVSMwQXhg4NM2G4kLBZ0Or84v%2FCXyLTb7q1W4jX5aF3H%2FdtCZtlsrCiZtuMoCwZ7EKpVIGMkWtvfGwfcw5JEfiD0SnO5IZDjRcXIPJx8srFdz53C4TXgxIW%2FeppObXS8jgO0q5sHJJgY5mJ5Iuni%2BL%2Fbzr03lP3tTn%2BA1bs%2F
IP / ASN
54.84.8.51
#14618 AMAZON-AES
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-04
Times Seen 5648691
Size 3.4 kB (3390 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Internet2
Subject weblogin.pennkey.upenn.edu
Fingerprint CE:02:F2:7F:D3:F6:AE:45:0D:21:84:6F:96:40:A8:20:CA:53:F9:06
Validity Sun, 01 Jun 2025 00:00:00 GMT - Mon, 01 Jun 2026 23:59:59 GMT
GET /idp/profile/SAML2/Redirect/SSO?SAMLRequest=fVNNj9MwEL3zKyLfE6dR2GyttlJphai0sFVTOHBBjj3ZtXDs4LGX7r%2FHSVvIge0tmpk378OTBfJO92wd%2FLM5wK8A6JNTpw2ysbEkwRlmOSpkhneAzAtWrz8%2FsCLLWe%2Bst8JqMoHcRnBEcF5ZQ5Lddkl%2BFHIO86aUKeQ5T0tZFWlT3c9S0d5XedMUdyUvSfINHEbMksQVEYgYYGfQc%2BNjKS%2Fep3mVFvkxr9jsjpXz7yTZRh%2FKcD%2Binr3vkVGqZJ%2F1YMxPeM3C8JGBDEOVRiOt0kAHnQU9gFQOhKd1%2FUiS9VXyxhoMHbga3IsS8PXw8G%2B14OaF42Srtk%2FK0CEQkuwvMX1QRirzdDuh5jyE7NPxuE%2F3j%2FWRrBbDHjb6dquBMjKeqVSMwQXhg4NM2G4kLBZ0Or84v%2FCXyLTb7q1W4jX5aF3H%2FdtCZtlsrCiZtuMoCwZ7EKpVIGMkWtvfGwfcw5JEfiD0SnO5IZDjRcXIPJx8srFdz53C4TXgxIW%2FeppObXS8jgO0q5sHJJgY5mJ5Iuni%2BL%2Fbzr03lP3tTn%2BA1bs%2F HTTP/1.1
Host: idp.pennkey.upenn.edu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 302
Date: Sun, 20 Jul 2025 07:16:49 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Cache-Control: no-store
Set-Cookie: JSESSIONID=53E78ADB0708393F0D138903FF070439; Domain=pennkey.upenn.edu; Path=/; Secure; HttpOnly; SameSite=None
Location: /idp/profile/SAML2/Redirect/SSO?execution=e1s1
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
GET weblogin.pennkey.upenn.edu/idp/images/PennLogo2.png
200 200 11 kB URL GET HTTPS
weblogin.pennkey.upenn.edu/idp/images/PennLogo2.png
IP / ASN
54.84.8.51
#14618 AMAZON-AES
Requested by https://weblogin.pennkey.upenn.edu/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Resource Info
File type PNG image data, 240 x 78, 8-bit/color RGBA, non-interlaced
First Seen 2025-06-08
Last Seen 2025-07-20
Times Seen 2
Size 11 kB (11294 bytes)
MD5 b6794537b448ef26b3829530838e267f
SHA1 caacebc57acfc2b9f9ed5e47a87694c0db25fd97
SHA256 2f07da6c45a93bd99a27695a32d898073e0c7c6cfe27c2af65a3cda6c54e14ef
Certificate Info
Issuer Internet2
Subject weblogin.pennkey.upenn.edu
Fingerprint CE:02:F2:7F:D3:F6:AE:45:0D:21:84:6F:96:40:A8:20:CA:53:F9:06
Validity Sun, 01 Jun 2025 00:00:00 GMT - Mon, 01 Jun 2026 23:59:59 GMT
GET /idp/images/PennLogo2.png HTTP/1.1
Host: weblogin.pennkey.upenn.edu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weblogin.pennkey.upenn.edu/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Cookie: JSESSIONID=53E78ADB0708393F0D138903FF070439
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 200
Date: Sun, 20 Jul 2025 07:16:50 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Cache-Control: private
Accept-Ranges: bytes
ETag: W/"11294-1699960430000"
Last-Modified: Tue, 14 Nov 2023 11:13:50 GMT
Content-Type: image/png;charset=UTF-8
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
GET weblogin.pennkey.upenn.edu/idp/css/main.css?v=1698961469
200 200 12 kB URL GET HTTPS
weblogin.pennkey.upenn.edu/idp/css/main.css?v=1698961469
IP / ASN
54.84.8.51
#14618 AMAZON-AES
Requested by https://weblogin.pennkey.upenn.edu/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Resource Info
File type ASCII text, with CRLF line terminators
First Seen 2025-06-08
Last Seen 2025-07-20
Times Seen 2
Size 12 kB (12508 bytes)
MD5 70be726506002739768c1239881fb47a
SHA1 a97cd76b2dfc8a15caaa6de0e3bd21c47dc2eb76
SHA256 1876d332ac8fb12ccf3f7fe927ff7cf0877675872be36ea0521cec5c31be599f
Certificate Info
Issuer Internet2
Subject weblogin.pennkey.upenn.edu
Fingerprint CE:02:F2:7F:D3:F6:AE:45:0D:21:84:6F:96:40:A8:20:CA:53:F9:06
Validity Sun, 01 Jun 2025 00:00:00 GMT - Mon, 01 Jun 2026 23:59:59 GMT
GET /idp/css/main.css?v=1698961469 HTTP/1.1
Host: weblogin.pennkey.upenn.edu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weblogin.pennkey.upenn.edu/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Cookie: JSESSIONID=53E78ADB0708393F0D138903FF070439
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 200
Date: Sun, 20 Jul 2025 07:16:50 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Cache-Control: private
Accept-Ranges: bytes
ETag: W/"12508-1699976414000"
Last-Modified: Tue, 14 Nov 2023 15:40:14 GMT
Content-Type: text/css;charset=UTF-8
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
GET weblogin.pennkey.upenn.edu/favicon.ico
200 OK 15 kB URL GET HTTPS
weblogin.pennkey.upenn.edu/favicon.ico
IP / ASN
54.84.8.51
#14618 AMAZON-AES
Requested by https://weblogin.pennkey.upenn.edu/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Resource Info
File type MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
First Seen 2025-06-08
Last Seen 2025-07-20
Times Seen 2
Size 15 kB (15086 bytes)
MD5 d127bbe065330e1df5f80e0ed5a9228b
SHA1 a24815e3cdfdd78639f73adcc95672977786772b
SHA256 c95a874680057e09d8762897099a277480d54379c3ece0b1237d4040be5d7ccb
Certificate Info
Issuer Internet2
Subject weblogin.pennkey.upenn.edu
Fingerprint CE:02:F2:7F:D3:F6:AE:45:0D:21:84:6F:96:40:A8:20:CA:53:F9:06
Validity Sun, 01 Jun 2025 00:00:00 GMT - Mon, 01 Jun 2026 23:59:59 GMT
GET /favicon.ico HTTP/1.1
Host: weblogin.pennkey.upenn.edu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weblogin.pennkey.upenn.edu/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Cookie: JSESSIONID=53E78ADB0708393F0D138903FF070439
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 20 Jul 2025 07:16:50 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Wed, 05 Dec 2018 17:09:02 GMT
ETag: "3aee-57c49704b6780"
Accept-Ranges: bytes
Content-Length: 15086
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/vnd.microsoft.icon
0 B URL User Request GET HTTP
upennhub.org/
IP / ASN
0.0.0.0
#0
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-04
Times Seen 5648691
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert suricata low ET INFO Namecheap URL Forward
suricata low ET INFO Namecheap URL Forward
GET / HTTP/1.1
Host: upennhub.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
302 Found 3.4 kB URL User Request GET HTTPS
canvas.upenn.edu/
IP / ASN
35.172.38.110
#14618 AMAZON-AES
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-04
Times Seen 5648691
Size 3.4 kB (3390 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Let's Encrypt
Subject canvas.upenn.edu
Fingerprint 97:47:64:96:73:16:B4:9B:78:32:6F:EB:F3:3D:A7:8A:31:5B:FB:8A
Validity Mon, 07 Jul 2025 00:55:29 GMT - Sun, 05 Oct 2025 00:55:28 GMT
GET / HTTP/1.1
Host: canvas.upenn.edu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Sun, 20 Jul 2025 07:16:48 GMT
content-type: text/html; charset=utf-8
location: https://canvas.upenn.edu/login
server: Apache
x-session-id: ce5ff23ea8649a651f9f4a3c9618eb82
x-request-context-id: 81f9ecbd-972a-4081-a77d-221bda3beae9
vary: Accept-Encoding
content-encoding: br
x-rate-limit-remaining: 700.0
x-canvas-meta: q=6005;a=96678;g=iSEp4yPWglXrea6ydolZgTRVSAJt0vfsUKzJp9hS;s=25;c=cluster20;z=us-east-1b;b=2177668;m=2177668;u=0.01;y=0.00;d=0.00;
x-request-cost: 0.008659000000079686
cache-control: no-cache
strict-transport-security: max-age=63072000
referrer-policy: no-referrer-when-downgrade
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-download-options: noopen
x-runtime: 0.017809
x-content-type-options: nosniff
set-cookie: _csrf_token=dCDyjW%2BJZQjQ%2BStisG6k4ufIS6%2FIY28ITFSLFrntz1gsWoP%2BGOgCObSpcVLnBuygg7l%2FxLJUHkItH%2Ftl6YimYQ%3D%3D; path=/; secure
log_session_id=ce5ff23ea8649a651f9f4a3c9618eb82; path=/; secure; httponly
_legacy_normandy_session=CXI-bnju8ldWc4YkTWYadA.FlJ-IcwRCNgVUItmd4dQKE9v21U3JwbtLH-mOhrisaHaGge0aISkXbB7cNVMhb1sRG3iFVfqOAc8Imens0j5KolyGXI4IFDelqDCSyXk5Dtu7Ijilbg7K4-TQkyXdMXLtIJYfsRBUdtxFekkDAH_ew.8I7maaEB0XKY07VCc3z-H7uA0vI.aHyX4A; path=/; secure; httponly
canvas_session=CXI-bnju8ldWc4YkTWYadA.FlJ-IcwRCNgVUItmd4dQKE9v21U3JwbtLH-mOhrisaHaGge0aISkXbB7cNVMhb1sRG3iFVfqOAc8Imens0j5KolyGXI4IFDelqDCSyXk5Dtu7Ijilbg7K4-TQkyXdMXLtIJYfsRBUdtxFekkDAH_ew.8I7maaEB0XKY07VCc3z-H7uA0vI.aHyX4A; path=/; secure; httponly; samesite=none
x-request-processor: 089337d9e4ab0a9e3
x-a11y-ally: Dana Danger Grey
status: 302 Found
p3p: CP="None, see http://www.instructure.com/privacy-policy"
X-Firefox-Spdy: h2
0.0.0.0