Submitted URL: https://photo-billing.vpcomm.umich.edu/
Effective URL: https://weblogin.umich.edu/idp/profile/SAML2/Redirect/SSO?execution=e1s2
Submission: On September 17 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 11 HTTP transactions. The main IP is 141.211.243.174, located in Ann Arbor, United States and belongs to UMICH-AS-5, US. The main domain is weblogin.umich.edu. The Cisco Umbrella rank of the primary domain is 305593.
TLS certificate: Issued by InCommon RSA Server CA 2 on January 25th 2024. Valid for: a year.
This is the only time weblogin.umich.edu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 165.227.110.183 14061 (DIGITALOC...)
6 17 141.211.243.174 36375 (UMICH-AS-5)
11 1
Apex Domain
Subdomains
Transfer
19 umich.edu
photo-billing.vpcomm.umich.edu
shibboleth.umich.edu — Cisco Umbrella Rank: 315099
weblogin.umich.edu — Cisco Umbrella Rank: 305593
34 KB
11 1
Domain Requested by
11 weblogin.umich.edu 2 redirects weblogin.umich.edu
6 shibboleth.umich.edu 4 redirects
2 photo-billing.vpcomm.umich.edu 2 redirects
11 3

This site contains links to these domains. Also see Links.

Domain
safecomputing.umich.edu
password.it.umich.edu
its.umich.edu
spg.umich.edu
umich.edu
regents.umich.edu
Subject Issuer Validity Valid
weblogin.umich.edu
InCommon RSA Server CA 2
2024-01-25 -
2025-01-24
a year crt.sh

This page contains 1 frames:

Primary Page: https://weblogin.umich.edu/idp/profile/SAML2/Redirect/SSO?execution=e1s2
Frame ID: F349F853A9847FAA04731BEAFAFCBCF7
Requests: 11 HTTP requests in this frame

Screenshot

Page Title

U-M Weblogin

Page URL History Show full URLs

  1. https://photo-billing.vpcomm.umich.edu/ HTTP 302
    https://photo-billing.vpcomm.umich.edu/auth HTTP 302
    https://shibboleth.umich.edu/idp/profile/oidc/authorize?response_type=code&redirect_uri=https%3A%2F%2Fpho... HTTP 302
    https://shibboleth.umich.edu/idp/profile/oidc/authorize?execution=e1s1 Page URL
  2. https://shibboleth.umich.edu/idp/profile/oidc/authorize?execution=e1s1 HTTP 302
    https://shibboleth.umich.edu/idp/profile/oidc/authorize?execution=e1s2 HTTP 302
    https://shibboleth.umich.edu/idp/profile/Authn/SAML2/POST/SSO/start?conversation=e1s2 HTTP 302
    https://weblogin.umich.edu/idp/profile/SAML2/Redirect/SSO?SAMLRequest=hVLLbtswEPwVgXeJFGU7NmE5cGMUNZA2h... HTTP 302
    https://weblogin.umich.edu/idp/profile/SAML2/Redirect/SSO?execution=e1s1 Page URL
  3. https://weblogin.umich.edu/idp/profile/SAML2/Redirect/SSO?execution=e1s1 HTTP 302
    https://weblogin.umich.edu/idp/profile/SAML2/Redirect/SSO?execution=e1s2 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js

Page Statistics

11
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

3
Subdomains

1
IPs

1
Countries

27 kB
Transfer

66 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://photo-billing.vpcomm.umich.edu/ HTTP 302
    https://photo-billing.vpcomm.umich.edu/auth HTTP 302
    https://shibboleth.umich.edu/idp/profile/oidc/authorize?response_type=code&redirect_uri=https%3A%2F%2Fphoto-billing.vpcomm.umich.edu%2Fauth&client_id=5-vpcomm-mphotowosc-sxw9te-zmquaki2cqu0fhw&nonce=10dfbf20809f29d7acdbfee1e5ce2df9&state=5bfa02de66c7a46c0173ca73c80e45c0&scope=openid+profile+email+eduperson_affiliation+eduperson_scoped_affiliation+openid HTTP 302
    https://shibboleth.umich.edu/idp/profile/oidc/authorize?execution=e1s1 Page URL
  2. https://shibboleth.umich.edu/idp/profile/oidc/authorize?execution=e1s1 HTTP 302
    https://shibboleth.umich.edu/idp/profile/oidc/authorize?execution=e1s2 HTTP 302
    https://shibboleth.umich.edu/idp/profile/Authn/SAML2/POST/SSO/start?conversation=e1s2 HTTP 302
    https://weblogin.umich.edu/idp/profile/SAML2/Redirect/SSO?SAMLRequest=hVLLbtswEPwVgXeJFGU7NmE5cGMUNZA2hqX00EshUeuIqEjKfFhpvr6KZasp0KZHcmdndmZ3efssm%2BAExgqtUhRHBAWguK6EekrRY%2F4xnKPb1dIWsqEtW3tXqz0cPVgX9I3KsqGSIm8U04UVlqlCgmWOs2z9%2BZ7RiLDWaKe5blCwthaM66XutLJegsnAnASHx%2F19imrnWsswtrUoS92AqyMvBa8jqDwWVYt7noNoAJ%2FHwK%2F0FO8eshxn2QMKNv1QQhXubOTK1UHZ6Ceh%2FsE0cOyhEga4G3i2mxR9n1I6nVeEJFWVHGZzTvisnCW8gnhSQlImPcxaD1tlXaFciiihk5AswvgmjxdsMmMxiQi9%2BYaC3cX8B6GGUN9LqhxAln3K81346g0FX6%2FL6QHosgp2Vjdvd%2FA%2BcXENHq3%2BG%2FPvwhK%2FVRvP4EtPv93sdCP4z2DdNLq7M1A4SJEzHhAegRnXbW9nfF9OB8x2s5qGp5ZrKUPZ1n1CnbY8tM%2FdwkH4Io%2B%2B%2BCEoP3pyqLvLFH%2B2j5%2BjBv7Lka5%2BAQ%3D%3D&RelayState=e1s2 HTTP 302
    https://weblogin.umich.edu/idp/profile/SAML2/Redirect/SSO?execution=e1s1 Page URL
  3. https://weblogin.umich.edu/idp/profile/SAML2/Redirect/SSO?execution=e1s1 HTTP 302
    https://weblogin.umich.edu/idp/profile/SAML2/Redirect/SSO?execution=e1s2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://photo-billing.vpcomm.umich.edu/ HTTP 302
  • https://photo-billing.vpcomm.umich.edu/auth HTTP 302
  • https://shibboleth.umich.edu/idp/profile/oidc/authorize?response_type=code&redirect_uri=https%3A%2F%2Fphoto-billing.vpcomm.umich.edu%2Fauth&client_id=5-vpcomm-mphotowosc-sxw9te-zmquaki2cqu0fhw&nonce=10dfbf20809f29d7acdbfee1e5ce2df9&state=5bfa02de66c7a46c0173ca73c80e45c0&scope=openid+profile+email+eduperson_affiliation+eduperson_scoped_affiliation+openid HTTP 302
  • https://shibboleth.umich.edu/idp/profile/oidc/authorize?execution=e1s1
Request Chain 1
  • https://shibboleth.umich.edu/idp/profile/oidc/authorize?execution=e1s1 HTTP 302
  • https://shibboleth.umich.edu/idp/profile/oidc/authorize?execution=e1s2 HTTP 302
  • https://shibboleth.umich.edu/idp/profile/Authn/SAML2/POST/SSO/start?conversation=e1s2 HTTP 302
  • https://weblogin.umich.edu/idp/profile/SAML2/Redirect/SSO?SAMLRequest=hVLLbtswEPwVgXeJFGU7NmE5cGMUNZA2hqX00EshUeuIqEjKfFhpvr6KZasp0KZHcmdndmZ3efssm%2BAExgqtUhRHBAWguK6EekrRY%2F4xnKPb1dIWsqEtW3tXqz0cPVgX9I3KsqGSIm8U04UVlqlCgmWOs2z9%2BZ7RiLDWaKe5blCwthaM66XutLJegsnAnASHx%2F19imrnWsswtrUoS92AqyMvBa8jqDwWVYt7noNoAJ%2FHwK%2F0FO8eshxn2QMKNv1QQhXubOTK1UHZ6Ceh%2FsE0cOyhEga4G3i2mxR9n1I6nVeEJFWVHGZzTvisnCW8gnhSQlImPcxaD1tlXaFciiihk5AswvgmjxdsMmMxiQi9%2BYaC3cX8B6GGUN9LqhxAln3K81346g0FX6%2FL6QHosgp2Vjdvd%2FA%2BcXENHq3%2BG%2FPvwhK%2FVRvP4EtPv93sdCP4z2DdNLq7M1A4SJEzHhAegRnXbW9nfF9OB8x2s5qGp5ZrKUPZ1n1CnbY8tM%2FdwkH4Io%2B%2B%2BCEoP3pyqLvLFH%2B2j5%2BjBv7Lka5%2BAQ%3D%3D&RelayState=e1s2 HTTP 302
  • https://weblogin.umich.edu/idp/profile/SAML2/Redirect/SSO?execution=e1s1

11 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
authorize
shibboleth.umich.edu/idp/profile/oidc/
Redirect Chain
  • https://photo-billing.vpcomm.umich.edu/
  • https://photo-billing.vpcomm.umich.edu/auth
  • https://shibboleth.umich.edu/idp/profile/oidc/authorize?response_type=code&redirect_uri=https%3A%2F%2Fphoto-billing.vpcomm.umich.edu%2Fauth&client_id=5-vpcomm-mphotowosc-sxw9te-zmquaki2cqu0fhw&nonc...
  • https://shibboleth.umich.edu/idp/profile/oidc/authorize?execution=e1s1
4 KB
2 KB
Document
General
Full URL
https://shibboleth.umich.edu/idp/profile/oidc/authorize?execution=e1s1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
141.211.243.174 Ann Arbor, United States, ASN36375 (UMICH-AS-5, US),
Reverse DNS
Software
Apache /
Resource Hash
6a20ba511039d10e8855cf47bfac853ad9886831533373fd43bb324bc131f69f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.umich.edu https://*.umdearborn.edu https://*.umflint.edu https://*.instructure.com https://*.mdcreporting.org https://mdcreporting.org;
Strict-Transport-Security max-age=63072000; max-age=0
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
Access-Control-Allow-Methods
POST, GET, OPTIONS
Cache-Control
no-store
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1344
Content-Security-Policy
frame-ancestors 'self' https://*.umich.edu https://*.umdearborn.edu https://*.umflint.edu https://*.instructure.com https://*.mdcreporting.org https://mdcreporting.org;
Content-Type
text/html;charset=utf-8
Date
Tue, 17 Sep 2024 19:46:09 GMT
Keep-Alive
timeout=5, max=91
Server
Apache
Strict-Transport-Security
max-age=63072000; max-age=0
Vary
Origin,Accept-Encoding
X-Frame-Options
DENY

Redirect headers

Access-Control-Allow-Headers
X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding
Access-Control-Allow-Methods
POST, GET, OPTIONS
Cache-Control
no-store
Connection
Keep-Alive
Content-Length
0
Content-Security-Policy
frame-ancestors 'self' https://*.umich.edu https://*.umdearborn.edu https://*.umflint.edu https://*.instructure.com https://*.mdcreporting.org https://mdcreporting.org;
Date
Tue, 17 Sep 2024 19:46:09 GMT
Keep-Alive
timeout=5, max=91
Location
/idp/profile/oidc/authorize?execution=e1s1
Server
Apache
Strict-Transport-Security
max-age=63072000; max-age=0
Vary
Origin
X-Frame-Options
DENY
SSO
weblogin.umich.edu/idp/profile/SAML2/Redirect/
Redirect Chain
  • https://shibboleth.umich.edu/idp/profile/oidc/authorize?execution=e1s1
  • https://shibboleth.umich.edu/idp/profile/oidc/authorize?execution=e1s2
  • https://shibboleth.umich.edu/idp/profile/Authn/SAML2/POST/SSO/start?conversation=e1s2
  • https://weblogin.umich.edu/idp/profile/SAML2/Redirect/SSO?SAMLRequest=hVLLbtswEPwVgXeJFGU7NmE5cGMUNZA2hqX00EshUeuIqEjKfFhpvr6KZasp0KZHcmdndmZ3efssm%2BAExgqtUhRHBAWguK6EekrRY%2F4xnKPb1dIWsqEtW3tXqz0...
  • https://weblogin.umich.edu/idp/profile/SAML2/Redirect/SSO?execution=e1s1
4 KB
2 KB
Document
General
Full URL
https://weblogin.umich.edu/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
141.211.243.174 Ann Arbor, United States, ASN36375 (UMICH-AS-5, US),
Reverse DNS
Software
Apache /
Resource Hash
0ce78b9caf939c27e837adf2b16f579d9f6ad74dde327dc7bc72205d440c227a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.umich.edu https://*.umdearborn.edu https://*.umflint.edu https://*.instructure.com https://*.mdcreporting.org https://mdcreporting.org;
Strict-Transport-Security max-age=63072000; max-age=0
X-Frame-Options DENY

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://shibboleth.umich.edu
Referer
https://shibboleth.umich.edu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Cache-Control
no-store
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1350
Content-Security-Policy
frame-ancestors 'self' https://*.umich.edu https://*.umdearborn.edu https://*.umflint.edu https://*.instructure.com https://*.mdcreporting.org https://mdcreporting.org;
Content-Type
text/html;charset=utf-8
Date
Tue, 17 Sep 2024 19:46:11 GMT
Keep-Alive
timeout=5, max=96
Server
Apache
Strict-Transport-Security
max-age=63072000; max-age=0
Vary
Accept-Encoding
X-Frame-Options
DENY

Redirect headers

Cache-Control
no-store
Connection
Keep-Alive
Content-Length
0
Content-Security-Policy
frame-ancestors 'self' https://*.umich.edu https://*.umdearborn.edu https://*.umflint.edu https://*.instructure.com https://*.mdcreporting.org https://mdcreporting.org;
Date
Tue, 17 Sep 2024 19:46:11 GMT
Keep-Alive
timeout=5, max=96
Location
/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Server
Apache
Strict-Transport-Security
max-age=63072000; max-age=0
X-Frame-Options
DENY
favicon.ico
shibboleth.umich.edu/
196 B
442 B
Other
General
Full URL
https://shibboleth.umich.edu/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
141.211.243.174 Ann Arbor, United States, ASN36375 (UMICH-AS-5, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

Referer
https://shibboleth.umich.edu/idp/profile/oidc/authorize?execution=e1s1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 17 Sep 2024 19:46:09 GMT
Strict-Transport-Security
max-age=63072000;
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=90
Content-Length
196
Content-Type
text/html; charset=iso-8859-1
Primary Request SSO
weblogin.umich.edu/idp/profile/SAML2/Redirect/
Redirect Chain
  • https://weblogin.umich.edu/idp/profile/SAML2/Redirect/SSO?execution=e1s1
  • https://weblogin.umich.edu/idp/profile/SAML2/Redirect/SSO?execution=e1s2
6 KB
3 KB
Document
General
Full URL
https://weblogin.umich.edu/idp/profile/SAML2/Redirect/SSO?execution=e1s2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
141.211.243.174 Ann Arbor, United States, ASN36375 (UMICH-AS-5, US),
Reverse DNS
Software
Apache /
Resource Hash
204ef352da77d02bbab959fb2be63b3d0030394db6cedd2f623285c84e42b55e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.umich.edu https://*.umdearborn.edu https://*.umflint.edu https://*.instructure.com https://*.mdcreporting.org https://mdcreporting.org;
Strict-Transport-Security max-age=63072000; max-age=0
X-Frame-Options DENY

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://weblogin.umich.edu
Referer
https://weblogin.umich.edu/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Cache-Control
no-store
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
2174
Content-Security-Policy
frame-ancestors 'self' https://*.umich.edu https://*.umdearborn.edu https://*.umflint.edu https://*.instructure.com https://*.mdcreporting.org https://mdcreporting.org;
Content-Type
text/html;charset=utf-8
Date
Tue, 17 Sep 2024 19:46:11 GMT
Keep-Alive
timeout=5, max=88
Server
Apache
Strict-Transport-Security
max-age=63072000; max-age=0
Vary
Accept-Encoding
X-Frame-Options
DENY

Redirect headers

Cache-Control
no-store
Connection
Keep-Alive
Content-Length
0
Content-Security-Policy
frame-ancestors 'self' https://*.umich.edu https://*.umdearborn.edu https://*.umflint.edu https://*.instructure.com https://*.mdcreporting.org https://mdcreporting.org;
Date
Tue, 17 Sep 2024 19:46:11 GMT
Keep-Alive
timeout=5, max=99
Location
/idp/profile/SAML2/Redirect/SSO?execution=e1s2
Server
Apache
Strict-Transport-Security
max-age=63072000; max-age=0
X-Frame-Options
DENY
favicon.ico
weblogin.umich.edu/
196 B
442 B
Other
General
Full URL
https://weblogin.umich.edu/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
141.211.243.174 Ann Arbor, United States, ASN36375 (UMICH-AS-5, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

Referer
https://weblogin.umich.edu/idp/profile/SAML2/Redirect/SSO?execution=e1s1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 17 Sep 2024 19:46:11 GMT
Strict-Transport-Security
max-age=63072000;
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=92
Content-Length
196
Content-Type
text/html; charset=iso-8859-1
weblogin.min.css
weblogin.umich.edu/css/
40 KB
8 KB
Stylesheet
General
Full URL
https://weblogin.umich.edu/css/weblogin.min.css?v=1725911016
Requested by
Host: weblogin.umich.edu
URL: https://weblogin.umich.edu/idp/profile/SAML2/Redirect/SSO?execution=e1s2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
141.211.243.174 Ann Arbor, United States, ASN36375 (UMICH-AS-5, US),
Reverse DNS
Software
Apache /
Resource Hash
b411d5346ea0cb0034713ad950b3e26f8cc39450cb692532d048feec8058e7cb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

Referer
https://weblogin.umich.edu/idp/profile/SAML2/Redirect/SSO?execution=e1s2
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 17 Sep 2024 19:46:11 GMT
Strict-Transport-Security
max-age=63072000;
Content-Encoding
gzip
Last-Modified
Thu, 15 Feb 2024 00:44:03 GMT
Server
Apache
ETag
"9eb0-61160ec8cdb0c-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
7501
polyfill.min.js
weblogin.umich.edu/js/
2 KB
1 KB
Script
General
Full URL
https://weblogin.umich.edu/js/polyfill.min.js?v=1725911016
Requested by
Host: weblogin.umich.edu
URL: https://weblogin.umich.edu/idp/profile/SAML2/Redirect/SSO?execution=e1s2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
141.211.243.174 Ann Arbor, United States, ASN36375 (UMICH-AS-5, US),
Reverse DNS
Software
Apache /
Resource Hash
f2076ca161aaf93038e14a1a95f86ffc83d293a4f9044d30a84c2d8b9a3f9d1f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

Referer
https://weblogin.umich.edu/idp/profile/SAML2/Redirect/SSO?execution=e1s2
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 17 Sep 2024 19:46:11 GMT
Strict-Transport-Security
max-age=63072000;
Content-Encoding
gzip
Last-Modified
Thu, 15 Feb 2024 00:44:03 GMT
Server
Apache
ETag
"6cf-61160ec8d09ed-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=75
Content-Length
698
weblogin.min.js
weblogin.umich.edu/js/
1 KB
772 B
Script
General
Full URL
https://weblogin.umich.edu/js/weblogin.min.js?v=1725911016
Requested by
Host: weblogin.umich.edu
URL: https://weblogin.umich.edu/idp/profile/SAML2/Redirect/SSO?execution=e1s2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
141.211.243.174 Ann Arbor, United States, ASN36375 (UMICH-AS-5, US),
Reverse DNS
Software
Apache /
Resource Hash
88ef755d8fb1f40d608eabe857d1edd4e4eb3a383ba53a312c0da4f96eee4215
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

Referer
https://weblogin.umich.edu/idp/profile/SAML2/Redirect/SSO?execution=e1s2
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 17 Sep 2024 19:46:11 GMT
Strict-Transport-Security
max-age=63072000;
Content-Encoding
gzip
Last-Modified
Thu, 15 Feb 2024 00:44:03 GMT
Server
Apache
ETag
"48f-61160ec8d0dd5-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=38
Content-Length
393
weblogin.png
weblogin.umich.edu/images/
3 KB
4 KB
Image
General
Full URL
https://weblogin.umich.edu/images/weblogin.png
Requested by
Host: weblogin.umich.edu
URL: https://weblogin.umich.edu/css/weblogin.min.css?v=1725911016
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
141.211.243.174 Ann Arbor, United States, ASN36375 (UMICH-AS-5, US),
Reverse DNS
Software
Apache /
Resource Hash
7b956f401b066728c56fa36b69197669ede2b88f43357e5bd02c9cdeac092282
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

Referer
https://weblogin.umich.edu/css/weblogin.min.css?v=1725911016
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 17 Sep 2024 19:46:11 GMT
Strict-Transport-Security
max-age=63072000;
Last-Modified
Thu, 15 Feb 2024 00:44:03 GMT
Server
Apache
ETag
"dd2-61160ec8cee94"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
3538
fontello.woff2
weblogin.umich.edu/font/
5 KB
5 KB
Font
General
Full URL
https://weblogin.umich.edu/font/fontello.woff2?2316bd75
Requested by
Host: weblogin.umich.edu
URL: https://weblogin.umich.edu/css/weblogin.min.css?v=1725911016
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
141.211.243.174 Ann Arbor, United States, ASN36375 (UMICH-AS-5, US),
Reverse DNS
Software
Apache /
Resource Hash
3d054bd846ec3486b1dfe3a1d4e00a0e34aec61ca5728d9553695092c9b2d8a3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

Referer
https://weblogin.umich.edu/css/weblogin.min.css?v=1725911016
Origin
https://weblogin.umich.edu
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 17 Sep 2024 19:46:12 GMT
Strict-Transport-Security
max-age=63072000;
Last-Modified
Thu, 15 Feb 2024 00:44:03 GMT
Server
Apache
ETag
"138c-61160ec8ce6c4"
Content-Type
font/woff2
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
5004
favicon.ico
weblogin.umich.edu/images/
1 KB
1 KB
Other
General
Full URL
https://weblogin.umich.edu/images/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
141.211.243.174 Ann Arbor, United States, ASN36375 (UMICH-AS-5, US),
Reverse DNS
Software
Apache /
Resource Hash
d142a8b115627c7bc90cd75d1d77d06debc85eaaaa6da0a36ac87e85e883f78d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

Referer
https://weblogin.umich.edu/idp/profile/SAML2/Redirect/SSO?execution=e1s2
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 17 Sep 2024 19:46:12 GMT
Strict-Transport-Security
max-age=63072000;
Last-Modified
Thu, 15 Feb 2024 00:44:03 GMT
Server
Apache
ETag
"47e-61160ec8cee94"
Content-Type
image/vnd.microsoft.icon
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=90
Content-Length
1150

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| login

7 Cookies

Domain/Path Name / Value
photo-billing.vpcomm.umich.edu/ Name: XSRF-TOKEN
Value: eyJpdiI6IlZTRng2Z25VbkFGNFptMUIvL1d1UlE9PSIsInZhbHVlIjoiMVZieWVYdHhvcEJFL3FpUTRFTC9PM2FXaGlLaVdCYWpoSVhpaWJEbEJNclAyejUwMU9CSko0bDNPaHRmZG9TQW01R2h5L3lRZTdXODBrblJLOEdHcS9rQnU4Q1RFT2YxbnBsbDJVZkswRlgyK0JXQnI3TVllTTRDR0MzeDRORGYiLCJtYWMiOiJlN2I0YWNiN2M2MzA0MDcxNDljM2VkYzFiZjllYzkzMWNkYWE5NThmNjEwODYzMWQ5ZGI3ZTZiN2VjM2Q5MzU0IiwidGFnIjoiIn0%3D
photo-billing.vpcomm.umich.edu/ Name: michiganphotography_session
Value: eyJpdiI6IlY3N2xseXV5YjU0d3h1cTU1VU9aL3c9PSIsInZhbHVlIjoiZjFRbkppYmtsT2NWNTd3ZlRRRFB5dEpJSTAwQ3phY21qQkhxdW1sTHUrR2JhTk1aN1Vhend0emVJcmNzR0RtcjNtL1BnSDhXbERlSkpES2lCeXFvc0pMZXAxUzBjMUtZOCtmVS9CT0IyU0pJc2g2SjNKY3B0bW9yU3FQNS8zM1YiLCJtYWMiOiI3MWQ2ZWUxOGE1MzA1OGM4MWQwNmYxM2YyM2ExMTYzMGUxNmRlMjUzNjUzNjZlZWVhZjRmZmY3ZGVmOTAyZGM1IiwidGFnIjoiIn0%3D
photo-billing.vpcomm.umich.edu/ Name: PHPSESSID
Value: fkkm5o03h79mhf5nnb4kulptjf
shibboleth.umich.edu/ Name: __Host-JSESSIONID
Value: 9E0896C4C01B1AF9D45CF55C5FBA5CCF
shibboleth.umich.edu/ Name: BIGipServer~IAM-PROD-MACC~SHIBBOLETH_HTTPS
Value: 919065485.47873.0000
weblogin.umich.edu/ Name: __Host-JSESSIONID
Value: FE79609625332B3D019A4F309A0292A1
weblogin.umich.edu/ Name: BIGipServer~IAM-PROD-MACC~SHIBBOLETH_HTTPS
Value: 1011667853.47873.0000

2 Console Messages

Source Level URL
Text
network error URL: https://shibboleth.umich.edu/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://weblogin.umich.edu/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' https://*.umich.edu https://*.umdearborn.edu https://*.umflint.edu https://*.instructure.com https://*.mdcreporting.org https://mdcreporting.org;
Strict-Transport-Security max-age=63072000; max-age=0
X-Frame-Options DENY