urlscan.io logo urlscan.io
SecurityTrails logo

login.lbl.gov Open in urlscan Pro
131.243.228.17  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://foundry-instruments.lbl.gov/
Effective URL: https://login.lbl.gov/idp/profile/SAML2/Redirect/SSO?execution=e1s2
Submission Tags: insec_govpress_testing wordpress Search All
Submission: On October 18 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 3 domains to perform 21 HTTP transactions. The main IP is 131.243.228.17, located in United States and belongs to LBL, US. The main domain is login.lbl.gov.
TLS certificate: Issued by InCommon RSA Server CA on January 15th 2020. Valid for: 2 years.
This is the only time login.lbl.gov was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    2606:4700::6812:1966 (United States)

ASN13335 (CLOUDFLARENET, US)
foundry-instruments.lbl.gov
16    131.243.228.17 (United States)

ASN16 (LBL, US)
PTR: login.lbl.gov
login.lbl.gov
2    2a00:1450:4001:81a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
16 login.lbl.gov 2 redirects login.lbl.gov
ajax.googleapis.com
3 fonts.googleapis.com login.lbl.gov
2 foundry-instruments.lbl.gov 2 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 ajax.googleapis.com login.lbl.gov
21 5
Subject Issuer Validity Valid
login.lbl.gov
InCommon RSA Server CA		 2020-01-15 -
2022-01-14		 2 years crt.sh
upload.video.google.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://login.lbl.gov/idp/profile/SAML2/Redirect/SSO?execution=e1s2
Frame ID: AA052407376AD5FCE896F948182DFDCC
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://foundry-instruments.lbl.gov/ HTTP 301
    https://foundry-instruments.lbl.gov/ HTTP 302
    https://login.lbl.gov/idp/profile/SAML2/Redirect/SSO?SAMLRequest=fZJfb4IwFMW%2FCum7FIj%2F0ggJ04eZu... HTTP 302
    https://login.lbl.gov/idp/profile/SAML2/Redirect/SSO;jsessionid=n0x184ki56dz198kfvxrcg6fr?executio... Page URL
  2. https://login.lbl.gov/idp/profile/SAML2/Redirect/SSO?execution=e1s1 HTTP 302
    https://login.lbl.gov/idp/profile/SAML2/Redirect/SSO?execution=e1s2 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Jetty(?:\(([\d\.]*\d+))?/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • headers server /Jetty(?:\(([\d\.]*\d+))?/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

21
Requests

90 %
HTTPS

83 %
IPv6

3
Domains

5
Subdomains

6
IPs

2
Countries

262 kB
Transfer

345 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://foundry-instruments.lbl.gov/ HTTP 301
    https://foundry-instruments.lbl.gov/ HTTP 302
    https://login.lbl.gov/idp/profile/SAML2/Redirect/SSO?SAMLRequest=fZJfb4IwFMW%2FCum7FIj%2F0ggJ04eZuEmE7WEvSylFmpSW9RY3v%2F2qqHMvJvet555zzy9dAG1lR9LeNmrHv3oO1vtppQJyfohRbxTRFAQQRVsOxDKSpy8bEvkB6Yy2mmmJvBSAGyu0WmoFfctNzs1BMP6228SosbYDgnGte1WZ40gosMaJlAVfltLf6wPOG1GWWnLb%2BAAanyIinG3zAnkrd5NQ9OT%2B5yX1Xqjbtqg67I6pheSX1R2vhOHM4jzfIm%2B9itHnrBpzxqIgCOqoDGdhVYfz6WTC5lM6ZsF05mQAPV%2B766iyMYqCKBiFbuZFOCYTN9EH8rJL5yehKqH2jwGVgwjIc1Fko6HOOzdwruIEKFmcMJNzsLkD%2F9iWXmmj5MqDaUPljQfcaC7wXcCQ1pFX57heZVoKdvRSKfX30nBqeYxChJNh5f%2BfSH4B&RelayState=ss%3Amem%3Ad8498bacc3de951bcc6f1863050d5cc8705cfffaee44dd1fa6b0f3f3959dbaee&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=H2lXckNtM0dnJxobctXP1BeHRbeCl9nxGaeSptnyBMAe9CMcjM2sY9FmuQ5%2BSKwSYdY%2B2zMA39eeYq6VRHTKTFL9%2FL8fnOuIBSfYSWwXmltX%2FfFPW8DT51K%2FbrLWOmTYWRUvB0PStf1HQywb64uRSG3kvZsEoEXRY9Z4vZR7Gqy0nlOmWTiyB%2FB5xyPmR7n%2FIkdwGODO7VdnVPT27UXva8HXVpz1%2FzHnW%2BDqbf%2BnfGrVEFZL%2FBuagzKdFURv%2F5AWNdqm0JKWyfRm8%2F0GJRKyF2xZcZt%2F%2BazZSuXOGW4UAs3K9OFmGpZd8STl8j5tnlHcNgC0yE%2FV75cKMgZBr78JhA%3D%3D HTTP 302
    https://login.lbl.gov/idp/profile/SAML2/Redirect/SSO;jsessionid=n0x184ki56dz198kfvxrcg6fr?execution=e1s1 Page URL
  2. https://login.lbl.gov/idp/profile/SAML2/Redirect/SSO?execution=e1s1 HTTP 302
    https://login.lbl.gov/idp/profile/SAML2/Redirect/SSO?execution=e1s2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://foundry-instruments.lbl.gov/ HTTP 301
  • https://foundry-instruments.lbl.gov/ HTTP 302
  • https://login.lbl.gov/idp/profile/SAML2/Redirect/SSO?SAMLRequest=fZJfb4IwFMW%2FCum7FIj%2F0ggJ04eZuEmE7WEvSylFmpSW9RY3v%2F2qqHMvJvet555zzy9dAG1lR9LeNmrHv3oO1vtppQJyfohRbxTRFAQQRVsOxDKSpy8bEvkB6Yy2mmmJvBSAGyu0WmoFfctNzs1BMP6228SosbYDgnGte1WZ40gosMaJlAVfltLf6wPOG1GWWnLb%2BAAanyIinG3zAnkrd5NQ9OT%2B5yX1Xqjbtqg67I6pheSX1R2vhOHM4jzfIm%2B9itHnrBpzxqIgCOqoDGdhVYfz6WTC5lM6ZsF05mQAPV%2B766iyMYqCKBiFbuZFOCYTN9EH8rJL5yehKqH2jwGVgwjIc1Fko6HOOzdwruIEKFmcMJNzsLkD%2F9iWXmmj5MqDaUPljQfcaC7wXcCQ1pFX57heZVoKdvRSKfX30nBqeYxChJNh5f%2BfSH4B&RelayState=ss%3Amem%3Ad8498bacc3de951bcc6f1863050d5cc8705cfffaee44dd1fa6b0f3f3959dbaee&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=H2lXckNtM0dnJxobctXP1BeHRbeCl9nxGaeSptnyBMAe9CMcjM2sY9FmuQ5%2BSKwSYdY%2B2zMA39eeYq6VRHTKTFL9%2FL8fnOuIBSfYSWwXmltX%2FfFPW8DT51K%2FbrLWOmTYWRUvB0PStf1HQywb64uRSG3kvZsEoEXRY9Z4vZR7Gqy0nlOmWTiyB%2FB5xyPmR7n%2FIkdwGODO7VdnVPT27UXva8HXVpz1%2FzHnW%2BDqbf%2BnfGrVEFZL%2FBuagzKdFURv%2F5AWNdqm0JKWyfRm8%2F0GJRKyF2xZcZt%2F%2BazZSuXOGW4UAs3K9OFmGpZd8STl8j5tnlHcNgC0yE%2FV75cKMgZBr78JhA%3D%3D HTTP 302
  • https://login.lbl.gov/idp/profile/SAML2/Redirect/SSO;jsessionid=n0x184ki56dz198kfvxrcg6fr?execution=e1s1

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set SSO;jsessionid=n0x184ki56dz198kfvxrcg6fr
login.lbl.gov/idp/profile/SAML2/Redirect/
Redirect Chain
  • http://foundry-instruments.lbl.gov/
  • https://foundry-instruments.lbl.gov/
  • https://login.lbl.gov/idp/profile/SAML2/Redirect/SSO?SAMLRequest=fZJfb4IwFMW%2FCum7FIj%2F0ggJ04eZuEmE7WEvSylFmpSW9RY3v%2F2qqHMvJvet555zzy9dAG1lR9LeNmrHv3oO1vtppQJyfohRbxTRFAQQRVsOxDKSpy8bEvkB6Yy2mm...
  • https://login.lbl.gov/idp/profile/SAML2/Redirect/SSO;jsessionid=n0x184ki56dz198kfvxrcg6fr?execution=e1s1
3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.lbl.gov/idp/profile/SAML2/Redirect/SSO;jsessionid=n0x184ki56dz198kfvxrcg6fr?execution=e1s1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
131.243.228.17 , United States, ASN16 (LBL, US),
Reverse DNS
login.lbl.gov
Software
Jetty(9.3.15.v20161220) /
Resource Hash
7876df91103b4d08f518ceaad941836214c247f8706ff54a89f0cc68da2c2b9c

Request headers

Host
login.lbl.gov
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
JSESSIONID=n0x184ki56dz198kfvxrcg6fr; BIGipServershibboleth-containers-production=2397306890.24810.0000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control
no-store
Content-Type
text/html;charset=utf-8
Content-Length
3048
Server
Jetty(9.3.15.v20161220)
Set-Cookie
BIGipServershibboleth-containers-production=2397306890.24810.0000; expires=Sun, 18-Oct-2020 14:59:53 GMT; path=/

Redirect headers

Set-Cookie
JSESSIONID=n0x184ki56dz198kfvxrcg6fr;Path=/idp;Secure BIGipServershibboleth-containers-production=2397306890.24810.0000; expires=Sun, 18-Oct-2020 14:59:53 GMT; path=/
Cache-Control
no-store
Location
https://login.lbl.gov/idp/profile/SAML2/Redirect/SSO;jsessionid=n0x184ki56dz198kfvxrcg6fr?execution=e1s1
Content-Length
0
Server
Jetty(9.3.15.v20161220)
main.css
login.lbl.gov/idp/css/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login.lbl.gov/idp/css/main.css
Requested by
Host: login.lbl.gov
URL: https://login.lbl.gov/idp/profile/SAML2/Redirect/SSO;jsessionid=n0x184ki56dz198kfvxrcg6fr?execution=e1s1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
131.243.228.17 , United States, ASN16 (LBL, US),
Reverse DNS
login.lbl.gov
Software
Jetty(9.3.15.v20161220) /
Resource Hash
210f0d41ab613254a2c07086aecdf58f54d9e6b33d60224630ee1b61521e36d9

Request headers

Referer
https://login.lbl.gov/idp/profile/SAML2/Redirect/SSO;jsessionid=n0x184ki56dz198kfvxrcg6fr?execution=e1s1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Last-Modified
Sat, 28 Oct 2017 03:09:24 GMT
Server
Jetty(9.3.15.v20161220)
Accept-Ranges
bytes
Content-Length
2771
Content-Type
text/css
Primary Request Cookie set SSO
login.lbl.gov/idp/profile/SAML2/Redirect/
Redirect Chain
  • https://login.lbl.gov/idp/profile/SAML2/Redirect/SSO?execution=e1s1
  • https://login.lbl.gov/idp/profile/SAML2/Redirect/SSO?execution=e1s2
12 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.lbl.gov/idp/profile/SAML2/Redirect/SSO?execution=e1s2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
131.243.228.17 , United States, ASN16 (LBL, US),
Reverse DNS
login.lbl.gov
Software
Jetty(9.3.15.v20161220) /
Resource Hash
b460b52be78fb671db28fb8bfbbc46b8cb82e926b980a92c894a6b155a25cdb0

Request headers

Host
login.lbl.gov
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://login.lbl.gov/idp/profile/SAML2/Redirect/SSO;jsessionid=n0x184ki56dz198kfvxrcg6fr?execution=e1s1
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
JSESSIONID=n0x184ki56dz198kfvxrcg6fr; BIGipServershibboleth-containers-production=2397306890.24810.0000
Upgrade-Insecure-Requests
1
Origin
https://login.lbl.gov
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://login.lbl.gov/idp/profile/SAML2/Redirect/SSO;jsessionid=n0x184ki56dz198kfvxrcg6fr?execution=e1s1

Response headers

Cache-Control
no-store
Content-Type
text/html;charset=utf-8
Content-Length
12256
Server
Jetty(9.3.15.v20161220)
Set-Cookie
BIGipServershibboleth-containers-production=2397306890.24810.0000; expires=Sun, 18-Oct-2020 14:59:54 GMT; path=/

Redirect headers

Cache-Control
no-store
Location
https://login.lbl.gov/idp/profile/SAML2/Redirect/SSO?execution=e1s2
Content-Length
0
Server
Jetty(9.3.15.v20161220)
Set-Cookie
BIGipServershibboleth-containers-production=2397306890.24810.0000; expires=Sun, 18-Oct-2020 14:59:53 GMT; path=/
css
fonts.googleapis.com/ 		8 KB
851 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans+Condensed:300,700,300italic
Requested by
Host: login.lbl.gov
URL: https://login.lbl.gov/idp/profile/SAML2/Redirect/SSO?execution=e1s2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6bf7391fecbe9766c55c9d00c621c8f943243857ba9551c2d062c915a1783611
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://login.lbl.gov/idp/profile/SAML2/Redirect/SSO?execution=e1s2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 18 Oct 2020 14:54:54 GMT
server
ESF
date
Sun, 18 Oct 2020 14:54:54 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 18 Oct 2020 14:54:54 GMT
css
fonts.googleapis.com/ 		5 KB
776 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400
Requested by
Host: login.lbl.gov
URL: https://login.lbl.gov/idp/profile/SAML2/Redirect/SSO?execution=e1s2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e1c0f9e4a88c92511d4ecb197a851325fb00730d6ec970a08fa1fb96491662ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://login.lbl.gov/idp/profile/SAML2/Redirect/SSO?execution=e1s2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 18 Oct 2020 13:59:54 GMT
server
ESF
date
Sun, 18 Oct 2020 14:54:54 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 18 Oct 2020 14:54:54 GMT
bootstrap.css
login.lbl.gov/idp/styles/ 		118 KB
119 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login.lbl.gov/idp/styles/bootstrap.css
Requested by
Host: login.lbl.gov
URL: https://login.lbl.gov/idp/profile/SAML2/Redirect/SSO?execution=e1s2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
131.243.228.17 , United States, ASN16 (LBL, US),
Reverse DNS
login.lbl.gov
Software
Jetty(9.3.15.v20161220) /
Resource Hash
0e430441e9833f9e3b9219b4837068670afbb50171678365b95f45de9291b632

Request headers

Referer
https://login.lbl.gov/idp/profile/SAML2/Redirect/SSO?execution=e1s2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Last-Modified
Sat, 28 Oct 2017 03:09:24 GMT
Server
Jetty(9.3.15.v20161220)
Accept-Ranges
bytes
Content-Length
121220
Content-Type
text/css
lbl-styles.css
login.lbl.gov/idp/styles/ 		4 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login.lbl.gov/idp/styles/lbl-styles.css
Requested by
Host: login.lbl.gov
URL: https://login.lbl.gov/idp/profile/SAML2/Redirect/SSO?execution=e1s2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
131.243.228.17 , United States, ASN16 (LBL, US),
Reverse DNS
login.lbl.gov
Software
Jetty(9.3.15.v20161220) /
Resource Hash
f0abf8635953cee99ef8ac4b68f22438997c6455b10b8c8ccfae1f3db175249a

Request headers

Referer
https://login.lbl.gov/idp/profile/SAML2/Redirect/SSO?execution=e1s2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Last-Modified
Sat, 28 Oct 2017 03:09:24 GMT
Server
Jetty(9.3.15.v20161220)
Accept-Ranges
bytes
Content-Length
3824
Content-Type
text/css
lbl-style.css
login.lbl.gov/idp/styles/ 		39 KB
39 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login.lbl.gov/idp/styles/lbl-style.css
Requested by
Host: login.lbl.gov
URL: https://login.lbl.gov/idp/profile/SAML2/Redirect/SSO?execution=e1s2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
131.243.228.17 , United States, ASN16 (LBL, US),
Reverse DNS
login.lbl.gov
Software
Jetty(9.3.15.v20161220) /
Resource Hash
b42aca7e797bbc6b651918e18e3d0a275ee8e8699b74b81a594381b9627fa06a

Request headers

Referer
https://login.lbl.gov/idp/profile/SAML2/Redirect/SSO?execution=e1s2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Last-Modified
Sat, 28 Oct 2017 03:09:24 GMT
Server
Jetty(9.3.15.v20161220)
Accept-Ranges
bytes
Content-Length
39556
Content-Type
text/css
lbl-aboveheadernav.css
login.lbl.gov/idp/styles/ 		13 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login.lbl.gov/idp/styles/lbl-aboveheadernav.css
Requested by
Host: login.lbl.gov
URL: https://login.lbl.gov/idp/profile/SAML2/Redirect/SSO?execution=e1s2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
131.243.228.17 , United States, ASN16 (LBL, US),
Reverse DNS
login.lbl.gov
Software
Jetty(9.3.15.v20161220) /
Resource Hash
e7426191010181d1b05b44eb2ab6e22b5fb99db8dfd73175360545494c080f5d

Request headers

Referer
https://login.lbl.gov/idp/profile/SAML2/Redirect/SSO?execution=e1s2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Last-Modified
Sat, 28 Oct 2017 03:09:24 GMT
Server
Jetty(9.3.15.v20161220)
Accept-Ranges
bytes
Content-Length
12991
Content-Type
text/css
main.css
login.lbl.gov/idp/styles/ 		4 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login.lbl.gov/idp/styles/main.css
Requested by
Host: login.lbl.gov
URL: https://login.lbl.gov/idp/profile/SAML2/Redirect/SSO?execution=e1s2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
131.243.228.17 , United States, ASN16 (LBL, US),
Reverse DNS
login.lbl.gov
Software
Jetty(9.3.15.v20161220) /
Resource Hash
ead2764e7157627a385719f451801b9c78402c7dc3bb9f1a6780a88307567ad4

Request headers

Referer
https://login.lbl.gov/idp/profile/SAML2/Redirect/SSO?execution=e1s2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Last-Modified
Sat, 28 Oct 2017 03:09:24 GMT
Server
Jetty(9.3.15.v20161220)
Accept-Ranges
bytes
Content-Length
4334
Content-Type
text/css
lbl-style-new-login.css
login.lbl.gov/idp/styles/ 		2 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login.lbl.gov/idp/styles/lbl-style-new-login.css
Requested by
Host: login.lbl.gov
URL: https://login.lbl.gov/idp/profile/SAML2/Redirect/SSO?execution=e1s2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
131.243.228.17 , United States, ASN16 (LBL, US),
Reverse DNS
login.lbl.gov
Software
Jetty(9.3.15.v20161220) /
Resource Hash
3c8d402ab1157f773063752bc73048bbc3afa6d703dd7b1adb5503f732dd0aaa

Request headers

Referer
https://login.lbl.gov/idp/profile/SAML2/Redirect/SSO?execution=e1s2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Last-Modified
Sat, 28 Oct 2017 03:09:24 GMT
Server
Jetty(9.3.15.v20161220)
Accept-Ranges
bytes
Content-Length
2314
Content-Type
text/css
login_page_logo.png
login.lbl.gov/idp/styles/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.lbl.gov/idp/styles/images/login_page_logo.png
Requested by
Host: login.lbl.gov
URL: https://login.lbl.gov/idp/profile/SAML2/Redirect/SSO?execution=e1s2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
131.243.228.17 , United States, ASN16 (LBL, US),
Reverse DNS
login.lbl.gov
Software
Jetty(9.3.15.v20161220) /
Resource Hash
66bd9174d03ce2ebd0ddb8563bcc14be59216db3ca89740ae182f56de480a2a1

Request headers

Referer
https://login.lbl.gov/idp/profile/SAML2/Redirect/SSO?execution=e1s2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Last-Modified
Sat, 28 Oct 2017 03:09:24 GMT
Server
Jetty(9.3.15.v20161220)
Accept-Ranges
bytes
Content-Length
4544
Content-Type
image/png
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
Requested by
Host: login.lbl.gov
URL: https://login.lbl.gov/idp/profile/SAML2/Redirect/SSO?execution=e1s2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://login.lbl.gov/idp/profile/SAML2/Redirect/SSO?execution=e1s2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 17 Oct 2020 08:01:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
111187
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33434
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Oct 2021 08:01:47 GMT
collapse.js
login.lbl.gov/idp/styles/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.lbl.gov/idp/styles/collapse.js
Requested by
Host: login.lbl.gov
URL: https://login.lbl.gov/idp/profile/SAML2/Redirect/SSO?execution=e1s2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
131.243.228.17 , United States, ASN16 (LBL, US),
Reverse DNS
login.lbl.gov
Software
Jetty(9.3.15.v20161220) /
Resource Hash
312b0341b14fe6ebc3ef1381b14556e42c266e1dd9724d731b62fb6a8ce209dc

Request headers

Referer
https://login.lbl.gov/idp/profile/SAML2/Redirect/SSO?execution=e1s2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Last-Modified
Sat, 28 Oct 2017 03:09:24 GMT
Server
Jetty(9.3.15.v20161220)
Accept-Ranges
bytes
Content-Length
4840
Content-Type
application/javascript
css
fonts.googleapis.com/ 		16 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400italic,400,700|Open+Sans+Condensed:300,700,300italic
Requested by
Host: login.lbl.gov
URL: https://login.lbl.gov/idp/styles/lbl-style.css
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c3ccfa2a1393fcf6bdbfd7f1810a925fff7593555ef040db3c165e9da9a88f92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://login.lbl.gov/idp/styles/lbl-style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 18 Oct 2020 14:54:55 GMT
server
ESF
date
Sun, 18 Oct 2020 14:54:55 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 18 Oct 2020 14:54:55 GMT
random
login.lbl.gov/data/cyber-notices/ 		0
0
seal-department-of-energy.png
login.lbl.gov/idp/styles/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.lbl.gov/idp/styles/images/seal-department-of-energy.png
Requested by
Host: login.lbl.gov
URL: https://login.lbl.gov/idp/styles/lbl-style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
131.243.228.17 , United States, ASN16 (LBL, US),
Reverse DNS
login.lbl.gov
Software
Jetty(9.3.15.v20161220) /
Resource Hash
525e75ec4cf97fc700e9acc6345f9fe9e4aa80e71f879b25348a960282b0ed4a

Request headers

Referer
https://login.lbl.gov/idp/styles/lbl-style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Last-Modified
Sat, 28 Oct 2017 03:09:24 GMT
Server
Jetty(9.3.15.v20161220)
Accept-Ranges
bytes
Content-Length
2343
Content-Type
image/png
seal-university-of-california.png
login.lbl.gov/idp/styles/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.lbl.gov/idp/styles/images/seal-university-of-california.png
Requested by
Host: login.lbl.gov
URL: https://login.lbl.gov/idp/styles/lbl-style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
131.243.228.17 , United States, ASN16 (LBL, US),
Reverse DNS
login.lbl.gov
Software
Jetty(9.3.15.v20161220) /
Resource Hash
78486214fa66aa48957e349844579f52d1237a454ba9141cde1e527408a2fa1b

Request headers

Referer
https://login.lbl.gov/idp/styles/lbl-style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Last-Modified
Sat, 28 Oct 2017 03:09:24 GMT
Server
Jetty(9.3.15.v20161220)
Accept-Ranges
bytes
Content-Length
1765
Content-Type
image/png
lbl-new-social-iconsB.png
login.lbl.gov/idp/styles/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.lbl.gov/idp/styles/images/lbl-new-social-iconsB.png
Requested by
Host: login.lbl.gov
URL: https://login.lbl.gov/idp/styles/lbl-style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
131.243.228.17 , United States, ASN16 (LBL, US),
Reverse DNS
login.lbl.gov
Software
Jetty(9.3.15.v20161220) /
Resource Hash
9f18826917ec20c1ffc0ebd1de50725c882a941e7c8a1804c0723b343a3876e9

Request headers

Referer
https://login.lbl.gov/idp/styles/lbl-style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Last-Modified
Sat, 28 Oct 2017 03:09:24 GMT
Server
Jetty(9.3.15.v20161220)
Accept-Ranges
bytes
Content-Length
2628
Content-Type
image/png
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://login.lbl.gov
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,400
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 12 Oct 2020 09:05:23 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:28 GMT
server
sffe
age
539372
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9132
x-xss-protection
0
expires
Tue, 12 Oct 2021 09:05:23 GMT
random
login.lbl.gov/data/news/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
login.lbl.gov
URL
https://login.lbl.gov/data/cyber-notices/random
Domain
login.lbl.gov
URL
https://login.lbl.gov/data/news/random

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes function| $ function| jQuery function| htmlUnescape

2 Cookies

Domain/Path Name / Value
login.lbl.gov/ Name: BIGipServershibboleth-containers-production
Value: 2397306890.24810.0000
login.lbl.gov/idp Name: JSESSIONID
Value: n0x184ki56dz198kfvxrcg6fr

2 Console Messages

Source Level URL
Text
console-api log URL: https://login.lbl.gov/idp/profile/SAML2/Redirect/SSO?execution=e1s2(Line 181)
Message:
entered the jquery function
console-api log URL: https://login.lbl.gov/idp/profile/SAML2/Redirect/SSO?execution=e1s2(Line 193)
Message:
in fail

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
foundry-instruments.lbl.gov
login.lbl.gov
login.lbl.gov
131.243.228.17
2606:4700::6812:1966
2a00:1450:4001:800::200a
2a00:1450:4001:802::200a
2a00:1450:4001:81a::200a
2a00:1450:4001:825::2003
0e430441e9833f9e3b9219b4837068670afbb50171678365b95f45de9291b632
210f0d41ab613254a2c07086aecdf58f54d9e6b33d60224630ee1b61521e36d9
312b0341b14fe6ebc3ef1381b14556e42c266e1dd9724d731b62fb6a8ce209dc
3c8d402ab1157f773063752bc73048bbc3afa6d703dd7b1adb5503f732dd0aaa
525e75ec4cf97fc700e9acc6345f9fe9e4aa80e71f879b25348a960282b0ed4a
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
66bd9174d03ce2ebd0ddb8563bcc14be59216db3ca89740ae182f56de480a2a1
6bf7391fecbe9766c55c9d00c621c8f943243857ba9551c2d062c915a1783611
78486214fa66aa48957e349844579f52d1237a454ba9141cde1e527408a2fa1b
7876df91103b4d08f518ceaad941836214c247f8706ff54a89f0cc68da2c2b9c
9f18826917ec20c1ffc0ebd1de50725c882a941e7c8a1804c0723b343a3876e9
b42aca7e797bbc6b651918e18e3d0a275ee8e8699b74b81a594381b9627fa06a
b460b52be78fb671db28fb8bfbbc46b8cb82e926b980a92c894a6b155a25cdb0
c3ccfa2a1393fcf6bdbfd7f1810a925fff7593555ef040db3c165e9da9a88f92
e1c0f9e4a88c92511d4ecb197a851325fb00730d6ec970a08fa1fb96491662ff
e7426191010181d1b05b44eb2ab6e22b5fb99db8dfd73175360545494c080f5d
ead2764e7157627a385719f451801b9c78402c7dc3bb9f1a6780a88307567ad4
f0abf8635953cee99ef8ac4b68f22438997c6455b10b8c8ccfae1f3db175249a