Submitted URL: http://accommodation.york.ac.uk/
Effective URL: https://shib.york.ac.uk/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Submission: On August 31 via api from GB — Scanned from GB

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 16 HTTP transactions. The main IP is 144.32.129.48, located in United Kingdom and belongs to JANET Jisc Services Limited, GB. The main domain is shib.york.ac.uk.
TLS certificate: Issued by GEANT OV ECC CA 4 on November 11th 2022. Valid for: a year.
This is the only time shib.york.ac.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 144.32.129.12 786 (JANET Jis...)
1 6 144.32.129.48 786 (JANET Jis...)
9 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
16 4
Apex Domain
Subdomains
Transfer
10 typekit.net
use.typekit.net — Cisco Umbrella Rank: 477
p.typekit.net — Cisco Umbrella Rank: 588
212 KB
8 york.ac.uk
accommodation.york.ac.uk
shib.york.ac.uk
132 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 47
112 KB
16 3
Domain Requested by
9 use.typekit.net shib.york.ac.uk
6 shib.york.ac.uk 1 redirects shib.york.ac.uk
2 accommodation.york.ac.uk 2 redirects
1 p.typekit.net
1 www.googletagmanager.com shib.york.ac.uk
16 5

This site contains links to these domains. Also see Links.

Domain
www.york.ac.uk
Subject Issuer Validity Valid
shib.york.ac.uk
GEANT OV ECC CA 4
2022-11-11 -
2023-11-11
a year crt.sh
use.typekit.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-09-14 -
2023-10-15
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-08-07 -
2023-10-30
3 months crt.sh

This page contains 1 frames:

Primary Page: https://shib.york.ac.uk/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Frame ID: ACD12097200CFB61AD566176BFB7A88F
Requests: 16 HTTP requests in this frame

Screenshot

Page Title

Please log in to continue...

Page URL History Show full URLs

  1. http://accommodation.york.ac.uk/ HTTP 301
    https://accommodation.york.ac.uk/ HTTP 302
    https://shib.york.ac.uk/idp/profile/SAML2/Redirect/SSO?SAMLRequest=hZLLUsIwFIZfpZM9DU3llqHMICxkBqVDq... HTTP 302
    https://shib.york.ac.uk/idp/profile/SAML2/Redirect/SSO?execution=e1s1 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Page Statistics

16
Requests

100 %
HTTPS

60 %
IPv6

3
Domains

5
Subdomains

4
IPs

2
Countries

455 kB
Transfer

1107 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://accommodation.york.ac.uk/ HTTP 301
    https://accommodation.york.ac.uk/ HTTP 302
    https://shib.york.ac.uk/idp/profile/SAML2/Redirect/SSO?SAMLRequest=hZLLUsIwFIZfpZM9DU3llqHMICxkBqVDqws3TpoebIY2qTmpyttbKCpucJ3%2Fcv5vMkVRlTWfN67QW3hrAJ33WZUa%2BekhIo3V3AhUyLWoALmTPJnfrznz%2B7y2xhlpSuLNEcE6ZfTCaGwqsAnYdyXhcbuOSOFcjZxSIaWpKpOLo9A%2FGLv3hfSbPU0KlWWmBFf4iIYe8xmNN0lKvGV7kNInx28QtvpLv8pr2t6yUyWczVvIlQXpaJJsiLdaRuSFyYwJycYwCIZyBzcMdhORjScZhLvRcJS3MsQGVhqd0C4irM%2FCXn%2FcC4M0CPlgwgP2TLz4PPlW6Vzp1%2Bt8sk6E%2FC5N41436Aksnsa0AjKbHinzU7G94H49VnzDJrN%2F0eIP2im96OqKa%2F7Qhq%2BWsSmVPHjzsjQfCwvCQUQCQmed5e%2FvmH0B&RelayState=ss%3Amem%3Ac2d88925c02c9f5291bd3f4e26c52337929113799b1245adeb6cc430dd9ba2b2 HTTP 302
    https://shib.york.ac.uk/idp/profile/SAML2/Redirect/SSO?execution=e1s1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request SSO
shib.york.ac.uk/idp/profile/SAML2/Redirect/
Redirect Chain
  • http://accommodation.york.ac.uk/
  • https://accommodation.york.ac.uk/
  • https://shib.york.ac.uk/idp/profile/SAML2/Redirect/SSO?SAMLRequest=hZLLUsIwFIZfpZM9DU3llqHMICxkBqVDqws3TpoebIY2qTmpyttbKCpucJ3%2Fcv5vMkVRlTWfN67QW3hrAJ33WZUa%2BekhIo3V3AhUyLWoALmTPJnfrznz%2B7y2xhlp...
  • https://shib.york.ac.uk/idp/profile/SAML2/Redirect/SSO?execution=e1s1
6 KB
2 KB
Document
General
Full URL
https://shib.york.ac.uk/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
144.32.129.48 , United Kingdom, ASN786 (JANET Jisc Services Limited, GB),
Reverse DNS
shibvip.york.ac.uk
Software
Apache /
Resource Hash
3197271dd209c44254578d7111f4de9c8b08c2810927243d065609ce4922b550
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://vle.york.ac.uk
Strict-Transport-Security max-age=63072000
X-Frame-Options ALLOW-FROM https://vle.york.ac.uk/

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
no-store
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1897
Content-Security-Policy
frame-ancestors https://vle.york.ac.uk
Content-Type
text/html;charset=utf-8
Date
Thu, 31 Aug 2023 13:59:12 GMT
Expires
Keep-Alive
timeout=3, max=99
Server
Apache
Strict-Transport-Security
max-age=63072000
Vary
Accept-Encoding
X-Frame-Options
ALLOW-FROM https://vle.york.ac.uk/

Redirect headers

Cache-Control
no-store
Connection
Keep-Alive
Content-Length
0
Content-Security-Policy
frame-ancestors https://vle.york.ac.uk
Date
Thu, 31 Aug 2023 13:59:12 GMT
Expires
Keep-Alive
timeout=3, max=100
Location
/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Server
Apache
Strict-Transport-Security
max-age=63072000
X-Frame-Options
ALLOW-FROM https://vle.york.ac.uk/
styles.min.css
shib.york.ac.uk/static/current/css/
147 KB
25 KB
Stylesheet
General
Full URL
https://shib.york.ac.uk/static/current/css/styles.min.css
Requested by
Host: shib.york.ac.uk
URL: https://shib.york.ac.uk/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
144.32.129.48 , United Kingdom, ASN786 (JANET Jisc Services Limited, GB),
Reverse DNS
shibvip.york.ac.uk
Software
Apache /
Resource Hash
5013f611977f388a91e019eee59bd1eb99a9c338e19c379b68fb77ebd2088840

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://shib.york.ac.uk/idp/profile/SAML2/Redirect/SSO?execution=e1s1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Thu, 31 Aug 2023 13:59:12 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 May 2022 12:43:34 GMT
Server
Apache
ETag
"24d12-5dea7ac47e485-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=98
Content-Length
25286
modernizr.min.js
shib.york.ac.uk/static/current/js/
5 KB
3 KB
Script
General
Full URL
https://shib.york.ac.uk/static/current/js/modernizr.min.js
Requested by
Host: shib.york.ac.uk
URL: https://shib.york.ac.uk/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
144.32.129.48 , United Kingdom, ASN786 (JANET Jisc Services Limited, GB),
Reverse DNS
shibvip.york.ac.uk
Software
Apache /
Resource Hash
d558dac200d82f02ddafca424d8a8fb2cf3c49dc503b049418398e22aabb3a0e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://shib.york.ac.uk/idp/profile/SAML2/Redirect/SSO?execution=e1s1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Thu, 31 Aug 2023 13:59:12 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 May 2022 12:43:34 GMT
Server
Apache
ETag
"14a1-5dea7ac4832a6-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=100
Content-Length
2331
app.min.js
shib.york.ac.uk/static/current/js/
210 KB
70 KB
Script
General
Full URL
https://shib.york.ac.uk/static/current/js/app.min.js
Requested by
Host: shib.york.ac.uk
URL: https://shib.york.ac.uk/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
144.32.129.48 , United Kingdom, ASN786 (JANET Jisc Services Limited, GB),
Reverse DNS
shibvip.york.ac.uk
Software
Apache /
Resource Hash
073fa39dafce444b30c6b18ba35268152fc648e4b49fff17c75e62718f52397d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://shib.york.ac.uk/idp/profile/SAML2/Redirect/SSO?execution=e1s1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Thu, 31 Aug 2023 13:59:12 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 May 2022 12:43:34 GMT
Server
Apache
ETag
"34637-5dea7ac4880c7-gzip"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=100
dvj8rpp.js
use.typekit.net/
19 KB
7 KB
Script
General
Full URL
https://use.typekit.net/dvj8rpp.js
Requested by
Host: shib.york.ac.uk
URL: https://shib.york.ac.uk/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
0cba6ce502454900aaf475281f6190dd80f6354490bb282fedb607d7c4299950
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://shib.york.ac.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Thu, 31 Aug 2023 13:59:12 GMT
server
nginx
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
6950
logo.png
shib.york.ac.uk/static/current/img/
30 KB
30 KB
Image
General
Full URL
https://shib.york.ac.uk/static/current/img/logo.png
Requested by
Host: shib.york.ac.uk
URL: https://shib.york.ac.uk/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
144.32.129.48 , United Kingdom, ASN786 (JANET Jisc Services Limited, GB),
Reverse DNS
shibvip.york.ac.uk
Software
Apache /
Resource Hash
391bc16fbff5760c6ed998cdf2c3b03698bc7745d0d6d5894b2903b3aef35f19

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://shib.york.ac.uk/idp/profile/SAML2/Redirect/SSO?execution=e1s1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Thu, 31 Aug 2023 13:59:12 GMT
Last-Modified
Tue, 10 May 2022 12:43:34 GMT
Server
Apache
ETag
"7831-5dea7ac48de88"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=99
Content-Length
30769
gtm.js
www.googletagmanager.com/
487 KB
112 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WXLX54
Requested by
Host: shib.york.ac.uk
URL: https://shib.york.ac.uk/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d4316f0247ee9d76c0de505724798825793cf3b6f16876f257a278bd17d005e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://shib.york.ac.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 13:59:12 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
114654
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 31 Aug 2023 13:59:12 GMT
l
use.typekit.net/af/17d530/00000000000000003b9aee4f/27/
30 KB
31 KB
Font
General
Full URL
https://use.typekit.net/af/17d530/00000000000000003b9aee4f/27/l?primer=7401cd9b0fa4555d75aa9adaba09ad7f48141f1762492082c4de9de709de2ddd&fvd=n6&v=3
Requested by
Host: shib.york.ac.uk
URL: https://shib.york.ac.uk/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
8f1baf6d8e5afb483d91315cba9e7d5b75bbdc66d802ecf65fd4c756bb4fc7ff

Request headers

Referer
https://shib.york.ac.uk/
Origin
https://shib.york.ac.uk
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 13:59:12 GMT
server
nginx
etag
"c657a866249b40c19e74a825f618206fca4f8ca4"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
31140
l
use.typekit.net/af/e3ca36/00000000000000000000e805/27/
20 KB
20 KB
Font
General
Full URL
https://use.typekit.net/af/e3ca36/00000000000000000000e805/27/l?primer=fff1a989570eb474b8c22c57cc7199e63bfc7e911b750165d0199218f0b7e7cc&fvd=n7&v=3
Requested by
Host: shib.york.ac.uk
URL: https://shib.york.ac.uk/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
2cc1356cba40afb15d8a8b0aace114d553e158a1e574c463c69a2a30832b6d21

Request headers

Referer
https://shib.york.ac.uk/
Origin
https://shib.york.ac.uk
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 13:59:12 GMT
server
nginx
etag
"0e98fea0e8ed6cdd4d99e305a135e9c94f2fc7ea"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
20700
l
use.typekit.net/af/620bf8/00000000000000000000e7fe/27/
20 KB
20 KB
Font
General
Full URL
https://use.typekit.net/af/620bf8/00000000000000000000e7fe/27/l?primer=fff1a989570eb474b8c22c57cc7199e63bfc7e911b750165d0199218f0b7e7cc&fvd=n3&v=3
Requested by
Host: shib.york.ac.uk
URL: https://shib.york.ac.uk/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
bff7e97d6da72947db18c510ab65e049740983017fa6cd3b083a2a6b1b016d3e

Request headers

Referer
https://shib.york.ac.uk/
Origin
https://shib.york.ac.uk
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 13:59:12 GMT
server
nginx
etag
"379f3952e0ed27af340643189abb0558d1f3cd9f"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
20432
l
use.typekit.net/af/5cca6d/00000000000000000000e802/27/
21 KB
21 KB
Font
General
Full URL
https://use.typekit.net/af/5cca6d/00000000000000000000e802/27/l?primer=fff1a989570eb474b8c22c57cc7199e63bfc7e911b750165d0199218f0b7e7cc&fvd=i3&v=3
Requested by
Host: shib.york.ac.uk
URL: https://shib.york.ac.uk/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
b40980dc7dc472ffb2ca46f4cf22a30cb911ba50c854da58eaa7e98fc8423fc3

Request headers

Referer
https://shib.york.ac.uk/
Origin
https://shib.york.ac.uk
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 13:59:12 GMT
server
nginx
etag
"ada5117acd447b0d15e4ac85f04f68d4dc086b01"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
21068
l
use.typekit.net/af/2841b6/00000000000000000000e806/27/
21 KB
21 KB
Font
General
Full URL
https://use.typekit.net/af/2841b6/00000000000000000000e806/27/l?primer=fff1a989570eb474b8c22c57cc7199e63bfc7e911b750165d0199218f0b7e7cc&fvd=i7&v=3
Requested by
Host: shib.york.ac.uk
URL: https://shib.york.ac.uk/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
bbc000b3f470ce281139e5eed7208ae81b6b6f041f3a4ab73cf6a7c8357538fb

Request headers

Referer
https://shib.york.ac.uk/
Origin
https://shib.york.ac.uk
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 13:59:12 GMT
server
nginx
etag
"0e2556abce29eed2a9528e01488631677722f8df"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
21668
l
use.typekit.net/af/9da37c/00000000000000003b9aee4e/27/
31 KB
31 KB
Font
General
Full URL
https://use.typekit.net/af/9da37c/00000000000000003b9aee4e/27/l?primer=7401cd9b0fa4555d75aa9adaba09ad7f48141f1762492082c4de9de709de2ddd&fvd=n4&v=3
Requested by
Host: shib.york.ac.uk
URL: https://shib.york.ac.uk/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
74c5ddeeff35653e9f048a78f3380d0a021eaaf3082161511244e1d49c269bcb

Request headers

Referer
https://shib.york.ac.uk/
Origin
https://shib.york.ac.uk
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 13:59:12 GMT
server
nginx
etag
"7eb447698073c61c5b3e2b4c97a93b17b51830fa"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
31276
l
use.typekit.net/af/6d0ba6/00000000000000003b9aee4d/27/
30 KB
30 KB
Font
General
Full URL
https://use.typekit.net/af/6d0ba6/00000000000000003b9aee4d/27/l?primer=7401cd9b0fa4555d75aa9adaba09ad7f48141f1762492082c4de9de709de2ddd&fvd=i4&v=3
Requested by
Host: shib.york.ac.uk
URL: https://shib.york.ac.uk/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
6e672afda7e734ae3d59cb4ecf8859e13212ebaf3e6bf37f5d3db68e569e3ff4

Request headers

Referer
https://shib.york.ac.uk/
Origin
https://shib.york.ac.uk
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 13:59:12 GMT
server
nginx
etag
"be0c12c84b3714ba0aed56942429d2e5e57abae9"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
30780
l
use.typekit.net/af/21d580/00000000000000003b9aee50/27/
30 KB
31 KB
Font
General
Full URL
https://use.typekit.net/af/21d580/00000000000000003b9aee50/27/l?primer=7401cd9b0fa4555d75aa9adaba09ad7f48141f1762492082c4de9de709de2ddd&fvd=i6&v=3
Requested by
Host: shib.york.ac.uk
URL: https://shib.york.ac.uk/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
700d3609acbf1f75e634b1a91b56dc0e398c1b0b127f78fad16ea31f1d912515

Request headers

Referer
https://shib.york.ac.uk/
Origin
https://shib.york.ac.uk
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 13:59:12 GMT
server
nginx
etag
"4c5b7f20cfd98dc8967a26275f69dbd105371390"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
31156
p.gif
p.typekit.net/
35 B
219 B
Image
General
Full URL
https://p.typekit.net/p.gif?s=1&k=dvj8rpp&ht=tk&h=shib.york.ac.uk&f=2005.2006.2009.2010.6905.6906.6911.6912&a=3113404&js=1.21.0&app=typekit&e=js&_=1693490353146
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://shib.york.ac.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

unused62
8096267
date
Thu, 31 Aug 2023 13:59:13 GMT
last-modified
Sat, 09 Oct 2021 02:10:03 GMT
server
nginx
etag
"6160f9fb-23"
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
35

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| Modernizr function| requirejs function| require function| define function| $ function| jQuery function| picturefill object| $window object| $html function| gMapsCallback object| Typekit object| dataLayer object| jQuery11130223671535265195 string| mq object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data

2 Cookies

Domain/Path Name / Value
shib.york.ac.uk/idp Name: JSESSIONID
Value: 3129C12E2208C3FAD92107BDA4B651D1
accommodation.york.ac.uk/ Name: _opensaml_req_ss%3Amem%3Ac2d88925c02c9f5291bd3f4e26c52337929113799b1245adeb6cc430dd9ba2b2
Value: _2cb2ac28e516cfe42ef9ab89be3f767d

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors https://vle.york.ac.uk
Strict-Transport-Security max-age=63072000
X-Frame-Options ALLOW-FROM https://vle.york.ac.uk/