urlscan.io logo urlscan.io
SecurityTrails logo

shib.york.ac.uk Open in urlscan Pro
144.32.129.48  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://accesstracker.york.ac.uk/
Effective URL: https://shib.york.ac.uk/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Submission: On June 12 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 4 countries across 3 domains to perform 17 HTTP transactions. The main IP is 144.32.129.48, located in York, United Kingdom and belongs to JANET Jisc Services Limited, GB. The main domain is shib.york.ac.uk.
TLS certificate: Issued by GEANT OV ECC CA 4 on November 8th 2023. Valid for: a year.
This is the only time shib.york.ac.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 52.49.113.246 16509 (AMAZON-02)
1 1 2600:9000:237... 16509 (AMAZON-02)
1 7 144.32.129.48 786 (JANET Jis...)
9 2a02:26f0:310... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:310... 20940 (AKAMAI-ASN1)
17 4
2    52.49.113.246 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-113-246.eu-west-1.compute.amazonaws.com
accesstracker.york.ac.uk
1    2600:9000:237d:b400:1d:a01:fec0:93a1 (United States)

ASN16509 (AMAZON-02, US)
auth-mfa.aws.york.ac.uk
7    144.32.129.48 (York, United Kingdom)

ASN786 (JANET Jisc Services Limited, GB)
PTR: shibvip.york.ac.uk
shib.york.ac.uk
9    2a02:26f0:3100::1735:2828 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
1    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a02:26f0:3100::1735:2808 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
Apex Domain
Subdomains		 Transfer
10 typekit.net
use.typekit.net — Cisco Umbrella Rank: 649
p.typekit.net — Cisco Umbrella Rank: 810
212 KB
10 york.ac.uk
accesstracker.york.ac.uk
auth-mfa.aws.york.ac.uk
shib.york.ac.uk
142 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79
136 KB
17 3
Domain Requested by
9 use.typekit.net shib.york.ac.uk
7 shib.york.ac.uk 1 redirects shib.york.ac.uk
2 accesstracker.york.ac.uk 2 redirects
1 p.typekit.net
1 www.googletagmanager.com shib.york.ac.uk
1 auth-mfa.aws.york.ac.uk 1 redirects
17 6

This site contains links to these domains. Also see Links.

Domain
www.york.ac.uk
Subject Issuer Validity Valid
shib.york.ac.uk
GEANT OV ECC CA 4		 2023-11-08 -
2024-11-07		 a year crt.sh
use.typekit.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-01 -
2025-03-03		 a year crt.sh
*.google-analytics.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://shib.york.ac.uk/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Frame ID: 89BBB2107351EAE53C5227A18FD4AFF7
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Please log in to continue...

Page URL History Show full URLs

  1. https://accesstracker.york.ac.uk/ HTTP 302
    https://accesstracker.york.ac.uk/auth/cognito-idp HTTP 302
    https://auth-mfa.aws.york.ac.uk/oauth2/authorize?client_id=3aveshmvt6smtneaqjcpv9juoa&redirect_uri=https%3A%... HTTP 302
    https://shib.york.ac.uk/idp/profile/SAML2/Redirect/SSO?SAMLRequest=fZHLbsIwEEX3%2FYrIe8chkBQsEoRKK1U... HTTP 302
    https://shib.york.ac.uk/idp/profile/SAML2/Redirect/SSO?execution=e1s1 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Page Statistics

17
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

6
Subdomains

4
IPs

4
Countries

487 kB
Transfer

1194 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://accesstracker.york.ac.uk/ HTTP 302
    https://accesstracker.york.ac.uk/auth/cognito-idp HTTP 302
    https://auth-mfa.aws.york.ac.uk/oauth2/authorize?client_id=3aveshmvt6smtneaqjcpv9juoa&redirect_uri=https%3A%2F%2Faccesstracker.york.ac.uk%2Fauth%2Fcognito-idp%2Fcallback&response_type=code&scope=openid+profile&state=86f1a2e92b78d92fb74b413c7e62f9c1a7c04979e21c3a6a HTTP 302
    https://shib.york.ac.uk/idp/profile/SAML2/Redirect/SSO?SAMLRequest=fZHLbsIwEEX3%2FYrIe8chkBQsEoRKK1UCVeK16AYZZwIWxE49DpR%2BfQ0UqWxY2rpn5upMf%2FBd7YMDWFRGZ6QVRiQALU2h9CYji%2Fkb7ZJB%2FtRHUe3jmg8bt9VT%2BGoAXTBEBOs892I0NhXYGdiDkrCYjjOyda5GzpjwBK1KEYojhidjd6GQYbNjl4FMFbUFrD0PJBj5oUoLd2ly43Gr1v85T7DamlLtgc2Gk3HMplAoC9Kx2eyDBO%2BjjKzWCXSLshfR5%2Bg5pR1IS7pO1y0q41KkCUjoRYmPIjbwrtEJ7TISR3GHRiltxfMo4UmHx%2B2w3el%2BkmB5sxOf7XhfGvnVR0Yaq7kRqJBrUQFyJ%2Fm5FfdR7ms6I82e5Fd9%2FLLQBm%2FGVsI9Zs8%2FqqDlJcpBO%2BVOd7sf4%2BJ2GpKfY6ISP0ZzaTZaOcOx5tDQo9dNWyvtlpOP9mvR7bP%2FLfO%2F5%2F3N818%3D&RelayState=H4sIAAAAAAAAAE2R23LaMBCG30XXCGzL1oG7hISBNCallNCh0_HosMIG2zI-kbTTd6-468XO7OHbXzu__iCJ5ggGfIOux2FW9-_pG3k2HE2Q8pNdXijlSuhz39C-QeQIXV6NPe2qvgZ5PetmFOfBSQ8YD-R933Tz2UxqDV3Xt1JfoJ1-uvYylXo6XGZy6POZdqe66B0uTDPTsiyVx7wAeAHtDPjU3l9_SF99ekLzn8g1UBfGV03rbFEC-jVBuWc4taGMQESKcSMiq1is4pBoBjSyQoeS6SAWTEAUaiLp_cyLXztQ2Gbf1kulWZJAu8gwBGK5EWoprh_8Ube3y-_IbV--rN5Ssc93Rcfj5dNLsLD0x2BP4RDyio9VCk088LW7HtLrPtjr-Du8jvvNaB7kyTyOgzSyrHXt9pu39ediuJ6C0Yzbr8fm49zu-OqYs-xgC9csyZBCVh7K6pmRhryPT8SteuaSo7t_RekvvvuGKyun8tb956efVmgespD7oJR4g9DcyrKDCWr9GrWGSCZjrBVJcKysxSIhFNsoCHmQKKBB5DV6j2YqAW6sCDALGMUxUIsVVSHWkZU0AQ0iSNDff4Je8dE0AgAA.H4sIAAAAAAAAAHM73dg4b8qWpox3344UqlXGc_kvYdhwcPvstr3c3aw3mTIB-sFuWCAAAAA.3 HTTP 302
    https://shib.york.ac.uk/idp/profile/SAML2/Redirect/SSO?execution=e1s1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request SSO
shib.york.ac.uk/idp/profile/SAML2/Redirect/
Redirect Chain
  • https://accesstracker.york.ac.uk/
  • https://accesstracker.york.ac.uk/auth/cognito-idp
  • https://auth-mfa.aws.york.ac.uk/oauth2/authorize?client_id=3aveshmvt6smtneaqjcpv9juoa&redirect_uri=https%3A%2F%2Faccesstracker.york.ac.uk%2Fauth%2Fcognito-idp%2Fcallback&response_type=code&scope=op...
  • https://shib.york.ac.uk/idp/profile/SAML2/Redirect/SSO?SAMLRequest=fZHLbsIwEEX3%2FYrIe8chkBQsEoRKK1UCVeK16AYZZwIWxE49DpR%2BfQ0UqWxY2rpn5upMf%2FBd7YMDWFRGZ6QVRiQALU2h9CYji%2Fkb7ZJB%2FtRHUe3jmg8bt9VT...
  • https://shib.york.ac.uk/idp/profile/SAML2/Redirect/SSO?execution=e1s1
6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://shib.york.ac.uk/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
144.32.129.48 York, United Kingdom, ASN786 (JANET Jisc Services Limited, GB),
Reverse DNS
shibvip.york.ac.uk
Software
Apache /
Resource Hash
6d204fcf14bfe1c564cc2394067079380cc076e702bcff5f33a30322b9ce62c3
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://vle.york.ac.uk
Strict-Transport-Security max-age=63072000
X-Frame-Options ALLOW-FROM https://vle.york.ac.uk/

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-store
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1914
Content-Security-Policy
frame-ancestors https://vle.york.ac.uk
Content-Type
text/html;charset=utf-8
Date
Wed, 12 Jun 2024 05:54:23 GMT
Expires
Keep-Alive
timeout=3, max=99
Server
Apache
Strict-Transport-Security
max-age=63072000
Vary
Accept-Encoding
X-Frame-Options
ALLOW-FROM https://vle.york.ac.uk/

Redirect headers

Cache-Control
no-store
Connection
Keep-Alive
Content-Length
0
Content-Security-Policy
frame-ancestors https://vle.york.ac.uk
Date
Wed, 12 Jun 2024 05:54:23 GMT
Expires
Keep-Alive
timeout=3, max=100
Location
/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Server
Apache
Strict-Transport-Security
max-age=63072000
X-Frame-Options
ALLOW-FROM https://vle.york.ac.uk/
styles.min.css
shib.york.ac.uk/static/current/css/ 		147 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://shib.york.ac.uk/static/current/css/styles.min.css
Requested by
Host: shib.york.ac.uk
URL: https://shib.york.ac.uk/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
144.32.129.48 York, United Kingdom, ASN786 (JANET Jisc Services Limited, GB),
Reverse DNS
shibvip.york.ac.uk
Software
Apache /
Resource Hash
5013f611977f388a91e019eee59bd1eb99a9c338e19c379b68fb77ebd2088840

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://shib.york.ac.uk/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 12 Jun 2024 05:54:23 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 May 2022 12:43:34 GMT
Server
Apache
ETag
"24d12-5dea7ac47e485-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=98
Content-Length
25286
modernizr.min.js
shib.york.ac.uk/static/current/js/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shib.york.ac.uk/static/current/js/modernizr.min.js
Requested by
Host: shib.york.ac.uk
URL: https://shib.york.ac.uk/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
144.32.129.48 York, United Kingdom, ASN786 (JANET Jisc Services Limited, GB),
Reverse DNS
shibvip.york.ac.uk
Software
Apache /
Resource Hash
d558dac200d82f02ddafca424d8a8fb2cf3c49dc503b049418398e22aabb3a0e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://shib.york.ac.uk/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 12 Jun 2024 05:54:23 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 May 2022 12:43:34 GMT
Server
Apache
ETag
"14a1-5dea7ac4832a6-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=100
Content-Length
2331
app.min.js
shib.york.ac.uk/static/current/js/ 		210 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shib.york.ac.uk/static/current/js/app.min.js
Requested by
Host: shib.york.ac.uk
URL: https://shib.york.ac.uk/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
144.32.129.48 York, United Kingdom, ASN786 (JANET Jisc Services Limited, GB),
Reverse DNS
shibvip.york.ac.uk
Software
Apache /
Resource Hash
073fa39dafce444b30c6b18ba35268152fc648e4b49fff17c75e62718f52397d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://shib.york.ac.uk/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 12 Jun 2024 05:54:23 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 May 2022 12:43:34 GMT
Server
Apache
ETag
"34637-5dea7ac4880c7-gzip"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=100
dvj8rpp.js
use.typekit.net/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/dvj8rpp.js
Requested by
Host: shib.york.ac.uk
URL: https://shib.york.ac.uk/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2828 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
503c0c6fb81cca11580fd3e2481136b3f6ffd93ecef182416794319347c7ee68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://shib.york.ac.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Wed, 12 Jun 2024 05:54:23 GMT
server
nginx
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
6950
logo.png
shib.york.ac.uk/static/current/img/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shib.york.ac.uk/static/current/img/logo.png
Requested by
Host: shib.york.ac.uk
URL: https://shib.york.ac.uk/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
144.32.129.48 York, United Kingdom, ASN786 (JANET Jisc Services Limited, GB),
Reverse DNS
shibvip.york.ac.uk
Software
Apache /
Resource Hash
391bc16fbff5760c6ed998cdf2c3b03698bc7745d0d6d5894b2903b3aef35f19

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://shib.york.ac.uk/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 12 Jun 2024 05:54:23 GMT
Last-Modified
Tue, 10 May 2022 12:43:34 GMT
Server
Apache
ETag
"7831-5dea7ac48de88"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=99
Content-Length
30769
gtm.js
www.googletagmanager.com/ 		567 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WXLX54
Requested by
Host: shib.york.ac.uk
URL: https://shib.york.ac.uk/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
770084365c7b494398da4f5845a5fd3b87b5076b856722825d79bd4e7afe60bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://shib.york.ac.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 05:54:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
138620
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 12 Jun 2024 05:54:23 GMT
l
use.typekit.net/af/17d530/00000000000000003b9aee4f/27/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/17d530/00000000000000003b9aee4f/27/l?primer=7401cd9b0fa4555d75aa9adaba09ad7f48141f1762492082c4de9de709de2ddd&fvd=n6&v=3
Requested by
Host: shib.york.ac.uk
URL: https://shib.york.ac.uk/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2828 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
8f1baf6d8e5afb483d91315cba9e7d5b75bbdc66d802ecf65fd4c756bb4fc7ff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://shib.york.ac.uk/
Origin
https://shib.york.ac.uk
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 05:54:23 GMT
server
nginx
etag
"c657a866249b40c19e74a825f618206fca4f8ca4"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
31140
l
use.typekit.net/af/e3ca36/00000000000000000000e805/27/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/e3ca36/00000000000000000000e805/27/l?primer=fff1a989570eb474b8c22c57cc7199e63bfc7e911b750165d0199218f0b7e7cc&fvd=n7&v=3
Requested by
Host: shib.york.ac.uk
URL: https://shib.york.ac.uk/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2828 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
2cc1356cba40afb15d8a8b0aace114d553e158a1e574c463c69a2a30832b6d21

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://shib.york.ac.uk/
Origin
https://shib.york.ac.uk
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 05:54:23 GMT
server
nginx
etag
"0e98fea0e8ed6cdd4d99e305a135e9c94f2fc7ea"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
20700
l
use.typekit.net/af/620bf8/00000000000000000000e7fe/27/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/620bf8/00000000000000000000e7fe/27/l?primer=fff1a989570eb474b8c22c57cc7199e63bfc7e911b750165d0199218f0b7e7cc&fvd=n3&v=3
Requested by
Host: shib.york.ac.uk
URL: https://shib.york.ac.uk/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2828 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
bff7e97d6da72947db18c510ab65e049740983017fa6cd3b083a2a6b1b016d3e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://shib.york.ac.uk/
Origin
https://shib.york.ac.uk
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 05:54:23 GMT
server
nginx
etag
"379f3952e0ed27af340643189abb0558d1f3cd9f"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
20432
l
use.typekit.net/af/5cca6d/00000000000000000000e802/27/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/5cca6d/00000000000000000000e802/27/l?primer=fff1a989570eb474b8c22c57cc7199e63bfc7e911b750165d0199218f0b7e7cc&fvd=i3&v=3
Requested by
Host: shib.york.ac.uk
URL: https://shib.york.ac.uk/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2828 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
b40980dc7dc472ffb2ca46f4cf22a30cb911ba50c854da58eaa7e98fc8423fc3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://shib.york.ac.uk/
Origin
https://shib.york.ac.uk
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 05:54:23 GMT
server
nginx
etag
"ada5117acd447b0d15e4ac85f04f68d4dc086b01"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
21068
l
use.typekit.net/af/2841b6/00000000000000000000e806/27/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/2841b6/00000000000000000000e806/27/l?primer=fff1a989570eb474b8c22c57cc7199e63bfc7e911b750165d0199218f0b7e7cc&fvd=i7&v=3
Requested by
Host: shib.york.ac.uk
URL: https://shib.york.ac.uk/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2828 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
bbc000b3f470ce281139e5eed7208ae81b6b6f041f3a4ab73cf6a7c8357538fb

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://shib.york.ac.uk/
Origin
https://shib.york.ac.uk
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 05:54:23 GMT
server
nginx
etag
"0e2556abce29eed2a9528e01488631677722f8df"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
21668
l
use.typekit.net/af/9da37c/00000000000000003b9aee4e/27/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/9da37c/00000000000000003b9aee4e/27/l?primer=7401cd9b0fa4555d75aa9adaba09ad7f48141f1762492082c4de9de709de2ddd&fvd=n4&v=3
Requested by
Host: shib.york.ac.uk
URL: https://shib.york.ac.uk/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2828 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
74c5ddeeff35653e9f048a78f3380d0a021eaaf3082161511244e1d49c269bcb

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://shib.york.ac.uk/
Origin
https://shib.york.ac.uk
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 05:54:23 GMT
server
nginx
etag
"7eb447698073c61c5b3e2b4c97a93b17b51830fa"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
31276
l
use.typekit.net/af/6d0ba6/00000000000000003b9aee4d/27/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/6d0ba6/00000000000000003b9aee4d/27/l?primer=7401cd9b0fa4555d75aa9adaba09ad7f48141f1762492082c4de9de709de2ddd&fvd=i4&v=3
Requested by
Host: shib.york.ac.uk
URL: https://shib.york.ac.uk/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2828 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
6e672afda7e734ae3d59cb4ecf8859e13212ebaf3e6bf37f5d3db68e569e3ff4

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://shib.york.ac.uk/
Origin
https://shib.york.ac.uk
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 05:54:23 GMT
server
nginx
etag
"be0c12c84b3714ba0aed56942429d2e5e57abae9"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
30780
l
use.typekit.net/af/21d580/00000000000000003b9aee50/27/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/21d580/00000000000000003b9aee50/27/l?primer=7401cd9b0fa4555d75aa9adaba09ad7f48141f1762492082c4de9de709de2ddd&fvd=i6&v=3
Requested by
Host: shib.york.ac.uk
URL: https://shib.york.ac.uk/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2828 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
700d3609acbf1f75e634b1a91b56dc0e398c1b0b127f78fad16ea31f1d912515

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://shib.york.ac.uk/
Origin
https://shib.york.ac.uk
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 05:54:23 GMT
server
nginx
etag
"4c5b7f20cfd98dc8967a26275f69dbd105371390"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
31156
p.gif
p.typekit.net/ 		35 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.typekit.net/p.gif?s=1&k=dvj8rpp&ht=tk&h=shib.york.ac.uk&f=2005.2006.2009.2010.6905.6906.6911.6912&a=3113404&js=1.21.0&app=typekit&e=js&_=1718171664035
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:2808 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://shib.york.ac.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 05:54:24 GMT
last-modified
Sun, 14 Jan 2024 12:45:14 GMT
server
nginx
etag
"65a3d75a-23"
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
35
favicon.ico
shib.york.ac.uk/static/current/img/ 		8 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://shib.york.ac.uk/static/current/img/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
144.32.129.48 York, United Kingdom, ASN786 (JANET Jisc Services Limited, GB),
Reverse DNS
shibvip.york.ac.uk
Software
Apache /
Resource Hash
08b5170c09710288f9a4488788da272506e912bc8e89a31fc8fb9b26a94dc1ec

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://shib.york.ac.uk/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 12 Jun 2024 05:54:24 GMT
Last-Modified
Tue, 10 May 2022 12:43:34 GMT
Server
Apache
ETag
"209c-5dea7ac4786c3"
Content-Type
image/vnd.microsoft.icon
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=98
Content-Length
8348

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| Modernizr function| requirejs function| require function| define function| $ function| jQuery function| picturefill object| $window object| $html function| gMapsCallback object| Typekit object| dataLayer object| jQuery111306940777533861391 string| mq object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data

5 Cookies

Domain/Path Name / Value
shib.york.ac.uk/idp Name: JSESSIONID
Value: 79C704BA5C0A35C73C35D01EBEEE72AE
accesstracker.york.ac.uk/ Name: rack.session
Value: 27b6eab2026b7916fbb5534fa1320e2c--f03cdef4436a2ba208ca1eb9a0c27ce1f78127f87b97c221544a01343cab7806
auth-mfa.aws.york.ac.uk/ Name: XSRF-TOKEN
Value: e3c7bbec-4341-443e-917c-32a9c39503c6
auth-mfa.aws.york.ac.uk/ Name: csrf-state
Value: W6eQ_RIFbc755erC_-e09FN9bF9qx8Bcrwkz2oQJKHOM9UhSis84FDJ0Cf6Xufg1u18m8vmMep4u8IoqWMqU0Uc4TeLvUNvdAagdBvuadalncnoUNOIyCuqg0vdvQPZpxjrS8HZh7_WfiopF3uMe_lWlmE73p3VvD3oHt7o5Zo8
auth-mfa.aws.york.ac.uk/ Name: csrf-state-legacy
Value: W6eQ_RIFbc755erC_-e09FN9bF9qx8Bcrwkz2oQJKHOM9UhSis84FDJ0Cf6Xufg1u18m8vmMep4u8IoqWMqU0Uc4TeLvUNvdAagdBvuadalncnoUNOIyCuqg0vdvQPZpxjrS8HZh7_WfiopF3uMe_lWlmE73p3VvD3oHt7o5Zo8

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://shib.york.ac.uk/idp/profile/SAML2/Redirect/SSO?execution=e1s1
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors https://vle.york.ac.uk
Strict-Transport-Security max-age=63072000
X-Frame-Options ALLOW-FROM https://vle.york.ac.uk/

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accesstracker.york.ac.uk
auth-mfa.aws.york.ac.uk
p.typekit.net
shib.york.ac.uk
use.typekit.net
www.googletagmanager.com
144.32.129.48
2600:9000:237d:b400:1d:a01:fec0:93a1
2a00:1450:4001:810::2008
2a02:26f0:3100::1735:2808
2a02:26f0:3100::1735:2828
52.49.113.246
073fa39dafce444b30c6b18ba35268152fc648e4b49fff17c75e62718f52397d
08b5170c09710288f9a4488788da272506e912bc8e89a31fc8fb9b26a94dc1ec
2cc1356cba40afb15d8a8b0aace114d553e158a1e574c463c69a2a30832b6d21
391bc16fbff5760c6ed998cdf2c3b03698bc7745d0d6d5894b2903b3aef35f19
5013f611977f388a91e019eee59bd1eb99a9c338e19c379b68fb77ebd2088840
503c0c6fb81cca11580fd3e2481136b3f6ffd93ecef182416794319347c7ee68
6d204fcf14bfe1c564cc2394067079380cc076e702bcff5f33a30322b9ce62c3
6e672afda7e734ae3d59cb4ecf8859e13212ebaf3e6bf37f5d3db68e569e3ff4
700d3609acbf1f75e634b1a91b56dc0e398c1b0b127f78fad16ea31f1d912515
74c5ddeeff35653e9f048a78f3380d0a021eaaf3082161511244e1d49c269bcb
770084365c7b494398da4f5845a5fd3b87b5076b856722825d79bd4e7afe60bb
8f1baf6d8e5afb483d91315cba9e7d5b75bbdc66d802ecf65fd4c756bb4fc7ff
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
b40980dc7dc472ffb2ca46f4cf22a30cb911ba50c854da58eaa7e98fc8423fc3
bbc000b3f470ce281139e5eed7208ae81b6b6f041f3a4ab73cf6a7c8357538fb
bff7e97d6da72947db18c510ab65e049740983017fa6cd3b083a2a6b1b016d3e
d558dac200d82f02ddafca424d8a8fb2cf3c49dc503b049418398e22aabb3a0e