urlscan.io logo urlscan.io
SecurityTrails logo

shibb-idp.georgetown.edu Open in urlscan Pro
141.161.99.110  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://secure.advancement.georgetown.edu/s/1686/18/giving.aspx
Effective URL: https://shibb-idp.georgetown.edu/idp/profile/SAML2/POST/SSO?execution=e1s1
Submission: On June 13 via api from IE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 1 domains to perform 4 HTTP transactions. The main IP is 141.161.99.110, located in Silver Spring, United States and belongs to GU, US. The main domain is shibb-idp.georgetown.edu. The Cisco Umbrella rank of the primary domain is 492471.
TLS certificate: Issued by InCommon RSA Server CA on January 14th 2022. Valid for: a year.
This is the only time shibb-idp.georgetown.edu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 5 2606:4700::68... 13335 (CLOUDFLAR...)
1 4 141.161.99.110 11318 (GU)
4 3
Apex Domain
Subdomains		 Transfer
9 georgetown.edu
secure.advancement.georgetown.edu
shibb-idp.georgetown.edu — Cisco Umbrella Rank: 492471
30 KB
4 1
Domain Requested by
5 secure.advancement.georgetown.edu 4 redirects
4 shibb-idp.georgetown.edu 1 redirects shibb-idp.georgetown.edu
4 2

This site contains links to these domains. Also see Links.

Domain
password.georgetown.edu
Subject Issuer Validity Valid
secure.advancement.georgetown.edu
Cloudflare Inc ECC CA-3		 2021-09-15 -
2022-09-14		 a year crt.sh
shibb-idp.georgetown.edu
InCommon RSA Server CA		 2022-01-14 -
2023-01-14		 a year crt.sh

This page contains 1 frames:

Primary Page: https://shibb-idp.georgetown.edu/idp/profile/SAML2/POST/SSO?execution=e1s1
Frame ID: B04DD1199C54D8399ECE6FD64F9EE969
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Single Signon - Georgetown University

Page URL History Show full URLs

  1. https://secure.advancement.georgetown.edu/s/1686/18/giving.aspx HTTP 302
    https://secure.advancement.georgetown.edu/controls/login/sts.ashx?sid=1686&gid=1&returnUrl=https%3a%2f%2fsecure.advanc... HTTP 302
    https://secure.advancement.georgetown.edu/s/1686/18/giving.aspx?sessionid=610077d5-1f68-483a-a5b9-c68cb7aa94f3&cc=1 HTTP 302
    https://secure.advancement.georgetown.edu/s/resources/templates/blank.aspx HTTP 302
    https://secure.advancement.georgetown.edu/s/resources/templates/blank.aspx?sid=1686&gid=1&pgid=3&cid=40&returnurl=http... Page URL
  2. https://shibb-idp.georgetown.edu/idp/profile/SAML2/POST/SSO HTTP 302
    https://shibb-idp.georgetown.edu/idp/profile/SAML2/POST/SSO?execution=e1s1 Page URL

Page Statistics

4
Requests

100 %
HTTPS

50 %
IPv6

1
Domains

2
Subdomains

3
IPs

1
Countries

28 kB
Transfer

27 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://secure.advancement.georgetown.edu/s/1686/18/giving.aspx HTTP 302
    https://secure.advancement.georgetown.edu/controls/login/sts.ashx?sid=1686&gid=1&returnUrl=https%3a%2f%2fsecure.advancement.georgetown.edu%2fs%2f1686%2f18%2fgiving.aspx HTTP 302
    https://secure.advancement.georgetown.edu/s/1686/18/giving.aspx?sessionid=610077d5-1f68-483a-a5b9-c68cb7aa94f3&cc=1 HTTP 302
    https://secure.advancement.georgetown.edu/s/resources/templates/blank.aspx HTTP 302
    https://secure.advancement.georgetown.edu/s/resources/templates/blank.aspx?sid=1686&gid=1&pgid=3&cid=40&returnurl=https%3a%2f%2fsecure.advancement.georgetown.edu%2fs%2fresources%2ftemplates%2fblank.aspx Page URL
  2. https://shibb-idp.georgetown.edu/idp/profile/SAML2/POST/SSO HTTP 302
    https://shibb-idp.georgetown.edu/idp/profile/SAML2/POST/SSO?execution=e1s1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://secure.advancement.georgetown.edu/s/1686/18/giving.aspx HTTP 302
  • https://secure.advancement.georgetown.edu/controls/login/sts.ashx?sid=1686&gid=1&returnUrl=https%3a%2f%2fsecure.advancement.georgetown.edu%2fs%2f1686%2f18%2fgiving.aspx HTTP 302
  • https://secure.advancement.georgetown.edu/s/1686/18/giving.aspx?sessionid=610077d5-1f68-483a-a5b9-c68cb7aa94f3&cc=1 HTTP 302
  • https://secure.advancement.georgetown.edu/s/resources/templates/blank.aspx HTTP 302
  • https://secure.advancement.georgetown.edu/s/resources/templates/blank.aspx?sid=1686&gid=1&pgid=3&cid=40&returnurl=https%3a%2f%2fsecure.advancement.georgetown.edu%2fs%2fresources%2ftemplates%2fblank.aspx

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
blank.aspx
secure.advancement.georgetown.edu/s/resources/templates/
Redirect Chain
  • https://secure.advancement.georgetown.edu/s/1686/18/giving.aspx
  • https://secure.advancement.georgetown.edu/controls/login/sts.ashx?sid=1686&gid=1&returnUrl=https%3a%2f%2fsecure.advancement.georgetown.edu%2fs%2f1686%2f18%2fgiving.aspx
  • https://secure.advancement.georgetown.edu/s/1686/18/giving.aspx?sessionid=610077d5-1f68-483a-a5b9-c68cb7aa94f3&cc=1
  • https://secure.advancement.georgetown.edu/s/resources/templates/blank.aspx
  • https://secure.advancement.georgetown.edu/s/resources/templates/blank.aspx?sid=1686&gid=1&pgid=3&cid=40&returnurl=https%3a%2f%2fsecure.advancement.georgetown.edu%2fs%2fresources%2ftemplates%2fblank...
4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.advancement.georgetown.edu/s/resources/templates/blank.aspx?sid=1686&gid=1&pgid=3&cid=40&returnurl=https%3a%2f%2fsecure.advancement.georgetown.edu%2fs%2fresources%2ftemplates%2fblank.aspx
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:136f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
186ce777fe198c430fc8284f956ef91a0881fe5980cc3454dfce3264a8b16232
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.imodules.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private
cf-cache-status
DYNAMIC
cf-ray
71ad7b2759de8fca-FRA
content-encoding
gzip
content-length
3904
content-security-policy
frame-ancestors 'self' *.imodules.com
content-type
text/html
date
Mon, 13 Jun 2022 20:12:26 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding
x-aspnet-version
4.0.30319
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
ASP.NET
x-server
uswebblue05
x-stackifyid
V2|71bb5667-0bac-4f13-b5d4-74a52da175f9|C55784|CD1707
x-xss-protection
1; mode=block

Redirect headers

cache-control
private
cf-cache-status
DYNAMIC
cf-ray
71ad7b23edcc8fca-FRA
content-length
294
content-security-policy
frame-ancestors 'self' *.imodules.com
content-type
text/html; charset=utf-8
date
Mon, 13 Jun 2022 20:12:26 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
/s/resources/templates/blank.aspx?sid=1686&gid=1&pgid=3&cid=40&returnurl=https%3a%2f%2fsecure.advancement.georgetown.edu%2fs%2fresources%2ftemplates%2fblank.aspx
server
cloudflare
x-aspnet-version
4.0.30319
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
ASP.NET
x-server
uswebblue05
x-stackifyid
V2|ed1a5213-ce1b-4cf2-b8cb-35cee5bb7f4e|C55784|CD1707
x-xss-protection
1; mode=block
Primary Request SSO
shibb-idp.georgetown.edu/idp/profile/SAML2/POST/
Redirect Chain
  • https://shibb-idp.georgetown.edu/idp/profile/SAML2/POST/SSO
  • https://shibb-idp.georgetown.edu/idp/profile/SAML2/POST/SSO?execution=e1s1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://shibb-idp.georgetown.edu/idp/profile/SAML2/POST/SSO?execution=e1s1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
141.161.99.110 Silver Spring, United States, ASN11318 (GU, US),
Reverse DNS
shibb-idp.georgetown.edu
Software
/
Resource Hash
2f0966407e658b15e6ada667e4bdb5bd997bad1d39ec573bc83b3a6100e67005
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://secure.advancement.georgetown.edu
Referer
https://secure.advancement.georgetown.edu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
2545
Content-Type
text/html;charset=utf-8
Date
Mon, 13 Jun 2022 20:12:27 GMT
Expires
Keep-Alive
timeout=60
Strict-Transport-Security
max-age=0

Redirect headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Date
Mon, 13 Jun 2022 20:12:27 GMT
Keep-Alive
timeout=60
Location
/idp/profile/SAML2/POST/SSO?execution=e1s1
Strict-Transport-Security
max-age=0
main.css
shibb-idp.georgetown.edu/idp/css/ 		8 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://shibb-idp.georgetown.edu/idp/css/main.css
Requested by
Host: shibb-idp.georgetown.edu
URL: https://shibb-idp.georgetown.edu/idp/profile/SAML2/POST/SSO?execution=e1s1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
141.161.99.110 Silver Spring, United States, ASN11318 (GU, US),
Reverse DNS
shibb-idp.georgetown.edu
Software
/
Resource Hash
97acee86b25e8b41ed0079f38fcc7360765b6b1ac545d1cb9155ebee73dc7879

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shibb-idp.georgetown.edu/idp/profile/SAML2/POST/SSO?execution=e1s1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Mon, 13 Jun 2022 20:12:27 GMT
Last-Modified
Mon, 18 Jan 2021 18:40:24 GMT
ETag
W/"8661-1610995224000"
Content-Type
text/css;charset=UTF-8
Cache-Control
private
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
8661
Expires
Thu, 01 Jan 1970 00:00:00 GMT
login-screen-header.png
shibb-idp.georgetown.edu/idp/images/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shibb-idp.georgetown.edu/idp/images/login-screen-header.png
Requested by
Host: shibb-idp.georgetown.edu
URL: https://shibb-idp.georgetown.edu/idp/profile/SAML2/POST/SSO?execution=e1s1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
141.161.99.110 Silver Spring, United States, ASN11318 (GU, US),
Reverse DNS
shibb-idp.georgetown.edu
Software
/
Resource Hash
d92dfa0476c608b9e60eda0881a1f8c9b1013a8e9b353b7e8ac4e5a36f4a8370

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shibb-idp.georgetown.edu/idp/profile/SAML2/POST/SSO?execution=e1s1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Mon, 13 Jun 2022 20:12:27 GMT
Last-Modified
Wed, 18 Apr 2018 10:02:58 GMT
ETag
W/"11821-1524045778000"
Content-Type
image/png;charset=UTF-8
Cache-Control
private
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
11821
Expires
Thu, 01 Jan 1970 00:00:00 GMT
truncated
/ 		592 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b8f8bc4a350555ab15fbf6f6125bca2d5b340c4459d23d460595ac0d217c931f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/svg+xml

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation

5 Cookies

Domain/Path Name / Value
shibb-idp.georgetown.edu/idp Name: JSESSIONID
Value: E3FFD47291474ED4EE9159878CA7B1E0
secure.advancement.georgetown.edu/ Name: ENCOMPASSCC_1686
Value: bsc
secure.advancement.georgetown.edu/ Name: ENCOMPASSSESSIONID_1686
Value: 610077d5-1f68-483a-a5b9-c68cb7aa94f3
secure.advancement.georgetown.edu/ Name: SamlProxyStateCookie
Value: GroupId=1&LoginRedirectUrl=https%3a%2f%2fsecure.advancement.georgetown.edu%2fs%2fresources%2ftemplates%2fblank.aspx&IdentityProviderName=Default
shibb-idp.georgetown.edu/ Name: SHIBBP
Value: !F8qZHnyjpd8L40nkWOhSkx2Yr5VZ3YX9d4NelFXJxNvoKByoQBk9dkxOQyg3BawKFqZohMuiFHAdvQ==

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' *.imodules.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block