urlscan.io logo urlscan.io
SecurityTrails logo

shib.bu.edu Open in urlscan Pro
128.197.236.36  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.gallagherstudent.com/students/view-form.php?idField=1220&fidField=8530&pfidField=8531&ps=&w=&Kost...
Effective URL: https://shib.bu.edu/idp/profile/SAML2/POST/SSO;jsessionid=1hq37vcndnx0wlvj2i39tzbbr?execution=e1s1
Submission: On August 24 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 5 HTTP transactions. The main IP is 128.197.236.36, located in Boston, United States and belongs to BOSTONU-AS, US. The main domain is shib.bu.edu.
TLS certificate: Issued by COMODO RSA Extended Validation Secure... on November 3rd 2019. Valid for: 2 years.
This is the only time shib.bu.edu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 149.126.77.109 19551 (INCAPSULA)
1 151.147.192.3 46342 (AJGCO)
1 2 128.197.236.36 111 (BOSTONU-AS)
5 3
Apex Domain
Subdomains		 Transfer
2 bu.edu
shib.bu.edu
3 KB
2 gallagherstudent.com
www.gallagherstudent.com
903 B
1 ajg.com
sso.ajg.com
3 KB
5 3
Domain Requested by
2 shib.bu.edu 1 redirects shib.bu.edu
2 www.gallagherstudent.com 2 redirects
1 sso.ajg.com
5 3

This site contains no links.

Subject Issuer Validity Valid
*.ajg.com
Go Daddy Secure Certificate Authority - G2		 2020-04-30 -
2021-04-30		 a year crt.sh
shib.bu.edu
COMODO RSA Extended Validation Secure Server CA		 2019-11-03 -
2021-11-02		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://shib.bu.edu/idp/profile/SAML2/POST/SSO;jsessionid=1hq37vcndnx0wlvj2i39tzbbr?execution=e1s1
Frame ID: BEC629B06143DFE4FA8B7B45604ED464
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.gallagherstudent.com/students/view-form.php?idField=1220&fidField=8530&pfidField=8531&amp... HTTP 302
    https://www.gallagherstudent.com/sso/login.php?idField=1220 HTTP 302
    https://sso.ajg.com/sp/startSSO.ping?PartnerIdpId=https%3A%2F%2Fshib.bu.edu%2Fidp%2Fshibboleth&T... Page URL
  2. https://shib.bu.edu/idp/profile/SAML2/POST/SSO HTTP 302
    https://shib.bu.edu/idp/profile/SAML2/POST/SSO;jsessionid=1hq37vcndnx0wlvj2i39tzbbr?execution=e1s1 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i

Page Statistics

5
Requests

40 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

5 kB
Transfer

5 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.gallagherstudent.com/students/view-form.php?idField=1220&fidField=8530&pfidField=8531&ps=&w=&KosterWebSID=dhh4n4i9ohd4cn0pucag3jidc6 HTTP 302
    https://www.gallagherstudent.com/sso/login.php?idField=1220 HTTP 302
    https://sso.ajg.com/sp/startSSO.ping?PartnerIdpId=https%3A%2F%2Fshib.bu.edu%2Fidp%2Fshibboleth&TargetResource=https%3A%2F%2Fwww.gallagherstudent.com%2Fsso%2FpingSSO.php%3F%26schoolid%3D1220 Page URL
  2. https://shib.bu.edu/idp/profile/SAML2/POST/SSO HTTP 302
    https://shib.bu.edu/idp/profile/SAML2/POST/SSO;jsessionid=1hq37vcndnx0wlvj2i39tzbbr?execution=e1s1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://www.gallagherstudent.com/students/view-form.php?idField=1220&fidField=8530&pfidField=8531&ps=&w=&KosterWebSID=dhh4n4i9ohd4cn0pucag3jidc6 HTTP 302
  • https://www.gallagherstudent.com/sso/login.php?idField=1220 HTTP 302
  • https://sso.ajg.com/sp/startSSO.ping?PartnerIdpId=https%3A%2F%2Fshib.bu.edu%2Fidp%2Fshibboleth&TargetResource=https%3A%2F%2Fwww.gallagherstudent.com%2Fsso%2FpingSSO.php%3F%26schoolid%3D1220

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set startSSO.ping
sso.ajg.com/sp/
Redirect Chain
  • https://www.gallagherstudent.com/students/view-form.php?idField=1220&fidField=8530&pfidField=8531&ps=&w=&KosterWebSID=dhh4n4i9ohd4cn0pucag3jidc6
  • https://www.gallagherstudent.com/sso/login.php?idField=1220
  • https://sso.ajg.com/sp/startSSO.ping?PartnerIdpId=https%3A%2F%2Fshib.bu.edu%2Fidp%2Fshibboleth&TargetResource=https%3A%2F%2Fwww.gallagherstudent.com%2Fsso%2FpingSSO.php%3F%26schoolid%3D1220
3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sso.ajg.com/sp/startSSO.ping?PartnerIdpId=https%3A%2F%2Fshib.bu.edu%2Fidp%2Fshibboleth&TargetResource=https%3A%2F%2Fwww.gallagherstudent.com%2Fsso%2FpingSSO.php%3F%26schoolid%3D1220
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
151.147.192.3 , United States, ASN46342 (AJGCO, US),
Reverse DNS
sso.global.ajg.com
Software
/
Resource Hash
d3f4925850f61e70c5c1a2bc64c1c40c0fb0fb9ea9c336d7f80be2b32a3f08fa
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Host
sso.ajg.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 24 Aug 2020 20:10:10 GMT
X-Frame-Options
SAMEORIGIN
Referrer-Policy
origin
Cache-Control
no-cache, no-store
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Type
text/html;charset=utf-8
Set-Cookie
PF=2CNe4d6HynOddPpD2RXMGS;Path=/;Secure;HttpOnly
Content-Length
2802

Redirect headers

status
302
date
Mon, 24 Aug 2020 20:10:09 GMT
server
Apache/2.2.15 (Red Hat)
x-frame-options
SAMEORIGIN
x-powered-by
PHP/5.3.29
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
location
https://sso.ajg.com/sp/startSSO.ping?PartnerIdpId=https%3A%2F%2Fshib.bu.edu%2Fidp%2Fshibboleth&TargetResource=https%3A%2F%2Fwww.gallagherstudent.com%2Fsso%2FpingSSO.php%3F%26schoolid%3D1220
content-length
0
content-type
text/html; charset=UTF-8
strict-transport-security
max-age=31536000
x-cdn
Incapsula
x-iinfo
5-10424965-10424966 NNNN CT(124 125 0) RT(1598299808617 0) q(0 0 2 -1) r(4 4) U11
Primary Request SSO;jsessionid=1hq37vcndnx0wlvj2i39tzbbr
shib.bu.edu/idp/profile/SAML2/POST/
Redirect Chain
  • https://shib.bu.edu/idp/profile/SAML2/POST/SSO
  • https://shib.bu.edu/idp/profile/SAML2/POST/SSO;jsessionid=1hq37vcndnx0wlvj2i39tzbbr?execution=e1s1
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://shib.bu.edu/idp/profile/SAML2/POST/SSO;jsessionid=1hq37vcndnx0wlvj2i39tzbbr?execution=e1s1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
128.197.236.36 Boston, United States, ASN111 (BOSTONU-AS, US),
Reverse DNS
shib.bu.edu
Software
Jetty(9.3.6.v20151106) /
Resource Hash
8a5c9032e47d2d1dbf019d1f41184458d37448295833cb5d44027924013bdddf

Request headers

Host
shib.bu.edu
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://sso.ajg.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
JSESSIONID=1hq37vcndnx0wlvj2i39tzbbr; BIGipServershib-ist-idp-prod-443-pool=1894172032.47873.0000
Upgrade-Insecure-Requests
1
Origin
https://sso.ajg.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://sso.ajg.com/

Response headers

Cache-Control
no-store
Content-Type
text/html;charset=utf-8
Content-Length
2146
Server
Jetty(9.3.6.v20151106)

Redirect headers

Set-Cookie
JSESSIONID=1hq37vcndnx0wlvj2i39tzbbr;Path=/idp;Secure BIGipServershib-ist-idp-prod-443-pool=1894172032.47873.0000; path=/; Httponly; Secure
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-store
Location
https://shib.bu.edu/idp/profile/SAML2/POST/SSO;jsessionid=1hq37vcndnx0wlvj2i39tzbbr?execution=e1s1
Content-Length
0
Server
Jetty(9.3.6.v20151106)
login.css
shib.bu.edu/idp/css/ 		0
0
autofocus.js
shib.bu.edu/idp/js/ 		0
0
modernizr-custom.min.js
shib.bu.edu/idp/js/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
shib.bu.edu
URL
https://shib.bu.edu/idp/css/login.css
Domain
shib.bu.edu
URL
https://shib.bu.edu/idp/js/autofocus.js
Domain
shib.bu.edu
URL
https://shib.bu.edu/idp/js/modernizr-custom.min.js

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes

1 Cookies

Domain/Path Name / Value
sso.ajg.com/ Name: PF
Value: 2CNe4d6HynOddPpD2RXMGS

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

shib.bu.edu
sso.ajg.com
www.gallagherstudent.com
shib.bu.edu
128.197.236.36
149.126.77.109
151.147.192.3
8a5c9032e47d2d1dbf019d1f41184458d37448295833cb5d44027924013bdddf
d3f4925850f61e70c5c1a2bc64c1c40c0fb0fb9ea9c336d7f80be2b32a3f08fa