shibboleth2.uchicago.edu.lllf.nl Open in urlscan Pro
199.101.98.92 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://z.umn.edu/shibboleth2uchicagoedu
Effective URL:
https://shibboleth2.uchicago.edu.lllf.nl/idp/profile/SAML2/POST/SSO.execution=e1s1/
Submission: On August 16 via manual (August 16th 2018, 5:13:06 pm UTC) from US

Summary HTTP 1 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 1 HTTP transactions. The main IP is 199.101.98.92, located in Mooresville, United States and belongs to QUICKPACKET - QuickPacket, LLC, US. The main domain is shibboleth2.uchicago.edu.lllf.nl.
TLS certificate: Issued by cPanel, Inc. Certification Authority on August 15th 2018. Valid for: 3 months.

This is the only time shibboleth2.uchicago.edu.lllf.nl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	160.94.221.153 160.94.221.153	217 (UMN-SYSTEM) (UMN-SYSTEM - University of Minnesota)
1	199.101.98.92 199.101.98.92	46261 (QUICKPACKET) (QUICKPACKET - QuickPacket)
1	2

1 160.94.221.153 (Minneapolis, United States) 1 redirects

ASN217 (UMN-SYSTEM - University of Minnesota, US)
PTR: z-lb.cla.umn.edu

z.umn.edu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.101.98.92 (Mooresville, United States)

ASN46261 (QUICKPACKET - QuickPacket, LLC, US)

shibboleth2.uchicago.edu.lllf.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
1	lllf.nl shibboleth2.uchicago.edu.lllf.nl	1 MB
1	umn.edu 1 redirects z.umn.edu	546 B
1	2

	Domain	Requested by
1	shibboleth2.uchicago.edu.lllf.nl
1	z.umn.edu	1 redirects
1	2

This site contains links to these domains. Also see Links.

Domain
www.uchicago.edu
myaccount.uchicago.edu
cnet.uchicago.edu
its.uchicago.edu
shibboleth2.uchicago.edu

Subject Issuer	Validity	Valid
shibboleth2.uchicago.edu.lllf.nl cPanel, Inc. Certification Authority	`2018-08-15` - `2018-11-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://shibboleth2.uchicago.edu.lllf.nl/idp/profile/SAML2/POST/SSO.execution=e1s1/
Frame ID: 6FDDFA16D3E081AB556761804A2ED07F
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://z.umn.edu/shibboleth2uchicagoedu HTTP 302
https://shibboleth2.uchicago.edu.lllf.nl/idp/profile/SAML2/POST/SSO.execution=e1s1/ Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Page Statistics

1
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

1531 kB
Transfer

2066 kB
Size

0
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: http://www.uchicago.edu/
Title: The University of Chicago

Search URL Search Domain Scan URL

URL: https://myaccount.uchicago.edu/
Title: myaccount.uchicago.edu

Search URL Search Domain Scan URL

URL: https://cnet.uchicago.edu/
Title: cnet.uchicago.edu

Search URL Search Domain Scan URL

URL: https://its.uchicago.edu/techbar/
Title: TechBar locations

Search URL Search Domain Scan URL

URL: https://shibboleth2.uchicago.edu/idp/profile/SAML2/POST/mailto:alumnitechsupport@uchicago.edu
Title: alumnitechsupport@uchicago.edu

Search URL Search Domain Scan URL

URL: https://shibboleth2.uchicago.edu/idp/profile/SAML2/POST/tel:+1%20773-702-1234
Title: 773.702.1234

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://z.umn.edu/shibboleth2uchicagoedu HTTP 302
https://shibboleth2.uchicago.edu.lllf.nl/idp/profile/SAML2/POST/SSO.execution=e1s1/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

1 HTTP transactions
19 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response shibboleth2.uchicago.edu.lllf.nl/idp/profile/SAML2/POST/SSO.execution=e1s1/ Redirect Chain https://z.umn.edu/shibboleth2uchicagoedu https://shibboleth2.uchicago.edu.lllf.nl/idp/profile/SAML2/POST/SSO.execution=e1s1/	1 MB 1 MB	450ms 115ms	Document text/html	199.101.98.92 QuickPacket
General Check archive.org Show headers Download Go to Full URL https://shibboleth2.uchicago.edu.lllf.nl/idp/profile/SAML2/POST/SSO.execution=e1s1/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 199.101.98.92 Mooresville, United States, ASN46261 (QUICKPACKET - QuickPacket, LLC, US), Reverse DNS Software Apache / Resource Hash `1e79ea5961dbcee740d3aed47ef369b5c11dc15cb873864d24f9e28c7feb7a91` Request headers :method GET :authority shibboleth2.uchicago.edu.lllf.nl :scheme https :path /idp/profile/SAML2/POST/SSO.execution=e1s1/ pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 accept-encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 X-DevTools-Emulate-Network-Conditions-Client-Id 6FDDFA16D3E081AB556761804A2ED07F Response headers status 200 date Thu, 16 Aug 2018 17:12:55 GMT server Apache last-modified Wed, 15 Aug 2018 05:46:02 GMT accept-ranges bytes content-length 1559453 content-type text/html Redirect headers Date Thu, 16 Aug 2018 17:12:54 GMT Server Apache X-Frame-Options SAMEORIGIN X-XSS-Protection 1; mode=block X-Content-Type-Options nosniff Cache-Control no-cache X-Request-Id c9638459-d5e6-4e3a-9cad-0ad4a1dadae4 X-Runtime 0.066672 X-Powered-By Phusion Passenger 4.0.59 Location https://shibboleth2.uchicago.edu.lllf.nl/idp/profile/SAML2/POST/SSO.execution=e1s1/ Status 302 Found Keep-Alive timeout=5, max=100 Connection Keep-Alive Transfer-Encoding chunked Content-Type text/html; charset=utf-8
GET DATA	200 OK	truncated /	9 KB 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `045f0742f71a9dea2c7a19772849b11d152fb0960cd75f4aa5a5fb7bc57cac28` Request headers Response headers Access-Control-Allow-Origin * Content-Type image/gif
GET DATA	200 OK	truncated /	32 KB 0		Font text/plain
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `01df0c9588f9e22af56e4838727db413e5e25ca41a4f01e9fa813358b5c067f3` Request headers Response headers Access-Control-Allow-Origin * Content-Type text/plain
GET DATA	200 OK	truncated /	70 KB 0		Font text/plain
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `bdc89c6409ade332b3927591b5772c6efc3473ca756384f514d70d988cf4dfbe` Request headers Response headers Access-Control-Allow-Origin * Content-Type text/plain
GET DATA	200 OK	truncated /	32 KB 0		Font text/plain
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `f92170814daa733e7d9c8daff92c6f3c2f42322a11f894a1d6e37c1b66e352a8` Request headers Response headers Access-Control-Allow-Origin * Content-Type text/plain
GET DATA	200 OK	truncated /	70 KB 0		Font text/plain
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `b35bf4bdfc5e7878f53c4e093cb3ac036ef1d2d50a7a1ff5427ad3789ecbdeae` Request headers Response headers Access-Control-Allow-Origin * Content-Type text/plain
GET DATA	200 OK	truncated /	32 KB 0		Font text/plain
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `1fa3877c3ef3ca96b04fa6a65f74f4250a2bd153cc28bb7f17a8c8ecf3a4107e` Request headers Response headers Access-Control-Allow-Origin * Content-Type text/plain
GET DATA	200 OK	truncated /	70 KB 0		Font text/plain
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `38cbb0b404c29300d7a751cbd292a05609489298c52ba5901fd64a48ecd2831f` Request headers Response headers Access-Control-Allow-Origin * Content-Type text/plain
GET DATA	200 OK	truncated /	32 KB 0		Font text/plain
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `a54c792242e8cc0c9abc3dc9a791c54c831839d4e03eb24a0fa573208a4273ad` Request headers Response headers Access-Control-Allow-Origin * Content-Type text/plain
GET DATA	200 OK	truncated /	70 KB 0		Font text/plain
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `a667047a1892ba477e262f042a358ba211ba95b646ea52a1c9b7d21743d4e6d4` Request headers Response headers Access-Control-Allow-Origin * Content-Type text/plain
GET DATA	200 OK	truncated /	32 KB 0		Font text/plain
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `ec158d7e9bdd03823df16bc33954dda3d7960e0e3c3f72216cb9eb53b6f6544b` Request headers Response headers Access-Control-Allow-Origin * Content-Type text/plain
GET DATA	200 OK	truncated /	70 KB 0		Font text/plain
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `610daee62ac4e39d96ea53343d38e60c2257fcd82a5c14e97b0cd352bf4952ab` Request headers Response headers Access-Control-Allow-Origin * Content-Type text/plain
GET DATA	200 OK	truncated /	118 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `4aa618afb69db1a5bcfe550683ffd23210e1f98323f3444de82cbc53a0e43112` Request headers Response headers Access-Control-Allow-Origin * Content-Type image/gif
GET DATA	200 OK	truncated /	4 KB 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `a0c7f5a215affb550fac60cec0e321da3b217307a90aae5495d2c16b22621c72` Request headers Response headers Access-Control-Allow-Origin * Content-Type image/gif
GET DATA	200 OK	truncated /	4 KB 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `e18e6d1f3464176a219229dfeac714d134dcea28f124598b097fb02361e0a849` Request headers Response headers Access-Control-Allow-Origin * Content-Type image/gif
GET DATA	200 OK	truncated /	6 KB 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `3c524785ee73bc6762c57a0ac45414295ea74a5a9edb87026f59db2d85880420` Request headers Response headers Access-Control-Allow-Origin * Content-Type image/gif
GET DATA	200 OK	truncated /	5 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `0c8c35b60fce8223ad41f548811bfee3e444a13b375ccfaffebb508cb79acad4` Request headers Response headers Access-Control-Allow-Origin * Content-Type image/png
GET DATA	200 OK	truncated /	3 KB 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `358b45b5e380d49bc52aa9ac840ba4b0a34461865f1e7d3f05d3e54c73f03ef0` Request headers Response headers Access-Control-Allow-Origin * Content-Type image/gif
GET DATA	200 OK	truncated /	297 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `60af5c122d902790da5b2e045dbfbcc5401240b1d7da7357255d3405b27350a7` Request headers Response headers Access-Control-Allow-Origin * Content-Type image/gif
GET DATA	200 OK	truncated /	887 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `b69cdc22c5909793474198565637dc451d720e481d55fbfd93b642b408faec29` Request headers Response headers Access-Control-Allow-Origin * Content-Type image/gif

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

shibboleth2.uchicago.edu.lllf.nl
z.umn.edu
160.94.221.153
199.101.98.92
01df0c9588f9e22af56e4838727db413e5e25ca41a4f01e9fa813358b5c067f3
045f0742f71a9dea2c7a19772849b11d152fb0960cd75f4aa5a5fb7bc57cac28
0c8c35b60fce8223ad41f548811bfee3e444a13b375ccfaffebb508cb79acad4
1e79ea5961dbcee740d3aed47ef369b5c11dc15cb873864d24f9e28c7feb7a91
1fa3877c3ef3ca96b04fa6a65f74f4250a2bd153cc28bb7f17a8c8ecf3a4107e
358b45b5e380d49bc52aa9ac840ba4b0a34461865f1e7d3f05d3e54c73f03ef0
38cbb0b404c29300d7a751cbd292a05609489298c52ba5901fd64a48ecd2831f
3c524785ee73bc6762c57a0ac45414295ea74a5a9edb87026f59db2d85880420
4aa618afb69db1a5bcfe550683ffd23210e1f98323f3444de82cbc53a0e43112
60af5c122d902790da5b2e045dbfbcc5401240b1d7da7357255d3405b27350a7
610daee62ac4e39d96ea53343d38e60c2257fcd82a5c14e97b0cd352bf4952ab
a0c7f5a215affb550fac60cec0e321da3b217307a90aae5495d2c16b22621c72
a54c792242e8cc0c9abc3dc9a791c54c831839d4e03eb24a0fa573208a4273ad
a667047a1892ba477e262f042a358ba211ba95b646ea52a1c9b7d21743d4e6d4
b35bf4bdfc5e7878f53c4e093cb3ac036ef1d2d50a7a1ff5427ad3789ecbdeae
b69cdc22c5909793474198565637dc451d720e481d55fbfd93b642b408faec29
bdc89c6409ade332b3927591b5772c6efc3473ca756384f514d70d988cf4dfbe
e18e6d1f3464176a219229dfeac714d134dcea28f124598b097fb02361e0a849
ec158d7e9bdd03823df16bc33954dda3d7960e0e3c3f72216cb9eb53b6f6544b
f92170814daa733e7d9c8daff92c6f3c2f42322a11f894a1d6e37c1b66e352a8

shibboleth2.uchicago.edu.lllf.nl Open in urlscan Pro 199.101.98.92 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

1 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

1531 kBTransfer

2066 kBSize

0 Cookies

6 Outgoing links

Page URL History

Redirected requests

1 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 19 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

0 Cookies

Indicators

shibboleth2.uchicago.edu.lllf.nl Open in urlscan Pro
199.101.98.92 Public Scan

Screenshot
Live screenshot

Full Image

1
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

1531 kB
Transfer

2066 kB
Size

0
Cookies

1 HTTP transactions
19 data transactions