shibb-idp.georgetown.edu

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 3 HTTP transactions. The main IP is 107.23.83.98, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is shibb-idp.georgetown.edu.
TLS certificate: Issued by InCommon RSA Server CA on March 12th 2018. Valid for: 2 years.

This is the only time shibb-idp.georgetown.edu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4 4	74.119.86.185 74.119.86.185	23515 (ITSOLUTIONS) (ITSOLUTIONS - IT Solutions Consulting)
1 4	107.23.83.98 107.23.83.98	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
3	1

4 74.119.86.185 (Mount Laurel, United States) 4 redirects

ASN23515 (ITSOLUTIONS - IT Solutions Consulting, Inc., US)

georgetown.studenthealthportal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 107.23.83.98 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-107-23-83-98.compute-1.amazonaws.com

shibb-idp.georgetown.edu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	georgetown.edu 1 redirects shibb-idp.georgetown.edu	20 KB
4	studenthealthportal.com 4 redirects georgetown.studenthealthportal.com	1 KB
3	2

	Domain	Requested by
4	shibb-idp.georgetown.edu	1 redirects shibb-idp.georgetown.edu
4	georgetown.studenthealthportal.com	4 redirects
3	2

This site contains links to these domains. Also see Links.

Domain
password.georgetown.edu

Subject Issuer	Validity	Valid
shibb-idp.georgetown.edu InCommon RSA Server CA	`2018-03-12` - `2020-03-11`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://shibb-idp.georgetown.edu/idp/profile/SAML2/Redirect/SSO;jsessionid=BDA322332F334AB0B41D0AAE3A569209?execution=e1s1
Frame ID: 28669EB5653591196F62B75965903470
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://georgetown.studenthealthportal.com/ HTTP 302
https://georgetown.studenthealthportal.com/ HTTP 302
https://georgetown.studenthealthportal.com/Account/Logon?ReturnUrl=%2f HTTP 302
https://georgetown.studenthealthportal.com/GenericExtAuth?returnUrl=%2F HTTP 302
https://shibb-idp.georgetown.edu/idp/profile/SAML2/Redirect/SSO?SAMLRequest=jZJBb8IwDIX%2FSpU7TdsNGBFFYnAYEhu... HTTP 302
https://shibb-idp.georgetown.edu/idp/profile/SAML2/Redirect/SSO;jsessionid=BDA322332F334AB0B41D0AAE3A569209?e... Page URL

Detected technologies

Java (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /^Apache-Coyote(?:\/([\d.]+))?/i

Apache Tomcat (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^Apache-Coyote(?:\/([\d.]+))?/i

Page Statistics

3
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

19 kB
Transfer

18 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://password.georgetown.edu/
Title: Forgot Password?

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://georgetown.studenthealthportal.com/ HTTP 302
https://georgetown.studenthealthportal.com/ HTTP 302
https://georgetown.studenthealthportal.com/Account/Logon?ReturnUrl=%2f HTTP 302
https://georgetown.studenthealthportal.com/GenericExtAuth?returnUrl=%2F HTTP 302
https://shibb-idp.georgetown.edu/idp/profile/SAML2/Redirect/SSO?SAMLRequest=jZJBb8IwDIX%2FSpU7TdsNGBFFYnAYEhuIsh12mdLG0Ehp0sXu2P79CmUau6Bdk%2Bfv2c8eo6xMLaYNlXYD7w0gBZ%2BVsShOHylrvBVOokZhZQUoqBDZ9HEpkjAStXfkCmdYMEUET9rZmbPYVOAz8B%2B6gOfNMmUlUY2C8z04vwdyBxsiNQoslSANlbXzJE1YuIpnpc5zZ4DKENHxo1PC16tsy4J525q28mjyi8SjvqdVHV7AQTW8feJteztt4EzZgNIeCuJZtmLBYp6yt%2BFosMuj6Kav5O0uVsP8LpcFqLs%2BFNAfqUErQ2xgYZGkpZQlUTzqRYNePNwmsYhGIhm8smB9TuFeW6Xt%2FnpkeSdC8bDdrnvdZC%2Fg8TRVK2CT8TF4cTL2F6u4jpU%2F%2BbPJ%2F9Me8wurzrcWTy17MV87o4uvYGqMO8w8SIKUxYxPupK%2F9zL5Bg%3D%3D&RelayState=https%3A%2F%2Fgeorgetown.studenthealthportal.com%2FGenericExtAuth%3FreturnUrl%3D%252F&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=lAt4JLkFZQzSBKZ6FXplIlxLiIUnj%2BKgCLLxkiFyDvgV4Rk31hf9hIjkZWKSTphT4wgwbcA04%2FR9koFV4ctfod3ZoqzPcHcSLNpbELwx9cfIvMylC4OzcDGRvfXFa4LwAqU6DjjpB4cRhe9oNXhh%2Bi%2BXZABXZMFYdN%2F0bnNFBDAtmgQVKPMFgDgklGSgA%2FAR5W4dAtoMqKdwsrJFuN8ktIZSmrx%2FZrqNUMjxcPAWU4wL55rd8fqoWladk%2F01UDeaJbJNOIFj1zMe9yMd1IpKGqkRei6ftCecYnj4QvVLEY72lgbe0OrzG%2BHtxyRkzYrgpv2WKpRNVLeTZiDLNzDbmaUWAoSMvUht7aCewA1bMaC10fcPrwlr2NN9e0cyn4rHc%2FIcE%2B%2FeVAcXnfQCg%2BgVhY5kUWEiUVrOQ3At1rEVa%2F5I010pK9JEw2U4NLqiAm2J4bVSjGos9rXncWVB8nEH1EwvY3Ch%2Fu6nsbHorRpR7Yyh0Hx5jvuLYKMjWzHQURak HTTP 302
https://shibb-idp.georgetown.edu/idp/profile/SAML2/Redirect/SSO;jsessionid=BDA322332F334AB0B41D0AAE3A569209?execution=e1s1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request SSO;jsessionid=BDA322332F334AB0B41D0AAE3A569209 Show response shibb-idp.georgetown.edu/idp/profile/SAML2/Redirect/ Redirect Chain http://georgetown.studenthealthportal.com/ https://georgetown.studenthealthportal.com/ https://georgetown.studenthealthportal.com/Account/Logon?ReturnUrl=%2f https://georgetown.studenthealthportal.com/GenericExtAuth?returnUrl=%2F https://shibb-idp.georgetown.edu/idp/profile/SAML2/Redirect/SSO?SAMLRequest=jZJBb8IwDIX%2FSpU7TdsNGBFFYnAYEhuIsh12mdLG0Ehp0sXu2P79CmUau6Bdk%2Bfv2c8eo6xMLaYNlXYD7w0gBZ%2BVsShOHylrvBVOokZhZQUoqBDZ9HE... https://shibb-idp.georgetown.edu/idp/profile/SAML2/Redirect/SSO;jsessionid=BDA322332F334AB0B41D0AAE3A569209?execution=e1s1	2 KB 2 KB	94ms 93ms	Document text/html	107.23.83.98 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://shibb-idp.georgetown.edu/idp/profile/SAML2/Redirect/SSO;jsessionid=BDA322332F334AB0B41D0AAE3A569209?execution=e1s1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 107.23.83.98 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-107-23-83-98.compute-1.amazonaws.com Software Apache-Coyote/1.1 / Resource Hash `2405673caa9f4593d6a73ef22f7ee02d90efabf12053fbf699156864f67313ce` Request headers Host shibb-idp.georgetown.edu Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Accept-Encoding gzip, deflate, br Cookie JSESSIONID=BDA322332F334AB0B41D0AAE3A569209; AWSELB=F5D3811B12BE67193C4F5ECDEF260CBE20E6A7CE3E69F0894947FDD49B7CECC2F1B98AB026820CAF44112B6EF60D3958B8568C65849DCE433BC827DD69F42E307FDE3B704E Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Cache-Control no-store Content-Type text/html;charset=utf-8 Date Mon, 17 Jun 2019 21:09:26 GMT Server Apache-Coyote/1.1 Content-Length 2129 Connection keep-alive Redirect headers Cache-Control no-store Cache-control no-cache="set-cookie" Date Mon, 17 Jun 2019 21:09:26 GMT Location /idp/profile/SAML2/Redirect/SSO;jsessionid=BDA322332F334AB0B41D0AAE3A569209?execution=e1s1 Server Apache-Coyote/1.1 Set-Cookie JSESSIONID=BDA322332F334AB0B41D0AAE3A569209; Path=/idp; Secure; HttpOnly AWSELB=F5D3811B12BE67193C4F5ECDEF260CBE20E6A7CE3E69F0894947FDD49B7CECC2F1B98AB026820CAF44112B6EF60D3958B8568C65849DCE433BC827DD69F42E307FDE3B704E;PATH=/;MAX-AGE=86164 Content-Length 0 Connection keep-alive
GET H/1.1	200 OK	main.css shibb-idp.georgetown.edu/idp/css/	5 KB 5 KB	95ms 94ms	Stylesheet text/css	107.23.83.98 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://shibb-idp.georgetown.edu/idp/css/main.css Requested by Host: shibb-idp.georgetown.edu URL: https://shibb-idp.georgetown.edu/idp/profile/SAML2/Redirect/SSO;jsessionid=BDA322332F334AB0B41D0AAE3A569209?execution=e1s1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 107.23.83.98 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-107-23-83-98.compute-1.amazonaws.com Software Apache-Coyote/1.1 / Resource Hash `ff9866a40485ec40a468b33c09e752e0ec4e36c967f6f4fd10d78e03153b1c76` Request headers Referer https://shibb-idp.georgetown.edu/idp/profile/SAML2/Redirect/SSO;jsessionid=BDA322332F334AB0B41D0AAE3A569209?execution=e1s1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 17 Jun 2019 21:09:26 GMT Last-Modified Mon, 25 Mar 2019 10:22:58 GMT Server Apache-Coyote/1.1 ETag W/"4943-1553509378000" Content-Type text/css;charset=UTF-8 Connection keep-alive Accept-Ranges bytes Content-Length 4943
GET H/1.1	200 OK	login-screen-header.png shibb-idp.georgetown.edu/idp/images/	12 KB 12 KB	188ms 92ms	Image image/png	107.23.83.98 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://shibb-idp.georgetown.edu/idp/images/login-screen-header.png Requested by Host: shibb-idp.georgetown.edu URL: https://shibb-idp.georgetown.edu/idp/profile/SAML2/Redirect/SSO;jsessionid=BDA322332F334AB0B41D0AAE3A569209?execution=e1s1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 107.23.83.98 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-107-23-83-98.compute-1.amazonaws.com Software Apache-Coyote/1.1 / Resource Hash `d92dfa0476c608b9e60eda0881a1f8c9b1013a8e9b353b7e8ac4e5a36f4a8370` Request headers Referer https://shibb-idp.georgetown.edu/idp/profile/SAML2/Redirect/SSO;jsessionid=BDA322332F334AB0B41D0AAE3A569209?execution=e1s1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 17 Jun 2019 21:09:26 GMT Last-Modified Mon, 25 Mar 2019 10:22:58 GMT Server Apache-Coyote/1.1 ETag W/"11821-1553509378000" Content-Type image/png;charset=UTF-8 Connection keep-alive Accept-Ranges bytes Content-Length 11821

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			shibb-idp.georgetown.edu/	1970-01-19 01:34:51	Name: AWSELB Value: F5D3811B12BE67193C4F5ECDEF260CBE20E6A7CE3E69F0894947FDD49B7CECC2F1B98AB026820CAF44112B6EF60D3958B8568C65849DCE433BC827DD69F42E307FDE3B704E
			shibb-idp.georgetown.edu/idp	1969-12-31 23:59:59	Name: JSESSIONID Value: BDA322332F334AB0B41D0AAE3A569209

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

georgetown.studenthealthportal.com
shibb-idp.georgetown.edu
107.23.83.98
74.119.86.185
2405673caa9f4593d6a73ef22f7ee02d90efabf12053fbf699156864f67313ce
d92dfa0476c608b9e60eda0881a1f8c9b1013a8e9b353b7e8ac4e5a36f4a8370
ff9866a40485ec40a468b33c09e752e0ec4e36c967f6f4fd10d78e03153b1c76

shibb-idp.georgetown.edu Open in urlscan Pro 107.23.83.98 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

3 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

1 IPs

1 Countries

19 kBTransfer

18 kBSize

2 Cookies

1 Outgoing links

Page URL History

Redirected requests

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

2 Cookies

Indicators

shibb-idp.georgetown.edu Open in urlscan Pro
107.23.83.98 Public Scan

Screenshot
Live screenshot

Full Image

3
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

19 kB
Transfer

18 kB
Size

2
Cookies

3 HTTP transactions
0 data transactions