a383njs.glitch.me Open in urlscan Pro
54.144.28.217 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://x536hv.glitch.me/?e=dillon.feuz%40usu.edu
Effective URL:
https://a383njs.glitch.me/2pz679z.html?e=dillon.feuz%40usu.edu
Submission Tags: falconsandbox
Submission: On July 28 via api (July 28th 2023, 9:17:20 pm UTC) from US — Scanned from DE

Summary HTTP 36 Redirects Behaviour Indicators

Summary

This website contacted 15 IPs in 3 countries across 12 domains to perform 36 HTTP transactions. The main IP is 54.144.28.217, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is a383njs.glitch.me.
TLS certificate: Issued by Amazon RSA 2048 M01 on February 22nd 2023. Valid for: a year.

This is the only time a383njs.glitch.me was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Email (Online)

Domain & IP information

	IP Address	AS Autonomous System
3	54.144.28.217 54.144.28.217	14618 (AMAZON-AES) (AMAZON-AES)
2	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.227.60.200 23.227.60.200	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3030::6815:3a7d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 12	129.123.54.211 129.123.54.211	26046 (USU-EDU) (USU-EDU)
1 1	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	() ()
1	2a00:1450:400... 2a00:1450:4001:802::200a	() ()
1	2606:4700::68... 2606:4700::6812:1634	() ()
2	2a00:1450:400... 2a00:1450:4001:82b::2008	() ()
2	2a00:1450:400... 2a00:1450:4001:810::2003	() ()
1	2a00:1450:400... 2a00:1450:4001:829::200e	() ()
2	2606:4700:e2:... 2606:4700:e2::ac40:8209	() ()
2	2a00:1450:400... 2a00:1450:4001:830::200e	() ()
36	15

3 54.144.28.217 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-28-217.compute-1.amazonaws.com

x536hv.glitch.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a383njs.glitch.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.227.60.200 (Canada)

ASN13335 (CLOUDFLARENET, US)
PTR: cdn.shopify.com

cdn.shopify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3030::6815:3a7d (United States)

ASN13335 (CLOUDFLARENET, US)

icongr.am	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 129.123.54.211 (Logan, United States) 1 redirects

ASN26046 (USU-EDU, US)
PTR: web35.it.usu.edu

usu.edu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.usu.edu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

t1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (None, )

ASN- ()

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (None, )

ASN- ()

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1634 (None, )

ASN- ()

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2008 (None, )

ASN- ()

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (None, )

ASN- ()

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (None, )

ASN- ()

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e2::ac40:8209 (None, )

ASN- ()

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (None, )

ASN- ()

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	usu.edu 1 redirects usu.edu — Cisco Umbrella Rank: 178086 www.usu.edu	409 KB
3	fontawesome.com kit.fontawesome.com ka-f.fontawesome.com	435 KB
3	gstatic.com t1.gstatic.com fonts.gstatic.com	33 KB
3	glitch.me x536hv.glitch.me a383njs.glitch.me	96 KB
2	youtube.com www.youtube.com	65 KB
2	googletagmanager.com www.googletagmanager.com	140 KB
2	googleapis.com fonts.googleapis.com ajax.googleapis.com	32 KB
2	icongr.am icongr.am — Cisco Umbrella Rank: 465406	1 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 372	55 KB
1	google-analytics.com www.google-analytics.com	21 KB
1	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 3	285 B
1	shopify.com cdn.shopify.com — Cisco Umbrella Rank: 2255	11 KB
36	12

	Domain	Requested by
11	www.usu.edu	cdn.jsdelivr.net www.usu.edu
2	www.youtube.com	www.usu.edu www.youtube.com
2	ka-f.fontawesome.com	kit.fontawesome.com
2	fonts.gstatic.com	fonts.googleapis.com
2	www.googletagmanager.com	www.usu.edu www.googletagmanager.com
2	icongr.am	a383njs.glitch.me
2	cdn.jsdelivr.net	a383njs.glitch.me www.usu.edu
2	x536hv.glitch.me	x536hv.glitch.me
1	www.google-analytics.com	www.googletagmanager.com
1	kit.fontawesome.com	www.usu.edu
1	ajax.googleapis.com	www.usu.edu
1	fonts.googleapis.com	www.usu.edu
1	t1.gstatic.com	a383njs.glitch.me
1	www.google.com	1 redirects
1	usu.edu	1 redirects
1	cdn.shopify.com	a383njs.glitch.me
1	a383njs.glitch.me	x536hv.glitch.me
36	17

This site contains no links.

Subject Issuer	Validity	Valid
glitch.com Amazon RSA 2048 M01	`2023-02-22` - `2024-02-01`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
cdn.shopify.com R3	`2023-07-13` - `2023-10-11`	3 months	crt.sh
web21.usu.edu InCommon RSA Server CA	`2023-03-02` - `2024-03-01`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-22` - `2023-12-23`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
ka-f.fontawesome.com GTS CA 1P5	`2023-07-13` - `2023-10-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://a383njs.glitch.me/2pz679z.html?e=dillon.feuz%40usu.edu
Frame ID: FDDE09C6E43F52F1ECBC2FA54DCC3E9D
Requests: 8 HTTP requests in this frame

Frame: https://www.usu.edu/
Frame ID: 18718A6489453CAE8689F1AD3F57FE9F
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Webmail Login Portal -USU

Page URL History Show full URLs

https://x536hv.glitch.me/?e=dillon.feuz%40usu.edu Page URL
https://a383njs.glitch.me/2pz679z.html?e=dillon.feuz%40usu.edu Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

36
Requests

86 %
HTTPS

80 %
IPv6

12
Domains

17
Subdomains

15
IPs

3
Countries

1298 kB
Transfer

3052 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://x536hv.glitch.me/?e=dillon.feuz%40usu.edu Page URL
https://a383njs.glitch.me/2pz679z.html?e=dillon.feuz%40usu.edu Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://usu.edu/ HTTP 301
https://www.usu.edu/

Request Chain 7

https://www.google.com/s2/favicons?domain=usu.edu HTTP 301
https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://usu.edu&size=16

36 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
x536hv.glitch.me/ 1 KB
2 KB 427ms
166ms Document
text/html 54.144.28.217
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://x536hv.glitch.me/?e=dillon.feuz%40usu.edu
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.144.28.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-144-28-217.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 2b81272a700492a8e0a3d24ef9a53640739414e182af7e62a8ebc0e1027dc631

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache
content-length: 1205
content-type: text/html; charset=utf-8
date: Fri, 28 Jul 2023 21:17:14 GMT
etag: "c006dad658e7b3e10a2feb657e0b34ac"
last-modified: Wed, 19 Jul 2023 15:55:27 GMT
server: AmazonS3
x-amz-id-2: UkOheLlmRYV5rB7ua9tttuirxH8JyK8kj5o8XFXwuAueJuHbKJ1JhGq94gCsobXMsgdWy6bA1QM=
x-amz-request-id: NRCAY027ZDTX065B
x-amz-server-side-encryption: AES256
x-amz-version-id: pdzU65zeRjgazUXyJdHIirLmKV5pV3y1

GET
H2 200 jquery.min.js Show response
x536hv.glitch.me/ 87 KB
88 KB 213ms
213ms Script
application/javascript 54.144.28.217
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://x536hv.glitch.me/jquery.min.js
Requested by: Host: x536hv.glitch.me
URL: https://x536hv.glitch.me/?e=dillon.feuz%40usu.edu
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.144.28.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-144-28-217.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://x536hv.glitch.me/?e=dillon.feuz%40usu.edu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 21:17:14 GMT
x-amz-version-id: qrOwBN.SAwgwxw6__h7R7sHB8NhXV2zh
last-modified: Wed, 19 Jul 2023 15:55:27 GMT
server: AmazonS3
x-amz-request-id: NRC2CNSNFWR3XDV5
etag: "dc5e7f18c8d36ac1d3d4753a87c98d0a"
x-amz-server-side-encryption: AES256
content-type: application/javascript; charset=utf-8
cache-control: no-cache
accept-ranges: bytes
content-length: 89476
x-amz-id-2: SPYfgP7q4iUE4BmOAHq0eF8u1F/7OMDtLtMi/NB63NXssqQWcbltNLbekao+gTVhICKB8TPGsPA=

GET
H2 200 Primary Request 2pz679z.html Show response
a383njs.glitch.me/ 6 KB
7 KB 404ms
370ms Document
text/html 54.144.28.217
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a383njs.glitch.me/2pz679z.html?e=dillon.feuz%40usu.edu
Requested by: Host: x536hv.glitch.me
URL: https://x536hv.glitch.me/?e=dillon.feuz%40usu.edu
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.144.28.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-144-28-217.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: df113ba9db510a35d55a35ef117e2ff25974959d04279bf9799842f2e0efea72

Request headers

Referer: https://x536hv.glitch.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache
content-length: 6341
content-type: text/html; charset=utf-8
date: Fri, 28 Jul 2023 21:17:17 GMT
etag: "d5e0ab394e3b120f0ec101c750013144"
last-modified: Wed, 19 Jul 2023 16:10:04 GMT
server: AmazonS3
x-amz-id-2: VjBRleo+QRXaynGbSAgGqKlQLWBJ/weuEiMP3MRfaaZdvHpXv7k2BfNflqna/zjGMyuauIC6Qa/Q6TvNJZ2Rig==
x-amz-request-id: ZABCSJ1SR6K5K4YY
x-amz-server-side-encryption: AES256
x-amz-version-id: IzxtNu12aT63IylOXWIT8RqSFsc8oh7X

GET
H2 200 jquery.min.js Show response
cdn.jsdelivr.net/npm/jquery@3.6.4/dist/ 88 KB
32 KB 101ms
34ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/jquery@3.6.4/dist/jquery.min.js

Requested by

Host: a383njs.glitch.me
URL: https://a383njs.glitch.me/2pz679z.html?e=dillon.feuz%40usu.edu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://a383njs.glitch.me/
Origin: https://a383njs.glitch.me
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 28 Jul 2023 21:17:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 12218364
x-jsd-version: 3.6.4
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230058-FRA, cache-bma1652-BMA
x-jsd-version-type: version
server: cloudflare
etag: W/"15ec3-7aRnR8cdOKiAvuRPmkOcOFi7j5k"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1TNkAObHybzQTDw7pfKTeoeqdNqOf%2BxhH8Z1GyJEQMzNmDUegPmAkSnx%2F4hxMHVr93mETR1sRTCp8wkRjAAbvg68wfuRkQCsfhApEJYtvnojWD53fT1rWvl0EUzs%2FSw084iOG03fMlZbqFPeQ2k%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7ee025ea0beb92b9-FRA

GET
H2 200 AVG-Anti-Virus-2016-and-Internet-Security-2016-Free-Download-With-Genuine-License-Key-Code_508cb132-b02f-4c26-935a-8b44bdf57c73_grande.jpg
cdn.shopify.com/s/files/1/1647/4517/products/ 10 KB
11 KB 106ms
37ms Image
image/jpeg 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/1647/4517/products/AVG-Anti-Virus-2016-and-Internet-Security-2016-Free-Download-With-Genuine-License-Key-Code_508cb132-b02f-4c26-935a-8b44bdf57c73_grande.jpg?v=1529745885

Requested by

Host: a383njs.glitch.me
URL: https://a383njs.glitch.me/2pz679z.html?e=dillon.feuz%40usu.edu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.60.200 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

cdn.shopify.com

Software

cloudflare /

Resource Hash

798df0b103bfe05fe2905145f525381b1f87c88afd3625fed698187c627082cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a383njs.glitch.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 21:17:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,gcp-us-east1
age: 1683887
source-type: image/jpeg
server-timing: imagery;dur=205.009, imageryFetch;dur=173.157, imageryProcess;dur=30.419;desc="image", cfRequestDuration;dur=11.999846
source-length: 10468
content-length: 10514
x-xss-protection: 1; mode=block
x-request-id: acee4082-aa00-4acb-a67e-ce8201c4f097
alt-svc: h3=":443"; ma=86400
cf-bgj: h2pri
last-modified: Thu, 08 Jun 2023 20:10:36 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OSq7wMakwpyZVKIaI5QYKSqpMqaD89gzXMri1eNoMWCHqG01aEvtep0b8UDSPCPMhmybUNtYVCT6Gk49gMyuOY69PQECDN0Cfwi883LTeFtAD2efjgeozLdfQB6OGY5MXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/1647/4517/products/AVG-Anti-Virus-2016-and-Internet-Security-2016-Free-Download-With-Genuine-License-Key-Code_508cb132-b02f-4c26-935a-8b44bdf57c73_grande.jpg>; rel="canonical"
cf-ray: 7ee025ea094c1e51-FRA

GET
H2 200 user.svg
icongr.am/feather/ 299 B
687 B 280ms
207ms Image
image/svg+xml 2606:4700:3030::6815:3a7d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icongr.am/feather/user.svg?size=24&color=currentColor
Requested by: Host: a383njs.glitch.me
URL: https://a383njs.glitch.me/2pz679z.html?e=dillon.feuz%40usu.edu
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:3a7d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2d7e7b94c41b26d6f298b697929ab490fa022b5011c509533a11d3b0261be4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a383njs.glitch.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 21:17:17 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"12b-oD2ju5VV9ae5xs8q+mGN6j4Khxo"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1JS%2BsBKtnRF1GL5GsF8dca4XXdgT7EV%2B3z0r0MDCtFkq6s5d0%2FLrZ2Q40%2FioQ7YuQSW%2FonJ6NE%2B4HIU68ZyADf7ChUkrBhQcq4JqQlUJQM3tAzIEzqIVAhXz%2FZR%2FyTdno3YU2kt1drA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml; charset=utf-8
cf-ray: 7ee025ea0e3037ea-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 lock.svg
icongr.am/feather/ 309 B
507 B 285ms
213ms Image
image/svg+xml 2606:4700:3030::6815:3a7d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icongr.am/feather/lock.svg?size=24&color=currentColor
Requested by: Host: a383njs.glitch.me
URL: https://a383njs.glitch.me/2pz679z.html?e=dillon.feuz%40usu.edu
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:3a7d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3bb0df3866f1cf214a21c39e85528c8584aca1257b6c933c60f18c80697f1135

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a383njs.glitch.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 21:17:17 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"135-YgxR0R4BSs99Qou6ycqlY+SlFgE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2FJloBRSy4Ciabks1%2FfZbWgYiQ1yacvMfo4KhTY%2BD4rxf1b1oQ98o6RnPJ9s3lDriQvHOTbULYELzwH3lVwWb%2F3QLyKaCJIpnUt573gAc4TCgQ8JjOf6bHR6NGoxMDP%2FuTkgGfwQrcQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml; charset=utf-8
cf-ray: 7ee025ea1e3237ea-FRA
alt-svc: h3=":443"; ma=86400

GET
H2

200

/ Show response
www.usu.edu/ Frame 1871
Redirect Chain

https://usu.edu/
https://www.usu.edu/

56 KB
11 KB

808ms
220ms

Document
text/html

129.123.54.211
USU-EDU

General

Check archive.org

Show headers Download Go to

Full URL

https://www.usu.edu/

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/jquery@3.6.4/dist/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

129.123.54.211 Logan, United States, ASN26046 (USU-EDU, US),

Reverse DNS

web35.it.usu.edu

Software

nginx/1.24.0 /

Resource Hash

25edb563157e940ff917e2b904379ca01aa3820092695325651807bf93f046d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://a383njs.glitch.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Fri, 28 Jul 2023 21:17:19 GMT
p3p: policyref="https://www.usu.edu/p3p/p3p.xml", CP="NON CURa TIA"
server: nginx/1.24.0
x-content-type-options: nosniff

Redirect headers

content-length: 169
content-type: text/html
date: Fri, 28 Jul 2023 21:17:18 GMT
location: https://www.usu.edu/
server: nginx/1.24.0
x-content-type-options: nosniff

GET
H2

200

faviconV2
t1.gstatic.com/
Redirect Chain

https://www.google.com/s2/favicons?domain=usu.edu
https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://usu.edu&size=16

766 B
1 KB

107ms
38ms

Image
image/png

2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://usu.edu&size=16

Requested by

Host: a383njs.glitch.me
URL: https://a383njs.glitch.me/2pz679z.html?e=dillon.feuz%40usu.edu

Protocol

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94d9591f94bc5400e8e39207d499292bc31d41007a32c60b22328ad610645113

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a383njs.glitch.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 21:17:17 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 766
x-xss-protection: 0
last-modified: Sun, 12 Sep 2021 03:05:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://www.usu.edu/favicon.ico
expires: Fri, 04 Aug 2023 21:17:17 GMT

Redirect headers

date: Fri, 28 Jul 2023 21:17:17 GMT
x-content-type-options: nosniff
server: sffe
content-type: text/html; charset=UTF-8
location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://usu.edu&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 327
x-xss-protection: 0
expires: Fri, 28 Jul 2023 21:47:17 GMT

GET
H2 200 bootstrap.min.css
www.usu.edu/assets/bs4/css/ Frame 1871 141 KB
23 KB 343ms
342ms Stylesheet
text/css 129.123.54.211
USU-EDU

General

Check archive.org

Show headers Download Go to

Full URL

https://www.usu.edu/assets/bs4/css/bootstrap.min.css

Requested by

Host: www.usu.edu
URL: https://www.usu.edu/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

129.123.54.211 Logan, United States, ASN26046 (USU-EDU, US),

Reverse DNS

web35.it.usu.edu

Software

nginx/1.24.0 /

Resource Hash

f34dc8c357ce39d01db9550ee695bd1f60135d0ad849e4509bf1868d4bf17e7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usu.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 21:17:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 07 Jan 2022 16:45:07 GMT
server: nginx/1.24.0
etag: "23359-5d500b5a0585b-gzip"
vary: Accept-Encoding
content-type: text/css
p3p: policyref="https://www.usu.edu/p3p/p3p.xml", CP="NON CURa TIA"
access-control-allow-origin: *
accept-ranges: bytes
content-length: 22762

GET
H2 200 main.css
www.usu.edu/assets/bs4/css/ Frame 1871 72 KB
14 KB 188ms
188ms Stylesheet
text/css 129.123.54.211
USU-EDU

General

Check archive.org

Show headers Download Go to

Full URL

https://www.usu.edu/assets/bs4/css/main.css

Requested by

Host: www.usu.edu
URL: https://www.usu.edu/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

129.123.54.211 Logan, United States, ASN26046 (USU-EDU, US),

Reverse DNS

web35.it.usu.edu

Software

nginx/1.24.0 /

Resource Hash

c05f608bd1c8a590c75dd3f37e92d799bafc2e081f650e46a0507544f37b27da

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usu.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 21:17:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 11 Apr 2023 16:49:44 GMT
server: nginx/1.24.0
etag: "11ed4-5f912474558df-gzip"
vary: Accept-Encoding
content-type: text/css
p3p: policyref="https://www.usu.edu/p3p/p3p.xml", CP="NON CURa TIA"
access-control-allow-origin: *
accept-ranges: bytes
content-length: 14323

GET
H2 200 u-state-logo.svg
www.usu.edu/assets/bs4/images/logos/ Frame 1871 4 KB
4 KB 254ms
253ms Image
image/svg+xml 129.123.54.211
USU-EDU

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.usu.edu/assets/bs4/images/logos/u-state-logo.svg

Requested by

Host: www.usu.edu
URL: https://www.usu.edu/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

129.123.54.211 Logan, United States, ASN26046 (USU-EDU, US),

Reverse DNS

web35.it.usu.edu

Software

nginx/1.24.0 /

Resource Hash

0061be178b2730291a7f6416f3604682abc160dc5e7dff1863ca67a09bb05b84

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usu.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 21:17:19 GMT
x-content-type-options: nosniff
last-modified: Fri, 24 Feb 2023 21:25:25 GMT
server: nginx/1.24.0
etag: "101b-5f578c481e532"
p3p: policyref="https://www.usu.edu/p3p/p3p.xml", CP="NON CURa TIA"
content-type: image/svg+xml
access-control-allow-origin: *
accept-ranges: bytes
content-length: 4123

GET
H2 200 utah-state-logo.svg
www.usu.edu/assets/bs4/images/logos/ Frame 1871 5 KB
5 KB 161ms
160ms Image
image/svg+xml 129.123.54.211
USU-EDU

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.usu.edu/assets/bs4/images/logos/utah-state-logo.svg

Requested by

Host: www.usu.edu
URL: https://www.usu.edu/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

129.123.54.211 Logan, United States, ASN26046 (USU-EDU, US),

Reverse DNS

web35.it.usu.edu

Software

nginx/1.24.0 /

Resource Hash

25de09ccfa2c8dd064ea6eafd956c5bfc6ad228f0808efc5520377b57b491f0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usu.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 21:17:19 GMT
x-content-type-options: nosniff
last-modified: Fri, 24 Feb 2023 21:17:02 GMT
server: nginx/1.24.0
etag: "1457-5f578a686c653"
p3p: policyref="https://www.usu.edu/p3p/p3p.xml", CP="NON CURa TIA"
content-type: image/svg+xml
access-control-allow-origin: *
accept-ranges: bytes
content-length: 5207

GET
H2 200 USU_Best_College_Town.jpg
www.usu.edu/modules/images/banners/1600/ Frame 1871 308 KB
308 KB 164ms
162ms Image
image/jpeg 129.123.54.211
USU-EDU

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.usu.edu/modules/images/banners/1600/USU_Best_College_Town.jpg

Requested by

Host: www.usu.edu
URL: https://www.usu.edu/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

129.123.54.211 Logan, United States, ASN26046 (USU-EDU, US),

Reverse DNS

web35.it.usu.edu

Software

nginx/1.24.0 /

Resource Hash

dc30e71a78861bd29b058e17bae54528703914ccdb7b258b30f5c0e52baa10c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usu.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 21:17:19 GMT
x-content-type-options: nosniff
last-modified: Mon, 24 Apr 2023 21:02:00 GMT
server: nginx/1.24.0
etag: "4ceb5-5fa1b51656c3d"
p3p: policyref="https://www.usu.edu/p3p/p3p.xml", CP="NON CURa TIA"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 315061
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 logan-campus-view-1600.jpg
www.usu.edu/about/images/ Frame 1871 67 KB
0 372ms
372ms Image
image/jpeg 129.123.54.211
USU-EDU

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.usu.edu/about/images/logan-campus-view-1600.jpg

Requested by

Host: www.usu.edu
URL: https://www.usu.edu/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

129.123.54.211 Logan, United States, ASN26046 (USU-EDU, US),

Reverse DNS

web35.it.usu.edu

Software

nginx/1.24.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usu.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 21:17:20 GMT
x-content-type-options: nosniff
last-modified: Tue, 14 Dec 2021 16:29:33 GMT
server: nginx/1.24.0
etag: "491bb-5d31db1bdc7d5"
p3p: policyref="https://www.usu.edu/p3p/p3p.xml", CP="NON CURa TIA"
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 299451

GET
H2 200 css
fonts.googleapis.com/ Frame 1871 7 KB
1 KB 93ms
36ms Stylesheet
text/css 2a00:1450:4001:81c::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:300,400,700&display=swap

Requested by

Host: www.usu.edu
URL: https://www.usu.edu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

ec1217100dbf844f59e6cd80e46fae7878a2a853c625e847742bb6a9c031bf80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usu.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 28 Jul 2023 21:17:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 28 Jul 2023 19:56:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Jul 2023 21:17:19 GMT

GET
H2 200 modular.css
www.usu.edu/assets/bs4/css/ Frame 1871 40 KB
8 KB 161ms
161ms Stylesheet
text/css 129.123.54.211
USU-EDU

General

Check archive.org

Show headers Download Go to

Full URL

https://www.usu.edu/assets/bs4/css/modular.css

Requested by

Host: www.usu.edu
URL: https://www.usu.edu/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

129.123.54.211 Logan, United States, ASN26046 (USU-EDU, US),

Reverse DNS

web35.it.usu.edu

Software

nginx/1.24.0 /

Resource Hash

80ffef6cdf89fad7f3c96274bd0fe21f80371cb2524270cdcd9a3eb83ca39242

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usu.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 21:17:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 12 Dec 2022 21:50:02 GMT
server: nginx/1.24.0
etag: "a1c4-5efa87c50366b-gzip"
vary: Accept-Encoding
content-type: text/css
p3p: policyref="https://www.usu.edu/p3p/p3p.xml", CP="NON CURa TIA"
access-control-allow-origin: *
accept-ranges: bytes
content-length: 7642

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ Frame 1871 87 KB
31 KB 91ms
23ms Script
text/javascript 2a00:1450:4001:802::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: www.usu.edu
URL: https://www.usu.edu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usu.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 08:01:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47731
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jul 2024 08:01:48 GMT

GET
H2 200 moment.min-2.29.3.js Show response
www.usu.edu/assets/bs4/lib/moment/ Frame 1871 58 KB
19 KB 254ms
252ms Script
application/javascript 129.123.54.211
USU-EDU

General

Check archive.org

Show headers Download Go to

Full URL

https://www.usu.edu/assets/bs4/lib/moment/moment.min-2.29.3.js

Requested by

Host: www.usu.edu
URL: https://www.usu.edu/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

129.123.54.211 Logan, United States, ASN26046 (USU-EDU, US),

Reverse DNS

web35.it.usu.edu

Software

nginx/1.24.0 /

Resource Hash

d58e5d35d04de706f712d29658bb96e12b3678d84ff558dcc22500b8af873983

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usu.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 21:17:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 27 Jun 2022 17:08:31 GMT
server: nginx/1.24.0
etag: "e629-5e270f82af513-gzip"
vary: Accept-Encoding
content-type: application/javascript
p3p: policyref="https://www.usu.edu/p3p/p3p.xml", CP="NON CURa TIA"
access-control-allow-origin: *
accept-ranges: bytes
content-length: 19086

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/js/ Frame 1871 81 KB
23 KB 41ms
39ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/js/bootstrap.bundle.min.js

Requested by

Host: www.usu.edu
URL: https://www.usu.edu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19126b874a32753d42c12dfa6c17892bfd93820a5a5100ba1b34da4d07599b49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.usu.edu/
Origin: https://www.usu.edu
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 21:17:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7921659
x-jsd-version: 4.6.2
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230069-FRA, cache-yyz4572-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"145b0-MjP9Adh/ukV+qtjcvCifdbFw+BQ"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GwlOIDn5K%2BqNp01DD09RYIUBvQ0Z4jJonIbZRDrqZeWxpg6Hz6T5aakOWqPq9QBe9zEuSR%2B42bVn05Z1aTuoSpEmWTY4xanzVh9n%2BwRchmbodgPlYK3E10FVGTPxKnou2WmW%2FbSfPQgbZFnAr8Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7ee025f6dd0f92b9-FRA

GET
H2 200 lazysizes.min.js
www.usu.edu/assets/bs4/lib/lazysizes/ Frame 1871 0
0 311ms
311ms Script
application/javascript 129.123.54.211
USU-EDU

General

Check archive.org

Show headers Download Go to

Full URL

https://www.usu.edu/assets/bs4/lib/lazysizes/lazysizes.min.js

Requested by

Host: www.usu.edu
URL: https://www.usu.edu/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

129.123.54.211 Logan, United States, ASN26046 (USU-EDU, US),

Reverse DNS

web35.it.usu.edu

Software

nginx/1.24.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usu.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 21:17:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Oct 2021 17:47:23 GMT
server: nginx/1.24.0
etag: "262b-5ceb841079c88-gzip"
vary: Accept-Encoding
content-type: application/javascript
p3p: policyref="https://www.usu.edu/p3p/p3p.xml", CP="NON CURa TIA"
access-control-allow-origin: *
accept-ranges: bytes
content-length: 4083

GET
H2 200 60ddd04f2e.js Show response
kit.fontawesome.com/ Frame 1871 11 KB
5 KB 114ms
49ms Script
text/javascript 2606:4700::6812:1634

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/60ddd04f2e.js

Requested by

Host: www.usu.edu
URL: https://www.usu.edu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1634 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

e041f24fd5089bcac4578d8ebfca2f0e0ec914b71135ac2beb739e0480b5ea57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://www.usu.edu/
Origin: https://www.usu.edu
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 21:17:19 GMT
strict-transport-security: max-age=31536000; preload
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=60, public, must-revalidate
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-ray: 7ee025f73cfe1e6e-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F2QhBlGU2lw0fuoFsith

GET
H2 200 init.1.2.js Show response
www.usu.edu/assets/bs4/js/ Frame 1871 58 KB
17 KB 254ms
252ms Script
application/javascript 129.123.54.211
USU-EDU

General

Check archive.org

Show headers Download Go to

Full URL

https://www.usu.edu/assets/bs4/js/init.1.2.js

Requested by

Host: www.usu.edu
URL: https://www.usu.edu/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

129.123.54.211 Logan, United States, ASN26046 (USU-EDU, US),

Reverse DNS

web35.it.usu.edu

Software

nginx/1.24.0 /

Resource Hash

8ec3c3a0eda54b46cae82aabbca946e398a63d76e9cecd03e0de6bf2d85db7a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usu.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 21:17:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 07 Jul 2023 17:38:45 GMT
server: nginx/1.24.0
etag: "e83e-5ffe91acb3101-gzip"
vary: Accept-Encoding
content-type: application/javascript
p3p: policyref="https://www.usu.edu/p3p/p3p.xml", CP="NON CURa TIA"
access-control-allow-origin: *
accept-ranges: bytes
content-length: 16583

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 1871 154 KB
58 KB 90ms
39ms Script
application/javascript 2a00:1450:4001:82b::2008

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KTF5FBD

Requested by

Host: www.usu.edu
URL: https://www.usu.edu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 -, , ASN (),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1ed41c62d07829467b5c7f64f6b3611e02dfea9e154f245739a1d6b9d8d3f46f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usu.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 21:17:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58648
x-xss-protection: 0
last-modified: Fri, 28 Jul 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 28 Jul 2023 21:17:19 GMT

GET u-state-logo.svg
www.usu.edu/assets/bs4/images/logos/ Frame 1871 0
0

GET utah-state-logo.svg
www.usu.edu/assets/bs4/images/logos/ Frame 1871 0
0

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v25/ Frame 1871 15 KB
15 KB 78ms
27ms Font
font/woff2 2a00:1450:4001:810::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:300,400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.usu.edu
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 03:46:14 GMT
x-content-type-options: nosniff
age: 149465
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15700
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:51:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Jul 2024 03:46:14 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ Frame 1871 15 KB
16 KB 72ms
21ms Font
font/woff2 2a00:1450:4001:810::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:300,400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.usu.edu
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 05:38:50 GMT
x-content-type-options: nosniff
age: 56309
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15660
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:42:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jul 2024 05:38:50 GMT

GET header.m4v
www.usu.edu/impact/assets/ Frame 1871 0
0

GET blur.png
www.usu.edu/assets/bs4/images/ Frame 1871 0
0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 1871 52 KB
21 KB 252ms
21ms Script
text/javascript 2a00:1450:4001:829::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KTF5FBD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usu.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 28 Jul 2023 21:04:39 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 761
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 28 Jul 2023 23:04:39 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 1871 240 KB
82 KB 36ms
36ms Script
application/javascript 2a00:1450:4001:82b::2008

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-YP02VK67GD&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KTF5FBD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 -, , ASN (),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

268dfc219eb739eb3d3f8363d269ffee614c86413d4815cfa26d3e31d1e658ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usu.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 21:17:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84281
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 28 Jul 2023 21:17:19 GMT

GET
H2 200 free-v4-shims.min.js Show response
ka-f.fontawesome.com/releases/v5.15.4/js/ Frame 1871 14 KB
5 KB 94ms
31ms Fetch
application/javascript 2606:4700:e2::ac40:8209

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/js/free-v4-shims.min.js?token=60ddd04f2e
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/60ddd04f2e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8209 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 550b2edb27bbe4bb79b74b464f26770dabec71527c4508676f67ec1ca981bef6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usu.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 21:17:20 GMT
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 15351494
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"da4227cf1e84c37056b854e5ea53863a"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L26T%2F2SYcNCwRqE9LhlPQdgqGImZkFn8GXTQ8jpzDu4Pj3kqEw0MmDW5yxN%2FmcrjbHRVJJoHu%2BLAhsNuKOpKq314lUqaaExLK4QDzHJKG0koiJJFpkREOZYWhVBKBRrA4Map2xmvmzUVMcHDK%2BTd%2BO76UA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 7ee025f93f71377b-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: jxjN0dUfKxan0tH0CaOBl2-tiJt5__ErPCbTjMXeAfgC7aVH9mKV2Q==

GET
H2 200 free.min.js Show response
ka-f.fontawesome.com/releases/v5.15.4/js/ Frame 1871 1 MB
426 KB 109ms
45ms Fetch
application/javascript 2606:4700:e2::ac40:8209

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/js/free.min.js?token=60ddd04f2e
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/60ddd04f2e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8209 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: aa86f69ce9347b3e57d75b59267733c91edd31e175305d37f0f55c2633bb5a07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usu.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 21:17:20 GMT
via: 1.1 07fbd2276304c86925071791c7032950.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 7946388
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"736ac10fbfffa53b1fb75fbebdd7ff88"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NqiiUth%2F%2FYxU8usHCYSOMoWjl4ysCVG6vlMvQ96a9G4OvULLDTAaz5cGbAecHtoeFYunL4Hb7VzhFx%2FbAHLKAw9SnbykwqXMso7fK3qDD0vmxj5I8Qqs%2BSjmnhxnCvgh%2Bu%2BaCOpBHlCOpwx1jzp1PludYA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 7ee025f93f74377b-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: 8PKBi-OxrVAn3Y2L1BW9Ob6SLSF9rmcN5he45s4FtwlK8GML01ET_w==

GET
H2 200 iframe_api Show response
www.youtube.com/ Frame 1871 1006 B
2 KB 126ms
41ms Script
text/javascript 2a00:1450:4001:830::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.usu.edu
URL: https://www.usu.edu/assets/bs4/js/init.1.2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

95b2862c528501dfd59340092c5708e98d0e7c4d61bc7ecbd3e93081595dbe16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usu.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 21:17:20 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Fri, 28 Jul 2023 21:17:20 GMT

GET
H2 200 www-widgetapi.js
www.youtube.com/s/player/0e6aaa83/www-widgetapi.vflset/ Frame 1871 203 KB
63 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:830::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0e6aaa83/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usu.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 21:01:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 940
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64246
x-xss-protection: 0
last-modified: Tue, 25 Jul 2023 23:37:22 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 27 Jul 2024 21:01:40 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.usu.edu
URL: https://www.usu.edu/assets/bs4/images/logos/u-state-logo.svg

Domain: www.usu.edu
URL: https://www.usu.edu/assets/bs4/images/logos/utah-state-logo.svg

Domain: www.usu.edu
URL: https://www.usu.edu/impact/assets/header.m4v

Domain: www.usu.edu
URL: https://www.usu.edu/assets/bs4/images/blur.png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Email (Online)

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://a383njs.glitch.me/2pz679z.html?e=dillon.feuz%40usu.edu Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
javascript	warning	URL: https://a383njs.glitch.me/2pz679z.html?e=dillon.feuz%40usu.edu Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.jsdelivr.net/npm/jquery@3.6.4/dist/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://a383njs.glitch.me/2pz679z.html?e=dillon.feuz%40usu.edu Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.jsdelivr.net/npm/jquery@3.6.4/dist/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a383njs.glitch.me
ajax.googleapis.com
cdn.jsdelivr.net
cdn.shopify.com
fonts.googleapis.com
fonts.gstatic.com
icongr.am
ka-f.fontawesome.com
kit.fontawesome.com
t1.gstatic.com
usu.edu
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.usu.edu
www.youtube.com
x536hv.glitch.me
www.usu.edu
129.123.54.211
23.227.60.200
2606:4700:3030::6815:3a7d
2606:4700::6810:5614
2606:4700::6812:1634
2606:4700:e2::ac40:8209
2a00:1450:4001:802::200a
2a00:1450:4001:80b::2004
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2003
2a00:1450:4001:81c::200a
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2008
2a00:1450:4001:830::200e
54.144.28.217
0061be178b2730291a7f6416f3604682abc160dc5e7dff1863ca67a09bb05b84
19126b874a32753d42c12dfa6c17892bfd93820a5a5100ba1b34da4d07599b49
1ed41c62d07829467b5c7f64f6b3611e02dfea9e154f245739a1d6b9d8d3f46f
25de09ccfa2c8dd064ea6eafd956c5bfc6ad228f0808efc5520377b57b491f0e
25edb563157e940ff917e2b904379ca01aa3820092695325651807bf93f046d3
268dfc219eb739eb3d3f8363d269ffee614c86413d4815cfa26d3e31d1e658ec
2b81272a700492a8e0a3d24ef9a53640739414e182af7e62a8ebc0e1027dc631
3bb0df3866f1cf214a21c39e85528c8584aca1257b6c933c60f18c80697f1135
550b2edb27bbe4bb79b74b464f26770dabec71527c4508676f67ec1ca981bef6
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
798df0b103bfe05fe2905145f525381b1f87c88afd3625fed698187c627082cf
80ffef6cdf89fad7f3c96274bd0fe21f80371cb2524270cdcd9a3eb83ca39242
8ec3c3a0eda54b46cae82aabbca946e398a63d76e9cecd03e0de6bf2d85db7a4
94d9591f94bc5400e8e39207d499292bc31d41007a32c60b22328ad610645113
95b2862c528501dfd59340092c5708e98d0e7c4d61bc7ecbd3e93081595dbe16
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af
aa86f69ce9347b3e57d75b59267733c91edd31e175305d37f0f55c2633bb5a07
c05f608bd1c8a590c75dd3f37e92d799bafc2e081f650e46a0507544f37b27da
d58e5d35d04de706f712d29658bb96e12b3678d84ff558dcc22500b8af873983
dc30e71a78861bd29b058e17bae54528703914ccdb7b258b30f5c0e52baa10c5
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df113ba9db510a35d55a35ef117e2ff25974959d04279bf9799842f2e0efea72
e041f24fd5089bcac4578d8ebfca2f0e0ec914b71135ac2beb739e0480b5ea57
e2d7e7b94c41b26d6f298b697929ab490fa022b5011c509533a11d3b0261be4b
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
ec1217100dbf844f59e6cd80e46fae7878a2a853c625e847742bb6a9c031bf80
f34dc8c357ce39d01db9550ee695bd1f60135d0ad849e4509bf1868d4bf17e7d
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

a383njs.glitch.me Open in urlscan Pro 54.144.28.217 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

36 Requests

86 %HTTPS

80 %IPv6

12 Domains

17 Subdomains

15 IPs

3 Countries

1298 kBTransfer

3052 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

36 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

a383njs.glitch.me Open in urlscan Pro
54.144.28.217 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

36
Requests

86 %
HTTPS

80 %
IPv6

12
Domains

17
Subdomains

15
IPs

3
Countries

1298 kB
Transfer

3052 kB
Size

0
Cookies

36 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!