auth-ex.ecornell.com Open in urlscan Pro
44.193.176.202 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://lms.ecornell.com/
Effective URL:
https://auth-ex.ecornell.com/cas/login?service=https%3A%2F%2Flms.ecornell.com%2Flogin%2Fcas
Submission: On August 19 via manual (August 19th 2021, 12:19:45 pm UTC) from US

Summary HTTP 154 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 38 IPs in 4 countries across 31 domains to perform 154 HTTP transactions. The main IP is 44.193.176.202, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is auth-ex.ecornell.com.
TLS certificate: Issued by Amazon on August 9th 2021. Valid for: a year.

This is the only time auth-ex.ecornell.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4 4	34.195.53.194 34.195.53.194	14618 (AMAZON-AES) (AMAZON-AES)
1	44.193.176.202 44.193.176.202	14618 (AMAZON-AES) (AMAZON-AES)
19	35.227.175.178 35.227.175.178	15169 (GOOGLE) (GOOGLE)
16	13.224.96.68 13.224.96.68	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
20	94.31.29.99 94.31.29.99	33438 (HIGHWINDS2) (HIGHWINDS2)
6	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2b0::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	151.101.13.140 151.101.13.140	54113 (FASTLY) (FASTLY)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
1	151.101.13.2 151.101.13.2	54113 (FASTLY) (FASTLY)
4	104.126.37.129 104.126.37.129	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	35.244.142.80 35.244.142.80	15169 (GOOGLE) (GOOGLE)
1 2	54.93.179.96 54.93.179.96	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400c:c04::9a	15169 (GOOGLE) (GOOGLE)
2 2	2620:119:50e1... 2620:119:50e1:101::6cae:b25	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
3	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
1	18.215.205.165 18.215.205.165	14618 (AMAZON-AES) (AMAZON-AES)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
7	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2	52.202.69.186 52.202.69.186	14618 (AMAZON-AES) (AMAZON-AES)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.98.9 143.204.98.9	16509 (AMAZON-02) (AMAZON-02)
19	3.94.218.138 3.94.218.138	14618 (AMAZON-AES) (AMAZON-AES)
2	54.172.114.57 54.172.114.57	14618 (AMAZON-AES) (AMAZON-AES)
2	34.232.187.200 34.232.187.200	14618 (AMAZON-AES) (AMAZON-AES)
2	54.173.95.250 54.173.95.250	14618 (AMAZON-AES) (AMAZON-AES)
1	2a04:4e42:3::720 2a04:4e42:3::720	54113 (FASTLY) (FASTLY)
154	38

4 34.195.53.194 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-53-194.compute-1.amazonaws.com

lms.ecornell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.193.176.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-193-176-202.compute-1.amazonaws.com

auth-ex.ecornell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 35.227.175.178 (The Dalles, United States)

ASN15169 (GOOGLE, US)
PTR: 178.175.227.35.bc.googleusercontent.com

ecornell.cornell.edu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 13.224.96.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-68.zrh50.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 94.31.29.99 (United Kingdom)

ASN33438 (HIGHWINDS2, US)
PTR: 94.31.29.99.IPYX-077437-ZYO.above.net

1dx1ha2o9633412a0g3rw4xf-wpengine.netdna-ssl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2b0::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.13.140 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.13.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

a.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.126.37.129 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-37-129.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.142.80 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 80.142.244.35.bc.googleusercontent.com

cdn.pdst.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.93.179.96 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-179-96.eu-central-1.compute.amazonaws.com

tags.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c04::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:119:50e1:101::6cae:b25 (United States) 2 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.215.205.165 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-215-205-165.compute-1.amazonaws.com

q.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.202.69.186 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: pi0-lba1-1-ue1.aws.pardot.com

pi.pardot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-9.fra50.r.cloudfront.net

embeds.driftcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 3.94.218.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-94-218-138.compute-1.amazonaws.com

customer.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
metrics.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
targeting.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.172.114.57 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-172-114-57.compute-1.amazonaws.com

event.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.232.187.200 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-187-200.compute-1.amazonaws.com

1176912-12.chat.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.173.95.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-173-95-250.compute-1.amazonaws.com

presence.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::720 (United States)

ASN54113 (FASTLY, US)

driftt.imgix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	drift.com customer.api.drift.com metrics.api.drift.com event.api.drift.com targeting.api.drift.com 1176912-12.chat.api.drift.com presence.api.drift.com	5 KB
20	netdna-ssl.com 1dx1ha2o9633412a0g3rw4xf-wpengine.netdna-ssl.com	171 KB
19	cornell.edu ecornell.cornell.edu	205 KB
16	driftt.com js.driftt.com	428 KB
13	google.com www.google.com cse.google.com clients1.google.com	214 KB
10	google-analytics.com ssl.google-analytics.com www.google-analytics.com	38 KB
7	gstatic.com fonts.gstatic.com www.gstatic.com	395 KB
6	googleapis.com fonts.googleapis.com	3 KB
5	ecornell.com 4 redirects lms.ecornell.com auth-ex.ecornell.com	11 KB
4	linkedin.com 3 redirects px.ads.linkedin.com www.linkedin.com px4.ads.linkedin.com	3 KB
4	tiktok.com analytics.tiktok.com	86 KB
3	google.de www.google.de	278 B
3	doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	2 KB
3	bing.com bat.bing.com	9 KB
3	googletagmanager.com www.googletagmanager.com	163 KB
2	pardot.com pi.pardot.com	4 KB
2	facebook.com www.facebook.com	235 B
2	w55c.net 1 redirects tags.w55c.net	1 KB
2	quora.com a.quora.com q.quora.com	14 KB
2	facebook.net connect.facebook.net	153 KB
1	imgix.net driftt.imgix.net	18 KB
1	driftcdn.com embeds.driftcdn.com	16 KB
1	cloudflare.com cdnjs.cloudflare.com	1 KB
1	twitter.com analytics.twitter.com	659 B
1	t.co t.co	454 B
1	reddit.com alb.reddit.com	125 B
1	googleadservices.com www.googleadservices.com	14 KB
1	pdst.fm cdn.pdst.fm	6 KB
1	ads-twitter.com static.ads-twitter.com	2 KB
1	redditstatic.com www.redditstatic.com	7 KB
1	licdn.com snap.licdn.com	2 KB
154	31

	Domain	Requested by
20	1dx1ha2o9633412a0g3rw4xf-wpengine.netdna-ssl.com	ecornell.cornell.edu 1dx1ha2o9633412a0g3rw4xf-wpengine.netdna-ssl.com
19	ecornell.cornell.edu	auth-ex.ecornell.com ecornell.cornell.edu
16	js.driftt.com	auth-ex.ecornell.com js.driftt.com
10	www.google.com	ecornell.cornell.edu auth-ex.ecornell.com www.gstatic.com cse.google.com www.google.com
8	targeting.api.drift.com	js.driftt.com
8	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com auth-ex.ecornell.com
6	metrics.api.drift.com	js.driftt.com
6	fonts.googleapis.com	ecornell.cornell.edu js.driftt.com
5	customer.api.drift.com	js.driftt.com
4	www.gstatic.com	www.google.com www.gstatic.com
4	analytics.tiktok.com	auth-ex.ecornell.com analytics.tiktok.com
4	lms.ecornell.com	4 redirects
3	fonts.gstatic.com	fonts.googleapis.com www.google.com
3	www.google.de	auth-ex.ecornell.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com auth-ex.ecornell.com
3	www.googletagmanager.com	auth-ex.ecornell.com www.googletagmanager.com
2	presence.api.drift.com	js.driftt.com
2	1176912-12.chat.api.drift.com	js.driftt.com
2	event.api.drift.com	js.driftt.com
2	pi.pardot.com	auth-ex.ecornell.com pi.pardot.com
2	www.facebook.com	auth-ex.ecornell.com
2	px.ads.linkedin.com	2 redirects
2	stats.g.doubleclick.net	www.google-analytics.com
2	tags.w55c.net	1 redirects auth-ex.ecornell.com
2	connect.facebook.net	auth-ex.ecornell.com connect.facebook.net
2	cse.google.com	ecornell.cornell.edu www.google.com
2	ssl.google-analytics.com	auth-ex.ecornell.com
1	driftt.imgix.net	js.driftt.com
1	embeds.driftcdn.com	js.driftt.com
1	cdnjs.cloudflare.com	js.driftt.com
1	analytics.twitter.com	static.ads-twitter.com
1	clients1.google.com	ecornell.cornell.edu
1	googleads.g.doubleclick.net	www.googleadservices.com
1	q.quora.com	auth-ex.ecornell.com
1	t.co	auth-ex.ecornell.com
1	alb.reddit.com	auth-ex.ecornell.com
1	www.googleadservices.com	www.googletagmanager.com
1	px4.ads.linkedin.com	auth-ex.ecornell.com
1	www.linkedin.com	1 redirects
1	cdn.pdst.fm	auth-ex.ecornell.com
1	a.quora.com	auth-ex.ecornell.com
1	static.ads-twitter.com	auth-ex.ecornell.com
1	www.redditstatic.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	auth-ex.ecornell.com
154	45

This site contains links to these domains. Also see Links.

Domain
www.ecornell.com

Subject Issuer	Validity	Valid
*.ecornell.com Amazon	`2021-08-09` - `2022-09-07`	a year	crt.sh
ecornell.cornell.edu InCommon RSA Server CA	`2021-08-09` - `2022-08-09`	a year	crt.sh
drift.com Amazon	`2020-09-21` - `2021-10-23`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.netdna-ssl.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-22` - `2022-03-18`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-04-30` - `2022-05-11`	a year	crt.sh
www.redditstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-23` - `2021-11-18`	6 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-07-06` - `2022-01-06`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-20` - `2021-10-18`	3 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
quora.com R3	`2021-08-01` - `2021-10-30`	3 months	crt.sh
*.tiktok.com RapidSSL RSA CA 2018	`2019-11-14` - `2022-01-12`	2 years	crt.sh
cdn.pdst.fm GTS CA 1D4	`2021-06-29` - `2021-09-27`	3 months	crt.sh
*.w55c.net Amazon	`2021-07-29` - `2022-08-27`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-04-15` - `2021-10-15`	6 months	crt.sh
www.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-23` - `2021-11-18`	6 months	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.quora.com R3	`2021-08-01` - `2021-10-30`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
pi.pardot.com DigiCert SHA2 Secure Server CA	`2020-12-05` - `2021-12-04`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
*.driftcdn.com Amazon	`2021-03-12` - `2022-04-10`	a year	crt.sh
wschat.api.drift.com Amazon	`2021-03-15` - `2022-04-13`	a year	crt.sh
*.imgix.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-10` - `2022-06-11`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://auth-ex.ecornell.com/cas/login?service=https%3A%2F%2Flms.ecornell.com%2Flogin%2Fcas
Frame ID: 8055A025F00512FE9A4F11FA01BCF1F0
Requests: 66 HTTP requests in this frame

Frame: https://ecornell.cornell.edu/hidden-pages/header-only/
Frame ID: FA1355C86DD1A1EE105AAAC9F53447C8
Requests: 33 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdfgkEaAAAAAN0sfvYVsx7y0_c6D8w8OKqeAaJJ&co=aHR0cHM6Ly9lY29ybmVsbC5jb3JuZWxsLmVkdTo0NDM.&hl=en&v=Eyd0Dt8h04h7r-D86uAD1JP-&size=invisible&cb=e1po1dnbzt2c
Frame ID: 5229FCC2660DA7D06A7FC3E810491EA7
Requests: 7 HTTP requests in this frame

Frame: https://js.driftt.com/deploy/assets/index.html
Frame ID: 26CE7B4EEAB16E8449A1ED8F260FA7C6
Requests: 36 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

eCornell | Log in

Page URL History Show full URLs

http://lms.ecornell.com/ HTTP 301
https://lms.ecornell.com/ HTTP 302
https://lms.ecornell.com/login HTTP 302
https://lms.ecornell.com/login/cas HTTP 302
https://auth-ex.ecornell.com/cas/login?service=https%3A%2F%2Flms.ecornell.com%2Flogin%2Fcas Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

154
Requests

100 %
HTTPS

46 %
IPv6

31
Domains

45
Subdomains

38
IPs

4
Countries

1967 kB
Transfer

6012 kB
Size

18
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://www.ecornell.com/about-ecornell/help/
Title: Help

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://lms.ecornell.com/ HTTP 301
https://lms.ecornell.com/ HTTP 302
https://lms.ecornell.com/login HTTP 302
https://lms.ecornell.com/login/cas HTTP 302
https://auth-ex.ecornell.com/cas/login?service=https%3A%2F%2Flms.ecornell.com%2Flogin%2Fcas Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56

https://tags.w55c.net/rs?id=513bc8839ac54981a01285bca816cffb&t=homepage HTTP 302
https://tags.w55c.net/rs?sccid=24c1b636-2467-fe4b-c3c7-a386d6d0906c&scc=1&id=513bc8839ac54981a01285bca816cffb&t=homepage

Request Chain 61

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5228&time=1629375567176&url=https%3A%2F%2Fauth-ex.ecornell.com%2Fcas%2Flogin%3Fservice%3Dhttps%253A%252F%252Flms.ecornell.com%252Flogin%252Fcas HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D5228%26time%3D1629375567176%26url%3Dhttps%253A%252F%252Fauth-ex.ecornell.com%252Fcas%252Flogin%253Fservice%253Dhttps%25253A%25252F%25252Flms.ecornell.com%25252Flogin%25252Fcas%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5228&time=1629375567176&url=https%3A%2F%2Fauth-ex.ecornell.com%2Fcas%2Flogin%3Fservice%3Dhttps%253A%252F%252Flms.ecornell.com%252Flogin%252Fcas&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5228&time=1629375567176&url=https%3A%2F%2Fauth-ex.ecornell.com%2Fcas%2Flogin%3Fservice%3Dhttps%253A%252F%252Flms.ecornell.com%252Flogin%252Fcas&liSync=true&e_ipv6=AQIDK6HFTq1kZQAAAXteWhh7-o2fQwcaup44r-hxQZSvmNQN24B9wjdCUzhT77qTXBnsGGgP

154 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
auth-ex.ecornell.com/cas/
Redirect Chain

http://lms.ecornell.com/
https://lms.ecornell.com/
https://lms.ecornell.com/login
https://lms.ecornell.com/login/cas
https://auth-ex.ecornell.com/cas/login?service=https%3A%2F%2Flms.ecornell.com%2Flogin%2Fcas

17 KB
8 KB

452ms
136ms

Document
text/html

44.193.176.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://auth-ex.ecornell.com/cas/login?service=https%3A%2F%2Flms.ecornell.com%2Flogin%2Fcas
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.193.176.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-176-202.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 88271cee0acbf789666a3545604a6394adff9d601c05ca2b7cfd99ca2aec4606

Request headers

:method: GET
:authority: auth-ex.ecornell.com
:scheme: https
:path: /cas/login?service=https%3A%2F%2Flms.ecornell.com%2Flogin%2Fcas
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:19:25 GMT
content-type: text/html;charset=UTF-8
content-length: 7717
set-cookie: AWSALB=U4dq7n6f7KRrHdgh3Dn+fgdyYWCrGcLZC0F7ysKDJUByVBumKkF//EQZDRpB91sunMW3N3hsTadB19Jz85xRMWAlFRhmyooZy/KcA/cC6FzT2bD0BpqE9ggfcXk5; Expires=Thu, 26 Aug 2021 12:19:25 GMT; Path=/ AWSALBCORS=U4dq7n6f7KRrHdgh3Dn+fgdyYWCrGcLZC0F7ysKDJUByVBumKkF//EQZDRpB91sunMW3N3hsTadB19Jz85xRMWAlFRhmyooZy/KcA/cC6FzT2bD0BpqE9ggfcXk5; Expires=Thu, 26 Aug 2021 12:19:25 GMT; Path=/; SameSite=None; Secure XSRF-TOKEN=39dbcdd9-2bab-44d7-868f-5ce6ccc8043a; Path=/cas; Secure; SameSite=None JSESSIONID=9FBD3591D6621487091B4B7C6720DF1D; Path=/; Secure; HttpOnly; SameSite=None
server: Apache
cache-control: no-store
vary: Accept-Encoding
content-encoding: gzip

Redirect headers

date: Thu, 19 Aug 2021 12:19:25 GMT
content-type: text/html; charset=utf-8
location: https://auth-ex.ecornell.com/cas/login?service=https%3A%2F%2Flms.ecornell.com%2Flogin%2Fcas
server: Apache
x-session-id: 5e8b332c014167489cbeaa93fea2459f
x-request-context-id: c870e4c0-e934-4223-ae35-a33611c11549
vary: Accept-Encoding
content-encoding: br
x-canvas-meta: q=921;a=86077;g=p7n7V8OlQi86B8gPrFrQBp5E3cFDCRjYp4Drue2f;s=25;c=cluster20;z=us-east-1c;o=login/cas;n=new;b=1478972;m=1478972;u=0.01;y=0.00;d=0.00;
pragma: no-cache
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-download-options: noopen
x-runtime: 0.018386
x-content-type-options: nosniff
set-cookie: _csrf_token=fcSt3UlHyxmmduXe41h%2BvFaMBwd1Mk5Ii%2FsXd336yeYxj925A2imb5Qnpo%2BEdyiOJe5LTCJ9PXHcnllPFp2vlg%3D%3D; path=/; secure log_session_id=5e8b332c014167489cbeaa93fea2459f; path=/; secure; HttpOnly
x-request-processor: 0ae7a0bf631aff81a
x-a11y-ally: Dana Danger Grey
status: 302 Found
p3p: CP="None, see http://www.instructure.com/privacy-policy"

GET
H2 200 bootstrap.min.css
ecornell.cornell.edu/wp-content/themes/ecustom18/css/ 119 KB
20 KB 611ms
161ms Stylesheet
text/css 35.227.175.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ecornell.cornell.edu/wp-content/themes/ecustom18/css/bootstrap.min.css
Requested by: Host: auth-ex.ecornell.com
URL: https://auth-ex.ecornell.com/cas/login?service=https%3A%2F%2Flms.ecornell.com%2Flogin%2Fcas
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.227.175.178 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 178.175.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6abebf48f0ccb9f7eb60639e6c82d88e876c63da111b4cf374116237875ad3c9

Request headers

Referer: https://auth-ex.ecornell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:19:26 GMT
content-encoding: br
last-modified: Thu, 11 Mar 2021 18:07:35 GMT
server: nginx
etag: W/"604a5c67-1dcad"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 style.css
ecornell.cornell.edu/wp-content/themes/ecustom18/ 227 KB
39 KB 611ms
161ms Stylesheet
text/css 35.227.175.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ecornell.cornell.edu/wp-content/themes/ecustom18/style.css
Requested by: Host: auth-ex.ecornell.com
URL: https://auth-ex.ecornell.com/cas/login?service=https%3A%2F%2Flms.ecornell.com%2Flogin%2Fcas
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.227.175.178 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 178.175.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 81c243f8c5aede82235edcda422c48be2e56360f90956a0e3634f1afdb9a5b24

Request headers

Referer: https://auth-ex.ecornell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:19:26 GMT
content-encoding: br
last-modified: Thu, 05 Aug 2021 18:33:52 GMT
server: nginx
etag: W/"610c2f10-38ae1"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 external_headers.css
ecornell.cornell.edu/wp-content/themes/ecustom/css/ 313 B
433 B 611ms
161ms Stylesheet
text/css 35.227.175.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ecornell.cornell.edu/wp-content/themes/ecustom/css/external_headers.css
Requested by: Host: auth-ex.ecornell.com
URL: https://auth-ex.ecornell.com/cas/login?service=https%3A%2F%2Flms.ecornell.com%2Flogin%2Fcas
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.227.175.178 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 178.175.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8e5ec1fa6741485842777e6d31e4f5d8c9ed526a7e959cb7d3443fc4e21e174a

Request headers

Referer: https://auth-ex.ecornell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:19:26 GMT
content-encoding: br
last-modified: Wed, 10 Mar 2021 14:41:39 GMT
server: nginx
etag: W/"6048daa3-139"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.js Show response
ecornell.cornell.edu/wp-includes/js/jquery/ 282 KB
84 KB 621ms
171ms Script
application/javascript 35.227.175.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ecornell.cornell.edu/wp-includes/js/jquery/jquery.js
Requested by: Host: auth-ex.ecornell.com
URL: https://auth-ex.ecornell.com/cas/login?service=https%3A%2F%2Flms.ecornell.com%2Flogin%2Fcas
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.227.175.178 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 178.175.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8c3010509fc7480b59413a90d69e9fafcb3d5aa202faf7862466f6bb8be1a335

Request headers

Origin: https://auth-ex.ecornell.com
Referer: https://auth-ex.ecornell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:19:26 GMT
content-encoding: br
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
server: nginx
etag: W/"6048e0ac-46758"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery-migrate.min.js Show response
ecornell.cornell.edu/wp-includes/js/jquery/ 11 KB
4 KB 742ms
292ms Script
application/javascript 35.227.175.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ecornell.cornell.edu/wp-includes/js/jquery/jquery-migrate.min.js
Requested by: Host: auth-ex.ecornell.com
URL: https://auth-ex.ecornell.com/cas/login?service=https%3A%2F%2Flms.ecornell.com%2Flogin%2Fcas
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.227.175.178 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 178.175.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Origin: https://auth-ex.ecornell.com
Referer: https://auth-ex.ecornell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:19:26 GMT
content-encoding: br
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
server: nginx
etag: W/"5fb4e3fe-2bd8"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 iframeResizer.min.js Show response
ecornell.cornell.edu/wp-content/themes/ecustom/js/ 5 KB
3 KB 649ms
199ms Script
application/javascript 35.227.175.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ecornell.cornell.edu/wp-content/themes/ecustom/js/iframeResizer.min.js
Requested by: Host: auth-ex.ecornell.com
URL: https://auth-ex.ecornell.com/cas/login?service=https%3A%2F%2Flms.ecornell.com%2Flogin%2Fcas
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.227.175.178 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 178.175.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: c1af8c44f5ad3a31f5b38de1c08e0242477ae2a075ac33c85db01202f748676c

Request headers

Origin: https://auth-ex.ecornell.com
Referer: https://auth-ex.ecornell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:19:26 GMT
content-encoding: br
last-modified: Thu, 18 Oct 2018 18:19:48 GMT
server: nginx
etag: W/"5bc8cec4-1595"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 external_headers.js Show response
ecornell.cornell.edu/wp-content/themes/ecustom/js/ 249 B
383 B 621ms
171ms Script
application/javascript 35.227.175.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ecornell.cornell.edu/wp-content/themes/ecustom/js/external_headers.js
Requested by: Host: auth-ex.ecornell.com
URL: https://auth-ex.ecornell.com/cas/login?service=https%3A%2F%2Flms.ecornell.com%2Flogin%2Fcas
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.227.175.178 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 178.175.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 026e519666929c827321d13cf8838382b3fde3949b02826bf2cd109e2b565e51

Request headers

Origin: https://auth-ex.ecornell.com
Referer: https://auth-ex.ecornell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:19:26 GMT
content-encoding: br
last-modified: Thu, 18 Oct 2018 18:19:48 GMT
server: nginx
etag: W/"5bc8cec4-f9"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.resizestop.min.js Show response
ecornell.cornell.edu/wp-content/themes/ecustom16/js/ 706 B
535 B 621ms
171ms Script
application/javascript 35.227.175.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ecornell.cornell.edu/wp-content/themes/ecustom16/js/jquery.resizestop.min.js?ecv=1472666662
Requested by: Host: auth-ex.ecornell.com
URL: https://auth-ex.ecornell.com/cas/login?service=https%3A%2F%2Flms.ecornell.com%2Flogin%2Fcas
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.227.175.178 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 178.175.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: bc603de9e31be30f98f7b63bae24e21c10dd7169374768f53b357355ac3b79fd

Request headers

Origin: https://auth-ex.ecornell.com
Referer: https://auth-ex.ecornell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:19:26 GMT
content-encoding: br
last-modified: Thu, 18 Oct 2018 18:19:48 GMT
server: nginx
etag: W/"5bc8cec4-2c2"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 bootstrap.min.js Show response
ecornell.cornell.edu/wp-content/themes/ecustom16/js/ecustom16/ 35 KB
10 KB 639ms
189ms Script
application/javascript 35.227.175.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ecornell.cornell.edu/wp-content/themes/ecustom16/js/ecustom16/bootstrap.min.js
Requested by: Host: auth-ex.ecornell.com
URL: https://auth-ex.ecornell.com/cas/login?service=https%3A%2F%2Flms.ecornell.com%2Flogin%2Fcas
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.227.175.178 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 178.175.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: abec73fcadc5a8b680bf4174f9d36b5b0ca3da327d32e29816b16d8f1f2ff497

Request headers

Origin: https://auth-ex.ecornell.com
Referer: https://auth-ex.ecornell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:19:26 GMT
content-encoding: br
last-modified: Thu, 18 Oct 2018 18:19:48 GMT
server: nginx
etag: W/"5bc8cec4-8c73"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 smooth-scroll.js Show response
ecornell.cornell.edu/wp-content/themes/ecustom16/js/ecustom16/ 3 KB
1 KB 921ms
472ms Script
application/javascript 35.227.175.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ecornell.cornell.edu/wp-content/themes/ecustom16/js/ecustom16/smooth-scroll.js
Requested by: Host: auth-ex.ecornell.com
URL: https://auth-ex.ecornell.com/cas/login?service=https%3A%2F%2Flms.ecornell.com%2Flogin%2Fcas
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.227.175.178 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 178.175.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3cbe9d2ad12faf05931bca711ad672ea2d2d58eb445b685d760c329c34330720

Request headers

Origin: https://auth-ex.ecornell.com
Referer: https://auth-ex.ecornell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:19:26 GMT
content-encoding: br
last-modified: Thu, 18 Oct 2018 18:19:48 GMT
server: nginx
etag: W/"5bc8cec4-a07"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 ecustom16.min.js Show response
ecornell.cornell.edu/wp-content/themes/ecustom16/js/ 35 KB
11 KB 774ms
326ms Script
application/javascript 35.227.175.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ecornell.cornell.edu/wp-content/themes/ecustom16/js/ecustom16.min.js?ecv=1476291496
Requested by: Host: auth-ex.ecornell.com
URL: https://auth-ex.ecornell.com/cas/login?service=https%3A%2F%2Flms.ecornell.com%2Flogin%2Fcas
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.227.175.178 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 178.175.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 91cd7f618a639bd469004ba5db1994a0ae3ec53b902e4ef635b34125e7606fa3

Request headers

Origin: https://auth-ex.ecornell.com
Referer: https://auth-ex.ecornell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:19:26 GMT
content-encoding: br
last-modified: Thu, 18 Oct 2018 18:19:48 GMT
server: nginx
etag: W/"5bc8cec4-8dba"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.imagelistexpander.js Show response
ecornell.cornell.edu/wp-content/themes/ecustom16/js/ecustom16/ 2 KB
1 KB 741ms
292ms Script
application/javascript 35.227.175.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ecornell.cornell.edu/wp-content/themes/ecustom16/js/ecustom16/jquery.imagelistexpander.js
Requested by: Host: auth-ex.ecornell.com
URL: https://auth-ex.ecornell.com/cas/login?service=https%3A%2F%2Flms.ecornell.com%2Flogin%2Fcas
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.227.175.178 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 178.175.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 66ae94189c1c17d4ff52124314e35c5b4d688f550fe17c5c9dc04879eb6a8657

Request headers

Origin: https://auth-ex.ecornell.com
Referer: https://auth-ex.ecornell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:19:26 GMT
content-encoding: br
last-modified: Thu, 18 Oct 2018 18:19:48 GMT
server: nginx
etag: W/"5bc8cec4-9f4"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 lc_switch.min.js Show response
ecornell.cornell.edu/wp-content/themes/ecustom16/js/ 2 KB
910 B 921ms
472ms Script
application/javascript 35.227.175.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ecornell.cornell.edu/wp-content/themes/ecustom16/js/lc_switch.min.js?ecv=1472666662
Requested by: Host: auth-ex.ecornell.com
URL: https://auth-ex.ecornell.com/cas/login?service=https%3A%2F%2Flms.ecornell.com%2Flogin%2Fcas
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.227.175.178 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 178.175.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: b1b6b8e2202bb9128702e3912a597ea54ed8fcd174206aa238aceedf75bf8e5e

Request headers

Origin: https://auth-ex.ecornell.com
Referer: https://auth-ex.ecornell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:19:26 GMT
content-encoding: br
last-modified: Thu, 18 Oct 2018 18:19:48 GMT
server: nginx
etag: W/"5bc8cec4-833"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 ecustom-embed.js Show response
ecornell.cornell.edu/wp-content/plugins/ecustom-embed/js/ 8 KB
3 KB 921ms
472ms Script
application/javascript 35.227.175.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ecornell.cornell.edu/wp-content/plugins/ecustom-embed/js/ecustom-embed.js
Requested by: Host: auth-ex.ecornell.com
URL: https://auth-ex.ecornell.com/cas/login?service=https%3A%2F%2Flms.ecornell.com%2Flogin%2Fcas
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.227.175.178 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 178.175.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2243300b6d41bd4cdde47484d3966d5e774bf10cfdd7f2087ba922ce9c2dcd22

Request headers

Origin: https://auth-ex.ecornell.com
Referer: https://auth-ex.ecornell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:19:26 GMT
content-encoding: br
last-modified: Thu, 11 Mar 2021 18:07:35 GMT
server: nginx
etag: W/"604a5c67-213e"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 wp-embed.min.js Show response
ecornell.cornell.edu/wp-includes/js/ 1 KB
947 B 920ms
472ms Script
application/javascript 35.227.175.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ecornell.cornell.edu/wp-includes/js/wp-embed.min.js?ver=4.6.1
Requested by: Host: auth-ex.ecornell.com
URL: https://auth-ex.ecornell.com/cas/login?service=https%3A%2F%2Flms.ecornell.com%2Flogin%2Fcas
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.227.175.178 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 178.175.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Origin: https://auth-ex.ecornell.com
Referer: https://auth-ex.ecornell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:19:26 GMT
content-encoding: br
last-modified: Wed, 06 Jan 2021 15:29:24 GMT
server: nginx
etag: W/"5ff5d754-592"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery-cookie.min.js Show response
ecornell.cornell.edu/wp-content/themes/ecustom16/js/ 1 KB
811 B 920ms
472ms Script
application/javascript 35.227.175.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ecornell.cornell.edu/wp-content/themes/ecustom16/js/jquery-cookie.min.js
Requested by: Host: auth-ex.ecornell.com
URL: https://auth-ex.ecornell.com/cas/login?service=https%3A%2F%2Flms.ecornell.com%2Flogin%2Fcas
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.227.175.178 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 178.175.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 708f001cc2044a716a0457aefbc76511873de57f172bef3ee3314e47aeb9ce7f

Request headers

Origin: https://auth-ex.ecornell.com
Referer: https://auth-ex.ecornell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:19:26 GMT
content-encoding: br
last-modified: Thu, 18 Oct 2018 18:19:48 GMT
server: nginx
etag: W/"5bc8cec4-434"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 / Show response
ecornell.cornell.edu/hidden-pages/header-only/ Frame FA13 29 KB
6 KB 163ms
162ms Document
text/html 35.227.175.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ecornell.cornell.edu/hidden-pages/header-only/
Requested by: Host: auth-ex.ecornell.com
URL: https://auth-ex.ecornell.com/cas/login?service=https%3A%2F%2Flms.ecornell.com%2Flogin%2Fcas
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.227.175.178 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 178.175.227.35.bc.googleusercontent.com
Software: nginx / WP Engine
Resource Hash: 31627ccce6c3ae231d30b612572b73f863ffff82ded429ece5c7e76104c82229

Request headers

:method: GET
:authority: ecornell.cornell.edu
:scheme: https
:path: /hidden-pages/header-only/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://auth-ex.ecornell.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://auth-ex.ecornell.com/

Response headers

server: nginx
date: Thu, 19 Aug 2021 12:19:27 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
x-pingback: https://ecornell.cornell.edu/xmlrpc.php
last-modified: Tue, 17 Aug 2021 19:48:08 GMT
link: <https://ecornell.cornell.edu/wp-json/>; rel="https://api.w.org/" <https://ecornell.cornell.edu/wp-json/wp/v2/pages/3592>; rel="alternate"; type="application/json" <https://ecornell.cornell.edu/?p=3592>; rel=shortlink
access-control-allow-origin: ecornell.cornell.edu
x-powered-by: WP Engine
x-cacheable: YES:15552000.000
cache-control: max-age=15552000, must-revalidate
x-cache: HIT: 1543
x-cache-group: normal
content-encoding: br

GET
H2 200 glyphicons-halflings-regular.woff2
ecornell.cornell.edu/wp-content/themes/ecustom18/fonts/ 18 KB
18 KB 166ms
166ms Font
font/woff2 35.227.175.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ecornell.cornell.edu/wp-content/themes/ecustom18/fonts/glyphicons-halflings-regular.woff2
Requested by: Host: ecornell.cornell.edu
URL: https://ecornell.cornell.edu/wp-content/themes/ecustom18/css/bootstrap.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.227.175.178 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 178.175.227.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

Origin: https://auth-ex.ecornell.com
Referer: https://ecornell.cornell.edu/wp-content/themes/ecustom18/css/bootstrap.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:19:27 GMT
last-modified: Thu, 18 Oct 2018 18:19:48 GMT
server: nginx
etag: "5bc8cec4-466c"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 18028

GET
H2 200 rhfnkn45i93k.js Show response
js.driftt.com/include/1629375600000/ 138 KB
46 KB 286ms
193ms Script
application/javascript 13.224.96.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1629375600000/rhfnkn45i93k.js

Requested by

Host: auth-ex.ecornell.com
URL: https://auth-ex.ecornell.com/cas/login?service=https%3A%2F%2Flms.ecornell.com%2Flogin%2Fcas

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-68.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

5e86db459ade943c9953d6b123e57e80bcb5ce5789037061aa58b8a7f266cb84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://auth-ex.ecornell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
etag: W/"455349657f95f58dcff046d51901f256"
x-amz-cf-pop: ZRH50-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
via: 1.1 ebbd7f31e48ea8cf77f6021cdd92bf62.cloudfront.net (CloudFront)
last-modified: Thu, 13 May 2021 20:09:30 GMT
server: nginx
date: Thu, 19 Aug 2021 12:19:27 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: f50QvRpvqsWBN-SSDkU4VDRc1E6Ha9ZkiRL9Fc9s2aZjHYBJWYy12g==

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: auth-ex.ecornell.com
URL: https://auth-ex.ecornell.com/cas/login?service=https%3A%2F%2Flms.ecornell.com%2Flogin%2Fcas

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://auth-ex.ecornell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 5192
date: Thu, 19 Aug 2021 10:52:55 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Thu, 19 Aug 2021 12:52:55 GMT

GET
H2 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
197 B 14ms
14ms Image
image/gif 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1618999582&utmhn=auth-ex.ecornell.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=eCornell%20%7C%20Log%20in&utmhid=1910700047&utmr=-&utmp=%2Fcas%2Flogin%3Fservice%3Dhttps%25253A%25252F%25252Flms.ecornell.com%25252Flogin%25252Fcas&utmht=1629375567043&utmac=UA-513073-4&utmcc=__utma%3D97568779.334009090.1629375567.1629375567.1629375567.1%3B%2B__utmz%3D97568779.1629375567.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=515753212&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: auth-ex.ecornell.com
URL: https://auth-ex.ecornell.com/cas/login?service=https%3A%2F%2Flms.ecornell.com%2Flogin%2Fcas

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://auth-ex.ecornell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 12:19:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 240 KB
75 KB 56ms
35ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M89LQJ

Requested by

Host: auth-ex.ecornell.com
URL: https://auth-ex.ecornell.com/cas/login?service=https%3A%2F%2Flms.ecornell.com%2Flogin%2Fcas

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

90a13d668cd5da19e925efed30d563805077ced48949dba1b9798e865dc9fb73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://auth-ex.ecornell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:19:27 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75982
x-xss-protection: 0
last-modified: Thu, 19 Aug 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 19 Aug 2021 12:19:27 GMT

GET
H2 200 et-line.css
1dx1ha2o9633412a0g3rw4xf-wpengine.netdna-ssl.com/wp-content/themes/ecustom18/fonts/ Frame FA13 7 KB
2 KB 69ms
19ms Stylesheet
text/css 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://1dx1ha2o9633412a0g3rw4xf-wpengine.netdna-ssl.com/wp-content/themes/ecustom18/fonts/et-line.css?v=1
Requested by: Host: ecornell.cornell.edu
URL: https://ecornell.cornell.edu/hidden-pages/header-only/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: d3a89674515cfd7bb2b0a5239e0bd9a6bce5e17c9e72a49e40555f2f701e59ff

Request headers

Referer: https://ecornell.cornell.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:19:27 GMT
content-encoding: gzip
last-modified: Thu, 11 Mar 2021 18:07:35 GMT
server: NetDNA-cache/2.2
etag: W/"604a5c67-1b83"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 css
fonts.googleapis.com/ Frame FA13 20 KB
964 B 18ms
16ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:300,300i,400,400i,500,500i,600,600i,700,700i,800,800i&display=swap

Requested by

Host: ecornell.cornell.edu
URL: https://ecornell.cornell.edu/hidden-pages/header-only/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

34a1054be2a1f92c8a414c94cdea2e1aec057e752b87ac05e560088d4178903f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ecornell.cornell.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 19 Aug 2021 12:19:27 GMT
server: ESF
date: Thu, 19 Aug 2021 12:19:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 19 Aug 2021 12:19:27 GMT

GET
H2 200 bootstrap.min.css
1dx1ha2o9633412a0g3rw4xf-wpengine.netdna-ssl.com/wp-content/themes/ecustom18/css/ Frame FA13 119 KB
20 KB 84ms
36ms Stylesheet
text/css 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://1dx1ha2o9633412a0g3rw4xf-wpengine.netdna-ssl.com/wp-content/themes/ecustom18/css/bootstrap.min.css?ver=1615486055
Requested by: Host: ecornell.cornell.edu
URL: https://ecornell.cornell.edu/hidden-pages/header-only/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 6abebf48f0ccb9f7eb60639e6c82d88e876c63da111b4cf374116237875ad3c9

Request headers

Referer: https://ecornell.cornell.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:19:27 GMT
content-encoding: gzip
last-modified: Thu, 11 Mar 2021 18:07:35 GMT
server: NetDNA-cache/2.2
etag: W/"604a5c67-1dcad"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 style.css
1dx1ha2o9633412a0g3rw4xf-wpengine.netdna-ssl.com/wp-content/themes/ecustom18/ Frame FA13 227 KB
40 KB 94ms
45ms Stylesheet
text/css 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://1dx1ha2o9633412a0g3rw4xf-wpengine.netdna-ssl.com/wp-content/themes/ecustom18/style.css?ver=1628188432
Requested by: Host: ecornell.cornell.edu
URL: https://ecornell.cornell.edu/hidden-pages/header-only/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 81c243f8c5aede82235edcda422c48be2e56360f90956a0e3634f1afdb9a5b24

Request headers

Referer: https://ecornell.cornell.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:19:27 GMT
content-encoding: gzip
last-modified: Thu, 05 Aug 2021 18:33:52 GMT
server: NetDNA-cache/2.2
etag: W/"610c2f10-38ae1"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 /
ecornell.cornell.edu/ Frame FA13 46 B
305 B 157ms
156ms Stylesheet
text/css 35.227.175.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ecornell.cornell.edu/?display_custom_css=css&ver=5.7.2
Requested by: Host: ecornell.cornell.edu
URL: https://ecornell.cornell.edu/hidden-pages/header-only/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.227.175.178 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 178.175.227.35.bc.googleusercontent.com
Software: nginx / WP Engine
Resource Hash: 53af4d508061afe6eb637e32afe9af87ac2d215a76c925ba4e54b16d1101ee6a

Request headers

Referer: https://ecornell.cornell.edu/hidden-pages/header-only/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 12:19:27 GMT
content-encoding: br
x-cacheable: SHORT
server: nginx
x-powered-by: WP Engine
vary: Accept-Encoding, Accept-Encoding,Cookie
x-cache: HIT: 19
content-type: text/css;charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: max-age=600, must-revalidate
x-cache-group: normal

GET
H2 200 jquery.min.js Show response
1dx1ha2o9633412a0g3rw4xf-wpengine.netdna-ssl.com/wp-includes/js/jquery/ Frame FA13 87 KB
31 KB 109ms
61ms Script
application/javascript 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://1dx1ha2o9633412a0g3rw4xf-wpengine.netdna-ssl.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by: Host: ecornell.cornell.edu
URL: https://ecornell.cornell.edu/hidden-pages/header-only/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

Referer: https://ecornell.cornell.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:19:27 GMT
content-encoding: gzip
last-modified: Wed, 07 Oct 2020 16:33:25 GMT
server: NetDNA-cache/2.2
etag: W/"5f7dedd5-15d98"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery-migrate.min.js Show response
1dx1ha2o9633412a0g3rw4xf-wpengine.netdna-ssl.com/wp-includes/js/jquery/ Frame FA13 11 KB
4 KB 104ms
56ms Script
application/javascript 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://1dx1ha2o9633412a0g3rw4xf-wpengine.netdna-ssl.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: ecornell.cornell.edu
URL: https://ecornell.cornell.edu/hidden-pages/header-only/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Referer: https://ecornell.cornell.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:19:27 GMT
content-encoding: gzip
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
server: NetDNA-cache/2.2
etag: W/"5fb4e3fe-2bd8"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery-cookie.min.js Show response
1dx1ha2o9633412a0g3rw4xf-wpengine.netdna-ssl.com/wp-content/themes/ecustom18/js/ Frame FA13 1 KB
842 B 103ms
55ms Script
application/javascript 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://1dx1ha2o9633412a0g3rw4xf-wpengine.netdna-ssl.com/wp-content/themes/ecustom18/js/jquery-cookie.min.js
Requested by: Host: ecornell.cornell.edu
URL: https://ecornell.cornell.edu/hidden-pages/header-only/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 708f001cc2044a716a0457aefbc76511873de57f172bef3ee3314e47aeb9ce7f

Request headers

Referer: https://ecornell.cornell.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:19:27 GMT
content-encoding: gzip
last-modified: Thu, 18 Oct 2018 18:19:49 GMT
server: NetDNA-cache/2.2
etag: W/"5bc8cec5-434"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 verification.js Show response
1dx1ha2o9633412a0g3rw4xf-wpengine.netdna-ssl.com/wp-content/plugins/google-site-verification-using-meta-tag// Frame FA13 416 B
521 B 103ms
56ms Script
application/javascript 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://1dx1ha2o9633412a0g3rw4xf-wpengine.netdna-ssl.com/wp-content/plugins/google-site-verification-using-meta-tag//verification.js?ver=5.7.2
Requested by: Host: ecornell.cornell.edu
URL: https://ecornell.cornell.edu/hidden-pages/header-only/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: db204cec7ecb38f2a6f90f483aec04ab48d3689c5ca79060e85cdf4457e6b48f

Request headers

Referer: https://ecornell.cornell.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:19:27 GMT
content-encoding: gzip
last-modified: Tue, 22 Oct 2019 17:54:35 GMT
server: NetDNA-cache/2.2
etag: W/"5daf425b-1a0"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 ec-logo-smaller.png
1dx1ha2o9633412a0g3rw4xf-wpengine.netdna-ssl.com/wp-content/themes/ecustom18/img/ Frame FA13 5 KB
6 KB 28ms
26ms Image
image/png 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1dx1ha2o9633412a0g3rw4xf-wpengine.netdna-ssl.com/wp-content/themes/ecustom18/img/ec-logo-smaller.png
Requested by: Host: ecornell.cornell.edu
URL: https://ecornell.cornell.edu/hidden-pages/header-only/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 9d9d4cfd236295e863249406af3912d242b7307a7d68c662a33bc8ae5e2c129c

Request headers

Referer: https://ecornell.cornell.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:19:27 GMT
last-modified: Thu, 18 Oct 2018 18:19:48 GMT
server: NetDNA-cache/2.2
etag: "5bc8cec4-1556"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 5462

GET
H2 200 ecornell-logo-red-shield-white-txt.svg
1dx1ha2o9633412a0g3rw4xf-wpengine.netdna-ssl.com/wp-content/themes/ecustom18/img/ Frame FA13 3 KB
1 KB 28ms
27ms Image
image/svg+xml 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1dx1ha2o9633412a0g3rw4xf-wpengine.netdna-ssl.com/wp-content/themes/ecustom18/img/ecornell-logo-red-shield-white-txt.svg
Requested by: Host: ecornell.cornell.edu
URL: https://ecornell.cornell.edu/hidden-pages/header-only/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 4dcc5d42623d1591d2b94fe75e609fe64d530e5f757889389650b46c50d1ddf1

Request headers

Referer: https://ecornell.cornell.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:19:27 GMT
content-encoding: gzip
last-modified: Thu, 18 Oct 2018 18:19:48 GMT
server: NetDNA-cache/2.2
etag: W/"5bc8cec4-a47"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 iframeResizer.contentWindow.js Show response
1dx1ha2o9633412a0g3rw4xf-wpengine.netdna-ssl.com/wp-content/themes/ecustom/js/ Frame FA13 11 KB
4 KB 20ms
19ms Script
application/javascript 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://1dx1ha2o9633412a0g3rw4xf-wpengine.netdna-ssl.com/wp-content/themes/ecustom/js/iframeResizer.contentWindow.js
Requested by: Host: ecornell.cornell.edu
URL: https://ecornell.cornell.edu/hidden-pages/header-only/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 5014e48f918de784dc70c9be98124f0f5a0996d085cf1f3cf5e751b58efa6b46

Request headers

Referer: https://ecornell.cornell.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:19:27 GMT
content-encoding: gzip
last-modified: Thu, 18 Oct 2018 18:19:48 GMT
server: NetDNA-cache/2.2
etag: W/"5bc8cec4-2c7e"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H3-29 200 api.js Show response
www.google.com/recaptcha/ Frame FA13 884 B
606 B 33ms
18ms Script
text/javascript 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LdfgkEaAAAAAN0sfvYVsx7y0_c6D8w8OKqeAaJJ&ver=3

Requested by

Host: ecornell.cornell.edu
URL: https://ecornell.cornell.edu/hidden-pages/header-only/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a69f5ca569fc91f3c7d799dfc3c72ad0fe5e9ea73dcfd0310cab309fcbeb05d7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ecornell.cornell.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:19:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 585
x-xss-protection: 1; mode=block
expires: Thu, 19 Aug 2021 12:19:27 GMT

GET
H2 200 iframeResizer.min.js Show response
1dx1ha2o9633412a0g3rw4xf-wpengine.netdna-ssl.com/wp-content/themes/ecustom18/js/ Frame FA13 5 KB
3 KB 19ms
19ms Script
application/javascript 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://1dx1ha2o9633412a0g3rw4xf-wpengine.netdna-ssl.com/wp-content/themes/ecustom18/js/iframeResizer.min.js
Requested by: Host: ecornell.cornell.edu
URL: https://ecornell.cornell.edu/hidden-pages/header-only/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: c1af8c44f5ad3a31f5b38de1c08e0242477ae2a075ac33c85db01202f748676c

Request headers

Referer: https://ecornell.cornell.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:19:27 GMT
content-encoding: gzip
last-modified: Thu, 18 Oct 2018 18:19:49 GMT
server: NetDNA-cache/2.2
etag: W/"5bc8cec5-1595"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.resizestop.min.js Show response
1dx1ha2o9633412a0g3rw4xf-wpengine.netdna-ssl.com/wp-content/themes/ecustom18/js/ Frame FA13 706 B
568 B 21ms
19ms Script
application/javascript 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://1dx1ha2o9633412a0g3rw4xf-wpengine.netdna-ssl.com/wp-content/themes/ecustom18/js/jquery.resizestop.min.js?ver=1539886789
Requested by: Host: ecornell.cornell.edu
URL: https://ecornell.cornell.edu/hidden-pages/header-only/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: bc603de9e31be30f98f7b63bae24e21c10dd7169374768f53b357355ac3b79fd

Request headers

Referer: https://ecornell.cornell.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:19:27 GMT
content-encoding: gzip
last-modified: Thu, 18 Oct 2018 18:19:49 GMT
server: NetDNA-cache/2.2
etag: W/"5bc8cec5-2c2"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 bootstrap.min.js Show response
1dx1ha2o9633412a0g3rw4xf-wpengine.netdna-ssl.com/wp-content/themes/ecustom18/js/unpacked/ Frame FA13 35 KB
10 KB 23ms
20ms Script
application/javascript 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://1dx1ha2o9633412a0g3rw4xf-wpengine.netdna-ssl.com/wp-content/themes/ecustom18/js/unpacked/bootstrap.min.js
Requested by: Host: ecornell.cornell.edu
URL: https://ecornell.cornell.edu/hidden-pages/header-only/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: abec73fcadc5a8b680bf4174f9d36b5b0ca3da327d32e29816b16d8f1f2ff497

Request headers

Referer: https://ecornell.cornell.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:19:27 GMT
content-encoding: gzip
last-modified: Thu, 18 Oct 2018 18:19:49 GMT
server: NetDNA-cache/2.2
etag: W/"5bc8cec5-8c73"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 ecustom18.min.js Show response
1dx1ha2o9633412a0g3rw4xf-wpengine.netdna-ssl.com/wp-content/themes/ecustom18/js/ Frame FA13 48 KB
14 KB 25ms
23ms Script
application/javascript 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://1dx1ha2o9633412a0g3rw4xf-wpengine.netdna-ssl.com/wp-content/themes/ecustom18/js/ecustom18.min.js?ver=1628178994
Requested by: Host: ecornell.cornell.edu
URL: https://ecornell.cornell.edu/hidden-pages/header-only/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: ffc1a75e34bba25d6da29f187a320045713c7129439468b0509032a523b9d689

Request headers

Referer: https://ecornell.cornell.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:19:27 GMT
content-encoding: gzip
last-modified: Thu, 05 Aug 2021 15:56:34 GMT
server: NetDNA-cache/2.2
etag: W/"610c0a32-c0b9"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 ecustom18-form.min.js Show response
1dx1ha2o9633412a0g3rw4xf-wpengine.netdna-ssl.com/wp-content/themes/ecustom18/js/ Frame FA13 27 KB
9 KB 26ms
24ms Script
application/javascript 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://1dx1ha2o9633412a0g3rw4xf-wpengine.netdna-ssl.com/wp-content/themes/ecustom18/js/ecustom18-form.min.js?ver=1626963943
Requested by: Host: ecornell.cornell.edu
URL: https://ecornell.cornell.edu/hidden-pages/header-only/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: fc59766f808e6849d5b79bd5c895ab41bc15ee89ef55e0945f5a8fa80ccfea75

Request headers

Referer: https://ecornell.cornell.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:19:27 GMT
content-encoding: gzip
last-modified: Thu, 22 Jul 2021 14:25:43 GMT
server: NetDNA-cache/2.2
etag: W/"60f97fe7-6d8b"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 ecustom18-header.min.js Show response
1dx1ha2o9633412a0g3rw4xf-wpengine.netdna-ssl.com/wp-content/themes/ecustom18/js/ Frame FA13 7 KB
3 KB 27ms
25ms Script
application/javascript 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://1dx1ha2o9633412a0g3rw4xf-wpengine.netdna-ssl.com/wp-content/themes/ecustom18/js/ecustom18-header.min.js?ver=1628178994
Requested by: Host: ecornell.cornell.edu
URL: https://ecornell.cornell.edu/hidden-pages/header-only/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 3202d5d1c2ed3456868088052505733e3764b4d04b7a2efb1b3190a07ad57055

Request headers

Referer: https://ecornell.cornell.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:19:27 GMT
content-encoding: gzip
last-modified: Thu, 05 Aug 2021 15:56:34 GMT
server: NetDNA-cache/2.2
etag: W/"610c0a32-1aae"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.hoverIntent.js Show response
1dx1ha2o9633412a0g3rw4xf-wpengine.netdna-ssl.com/wp-content/themes/ecustom18/js/unpacked/ Frame FA13 7 KB
3 KB 27ms
25ms Script
application/javascript 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://1dx1ha2o9633412a0g3rw4xf-wpengine.netdna-ssl.com/wp-content/themes/ecustom18/js/unpacked/jquery.hoverIntent.js
Requested by: Host: ecornell.cornell.edu
URL: https://ecornell.cornell.edu/hidden-pages/header-only/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 7b3070fb9a342f6dd16891b9c6948b3327829243f4c525a3aca14f5b73924d62

Request headers

Referer: https://ecornell.cornell.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:19:27 GMT
content-encoding: gzip
last-modified: Thu, 18 Oct 2018 18:19:49 GMT
server: NetDNA-cache/2.2
etag: W/"5bc8cec5-1b08"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.animateNumber.min.js Show response
1dx1ha2o9633412a0g3rw4xf-wpengine.netdna-ssl.com/wp-content/themes/ecustom18/js/ Frame FA13 1 KB
970 B 27ms
26ms Script
application/javascript 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://1dx1ha2o9633412a0g3rw4xf-wpengine.netdna-ssl.com/wp-content/themes/ecustom18/js/jquery.animateNumber.min.js?ver=1539886789
Requested by: Host: ecornell.cornell.edu
URL: https://ecornell.cornell.edu/hidden-pages/header-only/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 0db751426827fe8188df25996c6b8816aa02038415c8d417adbd4a99df99c1d3

Request headers

Referer: https://ecornell.cornell.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:19:27 GMT
content-encoding: gzip
last-modified: Thu, 18 Oct 2018 18:19:49 GMT
server: NetDNA-cache/2.2
etag: W/"5bc8cec5-555"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 ecustom-embed.min.js Show response
1dx1ha2o9633412a0g3rw4xf-wpengine.netdna-ssl.com/wp-content/plugins/ecustom-embed/js/ Frame FA13 2 KB
1 KB 27ms
26ms Script
application/javascript 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://1dx1ha2o9633412a0g3rw4xf-wpengine.netdna-ssl.com/wp-content/plugins/ecustom-embed/js/ecustom-embed.min.js?ver=1615486055
Requested by: Host: ecornell.cornell.edu
URL: https://ecornell.cornell.edu/hidden-pages/header-only/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: fa27a8b50490688556abdb3ba39c6aadb25583fe76b53bcb7269ccfcebbe7c74

Request headers

Referer: https://ecornell.cornell.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:19:27 GMT
content-encoding: gzip
last-modified: Thu, 11 Mar 2021 18:07:35 GMT
server: NetDNA-cache/2.2
etag: W/"604a5c67-9d9"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 cse.js Show response
cse.google.com/ Frame FA13 10 KB
4 KB 75ms
54ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=006021230338483373297:bhgfgvz2m7w

Requested by

Host: ecornell.cornell.edu
URL: https://ecornell.cornell.edu/hidden-pages/header-only/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

3a517528a5ce33fe8694dc1a6dbc1af074bd38d02a646fefe33a915b07491114

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ecornell.cornell.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

bfcache-opt-in: unload
date: Thu, 19 Aug 2021 12:19:27 GMT
content-encoding: br
server: gws
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3508
x-xss-protection: 0
expires: Thu, 19 Aug 2021 12:19:27 GMT

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 128 KB
50 KB 37ms
22ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-X70KWPP3X8&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M89LQJ

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a930ab6f24e7e87ee93e9c862d2796013e79766ed8840ce6e349d7b1878e6914

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://auth-ex.ecornell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:19:27 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51364
x-xss-protection: 0
expires: Thu, 19 Aug 2021 12:19:27 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M89LQJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://auth-ex.ecornell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 3946
date: Thu, 19 Aug 2021 11:13:41 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Thu, 19 Aug 2021 13:13:41 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 21ms
6ms Script
application/x-javascript 2a02:26f0:6c00:2b0::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M89LQJ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b0::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Referer: https://auth-ex.ecornell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 12:19:27 GMT
Content-Encoding: gzip
Last-Modified: Fri, 13 Aug 2021 21:34:05 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=73670
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 22 KB
7 KB 80ms
26ms Script
application/javascript 151.101.13.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M89LQJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 7125a66456daa35dd3e3e8cca4b9523e05caf0b4fa5bd5874676e7c6db40f3aa

Request headers

Referer: https://auth-ex.ecornell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:19:27 GMT
via: 1.1 varnish, 1.1 varnish
last-modified: Wed, 14 Jul 2021 17:50:00 GMT
server: snooserv
etag: "912f60c72fda50b2f21068c65115175d"
vary: Accept-Encoding,Origin
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-encoding: gzip
content-length: 7018

GET
H2 200 bat.js Show response
bat.bing.com/ 30 KB
9 KB 28ms
28ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M89LQJ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5c1282fb121104f5a505ecbfd7194e64c98db6b830684450dcfc478021d05257

Request headers

Referer: https://auth-ex.ecornell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:19:27 GMT
content-encoding: gzip
last-modified: Wed, 28 Jul 2021 18:27:37 GMT
x-msedge-ref: Ref A: 118AF6F9DD5F4E8581963A58D4AB1256 Ref B: FRAEDGE1214 Ref C: 2021-08-19T12:19:27Z
etag: "80f2963dde83d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 9024

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 30ms
22ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1072640399

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M89LQJ

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bf52551b2bba8aca6aaff367aacd7669b86cf6c3ce084dfa72de1bf0288a1990

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://auth-ex.ecornell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:19:27 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39131
x-xss-protection: 0
last-modified: Thu, 19 Aug 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 19 Aug 2021 12:19:27 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
25 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: auth-ex.ecornell.com
URL: https://auth-ex.ecornell.com/cas/login?service=https%3A%2F%2Flms.ecornell.com%2Flogin%2Fcas

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

525f091870c1282bb4823f9e64192983f1652a3bbc84c97ca5e6c4f063ca6e82

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://auth-ex.ecornell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25940
x-xss-protection: 0
pragma: public
x-fb-debug: OKQ4ZpGwWBTgCAAQTPEjfDQwnsPR49MX9/EdT5zVurbtlLXRfAqtOFj3K37iubLlY555j19uiyMjyKPSKUDrlw==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
date: Thu, 19 Aug 2021 12:19:27 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 82ms
26ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: auth-ex.ecornell.com
URL: https://auth-ex.ecornell.com/cas/login?service=https%3A%2F%2Flms.ecornell.com%2Flogin%2Fcas
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a53ea60fbea6cb1775430998564d5f295aba7d3bfe548a0ba79aa2a049aba839

Request headers

Referer: https://auth-ex.ecornell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:19:27 GMT
via: 1.1 varnish
last-modified: Mon, 12 Jul 2021 21:25:31 GMT
age: 33170
etag: "65cf0c0ceb852397f0d1e6732cd3c533+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cache-control: no-cache
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 1958
x-timer: S1629375567.214919,VS0,VE0
x-served-by: cache-fra19138-FRA

GET
H2 200 qevents.js Show response
a.quora.com/ 39 KB
14 KB 82ms
26ms Script
text/plain 151.101.13.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://a.quora.com/qevents.js
Requested by: Host: auth-ex.ecornell.com
URL: https://auth-ex.ecornell.com/cas/login?service=https%3A%2F%2Flms.ecornell.com%2Flogin%2Fcas
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ef6de6beb1cf5bf809eccfe10f99aea0e0969c71d4eab5446410fef72695679f

Request headers

Referer: https://auth-ex.ecornell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: s3LlaOWABX1LUjiLldBNr49lVAylKDRo
content-encoding: gzip
etag: "f32ebb1e93a72c0a57add6d07f688510"
age: 1811
x-cache: HIT, HIT
content-length: 13681
x-amz-id-2: 6xbYffvHXdnIBa0SaCBCOe3DgBGmma7sFrL8QPxz1SBdOchuLrdetcOfgbbyjW9lJSOkI2BT2OE=
x-served-by: cache-bwi5152-BWI, cache-fra19154-FRA
last-modified: Fri, 25 Oct 2019 19:28:38 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1572031715/ctime:1572031714/gid:1000000/gname:employee/md5:f32ebb1e93a72c0a57add6d07f688510/mode:33188/mtime:1149709104/uid:1000332/uname:tzhou
x-timer: S1629375567.217222,VS0,VE0
date: Thu, 19 Aug 2021 12:19:27 GMT
vary: Accept-Encoding
x-amz-request-id: RBXRMM3JR3SZAE77
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=7200
accept-ranges: bytes
content-type: text/plain
x-cache-hits: 1, 260

GET
H2 200 sdk.js Show response
analytics.tiktok.com/i18n/pixel/ 114 KB
34 KB 246ms
191ms Script
application/javascript 104.126.37.129
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BULBSG2I3U1KE4FJ73T0
Requested by: Host: auth-ex.ecornell.com
URL: https://auth-ex.ecornell.com/cas/login?service=https%3A%2F%2Flms.ecornell.com%2Flogin%2Fcas
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.129 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-129.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 419dc9736fa6ab24c297daa5758b292b91287bf9a8b02fecf1e07689683a2caf

Request headers

Referer: https://auth-ex.ecornell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-request-id: f0141b62
date: Thu, 19 Aug 2021 12:19:27 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a104-126-37-125.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
server-timing: inner; dur=4, cdn-cache; desc=MISS, edge; dur=2, origin; dur=163
content-length: 33948
pragma: no-cache
server: nginx
x-tt-logid: 2021081912192701024500211951101709
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 163,104.126.37.125
x-tt-trace-host: 01e95d52b153603439eed8386864c0f632590e02ef373285938bc9df1a96ba65b69942564814bc521c9ead35227aa9ae01a63828ebf9d523abb3ef42a0b5dcf66911948362fa44e6172152c8581d5d7825e7110394f6d593e09e5db61b4af63636
expires: Thu, 19 Aug 2021 12:19:27 GMT

GET
H2 200 ping.min.js Show response
cdn.pdst.fm/ 26 KB
6 KB 66ms
20ms Script
application/javascript 35.244.142.80
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pdst.fm/ping.min.js
Requested by: Host: auth-ex.ecornell.com
URL: https://auth-ex.ecornell.com/cas/login?service=https%3A%2F%2Flms.ecornell.com%2Flogin%2Fcas
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.142.80 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 80.142.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342

Request headers

Referer: https://auth-ex.ecornell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:03:06 GMT
content-encoding: gzip
age: 981
x-guploader-uploadid: ADPycdt-5va9oZXDgo0O-lCs4JsGROnVFdA-g1vM30HBw4IyJVikKteLURvNe_EANQNLpjiE7sqqrJt93Pip1dnBK6dXnobJ_g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 5774
last-modified: Fri, 28 May 2021 20:34:03 GMT
server: UploadServer
etag: "d001d1c9f5a942fa5524eeacb047e819"
vary: Accept-Encoding
x-goog-hash: crc32c=oKoi/w==, md5=0AHRyfWpQvpVJO6ssEfoGQ==
x-goog-generation: 1622234043862937
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 5774
accept-ranges: bytes
content-type: application/javascript;
expires: Thu, 19 Aug 2021 13:03:06 GMT

GET
H/1.1

200

rs
tags.w55c.net/
Redirect Chain

https://tags.w55c.net/rs?id=513bc8839ac54981a01285bca816cffb&t=homepage
https://tags.w55c.net/rs?sccid=24c1b636-2467-fe4b-c3c7-a386d6d0906c&scc=1&id=513bc8839ac54981a01285bca816cffb&t=homepage

42 B
699 B

27ms
27ms

Image
image/gif

54.93.179.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.w55c.net/rs?sccid=24c1b636-2467-fe4b-c3c7-a386d6d0906c&scc=1&id=513bc8839ac54981a01285bca816cffb&t=homepage

Requested by

Host: auth-ex.ecornell.com
URL: https://auth-ex.ecornell.com/cas/login?service=https%3A%2F%2Flms.ecornell.com%2Flogin%2Fcas

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.93.179.96 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-93-179-96.eu-central-1.compute.amazonaws.com

Software

Retargeting/v2.0.30-661-ga8ef792#rel-ec2-master i-08f8fc1eb6758b8c0@eu-central-1a@dxedge-app-eu-central-1-prod-asg /

Resource Hash

47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://auth-ex.ecornell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 12:19:26 GMT
Server: Retargeting/v2.0.30-661-ga8ef792#rel-ec2-master i-08f8fc1eb6758b8c0@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=604800; includeSubDomains
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 12:19:26 GMT
Server: Retargeting/v2.0.30-661-ga8ef792#rel-ec2-master i-07ed93884cf47b6e0@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=604800; includeSubDomains
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://tags.w55c.net/rs?sccid=24c1b636-2467-fe4b-c3c7-a386d6d0906c&scc=1&id=513bc8839ac54981a01285bca816cffb&t=homepage
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
882 B 6ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auth-ex.ecornell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 11:25:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 3233
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
expires: Thu, 19 Aug 2021 12:25:34 GMT

GET
H3-29 200 1564543307137132 Show response
connect.facebook.net/signals/config/ 436 KB
128 KB 61ms
61ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1564543307137132?v=2.9.44&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3bb8304136c4db7974fa713f50ed190d7c303cc4b8bbf621ac136f46381db6c9

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://auth-ex.ecornell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: ZXGmOooaAaIVpmgMPkBDL8jmohZHFrsEryr5+dFw+eOuht7PQU5PxMqbPbd8CJ54VT0BXjfwV3grFc6rLXl2cw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 19 Aug 2021 12:19:27 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
91 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-513073-3&cid=334009090.1629375567&jid=16584280&gjid=380976237&_gid=165149845.1629375567&_u=aSBCiAAjBAAAAE~&z=341268996

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://auth-ex.ecornell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 19 Aug 2021 12:19:27 GMT
content-type: text/plain
access-control-allow-origin: https://auth-ex.ecornell.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j92&a=1910700047&t=pageview&_s=1&dl=https%3A%2F%2Fauth-ex.ecornell.com%2Fcas%2Flogin%3Fservice%3Dhttps%253A%252F%252Flms.ecornell.com%252Flogin%252Fcas&ul=en-us&de=UTF-8&dt=eCornell%20%7C%20Log%20in&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=97568779.334009090.1629375567.1629375567.1629375567.1&_utmz=97568779.1629375567.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1629375567172&_u=aSBCiAAjB~&jid=16584280&gjid=380976237&cid=334009090.1629375567&tid=UA-513073-3&_gid=165149845.1629375567&gtm=2wg8g0M89LQJ&z=1338647823

Requested by

Host: auth-ex.ecornell.com
URL: https://auth-ex.ecornell.com/cas/login?service=https%3A%2F%2Flms.ecornell.com%2Flogin%2Fcas

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://auth-ex.ecornell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 09:38:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 9656
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5228&time=1629375567176&url=https%3A%2F%2Fauth-ex.ecornell.com%2Fcas%2Flogin%3Fservice%3Dhttps%253A%252F%252Flms.ecornell.com%252Flogin%252Fcas
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D5228%26time%3D1629375567176%26url%3Dhttps%253A%252F%252Fauth-ex.ecornell.com%252F...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5228&time=1629375567176&url=https%3A%2F%2Fauth-ex.ecornell.com%2Fcas%2Flogin%3Fservice%3Dhttps%253A%252F%252Flms.ecornell.com%252Flogin%252Fcas&li...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5228&time=1629375567176&url=https%3A%2F%2Fauth-ex.ecornell.com%2Fcas%2Flogin%3Fservice%3Dhttps%253A%252F%252Flms.ecornell.com%252Flogin%252Fcas&l...

0
155 B

383ms
185ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5228&time=1629375567176&url=https%3A%2F%2Fauth-ex.ecornell.com%2Fcas%2Flogin%3Fservice%3Dhttps%253A%252F%252Flms.ecornell.com%252Flogin%252Fcas&liSync=true&e_ipv6=AQIDK6HFTq1kZQAAAXteWhh7-o2fQwcaup44r-hxQZSvmNQN24B9wjdCUzhT77qTXBnsGGgP
Requested by: Host: auth-ex.ecornell.com
URL: https://auth-ex.ecornell.com/cas/login?service=https%3A%2F%2Flms.ecornell.com%2Flogin%2Fcas
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://auth-ex.ecornell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:19:28 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-proto: http/2
x-li-pop: prod-edc2
content-type: application/javascript
content-length: 0
x-li-uuid: orPxU3K0nBagWUoFYysAAA==

Redirect headers

date: Thu, 19 Aug 2021 12:19:27 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5228&time=1629375567176&url=https%3A%2F%2Fauth-ex.ecornell.com%2Fcas%2Flogin%3Fservice%3Dhttps%253A%252F%252Flms.ecornell.com%252Flogin%252Fcas&liSync=true&e_ipv6=AQIDK6HFTq1kZQAAAXteWhh7-o2fQwcaup44r-hxQZSvmNQN24B9wjdCUzhT77qTXBnsGGgP
x-li-proto: http/2
x-li-pop: prod-esv5
content-length: 0
x-li-uuid: cFb3PnK0nBZQfZhxQisAAA==

GET
H2 204 4039396.js Show response
bat.bing.com/p/action/ 0
92 B 33ms
31ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/4039396.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://auth-ex.ecornell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 19 Aug 2021 12:19:27 GMT
cache-control: private,max-age=86400
x-msedge-ref: Ref A: 7E5E5E29195643159BBB48A54505A17D Ref B: FRAEDGE1214 Ref C: 2021-08-19T12:19:27Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
93 B 28ms
28ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=4039396&tm=gtm002&Ver=2&mid=b038f1ff-3264-4d88-8766-077f0b7cf1d7&sid=b261584000e711ec8475a9752754ed4c&vid=b2618e0000e711ec860503b6032bbff7&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=eCornell%20%7C%20Log%20in&p=https%3A%2F%2Fauth-ex.ecornell.com%2Fcas%2Flogin%3Fservice%3Dhttps%253A%252F%252Flms.ecornell.com%252Flogin%252Fcas&r=&lt=2491&evt=pageLoad&msclkid=N&sv=1&rn=787928
Requested by: Host: auth-ex.ecornell.com
URL: https://auth-ex.ecornell.com/cas/login?service=https%3A%2F%2Flms.ecornell.com%2Flogin%2Fcas
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://auth-ex.ecornell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 19 Aug 2021 12:19:27 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 6642F2C7F458434A81F056B023479D71 Ref B: FRAEDGE1214 Ref C: 2021-08-19T12:19:27Z
x-cache: CONFIG_NOCACHE
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 31ms
30ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-513073-3&cid=334009090.1629375567&jid=16584280&_u=aSBCiAAjBAAAAE~&z=959482487

Requested by

Host: auth-ex.ecornell.com
URL: https://auth-ex.ecornell.com/cas/login?service=https%3A%2F%2Flms.ecornell.com%2Flogin%2Fcas

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auth-ex.ecornell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 12:19:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 30ms
29ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-513073-3&cid=334009090.1629375567&jid=16584280&_u=aSBCiAAjBAAAAE~&z=959482487

Requested by

Host: auth-ex.ecornell.com
URL: https://auth-ex.ecornell.com/cas/login?service=https%3A%2F%2Flms.ecornell.com%2Flogin%2Fcas

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auth-ex.ecornell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 12:19:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 204 collect
www.google-analytics.com/g/ 0
17 B 13ms
13ms Ping
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-X70KWPP3X8&gtm=2oe8g0&_p=1910700047&sr=1600x1200&ul=en-us&cid=334009090.1629375567&_s=1&dl=https%3A%2F%2Fauth-ex.ecornell.com%2Fcas%2Flogin%3Fservice%3Dhttps%253A%252F%252Flms.ecornell.com%252Flogin%252Fcas&dt=eCornell%20%7C%20Log%20in&sid=1629375567&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X70KWPP3X8&l=dataLayer&cx=c
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://auth-ex.ecornell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 12:19:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://auth-ex.ecornell.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 106ms
46ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1072640399

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

1c3bd00be556bf95f92a2ab1119b8b26544a1997ab0c09f86490bc32339ad32e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auth-ex.ecornell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:19:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13981
x-xss-protection: 0
server: cafe
etag: 6132654052448080839
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 19 Aug 2021 12:19:27 GMT

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
125 B 182ms
126ms Image
image/gif 151.101.13.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1629375567233&id=t2_57crh7il&event=PageVisit&m.itemCount=&m.value=&m.currency=&m.transactionId=&m.customEventName=&uuid=dcafb7e5-f93d-4ec5-963d-abfd1de2e0d1&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_a797b96e
Requested by: Host: auth-ex.ecornell.com
URL: https://auth-ex.ecornell.com/cas/login?service=https%3A%2F%2Flms.ecornell.com%2Flogin%2Fcas
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://auth-ex.ecornell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:19:27 GMT
via: 1.1 varnish
server: Varnish
accept-ranges: bytes
content-length: 42
retry-after: 0
content-type: image/gif

GET
H2 200 adsct
t.co/i/ 43 B
454 B 185ms
132ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.1&p_id=Twitter&p_user_id=0&txn_id=nxzq6&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fauth-ex.ecornell.com%2Fcas%2Flogin%3Fservice%3Dhttps%253A%252F%252Flms.ecornell.com%252Flogin%252Fcas

Requested by

Host: auth-ex.ecornell.com
URL: https://auth-ex.ecornell.com/cas/login?service=https%3A%2F%2Flms.ecornell.com%2Flogin%2Fcas

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://auth-ex.ecornell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:19:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Thu, 19 Aug 2021 12:19:27 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 42611b5046475f829acdcbd4500fac5f4229426662c76160413560501dade122
x-transaction: 087673a9e7e2536e
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1 200
OK pixel
q.quora.com/_/ad/38dbc5f3bef0495f9b60a514c5243560/ 43 B
419 B 413ms
104ms Image
image/gif 18.215.205.165
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.quora.com/_/ad/38dbc5f3bef0495f9b60a514c5243560/pixel?j=1&u=https%3A%2F%2Fauth-ex.ecornell.com%2Fcas%2Flogin%3Fservice%3Dhttps%253A%252F%252Flms.ecornell.com%252Flogin%252Fcas&tag=ViewContent&ts=1629375567284

Requested by

Host: auth-ex.ecornell.com
URL: https://auth-ex.ecornell.com/cas/login?service=https%3A%2F%2Flms.ecornell.com%2Flogin%2Fcas

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.215.205.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-215-205-165.compute-1.amazonaws.com

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://auth-ex.ecornell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 12:19:27 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Q-Stat: ,19a4cfb73e4917103574a03c998c1f96,10.0.0.101,16500,159.48.55.7,,109596506917,1,1629375567.643,0.002,,.,0,0,0.000,0.004,-,0,0,203,91,45,10,26847,,,,,,-,
Content-Type: image/gif

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 6ms
5ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1564543307137132&ev=PageView&dl=https%3A%2F%2Fauth-ex.ecornell.com%2Fcas%2Flogin%3Fservice%3Dhttps%253A%252F%252Flms.ecornell.com%252Flogin%252Fcas&rl=&if=false&ts=1629375567302&sw=1600&sh=1200&v=2.9.44&r=stable&ec=0&o=30&fbp=fb.1.1629375567301.326135299&it=1629375567170&coo=false&rqm=GET

Requested by

Host: auth-ex.ecornell.com
URL: https://auth-ex.ecornell.com/cas/login?service=https%3A%2F%2Flms.ecornell.com%2Flogin%2Fcas

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://auth-ex.ecornell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:19:27 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 19 Aug 2021 12:19:27 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v22/ Frame FA13 46 KB
46 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v22/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:300,300i,400,400i,500,500i,600,600i,700,700i,800,800i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ecornell.cornell.edu
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 01:45:28 GMT
x-content-type-options: nosniff
age: 210839
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47312
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 19:40:30 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 01:45:28 GMT

GET
H2 200 glyphicons-halflings-regular.woff2
1dx1ha2o9633412a0g3rw4xf-wpengine.netdna-ssl.com/wp-content/themes/ecustom18/fonts/ Frame FA13 18 KB
18 KB 66ms
24ms Font
font/woff2 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://1dx1ha2o9633412a0g3rw4xf-wpengine.netdna-ssl.com/wp-content/themes/ecustom18/fonts/glyphicons-halflings-regular.woff2
Requested by: Host: 1dx1ha2o9633412a0g3rw4xf-wpengine.netdna-ssl.com
URL: https://1dx1ha2o9633412a0g3rw4xf-wpengine.netdna-ssl.com/wp-content/themes/ecustom18/css/bootstrap.min.css?ver=1615486055
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

Origin: https://ecornell.cornell.edu
Referer: https://1dx1ha2o9633412a0g3rw4xf-wpengine.netdna-ssl.com/wp-content/themes/ecustom18/css/bootstrap.min.css?ver=1615486055
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:19:27 GMT
last-modified: Thu, 18 Oct 2018 18:19:48 GMT
server: NetDNA-cache/2.2
etag: "5bc8cec4-466c"
vary: Accept-Encoding
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 18028

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/ Frame FA13 340 KB
132 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LdfgkEaAAAAAN0sfvYVsx7y0_c6D8w8OKqeAaJJ&ver=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b168b017f9db602024341f3e4fce6b102b26e59a60f2ee8f6083b86f83e58c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ecornell.cornell.edu
Referer: https://ecornell.cornell.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:07:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 732
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135293
x-xss-protection: 0
last-modified: Mon, 16 Aug 2021 04:14:16 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Aug 2022 12:07:15 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1072640399/ 2 KB
2 KB 41ms
19ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1072640399/?random=1629375567355&cv=9&fst=1629375567355&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fauth-ex.ecornell.com%2Fcas%2Flogin%3Fservice%3Dhttps%253A%252F%252Flms.ecornell.com%252Flogin%252Fcas&tiba=eCornell%20%7C%20Log%20in&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7140ddc79755d8f643e44304e342b7bb177318e5ba8ce3554f1913750e09fc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auth-ex.ecornell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 12:19:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1065
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 5229 39 KB
20 KB 26ms
26ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdfgkEaAAAAAN0sfvYVsx7y0_c6D8w8OKqeAaJJ&co=aHR0cHM6Ly9lY29ybmVsbC5jb3JuZWxsLmVkdTo0NDM.&hl=en&v=Eyd0Dt8h04h7r-D86uAD1JP-&size=invisible&cb=e1po1dnbzt2c

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/recaptcha__en.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

208b3394a95db48853e5fec85bd85c1c28b9eb791bfa6c21b34a9f586d2f665a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qKy77dFDLyMB6LFRRsnRkw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LdfgkEaAAAAAN0sfvYVsx7y0_c6D8w8OKqeAaJJ&co=aHR0cHM6Ly9lY29ybmVsbC5jb3JuZWxsLmVkdTo0NDM.&hl=en&v=Eyd0Dt8h04h7r-D86uAD1JP-&size=invisible&cb=e1po1dnbzt2c
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ecornell.cornell.edu/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ecornell.cornell.edu/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 19 Aug 2021 12:19:27 GMT
content-security-policy: script-src 'report-sample' 'nonce-qKy77dFDLyMB6LFRRsnRkw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 20062
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 cse_element__en.js Show response
www.google.com/cse/static/element/b54a745638da8bbb/ Frame FA13 280 KB
92 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/b54a745638da8bbb/cse_element__en.js?usqp=CAI%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=006021230338483373297:bhgfgvz2m7w

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94fc1b6f57eaec5b66d02212a4a8c63fb22b3b46c2643d76c1b39edeea337b71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ecornell.cornell.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 15:13:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 162379
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 93992
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 17:07:08 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Aug 2022 15:13:08 GMT

GET
H3-29 200 default+en.css
www.google.com/cse/static/element/b54a745638da8bbb/ Frame FA13 41 KB
41 KB 8ms
8ms Stylesheet
text/css 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/b54a745638da8bbb/default+en.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=006021230338483373297:bhgfgvz2m7w

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c1355d27b14881a055e00a4a2afa4608b452c9780ac5c61e1b8f9fd55fa3e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ecornell.cornell.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 15:13:09 GMT
vary: Accept-Encoding
last-modified: Wed, 30 Jun 2021 17:07:08 GMT
server: sffe
x-content-type-options: nosniff
age: 162378
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41474
x-xss-protection: 0
expires: Wed, 17 Aug 2022 15:13:09 GMT

GET
H3-29 200 default.css
www.google.com/cse/static/style/look/v4/ Frame FA13 4 KB
1 KB 7ms
7ms Stylesheet
text/css 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=006021230338483373297:bhgfgvz2m7w

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ecornell.cornell.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:13:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 378
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1345
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Thu, 19 Aug 2021 13:03:09 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/1072640399/ 42 B
64 B 27ms
26ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1072640399/?random=1629375567355&cv=9&fst=1629374400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fauth-ex.ecornell.com%2Fcas%2Flogin%3Fservice%3Dhttps%253A%252F%252Flms.ecornell.com%252Flogin%252Fcas&tiba=eCornell%20%7C%20Log%20in&async=1&fmt=3&is_vtc=1&random=1087738369&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: auth-ex.ecornell.com
URL: https://auth-ex.ecornell.com/cas/login?service=https%3A%2F%2Flms.ecornell.com%2Flogin%2Fcas

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auth-ex.ecornell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 12:19:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/1072640399/ 42 B
64 B 33ms
18ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1072640399/?random=1629375567355&cv=9&fst=1629374400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fauth-ex.ecornell.com%2Fcas%2Flogin%3Fservice%3Dhttps%253A%252F%252Flms.ecornell.com%252Flogin%252Fcas&tiba=eCornell%20%7C%20Log%20in&async=1&fmt=3&is_vtc=1&random=1087738369&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: auth-ex.ecornell.com
URL: https://auth-ex.ecornell.com/cas/login?service=https%3A%2F%2Flms.ecornell.com%2Flogin%2Fcas

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auth-ex.ecornell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 12:19:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 identify.js Show response
analytics.tiktok.com/i18n/pixel/ 114 KB
31 KB 195ms
195ms Script
application/javascript 104.126.37.129
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BULBSG2I3U1KE4FJ73T0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.129 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-129.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: da556df4dc2e8a01fc001ae2a2446328a6615e19a40e9113a8718f0ac018d2c4

Request headers

Referer: https://auth-ex.ecornell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-request-id: 257d1f22.f0141e20
date: Thu, 19 Aug 2021 12:19:27 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-53-33-221.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a104-126-37-125.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-parent-response-time: 168,104.126.37.125
server-timing: cdn-cache; desc=MISS, edge; dur=161, origin; dur=7, inner; dur=0
pragma: no-cache
server: nginx
x-tt-logid: 20210819121927010245062192561018C1
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 8,23.53.33.221
x-tt-trace-host: 01e95d52b153603439eed8386864c0f6323065649a080b49897899eb1ba15bb6fb0dbfcd9e949de5645658b8b5a46033ee381d406eff95b9d67ed35cdbb317fbf66477016d2e313b19b7a95ccf8bf70634877efcd03d3e897f878790b5eb8ef0e049f3c807acc81a8444f50b6bbd57b536
expires: Thu, 19 Aug 2021 12:19:27 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 58 KB
20 KB 192ms
192ms Script
application/javascript 104.126.37.129
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=BULBSG2I3U1KE4FJ73T0&hostname=auth-ex.ecornell.com
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BULBSG2I3U1KE4FJ73T0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.129 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-129.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 3eec3dd9b274e89d905c3ecfd5e49e03abc3e86944670f89a01cd8c1614e33d5

Request headers

Referer: https://auth-ex.ecornell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-request-id: 904237ab.f0141e3c
date: Thu, 19 Aug 2021 12:19:27 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-61-0-114.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a104-126-37-125.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-parent-response-time: 163,104.126.37.125
server-timing: cdn-cache; desc=MISS, edge; dur=158, origin; dur=5, inner; dur=4
pragma: no-cache
server: nginx
x-tt-logid: 202108191219270102450371443A1036D4
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 5,23.61.0.114
x-tt-trace-host: 01e95d52b153603439eed8386864c0f6323065649a080b49897899eb1ba15bb6fbcecd633d8294bba7b274db994a0f77701fd475639a1bea33059f4c7772fbc531b72ed897e1801e2bc252c5a5ed612d1641a4b912eebe2a0f46bde9b6be38939aff169ba977ceff6604c072279618e623
expires: Thu, 19 Aug 2021 12:19:27 GMT

GET
H3-29 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/ Frame 5229 52 KB
52 KB 8ms
7ms Stylesheet
text/css 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdfgkEaAAAAAN0sfvYVsx7y0_c6D8w8OKqeAaJJ&co=aHR0cHM6Ly9lY29ybmVsbC5jb3JuZWxsLmVkdTo0NDM.&hl=en&v=Eyd0Dt8h04h7r-D86uAD1JP-&size=invisible&cb=e1po1dnbzt2c

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:07:17 GMT
vary: Accept-Encoding
last-modified: Mon, 16 Aug 2021 04:14:16 GMT
server: sffe
x-content-type-options: nosniff
age: 730
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52867
x-xss-protection: 0
expires: Fri, 19 Aug 2022 12:07:17 GMT

GET
H3-29 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/ Frame 5229 340 KB
132 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/recaptcha__en.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b168b017f9db602024341f3e4fce6b102b26e59a60f2ee8f6083b86f83e58c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:07:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 732
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135293
x-xss-protection: 0
last-modified: Mon, 16 Aug 2021 04:14:16 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Aug 2022 12:07:15 GMT

GET
H3-29 200 async-ads.js Show response
cse.google.com/adsense/search/ Frame FA13 148 KB
54 KB 46ms
22ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/b54a745638da8bbb/cse_element__en.js?usqp=CAI%3D

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d71adedaa4a29977425ee62df73db02e4a43b366ac2ff6c655a7a84e21e91cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ecornell.cornell.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:19:27 GMT
content-encoding: gzip
vary: Accept-Encoding
server: sffe
x-content-type-options: nosniff
etag: "4580259192011014937"
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Thu, 19 Aug 2021 12:19:27 GMT

GET
H3-29 200 branding.png
www.google.com/cse/static/images/1x/en/ Frame FA13 1 KB
1 KB 7ms
6ms Image
image/png 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/en/branding.png

Requested by

Host: ecornell.cornell.edu
URL: https://ecornell.cornell.edu/hidden-pages/header-only/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ecornell.cornell.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 00:33:56 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
age: 215131
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1372
x-xss-protection: 0
expires: Wed, 17 Aug 2022 00:33:56 GMT

GET
H2 204 generate_204
clients1.google.com/ Frame FA13 0
199 B 26ms
6ms Image
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clients1.google.com/generate_204
Requested by: Host: ecornell.cornell.edu
URL: https://ecornell.cornell.edu/hidden-pages/header-only/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ecornell.cornell.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:19:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3-29 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 5229 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/styles__ltr.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 00:00:30 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 217137
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
expires: Tue, 24 Aug 2021 00:00:30 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5229 15 KB
15 KB 21ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 21:27:21 GMT
x-content-type-options: nosniff
age: 226326
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Aug 2022 21:27:21 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5229 15 KB
15 KB 23ms
9ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 14:26:18 GMT
x-content-type-options: nosniff
age: 165189
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 14:26:18 GMT

GET
H3-29 200 webworker.js
www.google.com/recaptcha/api2/ Frame 5229 102 B
132 B 15ms
15ms Other
text/javascript 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=Eyd0Dt8h04h7r-D86uAD1JP-

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

718c7e416390d518d57d2da05f6957956b1b2e2a829522f3bcc6fa46972da72c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdfgkEaAAAAAN0sfvYVsx7y0_c6D8w8OKqeAaJJ&co=aHR0cHM6Ly9lY29ybmVsbC5jb3JuZWxsLmVkdTo0NDM.&hl=en&v=Eyd0Dt8h04h7r-D86uAD1JP-&size=invisible&cb=e1po1dnbzt2c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:19:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Thu, 19 Aug 2021 12:19:27 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
571 B 195ms
194ms Ping
application/octet-stream 104.126.37.129
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BULBSG2I3U1KE4FJ73T0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.129 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-129.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://auth-ex.ecornell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 12:19:27 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 202108191219270102450491834D100CE1
x-cache: TCP_MISS from a104-126-37-125.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 168,104.126.37.125
x-tt-trace-host: 01e95d52b153603439eed8386864c0f632590e02ef373285938bc9df1a96ba65b69942564814bc521c9ead35227aa9ae01e6fcdd65f01f20518e501f19158823f5cdc47808a0aa6f0aa518a6a3e1f603e4e8798d7c36affccf6081fc35b9cf112a
server-timing: inner; dur=16, cdn-cache; desc=MISS, edge; dur=1, origin; dur=168
x-akamai-request-id: f014209e
content-length: 0
expires: Thu, 19 Aug 2021 12:19:27 GMT

GET
H/1.1 200
OK pd.js Show response
pi.pardot.com/ 5 KB
2 KB 421ms
107ms Script
application/javascript 52.202.69.186
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pi.pardot.com/pd.js
Requested by: Host: auth-ex.ecornell.com
URL: https://auth-ex.ecornell.com/cas/login?service=https%3A%2F%2Flms.ecornell.com%2Flogin%2Fcas
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.202.69.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pi0-lba1-1-ue1.aws.pardot.com
Software: PardotServer /
Resource Hash: b7939e67e521a72f9344e54fe85a3edff247ac537235f178a522ae836dbf6820

Request headers

Referer: https://auth-ex.ecornell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 12:19:28 GMT
Content-Encoding: gzip
X-Pardot-Route: 4587f66dff94d6e76a668284fbf3dba1
X-Pardot-LB: 4208770abb36eec2b2f3a1c951758cc1
Last-Modified: Wed, 18 Aug 2021 05:18:02 GMT
Server: PardotServer
ETag: "14be-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Cache-Control: max-age=63072000
Accept-Ranges: bytes
Content-Length: 1923
Expires: Sat, 19 Aug 2023 12:19:28 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
659 B 185ms
132ms Script
application/javascript 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.1&p_id=Twitter&p_user_id=0&txn_id=nxzq6&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fauth-ex.ecornell.com%2Fcas%2Flogin%3Fservice%3Dhttps%253A%252F%252Flms.ecornell.com%252Flogin%252Fcas

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://auth-ex.ecornell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:19:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
pragma: no-cache
last-modified: Thu, 19 Aug 2021 12:19:28 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: da718cfb9c8182811ae2f58b192eb67515544429104dc911307098e2b3550ead
x-transaction: fb47bdfccb739348
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 index.html Show response
js.driftt.com/deploy/assets/ Frame 26CE 894 B
1 KB 186ms
186ms Document
text/html 13.224.96.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/deploy/assets/index.html

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1629375600000/rhfnkn45i93k.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-68.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

e9f97b1d4415726cdea152c1ce5b1d8227cfefdcf9b9b2bfb3c42a27c7da5f1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: js.driftt.com
:scheme: https
:path: /deploy/assets/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://auth-ex.ecornell.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://auth-ex.ecornell.com/

Response headers

content-type: text/html; charset=utf-8
content-length: 894
server: nginx
last-modified: Thu, 13 May 2021 20:09:30 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 19 Aug 2021 12:19:28 GMT
cache-control: max-age=10
etag: "fa8767e698e554d48c80d753829902ae"
x-cache: RefreshHit from cloudfront
via: 1.1 ebbd7f31e48ea8cf77f6021cdd92bf62.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: D5D2fxkmeBa2bcqK6p-OoB3GTXLVuHd0ez4c9V6LAUH5tfgEpatAVg==

GET
H2 200 normalize.min.css
cdnjs.cloudflare.com/ajax/libs/normalize/3.0.3/ Frame 26CE 2 KB
1 KB 13ms
11ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/normalize/3.0.3/normalize.min.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/deploy/assets/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fcef96bd3d8479bd51214ea2308b44862e719474c22c78361e02e6546156c96f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:19:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 818346
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 697
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:13:31 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f2b-78e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sXcjgHnTRjV9txNlMnfgxjasMJEckfDC0yVpvv99hc23X7Cn7F7hkcdzenMmisDXpE%2FuRXnI0GPg6MwLcwINd7hrAsspsPZuwqvAu94Zs7FWhHFJxZ5Kz4KZuAbv%2FKXn78NBSv%2B1rQQZlOqDfutW97pk"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 681354982e174a9e-FRA
expires: Tue, 09 Aug 2022 12:19:28 GMT

GET
H2 200 widget-14298e006416274e8960.css
js.driftt.com/deploy/assets/assets/ Frame 26CE 5 KB
2 KB 36ms
35ms Stylesheet
text/css 13.224.96.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/deploy/assets/assets/widget-14298e006416274e8960.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/deploy/assets/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-68.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

9f2a69efa5fabd2d3dfa461dbcf0f0db1f28d0113e14a4b8f93eeaea1b64c1ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/deploy/assets/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 20:09:31 GMT
content-encoding: gzip
age: 8438996
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 13 May 2021 20:05:17 GMT
server: nginx
etag: W/"4439f045419bf781a98dac4a8b2bed34"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
via: 1.1 ebbd7f31e48ea8cf77f6021cdd92bf62.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 8KisfB9_27jUC41ONp4FabzWrsOsRCNo1FmjLphWNUaycuddA2OAPQ==

GET
H2 200 moment-bc668f182c191fd3a5fb.js Show response
js.driftt.com/deploy/assets/assets/ Frame 26CE 239 KB
45 KB 40ms
39ms Script
application/javascript 13.224.96.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/deploy/assets/assets/moment-bc668f182c191fd3a5fb.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/deploy/assets/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-68.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

ba838ced35e039c490dbc9e5c0ad823fac224af21838b51d95fad0943587999d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/deploy/assets/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 20:09:31 GMT
content-encoding: gzip
age: 8438996
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 13 May 2021 20:05:11 GMT
server: nginx
etag: W/"bc668f182c191fd3a5fbebb90ec3b2d1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
via: 1.1 ebbd7f31e48ea8cf77f6021cdd92bf62.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: s8crP3OT3-_uH7PhpxjynWmqez2J6ts42zzV7zkWpIgxx8Dq-wb__A==

GET
H2 200 vendors-widget-95273037803d3675eb62.js Show response
js.driftt.com/deploy/assets/assets/ Frame 26CE 768 KB
213 KB 41ms
40ms Script
application/javascript 13.224.96.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/deploy/assets/assets/vendors-widget-95273037803d3675eb62.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/deploy/assets/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-68.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

5198183e8681db7a32ea39e4f6bf84de44773b9a9c094e9de1825fa198f010f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/deploy/assets/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 20:09:31 GMT
content-encoding: gzip
age: 8438996
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 13 May 2021 20:05:12 GMT
server: nginx
etag: W/"95273037803d3675eb6253beee720e6a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
via: 1.1 ebbd7f31e48ea8cf77f6021cdd92bf62.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 7JmVtyKVUGf6KwcDdqlYt8WVy5JgJyN1XfIZdbcyCHT5eRVGjvUYaQ==

GET
H2 200 widget-b071f5e36f00394c3510.js Show response
js.driftt.com/deploy/assets/assets/ Frame 26CE 321 KB
77 KB 41ms
40ms Script
application/javascript 13.224.96.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/deploy/assets/assets/widget-b071f5e36f00394c3510.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/deploy/assets/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-68.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

c310c0afa01a33bfc98ba5410897833f4f23656356f03d00454e245765b25daa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/deploy/assets/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 20:09:31 GMT
content-encoding: gzip
age: 8438996
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 13 May 2021 20:05:12 GMT
server: nginx
etag: W/"b071f5e36f00394c3510c50cad67882e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
via: 1.1 ebbd7f31e48ea8cf77f6021cdd92bf62.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Mvgncy8zkvJzVvezzJGs92a0AOZlc7Jr13ZmVvANo6CEtoZ3HxpIlg==

GET
H3-29 200 css
fonts.googleapis.com/ Frame 26CE 664 B
354 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/deploy/assets/assets/widget-14298e006416274e8960.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8f5705ee03667d1a28565f6dc84b7748bb9d7c4ded30c270354edd054b86b32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 19 Aug 2021 10:37:32 GMT
server: ESF
date: Thu, 19 Aug 2021 12:19:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 19 Aug 2021 12:19:28 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 26CE 2 KB
546 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/deploy/assets/assets/widget-14298e006416274e8960.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3a57826dd4437403ec9dffe3d8a907466926d7123e4a765ec724d79ae24e1d54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 19 Aug 2021 10:37:21 GMT
server: ESF
date: Thu, 19 Aug 2021 12:19:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 19 Aug 2021 12:19:28 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 26CE 2 KB
536 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/deploy/assets/assets/widget-14298e006416274e8960.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

99155f31d46dc469aa872ce824309fae9210fb9357f463b889d617b85b35eb61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 19 Aug 2021 10:37:09 GMT
server: ESF
date: Thu, 19 Aug 2021 12:19:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 19 Aug 2021 12:19:28 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 26CE 2 KB
568 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Slab

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/deploy/assets/assets/widget-14298e006416274e8960.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3344b9fdf206fd3f0f57e0cf12885efa76a4bbe38899900b4723d4dac0d1f876

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 19 Aug 2021 10:51:44 GMT
server: ESF
date: Thu, 19 Aug 2021 12:19:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 19 Aug 2021 12:19:28 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 26CE 689 B
360 B 22ms
21ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Overpass

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/deploy/assets/assets/widget-14298e006416274e8960.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

038d2d2743375c0535e80499008b21240e4ee44d3de5c586787f11adfae1db4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 19 Aug 2021 12:10:27 GMT
server: ESF
date: Thu, 19 Aug 2021 12:19:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 19 Aug 2021 12:19:28 GMT

GET
H2 206 52284660f7abf8538f64d3f7b857f505.mp3
js.driftt.com/deploy/assets/static/audio/ Frame 26CE 9 KB
9 KB 36ms
36ms Media
audio/mpeg 13.224.96.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/deploy/assets/static/audio/52284660f7abf8538f64d3f7b857f505.mp3

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/deploy/assets/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-68.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

8258504b69b8fd0eebb0227f90133f487dd42f8d92a4abcd463c2207fddb4c4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/deploy/assets/index.html
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 16 Jul 2021 13:59:14 GMT
via: 1.1 ebbd7f31e48ea8cf77f6021cdd92bf62.cloudfront.net (CloudFront)
age: 2931614
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
Content-Range: bytes 0-8852/8853
Content-Length: 8853
last-modified: Thu, 21 Nov 2019 18:59:33 GMT
server: nginx
etag: "52284660f7abf8538f64d3f7b857f505"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
content-type: audio/mpeg
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 5niEpUL1p4am80sZjs887sZGEuaBrYRicwcYVJMAgIsnzFSyoEQCSw==

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1564543307137132&ev=Microdata&dl=https%3A%2F%2Fauth-ex.ecornell.com%2Fcas%2Flogin%3Fservice%3Dhttps%253A%252F%252Flms.ecornell.com%252Flogin%252Fcas&rl=&if=false&ts=1629375568873&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22eCornell%20%7C%20Log%20in%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.44&r=stable&ec=1&o=30&fbp=fb.1.1629375567301.326135299&it=1629375567170&coo=false&es=automatic&tm=3&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://auth-ex.ecornell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:19:28 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Thu, 19 Aug 2021 12:19:28 GMT

GET
H2 200 rhfnkn45i93k.json Show response
embeds.driftcdn.com/embeds/ Frame 26CE 81 KB
16 KB 99ms
35ms Fetch
application/json 143.204.98.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embeds.driftcdn.com/embeds/rhfnkn45i93k.json
Requested by: Host: js.driftt.com
URL: https://js.driftt.com/deploy/assets/assets/widget-b071f5e36f00394c3510.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-9.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dbce3987d817189471534d39d713c1591de30dfe52b44d1afef7ecea93648e27

Request headers

Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:19:18 GMT
content-encoding: gzip
age: 11
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 19 Aug 2021 12:16:52 GMT
server: AmazonS3
etag: W/"b09977dbe52d41ba9a9f45c572bf6139"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront)
cache-control: public, max-age=30
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: e6_4mKJcM4jlEVWhdZhIH7tgGDeyi_bGUklTN-_NqDygh7NoWBf2aA==

GET
H/1.0 200
OK analytics Show response
pi.pardot.com/ 2 KB
2 KB 199ms
198ms Script
text/javascript 52.202.69.186
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=1568&account_id=45232&title=eCornell%20%7C%20Log%20in&url=https%3A%2F%2Fauth-ex.ecornell.com%2Fcas%2Flogin%3Fservice%3Dhttps%253A%252F%252Flms.ecornell.com%252Flogin%252Fcas&referrer=

Requested by

Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js

Protocol

HTTP/1.0

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.202.69.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

pi0-lba1-1-ue1.aws.pardot.com

Software

PardotServer /

Resource Hash

ab6ec082d7a0c3cf4df656e230d51cf619a526ffa9d0f6250908e6a512b7ed7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://auth-ex.ecornell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 12:19:28 GMT
Content-Encoding: gzip
X-Pardot-Route: d5a18e4517a9c8ba62b77de366a4cdb5
X-Pardot-LB: 4208770abb36eec2b2f3a1c951758cc1
X-Pardot-Rsp: 16/32/215
Vary: Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=31536000; includeSubDomains
P3p: CP="CAO DSP AND SO ON" policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Content-Length: 917
Server: PardotServer
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 react-intl-locale-data-en-e4a2cd2fad22c64af289.js Show response
js.driftt.com/deploy/assets/assets/ Frame 26CE 7 KB
2 KB 37ms
37ms Script
application/javascript 13.224.96.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/deploy/assets/assets/react-intl-locale-data-en-e4a2cd2fad22c64af289.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/deploy/assets/assets/widget-b071f5e36f00394c3510.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-68.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

7f701565ac3c6bf431f53e57db6a7a2a560ac4327d2bfc78ff07baab2874a58f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/deploy/assets/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 08:42:17 GMT
content-encoding: gzip
age: 2518632
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 13 May 2021 20:05:11 GMT
server: nginx
etag: W/"e4a2cd2fad22c64af289b87039f514f6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
via: 1.1 ebbd7f31e48ea8cf77f6021cdd92bf62.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: kEy5FYOWioCSNmtx75z0PFi1BRh9ISxXd5xVXBrn4m-yD6GqruLWlg==

GET
H2 200 drift-translations-en_US-ed6ffad389edc235895c.js Show response
js.driftt.com/deploy/assets/assets/ Frame 26CE 7 KB
3 KB 36ms
35ms Script
application/javascript 13.224.96.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/deploy/assets/assets/drift-translations-en_US-ed6ffad389edc235895c.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/deploy/assets/assets/widget-b071f5e36f00394c3510.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-68.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

fd1496b9bea1f38ee7fe0e706467daf150db1a032597760c2cee0122135a79a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/deploy/assets/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 09 Jun 2021 14:25:30 GMT
content-encoding: gzip
age: 6126839
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 13 May 2021 20:05:10 GMT
server: nginx
etag: W/"ed6ffad389edc235895ca0a5b2d09a1b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
via: 1.1 ebbd7f31e48ea8cf77f6021cdd92bf62.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Fjk6PwxhJ8f9QUz7NZfzoApyAJrXThUA79SERNmOOpb8MuEUZMcsiQ==

OPTIONS
H2 200 v2
customer.api.drift.com/geo/ Frame 0
0 337ms
107ms Preflight
text/plain 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://customer.api.drift.com/geo/v2

Protocol

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 19 Aug 2021 12:19:29 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: HEAD,GET,OPTIONS
requestid: drift8d38c0d4e67b3f80b40de8f431e
content-length: 18
x-envoy-upstream-service-time: 1
server: istio-envoy

OPTIONS
H2 200 init
metrics.api.drift.com/monitoring/metrics/widget/ Frame 0
0 330ms
107ms Preflight
text/plain 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init?version=1

Protocol

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 19 Aug 2021 12:19:29 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift823daa2445fa53b35b895b183c7
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy

POST
H2 200 token Show response
customer.api.drift.com/oauth/ Frame 26CE 1 KB
791 B 465ms
230ms Fetch
application/json 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://customer.api.drift.com/oauth/token

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/deploy/assets/assets/vendors-widget-95273037803d3675eb62.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

947bf11591cc7c00507e6053ea963d487a77dcaf5a5ef3dd630cf888e16a6ffc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 19 Aug 2021 12:19:29 GMT
content-encoding: gzip
server: istio-envoy
requestid: e13f9da0325fb132
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 123
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 722
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

GET
H2 200 v2 Show response
customer.api.drift.com/geo/ Frame 26CE 209 B
302 B 107ms
107ms Fetch
application/json 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://customer.api.drift.com/geo/v2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/deploy/assets/assets/vendors-widget-95273037803d3675eb62.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

fc49499fb68f2b93f6da720651f8867e8006b35d6bc7f041069704226f610224

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 19 Aug 2021 12:19:29 GMT
server: istio-envoy
requestid: 15416e14e24dcc34
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 209
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

POST
H2 200 init Show response
metrics.api.drift.com/monitoring/metrics/widget/ Frame 26CE 25 B
123 B 120ms
120ms XHR
application/json 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init?version=1

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/deploy/assets/assets/vendors-widget-95273037803d3675eb62.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 19 Aug 2021 12:19:29 GMT
server: istio-envoy
requestid: e7588debde999e3a
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 15
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 track
event.api.drift.com/ Frame 0
0 329ms
103ms Preflight
text/plain 54.172.114.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://event.api.drift.com/track

Protocol

Server

54.172.114.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-172-114-57.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 19 Aug 2021 12:19:29 GMT
content-type: text/plain
content-length: 13
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
allow: POST,OPTIONS
requestid: driftb5218f34f46b445be8a39f0b7e4

OPTIONS
H2 200 clearbit
targeting.api.drift.com/targeting/enrichment/ Frame 0
0 114ms
107ms Preflight
text/plain 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/targeting/enrichment/clearbit?orgId=1176912&endUserId=11029077048

Protocol

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 19 Aug 2021 12:19:29 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift67edc2846f9b8980236a2bd1054
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy

OPTIONS
H2 204 auth
1176912-12.chat.api.drift.com/api/ Frame 0
0 326ms
106ms Preflight 34.232.187.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://1176912-12.chat.api.drift.com/api/auth
Protocol: H2
Server: 34.232.187.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-187-200.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 19 Aug 2021 12:19:29 GMT
access-control-allow-credentials: true
access-control-allow-headers: origin,content-type,accept,authorization,auth-token
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 1728000
cache-control: max-age=0, private, must-revalidate
server: Cowboy
x-request-id: Fpy0crA1cdJrV1AbxxIC

OPTIONS
H2 200 v2
customer.api.drift.com/end_users/11029077048/memberships/ Frame 0
0 106ms
106ms Preflight
text/plain 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://customer.api.drift.com/end_users/11029077048/memberships/v2?orgId=1176912

Protocol

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 19 Aug 2021 12:19:29 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift8aca7964a4da2331dd38bca65cb
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy

OPTIONS
H2 200 v2
targeting.api.drift.com/hours/availability/combined/rhfnkn45i93k/ Frame 0
0 106ms
106ms Preflight
text/plain 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/hours/availability/combined/rhfnkn45i93k/v2

Protocol

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 19 Aug 2021 12:19:29 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: HEAD,GET,OPTIONS
requestid: drift87133064940b02cd63eeca15288
content-length: 18
x-envoy-upstream-service-time: 1
server: istio-envoy

OPTIONS
H/1.1 204
No Content auth
presence.api.drift.com/api/ Frame 0
0 420ms
104ms Preflight 54.173.95.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://presence.api.drift.com/api/auth
Protocol: HTTP/1.1
Server: 54.173.95.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-173-95-250.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin,content-type,accept,authorization,auth-token
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 1728000
cache-control: max-age=0, private, must-revalidate
date: Thu, 19 Aug 2021 12:19:29 GMT
server: Cowboy
x-request-id: Fpy0crZFO_G8kVOK38HM

POST
H2 200 track Show response
event.api.drift.com/ Frame 26CE 890 B
1 KB 104ms
104ms XHR
application/json 54.172.114.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://event.api.drift.com/track

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/deploy/assets/assets/vendors-widget-95273037803d3675eb62.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.172.114.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-172-114-57.compute-1.amazonaws.com

Software

Resource Hash

e54fc7ec78d32eafe358cc1e35a7c1ba76d38a3be6046bec66d77abfbb7bc4b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://js.driftt.com/
Authorization: bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxMTAyOTA3NzA0OCIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjExNzY5MTIiLCJleHAiOjE2NjA5MTE1NjksImlhdCI6MTYyOTM3NTU2OX0.-yBmbvPDBQiHGYvDQ39vv_hkAxRdwF41_IZDaTDQd91_uBKDwiH96SWZzuxgZSLXoHi81YiiiFyUFCebwX6J-Q
Content-Type: application/json

Response headers

date: Thu, 19 Aug 2021 12:19:29 GMT
requestid: a093bc2cfdd64f9a
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 890

POST
H2 200 clearbit Show response
targeting.api.drift.com/targeting/enrichment/ Frame 26CE 71 B
135 B 175ms
175ms XHR
application/json 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/targeting/enrichment/clearbit?orgId=1176912&endUserId=11029077048

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/deploy/assets/assets/vendors-widget-95273037803d3675eb62.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

b100c4143fd3e47e2ea7827d67d062f1903782f15c1f3bad8a754299ef2ef150

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://js.driftt.com/
Authorization: bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxMTAyOTA3NzA0OCIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjExNzY5MTIiLCJleHAiOjE2NjA5MTE1NjksImlhdCI6MTYyOTM3NTU2OX0.-yBmbvPDBQiHGYvDQ39vv_hkAxRdwF41_IZDaTDQd91_uBKDwiH96SWZzuxgZSLXoHi81YiiiFyUFCebwX6J-Q
Content-Type: application/json

Response headers

date: Thu, 19 Aug 2021 12:19:29 GMT
server: istio-envoy
requestid: 454ceebfa2b6d792
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 70
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 71
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

POST
H2 200 auth Show response
1176912-12.chat.api.drift.com/api/ Frame 26CE 338 B
572 B 106ms
106ms XHR
application/json 34.232.187.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://1176912-12.chat.api.drift.com/api/auth
Requested by: Host: js.driftt.com
URL: https://js.driftt.com/deploy/assets/assets/vendors-widget-95273037803d3675eb62.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.232.187.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-187-200.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 2177372c29f64c596780a90e5175da21466274a3687837cfd37d34e6db9eb0fa

Request headers

Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 19 Aug 2021 12:19:29 GMT
server: Cowboy
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 338
x-request-id: Fpy0craMdhvPsRAiZBzC

POST
H2 200 v2 Show response
customer.api.drift.com/end_users/11029077048/memberships/ Frame 26CE 2 B
65 B 171ms
171ms XHR
application/json 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://customer.api.drift.com/end_users/11029077048/memberships/v2?orgId=1176912

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/deploy/assets/assets/vendors-widget-95273037803d3675eb62.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://js.driftt.com/
Authorization: bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxMTAyOTA3NzA0OCIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjExNzY5MTIiLCJleHAiOjE2NjA5MTE1NjksImlhdCI6MTYyOTM3NTU2OX0.-yBmbvPDBQiHGYvDQ39vv_hkAxRdwF41_IZDaTDQd91_uBKDwiH96SWZzuxgZSLXoHi81YiiiFyUFCebwX6J-Q
Content-Type: application/json

Response headers

date: Thu, 19 Aug 2021 12:19:29 GMT
server: istio-envoy
requestid: 2e6f39b13068d9fe
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 66
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 2
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

GET
H2 200 v2 Show response
targeting.api.drift.com/hours/availability/combined/rhfnkn45i93k/ Frame 26CE 189 B
253 B 123ms
123ms XHR
application/json 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/hours/availability/combined/rhfnkn45i93k/v2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/deploy/assets/assets/vendors-widget-95273037803d3675eb62.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

deecce678edeb313830323f08293cead29218039333c8fcd916a279ed5e9455b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://js.driftt.com/
Authorization: bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxMTAyOTA3NzA0OCIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjExNzY5MTIiLCJleHAiOjE2NjA5MTE1NjksImlhdCI6MTYyOTM3NTU2OX0.-yBmbvPDBQiHGYvDQ39vv_hkAxRdwF41_IZDaTDQd91_uBKDwiH96SWZzuxgZSLXoHi81YiiiFyUFCebwX6J-Q
Content-Type: application/json

Response headers

date: Thu, 19 Aug 2021 12:19:29 GMT
server: istio-envoy
requestid: b3078f425bc1ee4b
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 17
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 189
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

POST
H/1.1 200
OK auth Show response
presence.api.drift.com/api/ Frame 26CE 357 B
690 B 104ms
104ms XHR
application/json 54.173.95.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://presence.api.drift.com/api/auth
Requested by: Host: js.driftt.com
URL: https://js.driftt.com/deploy/assets/assets/vendors-widget-95273037803d3675eb62.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.173.95.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-173-95-250.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 4e2513cda780a0c372df92a36bb8a63b6ac320135e196a11a22339ed168c9398

Request headers

Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 19 Aug 2021 12:19:29 GMT
server: Cowboy
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 357
x-request-id: Fpy0cryGuVmorKWK38IM

OPTIONS
H2 200 bulk_enroll
targeting.api.drift.com/targeting/evaluate-then/ Frame 0
0 106ms
105ms Preflight
text/plain 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/targeting/evaluate-then/bulk_enroll

Protocol

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 19 Aug 2021 12:19:30 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift015e00146038bc6c0f7cb1f5f8c
content-length: 13
x-envoy-upstream-service-time: 0
server: istio-envoy

POST
H2 200 bulk_enroll Show response
targeting.api.drift.com/targeting/evaluate-then/ Frame 26CE 130 B
195 B 349ms
349ms XHR
application/json 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/targeting/evaluate-then/bulk_enroll

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/deploy/assets/assets/vendors-widget-95273037803d3675eb62.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

3763563dd0e81f1ae6320f3f8a165d9269fe695380d0711a1a03cb954460ebca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://js.driftt.com/
Authorization: bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxMTAyOTA3NzA0OCIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjExNzY5MTIiLCJleHAiOjE2NjA5MTE1NjksImlhdCI6MTYyOTM3NTU2OX0.-yBmbvPDBQiHGYvDQ39vv_hkAxRdwF41_IZDaTDQd91_uBKDwiH96SWZzuxgZSLXoHi81YiiiFyUFCebwX6J-Q
Content-Type: application/json

Response headers

date: Thu, 19 Aug 2021 12:19:30 GMT
server: istio-envoy
requestid: ad1b87a612169d7f
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 194
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 130
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-513073-3&cid=334009090.1629375567&jid=1448643246&gjid=1169951763&_gid=165149845.1629375567&_u=aTBCiAAjBAAAAE~&z=1793061874

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://auth-ex.ecornell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 19 Aug 2021 12:19:31 GMT
content-type: text/plain
access-control-allow-origin: https://auth-ex.ecornell.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
193 B 6ms
6ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j92&a=1910700047&t=event&ni=1&_s=2&dl=https%3A%2F%2Fauth-ex.ecornell.com%2Fcas%2Flogin%3Fservice%3Dhttps%253A%252F%252Flms.ecornell.com%252Flogin%252Fcas&ul=en-us&de=UTF-8&dt=eCornell%20%7C%20Log%20in&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Drift%20Widget&ea=Playbook%20Fired&el=Playbook%20ID%3A%201073819&_utma=97568779.334009090.1629375567.1629375567.1629375567.1&_utmz=97568779.1629375567.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_u=aTBCiAAjBAAAAE~&jid=1448643246&gjid=1169951763&cid=334009090.1629375567&tid=UA-513073-3&_gid=165149845.1629375567&gtm=2wg8g0M89LQJ&z=333376736

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://auth-ex.ecornell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 10:24:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 6905
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 6ms
5ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j92&a=1910700047&t=event&ni=1&_s=3&dl=https%3A%2F%2Fauth-ex.ecornell.com%2Fcas%2Flogin%3Fservice%3Dhttps%253A%252F%252Flms.ecornell.com%252Flogin%252Fcas&ul=en-us&de=UTF-8&dt=eCornell%20%7C%20Log%20in&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Drift%20Widget&ea=Message%20Received&el=Playbook%20ID%3A%201073819&_utma=97568779.334009090.1629375567.1629375567.1629375567.1&_utmz=97568779.1629375567.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_u=aTBCiAAjBAAAAE~&jid=&gjid=&cid=334009090.1629375567&tid=UA-513073-3&_gid=165149845.1629375567&gtm=2wg8g0M89LQJ&z=193871760

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://auth-ex.ecornell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 10:24:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 6905
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 29ms
29ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-513073-3&cid=334009090.1629375567&jid=1448643246&_u=aTBCiAAjBAAAAE~&z=2062831786

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auth-ex.ecornell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 12:19:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 30ms
30ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-513073-3&cid=334009090.1629375567&jid=1448643246&_u=aTBCiAAjBAAAAE~&z=2062831786

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auth-ex.ecornell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 12:19:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vendors-AwayMessage-EmailCaptureSlider-LiveAudienceMessagePreview-MessageSlider-ProductAnnouncementS-231ed7db-1a770871f7d80a424023.js Show response
js.driftt.com/deploy/assets/assets/ Frame 26CE 18 KB
6 KB 37ms
37ms Script
application/javascript 13.224.96.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/deploy/assets/assets/vendors-AwayMessage-EmailCaptureSlider-LiveAudienceMessagePreview-MessageSlider-ProductAnnouncementS-231ed7db-1a770871f7d80a424023.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/deploy/assets/assets/widget-b071f5e36f00394c3510.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-68.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

fc7d54d52788d8c6db1d9aafdef809b9caacba189b7f6661184650cc708c9955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/deploy/assets/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 12:36:18 GMT
content-encoding: gzip
age: 3800593
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 13 May 2021 20:05:12 GMT
server: nginx
etag: W/"1a770871f7d80a424023c8ab5f8a4827"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
via: 1.1 ebbd7f31e48ea8cf77f6021cdd92bf62.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 7pZB4oWhilvqulJBOVR1PNZDL2cYgdcwoEa6dm5on6zz6izWAdFGag==

GET
H2 200 vendors-AwayMessage-LiveAudienceMessagePreview-MessageSlider-ProductAnnouncementSlider-ProductAnnoun-d624e438-122ca1091031b8f0c921.js Show response
js.driftt.com/deploy/assets/assets/ Frame 26CE 14 KB
5 KB 37ms
36ms Script
application/javascript 13.224.96.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/deploy/assets/assets/vendors-AwayMessage-LiveAudienceMessagePreview-MessageSlider-ProductAnnouncementSlider-ProductAnnoun-d624e438-122ca1091031b8f0c921.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/deploy/assets/assets/widget-b071f5e36f00394c3510.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-68.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

c0a2e49a0e79d9951b31edd141ebc6e366d0cb8b4720c3e108ff1f8d388f74ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/deploy/assets/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 20:09:41 GMT
content-encoding: gzip
age: 8438990
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 13 May 2021 20:05:12 GMT
server: nginx
etag: W/"122ca1091031b8f0c9211369b3c0a441"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
via: 1.1 ebbd7f31e48ea8cf77f6021cdd92bf62.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: B0O_K-IEAXDqUeUG8CTKoJNCDbJuncL7BsrYELo24PmHqrDxo7NdlA==

GET
H2 200 AwayMessage-LiveAudienceMessagePreview-MessageSlider-Minimized-ProductAnnouncementSlider-ProductAnno-9041cd50-11a22ef814d6312a3b30.css
js.driftt.com/deploy/assets/assets/ Frame 26CE 2 KB
2 KB 36ms
35ms Stylesheet
text/css 13.224.96.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/deploy/assets/assets/AwayMessage-LiveAudienceMessagePreview-MessageSlider-Minimized-ProductAnnouncementSlider-ProductAnno-9041cd50-11a22ef814d6312a3b30.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/deploy/assets/assets/widget-b071f5e36f00394c3510.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-68.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

2bff64e62b8c9b384971c6f1bac82fef49e5c40957e7281500e91fe7261db0e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/deploy/assets/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 20:09:41 GMT
content-encoding: gzip
age: 8438990
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 13 May 2021 20:05:15 GMT
server: nginx
etag: W/"53fbf91afa7794317370e42fff0b4f1d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
via: 1.1 ebbd7f31e48ea8cf77f6021cdd92bf62.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ynItIma28pICH0N2vIBksGNTXavX86qH_CkvZShj2W7upgCd9meB1A==

GET
H2 200 AwayMessage-LiveAudienceMessagePreview-MessageSlider-Minimized-ProductAnnouncementSlider-ProductAnno-9041cd50-86a2e6a0ffa11d28d7f9.js Show response
js.driftt.com/deploy/assets/assets/ Frame 26CE 27 KB
10 KB 37ms
36ms Script
application/javascript 13.224.96.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/deploy/assets/assets/AwayMessage-LiveAudienceMessagePreview-MessageSlider-Minimized-ProductAnnouncementSlider-ProductAnno-9041cd50-86a2e6a0ffa11d28d7f9.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/deploy/assets/assets/widget-b071f5e36f00394c3510.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-68.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

ee6e03f31ae3c821c10e01f94ec86e834adf172c9d54b760976d7eb33dce7a1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/deploy/assets/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 20:09:41 GMT
content-encoding: gzip
age: 8438990
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 13 May 2021 20:05:09 GMT
server: nginx
etag: W/"86a2e6a0ffa11d28d7f9d128cff4d104"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
via: 1.1 ebbd7f31e48ea8cf77f6021cdd92bf62.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: W9Zte-LDlaqzaSuEjsxaofP8lzTbZ885sl-bkyGUJuTOf73ZQ0yULg==

GET
H2 200 MessageSlider-a741ac1c4aaddecef322.css
js.driftt.com/deploy/assets/assets/ Frame 26CE 4 KB
2 KB 37ms
36ms Stylesheet
text/css 13.224.96.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/deploy/assets/assets/MessageSlider-a741ac1c4aaddecef322.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/deploy/assets/assets/widget-b071f5e36f00394c3510.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-68.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

8d785a96303735282967b9f97f1364d94163e8ff1e80ea6b2f95372142bb604f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/deploy/assets/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 20:09:41 GMT
content-encoding: gzip
age: 8438990
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 13 May 2021 20:05:15 GMT
server: nginx
etag: W/"0069e1ea5b8ca98b0ce75b0f81c6dce8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
via: 1.1 ebbd7f31e48ea8cf77f6021cdd92bf62.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: s14_mFfqFsUWsGKuJW07mk5-oN9QeR_ONpZZpOqcUliQ7d8OTpMbIg==

GET
H2 200 MessageSlider-f4af7dcfc6c335e17f33.js Show response
js.driftt.com/deploy/assets/assets/ Frame 26CE 15 KB
6 KB 37ms
36ms Script
application/javascript 13.224.96.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/deploy/assets/assets/MessageSlider-f4af7dcfc6c335e17f33.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/deploy/assets/assets/widget-b071f5e36f00394c3510.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-68.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

780a98b333cf6806396473769977fcd6e9e1153cc62f8f20130ec2bf6463cb31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/deploy/assets/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 16:52:21 GMT
content-encoding: gzip
age: 3526030
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 13 May 2021 20:05:09 GMT
server: nginx
etag: W/"f4af7dcfc6c335e17f33616f5e123419"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
via: 1.1 ebbd7f31e48ea8cf77f6021cdd92bf62.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: GrPnUYVQgO4LgDIEogo4iDmCjoPbK-4UKuAh28vkBAiHHbexRoMPiA==

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j92&a=1910700047&t=event&ni=1&_s=4&dl=https%3A%2F%2Fauth-ex.ecornell.com%2Fcas%2Flogin%3Fservice%3Dhttps%253A%252F%252Flms.ecornell.com%252Flogin%252Fcas&ul=en-us&de=UTF-8&dt=eCornell%20%7C%20Log%20in&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Drift%20Widget&ea=Message%20Received&el=Playbook%20ID%3A%201073819&_utma=97568779.334009090.1629375567.1629375567.1629375567.1&_utmz=97568779.1629375567.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_u=aTBCiAAjBAAAAE~&jid=&gjid=&cid=334009090.1629375567&tid=UA-513073-3&_gid=165149845.1629375567&gtm=2wg8g0M89LQJ&z=606235071

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://auth-ex.ecornell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 09:38:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 9660
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 widget
targeting.api.drift.com/impressions/ Frame 0
0 106ms
106ms Preflight
text/plain 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/impressions/widget

Protocol

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 19 Aug 2021 12:19:31 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift71407d8441ebb9b14902d824460
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy

GET
H2 200 https%3A%2F%2Fdriftt.imgix.net%2Fhttps%253A%252F%252Fs3.amazonaws.com%252Fcustomer-api-avatars-prod%252F1518993%252Fb44c6f5bc40eeaf285f95244ce34e8b93v9i655st768%3Ffit%3Dmax%26fm%3Dpng%26h%3D200%26w...
driftt.imgix.net/ Frame 26CE 17 KB
18 KB 23ms
8ms Image
image/png 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://driftt.imgix.net/https%3A%2F%2Fdriftt.imgix.net%2Fhttps%253A%252F%252Fs3.amazonaws.com%252Fcustomer-api-avatars-prod%252F1518993%252Fb44c6f5bc40eeaf285f95244ce34e8b93v9i655st768%3Ffit%3Dmax%26fm%3Dpng%26h%3D200%26w%3D200%26s%3D6cb3f3d2eb2b74306c14da99eece9203?fit=max&fm=png&h=200&w=200&s=0d91ed5be8345b44054dc0e4457f5b63

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/deploy/assets/index.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

411c82a251f8b568a1c5057a128a58f95d1f41c966b6c80c3a541c8cf7ec15ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:19:31 GMT
x-content-type-options: nosniff
fastly-restarts: 1
last-modified: Tue, 20 Jul 2021 15:54:17 GMT
server: imgix
age: 2579113
x-cache: MISS, HIT, HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=315360000
x-imgix-id: 9e9911cf56196bf991e0bc16738b3c9ce5f3eda5
accept-ranges: bytes
content-length: 17809
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10069-SJC, cache-sjc10061-SJC, cache-fra19170-FRA

POST
H2 204 widget Show response
targeting.api.drift.com/impressions/ Frame 26CE 0
36 B 115ms
115ms XHR
text/plain 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/impressions/widget

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/deploy/assets/assets/vendors-widget-95273037803d3675eb62.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://js.driftt.com/
Authorization: bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxMTAyOTA3NzA0OCIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjExNzY5MTIiLCJleHAiOjE2NjA5MTE1NjksImlhdCI6MTYyOTM3NTU2OX0.-yBmbvPDBQiHGYvDQ39vv_hkAxRdwF41_IZDaTDQd91_uBKDwiH96SWZzuxgZSLXoHi81YiiiFyUFCebwX6J-Q
Content-Type: application/json

Response headers

date: Thu, 19 Aug 2021 12:19:31 GMT
server: istio-envoy
requestid: cef22ce383fa2781
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 9
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

GET
H2 200 4a3c1161b81f906ccb7e41df6b548811.svg
js.driftt.com/deploy/assets/static/images/ Frame 26CE 311 B
928 B 34ms
34ms Image
image/svg+xml 13.224.96.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://js.driftt.com/deploy/assets/static/images/4a3c1161b81f906ccb7e41df6b548811.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-68.zrh50.r.cloudfront.net

Software

nginx /

Resource Hash

ac11a69407aeaac27f7c75939b4a14a5f58b380e3eacf4c4cddcc0973b52ae7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/deploy/assets/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 23:04:03 GMT
via: 1.1 ebbd7f31e48ea8cf77f6021cdd92bf62.cloudfront.net (CloudFront)
age: 7478128
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 311
last-modified: Thu, 21 Nov 2019 18:59:33 GMT
server: nginx
etag: "4a3c1161b81f906ccb7e41df6b548811"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: _ifimDCF40zhlExSdizvw_JDiB-aaxQYmKZhvWUFtpz_e3EC5S7pCg==

POST
H3-29 204 collect
www.google-analytics.com/g/ 0
17 B 13ms
13ms Ping
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-X70KWPP3X8&gtm=2oe8g0&_p=1910700047&sr=1600x1200&ul=en-us&cid=334009090.1629375567&_s=2&dl=https%3A%2F%2Fauth-ex.ecornell.com%2Fcas%2Flogin%3Fservice%3Dhttps%253A%252F%252Flms.ecornell.com%252Flogin%252Fcas&dt=eCornell%20%7C%20Log%20in&sid=1629375567&sct=1&seg=0&en=scroll&_et=1269&epn.percent_scrolled=90
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X70KWPP3X8&l=dataLayer&cx=c
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://auth-ex.ecornell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 12:19:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://auth-ex.ecornell.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 bulk Show response
metrics.api.drift.com/monitoring/metrics/add/ Frame 26CE 25 B
84 B 107ms
106ms XHR
application/json 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/add/bulk

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/deploy/assets/assets/vendors-widget-95273037803d3675eb62.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://js.driftt.com/
Authorization: bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxMTAyOTA3NzA0OCIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjExNzY5MTIiLCJleHAiOjE2NjA5MTE1NjksImlhdCI6MTYyOTM3NTU2OX0.-yBmbvPDBQiHGYvDQ39vv_hkAxRdwF41_IZDaTDQd91_uBKDwiH96SWZzuxgZSLXoHi81YiiiFyUFCebwX6J-Q
Content-Type: application/json

Response headers

date: Thu, 19 Aug 2021 12:19:34 GMT
server: istio-envoy
requestid: d89c3bac555c94d0
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

POST
H2 200 bulk Show response
metrics.api.drift.com/monitoring/metrics/event2/ Frame 26CE 25 B
88 B 126ms
125ms XHR
application/json 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/deploy/assets/assets/vendors-widget-95273037803d3675eb62.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 19 Aug 2021 12:19:34 GMT
server: istio-envoy
requestid: 92f205cbf47e097a
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 14
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 bulk
metrics.api.drift.com/monitoring/metrics/add/ Frame 0
0 106ms
105ms Preflight
text/plain 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/add/bulk

Protocol

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 19 Aug 2021 12:19:34 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift7fb0f914d61b91ec7634d5d9c68
content-length: 13
x-envoy-upstream-service-time: 0
server: istio-envoy

OPTIONS
H2 200 bulk
metrics.api.drift.com/monitoring/metrics/event2/ Frame 0
0 105ms
105ms Preflight
text/plain 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Protocol

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-218-138.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 19 Aug 2021 12:19:34 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift21cc5b243e0a0ccaa0d5b829542
content-length: 13
x-envoy-upstream-service-time: 0
server: istio-envoy

Verdicts & Comments Add Verdict or Comment

118 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ecornell.com/	1970-01-19 22:45:51	Name: _fbp Value: fb.1.1629375567301.326135299
.ecornell.com/	1970-01-19 22:45:51	Name: _rdt_uuid Value: 1629375567231.dcafb7e5-f93d-4ec5-963d-abfd1de2e0d1
auth-ex.ecornell.com/	1970-01-20 05:21:51	Name: __pdst Value: 7bb0efda053443668dd0adca5054c47d
.ecornell.com/	1970-01-20 14:07:27	Name: _ga Value: GA1.1.334009090.1629375567
.ecornell.com/	1970-01-20 14:07:27	Name: _ga_X70KWPP3X8 Value: GS1.1.1629375567.1.0.1629375567.0
.ecornell.com/	1970-01-20 05:57:51	Name: _uetvid Value: b2618e0000e711ec860503b6032bbff7
auth-ex.ecornell.com/	1970-01-20 14:07:27	Name: driftt_aid Value: 77f4258c-80bc-4fd0-95f3-9d3a0f3ad13b
.ecornell.com/	1970-01-20 00:59:03	Name: __utmz Value: 97568779.1629375567.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.ecornell.com/	1970-01-19 20:37:41	Name: _uetsid Value: b261584000e711ec8475a9752754ed4c
auth-ex.ecornell.com/	1970-01-19 20:36:15	Name: _dc_gtm_UA-513073-3 Value: 1
auth-ex.ecornell.com/	1970-01-19 20:36:17	Name: gtm-session-start Value: 1629375567044
auth-ex.ecornell.com/	1970-01-20 14:07:27	Name: _ga Value: GA1.1.334009090.1629375567
auth-ex.ecornell.com/	1970-01-19 20:37:41	Name: _gid Value: GA1.1.165149845.1629375567
.ecornell.com/	1970-01-19 20:36:16	Name: __utmt Value: 1
.ecornell.com/	1970-01-19 20:36:17	Name: __utmb Value: 97568779.1.10.1629375567
.ecornell.com/	1969-12-31 23:59:59	Name: __utmc Value: 97568779
.ecornell.com/	1970-01-19 22:45:51	Name: _gcl_au Value: 1.1.1364706340.1629375567
.ecornell.com/	1970-01-20 14:07:27	Name: __utma Value: 97568779.334009090.1629375567.1629375567.1629375567.1

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://ecornell.cornell.edu/wp-includes/js/jquery/jquery-migrate.min.js(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	log	URL: https://1dx1ha2o9633412a0g3rw4xf-wpengine.netdna-ssl.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	log	URL: https://js.driftt.com/deploy/assets/assets/vendors-widget-95273037803d3675eb62.js(Line 37) Message: Couldn't play sound [object DOMException]
console-api	log	URL: https://js.driftt.com/deploy/assets/assets/vendors-widget-95273037803d3675eb62.js(Line 37) Message: Couldn't play sound [object DOMException]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1176912-12.chat.api.drift.com
1dx1ha2o9633412a0g3rw4xf-wpengine.netdna-ssl.com
a.quora.com
alb.reddit.com
analytics.tiktok.com
analytics.twitter.com
auth-ex.ecornell.com
bat.bing.com
cdn.pdst.fm
cdnjs.cloudflare.com
clients1.google.com
connect.facebook.net
cse.google.com
customer.api.drift.com
driftt.imgix.net
ecornell.cornell.edu
embeds.driftcdn.com
event.api.drift.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js.driftt.com
lms.ecornell.com
metrics.api.drift.com
pi.pardot.com
presence.api.drift.com
px.ads.linkedin.com
px4.ads.linkedin.com
q.quora.com
snap.licdn.com
ssl.google-analytics.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
tags.w55c.net
targeting.api.drift.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.redditstatic.com
104.126.37.129
104.244.42.3
104.244.42.69
108.174.10.14
13.224.96.68
142.250.185.226
143.204.98.9
151.101.12.157
151.101.13.140
151.101.13.2
18.215.205.165
2606:4700::6810:135e
2620:119:50e1:101::6cae:b25
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:808::2008
2a00:1450:4001:808::200e
2a00:1450:4001:80e::200a
2a00:1450:4001:811::2003
2a00:1450:4001:812::2003
2a00:1450:4001:812::2004
2a00:1450:4001:828::2008
2a00:1450:4001:82b::200e
2a00:1450:4001:830::2002
2a00:1450:4001:830::200e
2a00:1450:400c:c04::9a
2a02:26f0:6c00:2b0::25ea
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:3::720
3.94.218.138
34.195.53.194
34.232.187.200
35.227.175.178
35.244.142.80
44.193.176.202
52.202.69.186
54.172.114.57
54.173.95.250
54.93.179.96
94.31.29.99
026e519666929c827321d13cf8838382b3fde3949b02826bf2cd109e2b565e51
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
038d2d2743375c0535e80499008b21240e4ee44d3de5c586787f11adfae1db4b
0db751426827fe8188df25996c6b8816aa02038415c8d417adbd4a99df99c1d3
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c3bd00be556bf95f92a2ab1119b8b26544a1997ab0c09f86490bc32339ad32e
208b3394a95db48853e5fec85bd85c1c28b9eb791bfa6c21b34a9f586d2f665a
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
2177372c29f64c596780a90e5175da21466274a3687837cfd37d34e6db9eb0fa
2243300b6d41bd4cdde47484d3966d5e774bf10cfdd7f2087ba922ce9c2dcd22
2bff64e62b8c9b384971c6f1bac82fef49e5c40957e7281500e91fe7261db0e1
31627ccce6c3ae231d30b612572b73f863ffff82ded429ece5c7e76104c82229
3202d5d1c2ed3456868088052505733e3764b4d04b7a2efb1b3190a07ad57055
331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16
3344b9fdf206fd3f0f57e0cf12885efa76a4bbe38899900b4723d4dac0d1f876
34a1054be2a1f92c8a414c94cdea2e1aec057e752b87ac05e560088d4178903f
3763563dd0e81f1ae6320f3f8a165d9269fe695380d0711a1a03cb954460ebca
3a517528a5ce33fe8694dc1a6dbc1af074bd38d02a646fefe33a915b07491114
3a57826dd4437403ec9dffe3d8a907466926d7123e4a765ec724d79ae24e1d54
3b168b017f9db602024341f3e4fce6b102b26e59a60f2ee8f6083b86f83e58c0
3bb8304136c4db7974fa713f50ed190d7c303cc4b8bbf621ac136f46381db6c9
3cbe9d2ad12faf05931bca711ad672ea2d2d58eb445b685d760c329c34330720
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eec3dd9b274e89d905c3ecfd5e49e03abc3e86944670f89a01cd8c1614e33d5
411c82a251f8b568a1c5057a128a58f95d1f41c966b6c80c3a541c8cf7ec15ee
419dc9736fa6ab24c297daa5758b292b91287bf9a8b02fecf1e07689683a2caf
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4c1355d27b14881a055e00a4a2afa4608b452c9780ac5c61e1b8f9fd55fa3e1e
4dcc5d42623d1591d2b94fe75e609fe64d530e5f757889389650b46c50d1ddf1
4e2513cda780a0c372df92a36bb8a63b6ac320135e196a11a22339ed168c9398
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5014e48f918de784dc70c9be98124f0f5a0996d085cf1f3cf5e751b58efa6b46
5198183e8681db7a32ea39e4f6bf84de44773b9a9c094e9de1825fa198f010f8
525f091870c1282bb4823f9e64192983f1652a3bbc84c97ca5e6c4f063ca6e82
53af4d508061afe6eb637e32afe9af87ac2d215a76c925ba4e54b16d1101ee6a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c1282fb121104f5a505ecbfd7194e64c98db6b830684450dcfc478021d05257
5e86db459ade943c9953d6b123e57e80bcb5ce5789037061aa58b8a7f266cb84
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
66ae94189c1c17d4ff52124314e35c5b4d688f550fe17c5c9dc04879eb6a8657
6abebf48f0ccb9f7eb60639e6c82d88e876c63da111b4cf374116237875ad3c9
708f001cc2044a716a0457aefbc76511873de57f172bef3ee3314e47aeb9ce7f
7125a66456daa35dd3e3e8cca4b9523e05caf0b4fa5bd5874676e7c6db40f3aa
718c7e416390d518d57d2da05f6957956b1b2e2a829522f3bcc6fa46972da72c
780a98b333cf6806396473769977fcd6e9e1153cc62f8f20130ec2bf6463cb31
7b3070fb9a342f6dd16891b9c6948b3327829243f4c525a3aca14f5b73924d62
7d71adedaa4a29977425ee62df73db02e4a43b366ac2ff6c655a7a84e21e91cf
7f701565ac3c6bf431f53e57db6a7a2a560ac4327d2bfc78ff07baab2874a58f
81c243f8c5aede82235edcda422c48be2e56360f90956a0e3634f1afdb9a5b24
8258504b69b8fd0eebb0227f90133f487dd42f8d92a4abcd463c2207fddb4c4d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88271cee0acbf789666a3545604a6394adff9d601c05ca2b7cfd99ca2aec4606
8c3010509fc7480b59413a90d69e9fafcb3d5aa202faf7862466f6bb8be1a335
8d785a96303735282967b9f97f1364d94163e8ff1e80ea6b2f95372142bb604f
8e5ec1fa6741485842777e6d31e4f5d8c9ed526a7e959cb7d3443fc4e21e174a
90a13d668cd5da19e925efed30d563805077ced48949dba1b9798e865dc9fb73
91cd7f618a639bd469004ba5db1994a0ae3ec53b902e4ef635b34125e7606fa3
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
947bf11591cc7c00507e6053ea963d487a77dcaf5a5ef3dd630cf888e16a6ffc
94fc1b6f57eaec5b66d02212a4a8c63fb22b3b46c2643d76c1b39edeea337b71
99155f31d46dc469aa872ce824309fae9210fb9357f463b889d617b85b35eb61
9d9d4cfd236295e863249406af3912d242b7307a7d68c662a33bc8ae5e2c129c
9f2a69efa5fabd2d3dfa461dbcf0f0db1f28d0113e14a4b8f93eeaea1b64c1ef
a53ea60fbea6cb1775430998564d5f295aba7d3bfe548a0ba79aa2a049aba839
a69f5ca569fc91f3c7d799dfc3c72ad0fe5e9ea73dcfd0310cab309fcbeb05d7
a930ab6f24e7e87ee93e9c862d2796013e79766ed8840ce6e349d7b1878e6914
ab6ec082d7a0c3cf4df656e230d51cf619a526ffa9d0f6250908e6a512b7ed7f
abec73fcadc5a8b680bf4174f9d36b5b0ca3da327d32e29816b16d8f1f2ff497
ac11a69407aeaac27f7c75939b4a14a5f58b380e3eacf4c4cddcc0973b52ae7d
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b100c4143fd3e47e2ea7827d67d062f1903782f15c1f3bad8a754299ef2ef150
b1b6b8e2202bb9128702e3912a597ea54ed8fcd174206aa238aceedf75bf8e5e
b7939e67e521a72f9344e54fe85a3edff247ac537235f178a522ae836dbf6820
ba838ced35e039c490dbc9e5c0ad823fac224af21838b51d95fad0943587999d
bc603de9e31be30f98f7b63bae24e21c10dd7169374768f53b357355ac3b79fd
bf52551b2bba8aca6aaff367aacd7669b86cf6c3ce084dfa72de1bf0288a1990
c0a2e49a0e79d9951b31edd141ebc6e366d0cb8b4720c3e108ff1f8d388f74ee
c1af8c44f5ad3a31f5b38de1c08e0242477ae2a075ac33c85db01202f748676c
c310c0afa01a33bfc98ba5410897833f4f23656356f03d00454e245765b25daa
cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342
d3a89674515cfd7bb2b0a5239e0bd9a6bce5e17c9e72a49e40555f2f701e59ff
d7140ddc79755d8f643e44304e342b7bb177318e5ba8ce3554f1913750e09fc4
da556df4dc2e8a01fc001ae2a2446328a6615e19a40e9113a8718f0ac018d2c4
db204cec7ecb38f2a6f90f483aec04ab48d3689c5ca79060e85cdf4457e6b48f
dbce3987d817189471534d39d713c1591de30dfe52b44d1afef7ecea93648e27
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
deecce678edeb313830323f08293cead29218039333c8fcd916a279ed5e9455b
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e54fc7ec78d32eafe358cc1e35a7c1ba76d38a3be6046bec66d77abfbb7bc4b2
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e9f97b1d4415726cdea152c1ce5b1d8227cfefdcf9b9b2bfb3c42a27c7da5f1a
ee6e03f31ae3c821c10e01f94ec86e834adf172c9d54b760976d7eb33dce7a1e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6de6beb1cf5bf809eccfe10f99aea0e0969c71d4eab5446410fef72695679f
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
f8f5705ee03667d1a28565f6dc84b7748bb9d7c4ded30c270354edd054b86b32
fa27a8b50490688556abdb3ba39c6aadb25583fe76b53bcb7269ccfcebbe7c74
fc49499fb68f2b93f6da720651f8867e8006b35d6bc7f041069704226f610224
fc59766f808e6849d5b79bd5c895ab41bc15ee89ef55e0945f5a8fa80ccfea75
fc7d54d52788d8c6db1d9aafdef809b9caacba189b7f6661184650cc708c9955
fcef96bd3d8479bd51214ea2308b44862e719474c22c78361e02e6546156c96f
fd1496b9bea1f38ee7fe0e706467daf150db1a032597760c2cee0122135a79a1
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3
ffc1a75e34bba25d6da29f187a320045713c7129439468b0509032a523b9d689

auth-ex.ecornell.com Open in urlscan Pro 44.193.176.202 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

154 Requests

100 %HTTPS

46 %IPv6

31 Domains

45 Subdomains

38 IPs

4 Countries

1967 kBTransfer

6012 kBSize

18 Cookies

1 Outgoing links

Page URL History

Redirected requests

154 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

auth-ex.ecornell.com Open in urlscan Pro
44.193.176.202 Public Scan

Screenshot
Live screenshot

Full Image

154
Requests

100 %
HTTPS

46 %
IPv6

31
Domains

45
Subdomains

38
IPs

4
Countries

1967 kB
Transfer

6012 kB
Size

18
Cookies

154 HTTP transactions
0 data transactions