urlscan.io logo urlscan.io
SecurityTrails logo

sso4-prod.te.com Open in urlscan Pro
198.175.155.72  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://url9041.novoed.com/ls/click?upn=W-2FdMoMzsuPCpNdlTC1umVjOf-2BkU5fDOJyETmrZ0jlHgsD92udERDycdCOXjIGUo0Y0-2Fi5LdDG5Y9I...
Effective URL: https://sso4-prod.te.com/adfs/ls/?SAMLRequest=fZExT8MwEIX%2FSjZPjhPTtNRqiiq6VCpLCwws6OocqqXEDr5LBP%2BeJAhRBjqe9N53796tCJq...
Submission: On May 16 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 2 countries across 11 domains to perform 34 HTTP transactions. The main IP is 198.175.155.72, located in United States and belongs to AS3585, US. The main domain is sso4-prod.te.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on October 22nd 2021. Valid for: a year.
This is the only time sso4-prod.te.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    167.89.118.83 (Las Vegas, United States)

ASN11377 (SENDGRID, US)
PTR: o16789118x83.outbound-mail.sendgrid.net
url9041.novoed.com
6    2406:da00:ff00::36eb:bdef (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
te.novoed.com
app.novoed.com
1    2606:50c0:8000::153 (United States)

ASN54113 (FASTLY, US)
www.webrtc-experiment.com
2    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
15    2600:9000:206f:3000:a:9eab:6140:21 (United States)

ASN16509 (AMAZON-02, US)
d2d6mu5qcvgbk5.cloudfront.net
1    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.recaptcha.net
1    2a04:4e42:200::282 (United States)

ASN54113 (FASTLY, US)
cdn.polyfill.io
1    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2600:9000:2057:7e00:1f:aa31:7740:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.pendo.io
1    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    35.188.42.15 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 15.42.188.35.bc.googleusercontent.com
sentry.io
1    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
4    198.175.155.72 (United States)

ASN3585 (AS3585, US)
sso4-prod.te.com
Apex Domain
Subdomains		 Transfer
15 cloudfront.net
d2d6mu5qcvgbk5.cloudfront.net
3 MB
7 novoed.com
url9041.novoed.com
te.novoed.com
app.novoed.com
12 KB
4 te.com
sso4-prod.te.com
185 KB
2 gstatic.com
fonts.gstatic.com
www.gstatic.com
189 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46
2 KB
1 sentry.io
sentry.io — Cisco Umbrella Rank: 307
403 B
1 pendo.io
cdn.pendo.io — Cisco Umbrella Rank: 1145
143 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
20 KB
1 polyfill.io
cdn.polyfill.io — Cisco Umbrella Rank: 2426
449 B
1 recaptcha.net
www.recaptcha.net — Cisco Umbrella Rank: 2068
970 B
1 webrtc-experiment.com
www.webrtc-experiment.com — Cisco Umbrella Rank: 131040
56 KB
34 11
Domain Requested by
15 d2d6mu5qcvgbk5.cloudfront.net te.novoed.com
d2d6mu5qcvgbk5.cloudfront.net
5 te.novoed.com d2d6mu5qcvgbk5.cloudfront.net
4 sso4-prod.te.com d2d6mu5qcvgbk5.cloudfront.net
sso4-prod.te.com
2 fonts.googleapis.com te.novoed.com
1 app.novoed.com 1 redirects
1 www.gstatic.com www.recaptcha.net
1 sentry.io d2d6mu5qcvgbk5.cloudfront.net
1 fonts.gstatic.com fonts.googleapis.com
1 cdn.pendo.io te.novoed.com
1 www.google-analytics.com te.novoed.com
1 cdn.polyfill.io te.novoed.com
1 www.recaptcha.net te.novoed.com
1 www.webrtc-experiment.com te.novoed.com
1 url9041.novoed.com 1 redirects
34 14

This site contains no links.

Subject Issuer Validity Valid
*.novoed.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-07 -
2023-03-10		 a year crt.sh
www.webrtc-experiment.com
R3		 2022-05-02 -
2022-07-31		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
misc.google.com
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh
polyfill.io
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-03-08 -
2023-04-09		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh
cdn.pendo.io
Amazon		 2021-08-29 -
2022-09-27		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh
sentry.io
DigiCert SHA2 Secure Server CA		 2020-06-02 -
2022-06-07		 2 years crt.sh
*.te.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-22 -
2022-11-22		 a year crt.sh

This page contains 1 frames:

Primary Page: https://sso4-prod.te.com/adfs/ls/?SAMLRequest=fZExT8MwEIX%2FSjZPjhPTtNRqiiq6VCpLCwws6OocqqXEDr5LBP%2BeJAhRBjqe9N53796tCJq6NZuOz%2F6A7x0SJxsijOyCvw%2BeugbjEWPvLD4d9qU4M7dklIK2TX3oA1apDY0aMQos3bUx9K7CWDLa4D1adr3jT5FsB7TzMHJ%2FKURhJgdLlTJOHKjeSNWkRLLbluI116Ct1oVcwuIkZ8sikye7XMhTlsNNVeAcittBStThzhOD51LoTGuZFTKfP%2BrMZLmZzV9E8oyRptU6zUTy0dSezBi6FF30JgA5Mh4aJMPWHDcPezMIDfxUcWlpr3uGczjYUIv1alSbKV1cXyuuQYYKGP5rb6UuSd%2FT36etvwA%3D&provider=teconnectivity&after_auth_path=https%3A%2F%2Fte.novoed.com%2F%23%21%2Finstitutions%2F528%2F&controller=saml&action=sso
Frame ID: 751860EAFAB1F3EC0EE8D28C8D2C9821
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Anmelden

Page URL History Show full URLs

  1. http://url9041.novoed.com/ls/click?upn=W-2FdMoMzsuPCpNdlTC1umVjOf-2BkU5fDOJyETmrZ0jlHgsD92udERDycdCOXj... HTTP 302
    https://te.novoed.com/ Page URL
  2. https://app.novoed.com/saml/sso?provider=teconnectivity&&after_auth_path=https%3A%2F%2Fte.novoed.co... HTTP 302
    https://sso4-prod.te.com/adfs/ls/?SAMLRequest=fZExT8MwEIX%2FSjZPjhPTtNRqiiq6VCpLCwws6OocqqXEDr5LBP%2B... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

34
Requests

100 %
HTTPS

77 %
IPv6

11
Domains

14
Subdomains

12
IPs

2
Countries

3707 kB
Transfer

16388 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://url9041.novoed.com/ls/click?upn=W-2FdMoMzsuPCpNdlTC1umVjOf-2BkU5fDOJyETmrZ0jlHgsD92udERDycdCOXjIGUo0Y0-2Fi5LdDG5Y9ICcTdrxCoA-3D-3Dc0Ml_bt206kTq46rCdo-2BIOGcxEZunZD4v3kNwsqYZsZ12V5vbwQTYVYgaGEOxLY9oVfSTFsJxk6sear6cRD4-2B6cQlPOloS9f5ImVmyUhieLhbVJpu-2FzXDEZ58nT88BQQPJQLf2CvuxIPG4kvqZggcm5sF6tTXUgZM7Hy2tZGC2czG7ky21WWASUkPYtnb40Mofr8Kww3-2BadM6zbzPy7vL-2Fx-2Fb5Q-3D-3D HTTP 302
    https://te.novoed.com/ Page URL
  2. https://app.novoed.com/saml/sso?provider=teconnectivity&&after_auth_path=https%3A%2F%2Fte.novoed.com%2F%23!%2Finstitutions%2F528%2F HTTP 302
    https://sso4-prod.te.com/adfs/ls/?SAMLRequest=fZExT8MwEIX%2FSjZPjhPTtNRqiiq6VCpLCwws6OocqqXEDr5LBP%2BeJAhRBjqe9N53796tCJq6NZuOz%2F6A7x0SJxsijOyCvw%2BeugbjEWPvLD4d9qU4M7dklIK2TX3oA1apDY0aMQos3bUx9K7CWDLa4D1adr3jT5FsB7TzMHJ%2FKURhJgdLlTJOHKjeSNWkRLLbluI116Ct1oVcwuIkZ8sikye7XMhTlsNNVeAcittBStThzhOD51LoTGuZFTKfP%2BrMZLmZzV9E8oyRptU6zUTy0dSezBi6FF30JgA5Mh4aJMPWHDcPezMIDfxUcWlpr3uGczjYUIv1alSbKV1cXyuuQYYKGP5rb6UuSd%2FT36etvwA%3D&provider=teconnectivity&after_auth_path=https%3A%2F%2Fte.novoed.com%2F%23%21%2Finstitutions%2F528%2F&controller=saml&action=sso Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://url9041.novoed.com/ls/click?upn=W-2FdMoMzsuPCpNdlTC1umVjOf-2BkU5fDOJyETmrZ0jlHgsD92udERDycdCOXjIGUo0Y0-2Fi5LdDG5Y9ICcTdrxCoA-3D-3Dc0Ml_bt206kTq46rCdo-2BIOGcxEZunZD4v3kNwsqYZsZ12V5vbwQTYVYgaGEOxLY9oVfSTFsJxk6sear6cRD4-2B6cQlPOloS9f5ImVmyUhieLhbVJpu-2FzXDEZ58nT88BQQPJQLf2CvuxIPG4kvqZggcm5sF6tTXUgZM7Hy2tZGC2czG7ky21WWASUkPYtnb40Mofr8Kww3-2BadM6zbzPy7vL-2Fx-2Fb5Q-3D-3D HTTP 302
  • https://te.novoed.com/

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
te.novoed.com/
Redirect Chain
  • http://url9041.novoed.com/ls/click?upn=W-2FdMoMzsuPCpNdlTC1umVjOf-2BkU5fDOJyETmrZ0jlHgsD92udERDycdCOXjIGUo0Y0-2Fi5LdDG5Y9ICcTdrxCoA-3D-3Dc0Ml_bt206kTq46rCdo-2BIOGcxEZunZD4v3kNwsqYZsZ12V5vbwQTYVYgaG...
  • https://te.novoed.com/
8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://te.novoed.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2406:da00:ff00::36eb:bdef Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache/2.4.53 (Amazon) OpenSSL/1.0.2k-fips Phusion_Passenger/6.0.7 / Phusion Passenger 6.0.7
Resource Hash
64b4942cad519831ccd88fa6d93c76ec6e23fe22608034025442aa59b929bfb1
Security Headers
Name Value
Strict-Transport-Security max-age=2678400; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, private, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Mon, 16 May 2022 20:01:44 GMT
ETag
W/"49ae806fed66c30e7a1571acffafc3cc"
Server
Apache/2.4.53 (Amazon) OpenSSL/1.0.2k-fips Phusion_Passenger/6.0.7
Status
200 OK
Strict-Transport-Security
max-age=2678400; preload
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Powered-By
Phusion Passenger 6.0.7
X-Request-Id
364b0d78-2409-405e-bf29-a12da9e661b2
X-Runtime
0.013646
X-XSS-Protection
1; mode=block
transfer-encoding
chunked

Redirect headers

Connection
keep-alive
Content-Length
65
Content-Type
text/html; charset=utf-8
Date
Mon, 16 May 2022 20:01:44 GMT
Location
https://te.novoed.com/#!/institutions/528/
Server
nginx
X-Robots-Tag
noindex, nofollow
EBML.js
www.webrtc-experiment.com/ 		238 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.webrtc-experiment.com/EBML.js
Requested by
Host: te.novoed.com
URL: https://te.novoed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8000::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
ec329368e705237001a90a1f83542015e01b8ed09a521e05caa412e0b82a802e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://te.novoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-fastly-request-id
e830f2fd77f41ecff6934827477ceb7f2680b07a
date
Mon, 16 May 2022 20:01:45 GMT
content-encoding
gzip
age
281
x-cache
HIT
content-length
56591
x-served-by
cache-fra19156-FRA
access-control-allow-origin
*
last-modified
Fri, 22 Apr 2022 13:14:04 GMT
server
GitHub.com
x-github-request-id
34FA:595D:3C008A:3D7B8D:627ADF58
x-timer
S1652731305.052042,VS0,VE1
etag
W/"6262aa1c-3b7b4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
expires
Tue, 10 May 2022 21:59:18 GMT
cache-control
max-age=600
accept-ranges
bytes
x-proxy-cache
HIT
x-cache-hits
1
css
fonts.googleapis.com/ 		10 KB
825 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,300,700
Requested by
Host: te.novoed.com
URL: https://te.novoed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
de9dd00383d82fc9c29d88a6718c69b6796228809256b07d8aae6a7b01d4e057
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://te.novoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 16 May 2022 19:38:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 16 May 2022 20:01:45 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 16 May 2022 20:01:45 GMT
css
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans+Condensed:300,700
Requested by
Host: te.novoed.com
URL: https://te.novoed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
05e383cc3c7312b5332e675ced11f8c7d5f7f1a3dfa672cf22b868b05bb5e6ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://te.novoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 16 May 2022 19:54:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 16 May 2022 20:01:45 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 16 May 2022 20:01:45 GMT
jwplayer.js
d2d6mu5qcvgbk5.cloudfront.net/assets/origamiprod/libs/jwplayer8115/ 		111 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2d6mu5qcvgbk5.cloudfront.net/assets/origamiprod/libs/jwplayer8115/jwplayer.js
Requested by
Host: te.novoed.com
URL: https://te.novoed.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:3000:a:9eab:6140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
be21cd566373694d28839dff155e6f100189e4cbbed0ee6e9bec2716cd9cd3f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://te.novoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
UK9rzr1mi0qiNHMGVhJazkYQV1.ubyRA
Content-Encoding
gzip
ETag
W/"4d83ce44eaebc2b539971852c6fc2af6"
Age
60031
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Sat, 09 Nov 2019 00:00:42 GMT
Server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:500/gname:ec2-user/uname:ec2-user/gid:500/mode:33204/mtime:1573257239/atime:1573257239/ctime:1573257485
Date
Mon, 16 May 2022 03:21:34 GMT
Vary
Accept-Encoding
Content-Type
text/javascript
Via
1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C1
X-Amz-Cf-Id
SQXho4_SSy-qAKsIqIFkjqV_aP8UQl2UzcmASd9i65YDUDw_UdJhGA==
api.js
www.recaptcha.net/recaptcha/ 		853 B
970 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/api.js
Requested by
Host: te.novoed.com
URL: https://te.novoed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://te.novoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 16 May 2022 20:01:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
557
x-xss-protection
1; mode=block
expires
Mon, 16 May 2022 20:01:45 GMT
polyfill.min.js
cdn.polyfill.io/v2/ 		222 B
449 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.polyfill.io/v2/polyfill.min.js?features=Promise
Requested by
Host: te.novoed.com
URL: https://te.novoed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://te.novoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 16 May 2022 20:01:45 GMT
content-encoding
br
last-modified
Mon, 11 Apr 2022 21:36:08 GMT
age
0
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
useragent_normaliser
chrome/101.0.0
server-timing
cache-hhn4082, PASS, fastly;desc="Edge time";dur=13
accept-ranges
bytes
content-length
126
preview.css
d2d6mu5qcvgbk5.cloudfront.net/assets/origamiprod/libs/preview240/ 		46 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2d6mu5qcvgbk5.cloudfront.net/assets/origamiprod/libs/preview240/preview.css
Requested by
Host: te.novoed.com
URL: https://te.novoed.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:3000:a:9eab:6140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
90ce8347a0dc7683589ff557824b7b7244a45960ea855f56b83ab350adc9c70e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://te.novoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
qqcQ.ohaYE94dj5EHKAOULKmoO4Ps4py
Content-Encoding
gzip
ETag
W/"4b18a5466bde326e9ee585c76f53ac91"
Age
69844
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Thu, 07 May 2020 22:18:25 GMT
Server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:500/gname:ec2-user/uname:ec2-user/gid:500/mode:33204/mtime:1588889428/atime:1588889428/ctime:1588889642
Date
Mon, 16 May 2022 00:38:02 GMT
Vary
Accept-Encoding
Content-Type
text/css
Via
1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C1
X-Amz-Cf-Id
9HlzwsM7Cm0Bk8bBVZvAP64_DNMhKb9346xWD0-R9mteqApMpXg5_A==
preview_controls.css
d2d6mu5qcvgbk5.cloudfront.net/assets/origamiprod/libs/preview240/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2d6mu5qcvgbk5.cloudfront.net/assets/origamiprod/libs/preview240/preview_controls.css
Requested by
Host: te.novoed.com
URL: https://te.novoed.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:3000:a:9eab:6140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
11c390be332778760b2f69affe1a8543f5319db2b60f65af19fc4e4903f4f857

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://te.novoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
ILkkbWMcy_w78f82hCjSCrXg7LE4A9sh
Content-Encoding
gzip
ETag
W/"b99b199529c6138cbd03320ed19e7707"
Age
47536
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Wed, 06 Oct 2021 22:02:32 GMT
Server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:500/gname:ec2-user/uname:ec2-user/gid:500/mode:33204/mtime:1633557281/atime:1633557281/ctime:1633557383
Date
Mon, 16 May 2022 06:49:30 GMT
Vary
Accept-Encoding
Content-Type
text/css
Via
1.1 f58d1aa3b3b084adbea41c7523e2047e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C1
X-Amz-Cf-Id
dR4HOBCRT5mG8JOaxLsmwW4BuGjSLWC_aEPNwsnYkH0NdzMzAfVFJg==
preview.js
d2d6mu5qcvgbk5.cloudfront.net/assets/origamiprod/libs/preview240/ 		511 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2d6mu5qcvgbk5.cloudfront.net/assets/origamiprod/libs/preview240/preview.js
Requested by
Host: te.novoed.com
URL: https://te.novoed.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:3000:a:9eab:6140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
583427f8197527cba3c0b9d9ebe3376ab36f29b33143e1ffea7e7c9dd9998f77

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://te.novoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
8Jklfkm5Yi0RwZOj8XUrpTGN6h1hXsI0
Content-Encoding
gzip
ETag
W/"86adcab58767d08d03acea5e7685fb96"
Age
64498
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Thu, 07 May 2020 22:18:26 GMT
Server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:500/gname:ec2-user/uname:ec2-user/gid:500/mode:33204/mtime:1588889428/atime:1588889428/ctime:1588889642
Date
Mon, 16 May 2022 02:07:49 GMT
Vary
Accept-Encoding
Content-Type
text/javascript
Via
1.1 f58d1aa3b3b084adbea41c7523e2047e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C1
X-Amz-Cf-Id
Vkw0tMcwD8824mxPUAUtxQ9NQmg3D7nMMO4q-JDBhvo5vOMFjBk6_A==
vendors~app~0edc17e28b6529fdfcb3.css
d2d6mu5qcvgbk5.cloudfront.net/assets/origamiprod/ 		27 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2d6mu5qcvgbk5.cloudfront.net/assets/origamiprod/vendors~app~0edc17e28b6529fdfcb3.css
Requested by
Host: te.novoed.com
URL: https://te.novoed.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:3000:a:9eab:6140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
92338c04b37f34373038e3d3ca77a79619356bceae716c46230f7adfdb3d3cbe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://te.novoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
GsDXPNp.e3EtrSdYcun_HPlXWCMIsRBR
Content-Encoding
gzip
ETag
W/"a9bdabd1dfe67891ab11971682d11f51"
Age
75865
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Tue, 10 May 2022 22:53:54 GMT
Server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:500/gname:ec2-user/uname:ec2-user/gid:500/mode:33204/mtime:1652223167/atime:1652223167/ctime:1652223167
Date
Sun, 15 May 2022 23:02:16 GMT
Vary
Accept-Encoding
Content-Type
text/css
Via
1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C1
X-Amz-Cf-Id
90-GyFHbF8MZiCzSVmF-TgIyJJygiixnOHHHb0wKjuPa7KB0FfIZbg==
styles~app~cdda8e9f69275aa780c6.css
d2d6mu5qcvgbk5.cloudfront.net/assets/origamiprod/ 		1 MB
162 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2d6mu5qcvgbk5.cloudfront.net/assets/origamiprod/styles~app~cdda8e9f69275aa780c6.css
Requested by
Host: te.novoed.com
URL: https://te.novoed.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:3000:a:9eab:6140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3c847426aaaed00c251e9fe383be470753dbc8e7caa05a5ace3bb0b72d908cf3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://te.novoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
iLqfMet.cQf7SthnBOpmQMqYtVQrPn92
Content-Encoding
gzip
ETag
W/"804d4a8db9f04c37771fdf481dee49d8"
Age
80314
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Mon, 09 May 2022 21:38:53 GMT
Server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:500/gname:ec2-user/uname:ec2-user/gid:500/mode:33204/mtime:1652132262/atime:1652132262/ctime:1652132262
Date
Sun, 15 May 2022 21:43:12 GMT
Vary
Accept-Encoding
Content-Type
text/css
Via
1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C1
X-Amz-Cf-Id
iiNt-v3lySiBLRGx2DSLMHSJ6yGNfouGWfZzO97ynB3v3E7gYnESDg==
app~644ce5ea2f0c29345b3f.css
d2d6mu5qcvgbk5.cloudfront.net/assets/origamiprod/ 		421 KB
54 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2d6mu5qcvgbk5.cloudfront.net/assets/origamiprod/app~644ce5ea2f0c29345b3f.css
Requested by
Host: te.novoed.com
URL: https://te.novoed.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:3000:a:9eab:6140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c57e5e0321ee11c4d4f5d2788fb3c791af1924150a73aa8c688ccf78190aab41

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://te.novoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
X.l9MmfrbET8iPwDyISd4PYoAADRSsM1
Content-Encoding
gzip
ETag
W/"6214517c990045330aaec8847a9eacb1"
Age
61497
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Thu, 12 May 2022 21:33:38 GMT
Server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:500/gname:ec2-user/uname:ec2-user/gid:500/mode:33204/mtime:1652391152/atime:1652391152/ctime:1652391152
Date
Mon, 16 May 2022 02:56:49 GMT
Vary
Accept-Encoding
Content-Type
text/css
Via
1.1 9570c3a1725c20e6faed117bbb74223a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C1
X-Amz-Cf-Id
lrTNS9g_i9kMRXslxOfYTRUiPrLrQ4MqXydawu29xyCPdhqw2h9O3A==
runtime~app-e36f7a049b17e30537f2.js
d2d6mu5qcvgbk5.cloudfront.net/assets/origamiprod/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2d6mu5qcvgbk5.cloudfront.net/assets/origamiprod/runtime~app-e36f7a049b17e30537f2.js
Requested by
Host: te.novoed.com
URL: https://te.novoed.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:3000:a:9eab:6140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c687ef96fe0d5df4d0b47c658acd43a2655b9e05934df930c109b232ac0f42e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://te.novoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Mon, 16 May 2022 18:34:34 GMT
Content-Encoding
gzip
Age
5232
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Mon, 16 May 2022 18:31:14 GMT
Server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:500/gname:ec2-user/uname:ec2-user/gid:500/mode:33204/mtime:1652725808/atime:1652725808/ctime:1652725808
ETag
W/"09a16576f9d396b3bc2303e5525c80dc"
Vary
Accept-Encoding
x-amz-version-id
o2mXU7URXMmr2tP8WfnQZh73Fgiy4tBI
Via
1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C1
Content-Type
text/javascript
X-Amz-Cf-Id
7GhVhpAOPHO3ConoThamk3oVXJmwAvijz_xhGL2_T1T3xxTzWl1isg==
vendors~app-e36f7a049b17e30537f2.js
d2d6mu5qcvgbk5.cloudfront.net/assets/origamiprod/ 		4 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2d6mu5qcvgbk5.cloudfront.net/assets/origamiprod/vendors~app-e36f7a049b17e30537f2.js
Requested by
Host: te.novoed.com
URL: https://te.novoed.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:3000:a:9eab:6140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
237b52086085db996d31b8eb9a5171eb3ac0efba44c92131adfde0aeb853b6dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://te.novoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Mon, 16 May 2022 18:34:34 GMT
Content-Encoding
gzip
Age
5232
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Mon, 16 May 2022 18:31:14 GMT
Server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:500/gname:ec2-user/uname:ec2-user/gid:500/mode:33204/mtime:1652725808/atime:1652725808/ctime:1652725808
ETag
W/"a88e4294c2f6bc01dec1ba4f967af0ce"
Vary
Accept-Encoding
x-amz-version-id
VF2lPHocwX0oMScQLKf6yiPZj4LR8vGD
Via
1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C1
Content-Type
text/javascript
X-Amz-Cf-Id
uh0qn0Y5v1G_LAeXz2OURk_VnTx2CdSrLR1zUo7FqmnbzOJl90pqTA==
styles~app-e36f7a049b17e30537f2.js
d2d6mu5qcvgbk5.cloudfront.net/assets/origamiprod/ 		200 B
890 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d2d6mu5qcvgbk5.cloudfront.net/assets/origamiprod/styles~app-e36f7a049b17e30537f2.js
Requested by
Host: te.novoed.com
URL: https://te.novoed.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:3000:a:9eab:6140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e1f5a10c9c619b5ce86e30a56d940b5550088287e725aa43aac9556a4dc64beb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://te.novoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Mon, 16 May 2022 18:34:34 GMT
Via
1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
Age
5231
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
200
Last-Modified
Mon, 16 May 2022 18:31:14 GMT
Server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:500/gname:ec2-user/uname:ec2-user/gid:500/mode:33204/mtime:1652725808/atime:1652725808/ctime:1652725808
ETag
"02ed32baa19f0bc2dececd3ea2cc652a"
x-amz-version-id
MmsbDEx2qct0WmwWYh3Pk3FxqDC5ikid
X-Amz-Cf-Pop
FRA56-C1
Accept-Ranges
bytes
Content-Type
text/javascript
X-Amz-Cf-Id
sr5vroDe2TQvoVgnsDyynqV4pLi-Td55JhUJXk7iH1ohKfG95XtfFg==
app-e36f7a049b17e30537f2.js
d2d6mu5qcvgbk5.cloudfront.net/assets/origamiprod/ 		8 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2d6mu5qcvgbk5.cloudfront.net/assets/origamiprod/app-e36f7a049b17e30537f2.js
Requested by
Host: te.novoed.com
URL: https://te.novoed.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:3000:a:9eab:6140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
04afed055d3ac528b563f32c35046d96f4b37998a3b9fb3fefe6ad2c37049655

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://te.novoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Mon, 16 May 2022 18:34:35 GMT
Content-Encoding
gzip
Age
5231
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Mon, 16 May 2022 18:31:12 GMT
Server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:500/gname:ec2-user/uname:ec2-user/gid:500/mode:33204/mtime:1652725808/atime:1652725808/ctime:1652725808
ETag
W/"4040a0eb80f188a269a22f65b8d26f40"
Vary
Accept-Encoding
x-amz-version-id
UaBhvbVXSuP2sHiCMn0ssV4hzHeXGuvi
Via
1.1 9570c3a1725c20e6faed117bbb74223a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C1
Content-Type
text/javascript
X-Amz-Cf-Id
_4eMYebEdI9_HOPT5neBZ1sJI4We7x0aMZ8kkQpF2M4wLpdQktr4hQ==
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: te.novoed.com
URL: https://te.novoed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://te.novoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
6157
date
Mon, 16 May 2022 18:19:08 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 16 May 2022 20:19:08 GMT
pendo.js
cdn.pendo.io/agent/static/c4adf3df-54e7-41b1-72a2-bb6f390722c8/ 		460 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pendo.io/agent/static/c4adf3df-54e7-41b1-72a2-bb6f390722c8/pendo.js
Requested by
Host: te.novoed.com
URL: https://te.novoed.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7e00:1f:aa31:7740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
UploadServer /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://te.novoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Mon, 16 May 2022 20:01:45 GMT
Content-Encoding
gzip
Age
58
X-GUploader-UploadID
ADPycds9gUdUaOSnXIDqW9UPC47T8WoxxLAy-7P6AIiiBsokRHyOqlM21rDveyROtE_LufSJg0Bn_MELm2p0wpa33wGx5gnjmC6s
X-Cache
Hit from cloudfront
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
Connection
keep-alive
Content-Length
145019
Access-Control-Allow-Origin
*
Last-Modified
Mon, 16 May 2022 18:19:59 GMT
Server
UploadServer
ETag
"1d94db51f6a5e44184507b49605ed48e"
Vary
Accept-Encoding
x-goog-hash
crc32c=BqRdlg==, md5=HZTbUfal5EGEUHtJYF7Ujg==
x-goog-generation
1652725199420166
Via
1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
Access-Control-Expose-Headers
*
Cache-Control
max-age=450
x-goog-stored-content-length
145019
X-Amz-Cf-Pop
FRA6-C1
Accept-Ranges
bytes
Content-Type
application/javascript
X-Amz-Cf-Id
3tVNDvcD7QpVNvWjbjtLHE1WwRI1YnqYFT680btfcReTwzUy8_MdDA==
Expires
Mon, 16 May 2022 20:08:17 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,300,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://te.novoed.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 16 May 2022 12:16:38 GMT
x-content-type-options
nosniff
age
27907
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44800
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 16 May 2023 12:16:38 GMT
/
sentry.io/api/1761446/envelope/ 		2 B
403 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sentry.io/api/1761446/envelope/?sentry_key=93709601451a4655ae47cfbae439c664&sentry_version=7
Requested by
Host: d2d6mu5qcvgbk5.cloudfront.net
URL: https://d2d6mu5qcvgbk5.cloudfront.net/assets/origamiprod/vendors~app-e36f7a049b17e30537f2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.42.15 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
15.42.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://te.novoed.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 16 May 2022 20:01:46 GMT
vary
Origin
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
application/json
access-control-allow-origin
https://te.novoed.com
access-control-expose-headers
retry-after, x-sentry-rate-limits, x-sentry-error
x-envoy-upstream-service-time
0
Connection
keep-alive
Content-Length
2
en_US-312ace2e45.json
d2d6mu5qcvgbk5.cloudfront.net/assets/origamiprod/languages/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://d2d6mu5qcvgbk5.cloudfront.net/assets/origamiprod/languages/en_US-312ace2e45.json
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:3000:a:9eab:6140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
GET
Origin
https://te.novoed.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
x-requested-with
Access-Control-Allow-Methods
GET, POST, PUT
Access-Control-Allow-Origin
https://te.novoed.com
Access-Control-Max-Age
3000
Connection
keep-alive
Content-Length
0
Date
Mon, 16 May 2022 20:01:47 GMT
Server
AmazonS3
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Via
1.1 910fc18161f0602555cc5b6397ca26f2.cloudfront.net (CloudFront)
X-Amz-Cf-Id
ubOF9UEiRRFJDQlu-N45HdFoc05zmmsSgOKAiaX3QBaLgo9vr83VdA==
X-Amz-Cf-Pop
FRA56-C1
X-Cache
Miss from cloudfront
en_US-312ace2e45.json
d2d6mu5qcvgbk5.cloudfront.net/assets/origamiprod/languages/ 		317 KB
85 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d2d6mu5qcvgbk5.cloudfront.net/assets/origamiprod/languages/en_US-312ace2e45.json
Requested by
Host: d2d6mu5qcvgbk5.cloudfront.net
URL: https://d2d6mu5qcvgbk5.cloudfront.net/assets/origamiprod/vendors~app-e36f7a049b17e30537f2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:3000:a:9eab:6140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Accept
application/json, text/plain, */*
Referer
https://te.novoed.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Mon, 16 May 2022 20:01:47 GMT
Content-Encoding
gzip
Vary
Accept-Encoding,Origin
X-Amz-Cf-Pop
FRA56-C1
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
Connection
keep-alive
Access-Control-Allow-Origin
*
Last-Modified
Thu, 12 May 2022 21:33:39 GMT
Server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:500/gname:ec2-user/uname:ec2-user/gid:500/mode:33204/mtime:1652390586/atime:1652390586/ctime:1652390698
ETag
W/"312ace2e45c9eca3075291831ec961e7"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET, HEAD
x-amz-version-id
exJ.ACn0shabkzCpqz2MuC107nXFQ2I8
Via
1.1 910fc18161f0602555cc5b6397ca26f2.cloudfront.net (CloudFront)
Content-Type
application/json
X-Amz-Cf-Id
KwqOf0-KAelEniRAapagpdgOWuZWHeuYWKLXF_AZgTeqLHVpH_B52w==
my_account.json
te.novoed.com/ 		232 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://te.novoed.com/my_account.json?bust=1652731305951
Requested by
Host: d2d6mu5qcvgbk5.cloudfront.net
URL: https://d2d6mu5qcvgbk5.cloudfront.net/assets/origamiprod/vendors~app-e36f7a049b17e30537f2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2406:da00:ff00::36eb:bdef Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache/2.4.53 (Amazon) OpenSSL/1.0.2k-fips Phusion_Passenger/6.0.7 / Phusion Passenger 6.0.7
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2678400; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://te.novoed.com/
X-XSRF-TOKEN
MIjJ6aJE9qfzjV0fIdwe8t3kThmVfbFX/uUtvmnynAzqNE3tNG0DHOLbQWTitB6Dtftg5EiHnTQT8Dm/OQagrQ==
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Mon, 16 May 2022 20:01:46 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger 6.0.7
Status
401 Unauthorized
Connection
keep-alive
Content-Length
179
X-XSS-Protection
1; mode=block
X-Request-Id
b6af3590-39e3-43d9-bfe6-21c57d15f589
X-Runtime
0.012334
Server
Apache/2.4.53 (Amazon) OpenSSL/1.0.2k-fips Phusion_Passenger/6.0.7
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Strict-Transport-Security
max-age=2678400; preload
Content-Type
application/json; charset=utf-8
Cache-Control
no-cache
528
te.novoed.com/institutions/ 		232 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://te.novoed.com/institutions/528
Requested by
Host: d2d6mu5qcvgbk5.cloudfront.net
URL: https://d2d6mu5qcvgbk5.cloudfront.net/assets/origamiprod/vendors~app-e36f7a049b17e30537f2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2406:da00:ff00::36eb:bdef Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache/2.4.53 (Amazon) OpenSSL/1.0.2k-fips Phusion_Passenger/6.0.7 / Phusion Passenger 6.0.7
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2678400; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://te.novoed.com/
X-XSRF-TOKEN
MIjJ6aJE9qfzjV0fIdwe8t3kThmVfbFX/uUtvmnynAzqNE3tNG0DHOLbQWTitB6Dtftg5EiHnTQT8Dm/OQagrQ==
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Mon, 16 May 2022 20:01:46 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger 6.0.7
Status
401 Unauthorized
Connection
keep-alive
Content-Length
179
X-XSS-Protection
1; mode=block
X-Request-Id
333a1244-0415-4c14-9b51-07dc06ffd3f0
X-Runtime
0.013682
Server
Apache/2.4.53 (Amazon) OpenSSL/1.0.2k-fips Phusion_Passenger/6.0.7
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Strict-Transport-Security
max-age=2678400; preload
Content-Type
application/json; charset=utf-8
Cache-Control
no-cache
recaptcha__de.js
www.gstatic.com/recaptcha/releases/0aeEuuJmrVqDrEL39Fsg5-UJ/ 		364 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/0aeEuuJmrVqDrEL39Fsg5-UJ/recaptcha__de.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://te.novoed.com/
Origin
https://te.novoed.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 16 May 2022 19:52:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
558
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
147159
x-xss-protection
0
last-modified
Mon, 09 May 2022 19:02:03 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 16 May 2023 19:52:27 GMT
basic_info
te.novoed.com/ 		754 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://te.novoed.com/basic_info
Requested by
Host: d2d6mu5qcvgbk5.cloudfront.net
URL: https://d2d6mu5qcvgbk5.cloudfront.net/assets/origamiprod/vendors~app-e36f7a049b17e30537f2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2406:da00:ff00::36eb:bdef Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache/2.4.53 (Amazon) OpenSSL/1.0.2k-fips Phusion_Passenger/6.0.7 / Phusion Passenger 6.0.7
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2678400; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://te.novoed.com/
X-XSRF-TOKEN
2alRU5U0r3ciYgi7ennxwdmBCiPKgjK+NtGOVMgJtj4DFdVXAx1azDM0FMC5EfGwsZ4k3hd4Ht3bxJpVmP2Knw==
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Mon, 16 May 2022 20:01:46 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger 6.0.7
Status
200 OK
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
468
X-XSS-Protection
1; mode=block
X-Request-Id
bbcd54bb-6bff-4c9d-a056-d83551e44505
X-Runtime
0.029758
Server
Apache/2.4.53 (Amazon) OpenSSL/1.0.2k-fips Phusion_Passenger/6.0.7
X-Frame-Options
SAMEORIGIN
ETag
W/"b1b9fe14aef22668a4c913f0dec44e0c"
Strict-Transport-Security
max-age=2678400; preload
Content-Type
application/json; charset=utf-8
Cache-Control
max-age=0, private, must-revalidate
my_account.json
te.novoed.com/ 		232 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://te.novoed.com/my_account.json?bust=1652731306077
Requested by
Host: d2d6mu5qcvgbk5.cloudfront.net
URL: https://d2d6mu5qcvgbk5.cloudfront.net/assets/origamiprod/vendors~app-e36f7a049b17e30537f2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2406:da00:ff00::36eb:bdef Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache/2.4.53 (Amazon) OpenSSL/1.0.2k-fips Phusion_Passenger/6.0.7 / Phusion Passenger 6.0.7
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2678400; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://te.novoed.com/
X-XSRF-TOKEN
2alRU5U0r3ciYgi7ennxwdmBCiPKgjK+NtGOVMgJtj4DFdVXAx1azDM0FMC5EfGwsZ4k3hd4Ht3bxJpVmP2Knw==
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Mon, 16 May 2022 20:01:46 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger 6.0.7
Status
401 Unauthorized
Connection
keep-alive
Content-Length
179
X-XSS-Protection
1; mode=block
X-Request-Id
282ee7b8-6a04-42bf-a986-6d5c6aa6de0d
X-Runtime
0.013646
Server
Apache/2.4.53 (Amazon) OpenSSL/1.0.2k-fips Phusion_Passenger/6.0.7
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Strict-Transport-Security
max-age=2678400; preload
Content-Type
application/json; charset=utf-8
Cache-Control
no-cache
Primary Request /
sso4-prod.te.com/adfs/ls/
Redirect Chain
  • https://app.novoed.com/saml/sso?provider=teconnectivity&&after_auth_path=https%3A%2F%2Fte.novoed.com%2F%23!%2Finstitutions%2F528%2F
  • https://sso4-prod.te.com/adfs/ls/?SAMLRequest=fZExT8MwEIX%2FSjZPjhPTtNRqiiq6VCpLCwws6OocqqXEDr5LBP%2BeJAhRBjqe9N53796tCJq6NZuOz%2F6A7x0SJxsijOyCvw%2BeugbjEWPvLD4d9qU4M7dklIK2TX3oA1apDY0aMQos3bUx9K7...
31 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sso4-prod.te.com/adfs/ls/?SAMLRequest=fZExT8MwEIX%2FSjZPjhPTtNRqiiq6VCpLCwws6OocqqXEDr5LBP%2BeJAhRBjqe9N53796tCJq6NZuOz%2F6A7x0SJxsijOyCvw%2BeugbjEWPvLD4d9qU4M7dklIK2TX3oA1apDY0aMQos3bUx9K7CWDLa4D1adr3jT5FsB7TzMHJ%2FKURhJgdLlTJOHKjeSNWkRLLbluI116Ct1oVcwuIkZ8sikye7XMhTlsNNVeAcittBStThzhOD51LoTGuZFTKfP%2BrMZLmZzV9E8oyRptU6zUTy0dSezBi6FF30JgA5Mh4aJMPWHDcPezMIDfxUcWlpr3uGczjYUIv1alSbKV1cXyuuQYYKGP5rb6UuSd%2FT36etvwA%3D&provider=teconnectivity&after_auth_path=https%3A%2F%2Fte.novoed.com%2F%23%21%2Finstitutions%2F528%2F&controller=saml&action=sso
Requested by
Host: d2d6mu5qcvgbk5.cloudfront.net
URL: https://d2d6mu5qcvgbk5.cloudfront.net/assets/origamiprod/app-e36f7a049b17e30537f2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.175.155.72 , United States, ASN3585 (AS3585, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b054d92ad5e9092868fea534867e44f9d95b1a4a11b291a3e04ff45db72b8578
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; frame-src api-3daa245d.duosecurity.com
Strict-Transport-Security max-age = 31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://te.novoed.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache,no-store
Content-Length
31591
Content-Security-Policy
default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; frame-src api-3daa245d.duosecurity.com
Content-Type
text/html; charset=utf-8
Date
Mon, 16 May 2022 20:01:48 GMT
Expires
-1
Pragma
no-cache
Server
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age = 31536000
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-XSS-Protection
1; mode=block

Redirect headers

Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Length
534
Content-Type
text/html; charset=utf-8
Date
Mon, 16 May 2022 20:01:46 GMT
Location
https://sso4-prod.te.com/adfs/ls/?SAMLRequest=fZExT8MwEIX%2FSjZPjhPTtNRqiiq6VCpLCwws6OocqqXEDr5LBP%2BeJAhRBjqe9N53796tCJq6NZuOz%2F6A7x0SJxsijOyCvw%2BeugbjEWPvLD4d9qU4M7dklIK2TX3oA1apDY0aMQos3bUx9K7CWDLa4D1adr3jT5FsB7TzMHJ%2FKURhJgdLlTJOHKjeSNWkRLLbluI116Ct1oVcwuIkZ8sikye7XMhTlsNNVeAcittBStThzhOD51LoTGuZFTKfP%2BrMZLmZzV9E8oyRptU6zUTy0dSezBi6FF30JgA5Mh4aJMPWHDcPezMIDfxUcWlpr3uGczjYUIv1alSbKV1cXyuuQYYKGP5rb6UuSd%2FT36etvwA%3D&provider=teconnectivity&after_auth_path=https%3A%2F%2Fte.novoed.com%2F%23%21%2Finstitutions%2F528%2F&controller=saml&action=sso
Server
Apache/2.4.53 (Amazon) OpenSSL/1.0.2k-fips Phusion_Passenger/6.0.7
Status
302 Found
Strict-Transport-Security
max-age=2678400; preload
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Powered-By
Phusion Passenger 6.0.7
X-Request-Id
719cfa0b-0578-45c1-bb4c-900cc4b3738a
X-Runtime
0.023114
X-XSS-Protection
1; mode=block
icon-novoed@2x-6bc691e0e1.png
d2d6mu5qcvgbk5.cloudfront.net/assets/origamiprod/images/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2d6mu5qcvgbk5.cloudfront.net/assets/origamiprod/images/icon-novoed@2x-6bc691e0e1.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:3000:a:9eab:6140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://te.novoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
2g89W7Zbt3e4mh6lI5UaMHjfiupIn9YL
Via
1.1 9570c3a1725c20e6faed117bbb74223a.cloudfront.net (CloudFront)
Last-Modified
Fri, 27 Mar 2020 22:15:17 GMT
Server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:500/gname:ec2-user/uname:ec2-user/gid:500/mode:33204/mtime:1585346956/atime:1585346956/ctime:1585347035
Age
57572
ETag
"6bc691e0e11407d7efed9ee0325ee132"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Date
Mon, 16 May 2022 04:02:15 GMT
X-Amz-Cf-Pop
FRA56-C1
Accept-Ranges
bytes
Content-Length
14645
X-Amz-Cf-Id
WayvPuiBL2zrPWfsiZ-3YamTuyWsn-O5mNrvJHDpaDu5X73v-IF-bA==
9791d8da190055a65f543e279e572dc8ae23df29.png
d2d6mu5qcvgbk5.cloudfront.net/institutions/logos/big_header/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2d6mu5qcvgbk5.cloudfront.net/institutions/logos/big_header/9791d8da190055a65f543e279e572dc8ae23df29.png?1649091309
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:3000:a:9eab:6140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://te.novoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Mon, 16 May 2022 20:01:47 GMT
Via
1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C1
x-amz-server-side-encryption
AES256
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
10648
Last-Modified
Mon, 04 Apr 2022 16:55:11 GMT
Server
AmazonS3
ETag
"94eea9038bfc0811e3e93eb8a6eee7f7"
x-amz-version-id
pY_PFD7nSXhnilnVGLJsc4Xg615zzPVz
Cache-Control
max-age=86400
Accept-Ranges
bytes
Content-Type
image/png
X-Amz-Cf-Id
bfbKSVzl42Tt7Utxslh2UXh-WHvkyQihwlhy21z1z6X3qYSq7o5oRg==
Expires
Tue, 05 Apr 2022 16:55:09 GMT
style.css
sso4-prod.te.com/adfs/portal/css/ 		22 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sso4-prod.te.com/adfs/portal/css/style.css?id=49FB1AE861ACE9EC756CD4245F118FFF38CF1F92CA657776BE734B40371C2FA1
Requested by
Host: sso4-prod.te.com
URL: https://sso4-prod.te.com/adfs/ls/?SAMLRequest=fZExT8MwEIX%2FSjZPjhPTtNRqiiq6VCpLCwws6OocqqXEDr5LBP%2BeJAhRBjqe9N53796tCJq6NZuOz%2F6A7x0SJxsijOyCvw%2BeugbjEWPvLD4d9qU4M7dklIK2TX3oA1apDY0aMQos3bUx9K7CWDLa4D1adr3jT5FsB7TzMHJ%2FKURhJgdLlTJOHKjeSNWkRLLbluI116Ct1oVcwuIkZ8sikye7XMhTlsNNVeAcittBStThzhOD51LoTGuZFTKfP%2BrMZLmZzV9E8oyRptU6zUTy0dSezBi6FF30JgA5Mh4aJMPWHDcPezMIDfxUcWlpr3uGczjYUIv1alSbKV1cXyuuQYYKGP5rb6UuSd%2FT36etvwA%3D&provider=teconnectivity&after_auth_path=https%3A%2F%2Fte.novoed.com%2F%23%21%2Finstitutions%2F528%2F&controller=saml&action=sso
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.175.155.72 , United States, ASN3585 (AS3585, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
baec8cc6ebce476b74412ed8aeda15da6c22f1acb30cda33f2fe1684ef47c8f5
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; frame-src api-3daa245d.duosecurity.com
Strict-Transport-Security max-age = 31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sso4-prod.te.com/adfs/ls/?SAMLRequest=fZExT8MwEIX%2FSjZPjhPTtNRqiiq6VCpLCwws6OocqqXEDr5LBP%2BeJAhRBjqe9N53796tCJq6NZuOz%2F6A7x0SJxsijOyCvw%2BeugbjEWPvLD4d9qU4M7dklIK2TX3oA1apDY0aMQos3bUx9K7CWDLa4D1adr3jT5FsB7TzMHJ%2FKURhJgdLlTJOHKjeSNWkRLLbluI116Ct1oVcwuIkZ8sikye7XMhTlsNNVeAcittBStThzhOD51LoTGuZFTKfP%2BrMZLmZzV9E8oyRptU6zUTy0dSezBi6FF30JgA5Mh4aJMPWHDcPezMIDfxUcWlpr3uGczjYUIv1alSbKV1cXyuuQYYKGP5rb6UuSd%2FT36etvwA%3D&provider=teconnectivity&after_auth_path=https%3A%2F%2Fte.novoed.com%2F%23%21%2Finstitutions%2F528%2F&controller=saml&action=sso
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Strict-Transport-Security
max-age = 31536000
X-Content-Type-Options
nosniff
Server
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
ETag
49FB1AE861ACE9EC756CD4245F118FFF38CF1F92CA657776BE734B40371C2FA1
Content-Type
text/css
Date
Mon, 16 May 2022 20:01:48 GMT
Content-Security-Policy
default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; frame-src api-3daa245d.duosecurity.com
Content-Length
22313
X-XSS-Protection
1; mode=block
Expires
Wed, 15 Jun 2022 20:01:48 GMT
logo.png
sso4-prod.te.com/adfs/portal/logo/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sso4-prod.te.com/adfs/portal/logo/logo.png?id=DC2ED5AC87802F1B345A5A28434DC6C8E57346198518962EE28235DFCFF856F4
Requested by
Host: sso4-prod.te.com
URL: https://sso4-prod.te.com/adfs/ls/?SAMLRequest=fZExT8MwEIX%2FSjZPjhPTtNRqiiq6VCpLCwws6OocqqXEDr5LBP%2BeJAhRBjqe9N53796tCJq6NZuOz%2F6A7x0SJxsijOyCvw%2BeugbjEWPvLD4d9qU4M7dklIK2TX3oA1apDY0aMQos3bUx9K7CWDLa4D1adr3jT5FsB7TzMHJ%2FKURhJgdLlTJOHKjeSNWkRLLbluI116Ct1oVcwuIkZ8sikye7XMhTlsNNVeAcittBStThzhOD51LoTGuZFTKfP%2BrMZLmZzV9E8oyRptU6zUTy0dSezBi6FF30JgA5Mh4aJMPWHDcPezMIDfxUcWlpr3uGczjYUIv1alSbKV1cXyuuQYYKGP5rb6UuSd%2FT36etvwA%3D&provider=teconnectivity&after_auth_path=https%3A%2F%2Fte.novoed.com%2F%23%21%2Finstitutions%2F528%2F&controller=saml&action=sso
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.175.155.72 , United States, ASN3585 (AS3585, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
dc2ed5ac87802f1b345a5a28434dc6c8e57346198518962ee28235dfcff856f4
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; frame-src api-3daa245d.duosecurity.com
Strict-Transport-Security max-age = 31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sso4-prod.te.com/adfs/ls/?SAMLRequest=fZExT8MwEIX%2FSjZPjhPTtNRqiiq6VCpLCwws6OocqqXEDr5LBP%2BeJAhRBjqe9N53796tCJq6NZuOz%2F6A7x0SJxsijOyCvw%2BeugbjEWPvLD4d9qU4M7dklIK2TX3oA1apDY0aMQos3bUx9K7CWDLa4D1adr3jT5FsB7TzMHJ%2FKURhJgdLlTJOHKjeSNWkRLLbluI116Ct1oVcwuIkZ8sikye7XMhTlsNNVeAcittBStThzhOD51LoTGuZFTKfP%2BrMZLmZzV9E8oyRptU6zUTy0dSezBi6FF30JgA5Mh4aJMPWHDcPezMIDfxUcWlpr3uGczjYUIv1alSbKV1cXyuuQYYKGP5rb6UuSd%2FT36etvwA%3D&provider=teconnectivity&after_auth_path=https%3A%2F%2Fte.novoed.com%2F%23%21%2Finstitutions%2F528%2F&controller=saml&action=sso
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Strict-Transport-Security
max-age = 31536000
X-Content-Type-Options
nosniff
Server
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
ETag
DC2ED5AC87802F1B345A5A28434DC6C8E57346198518962EE28235DFCFF856F4
Content-Type
image/png
Date
Mon, 16 May 2022 20:01:48 GMT
Content-Security-Policy
default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; frame-src api-3daa245d.duosecurity.com
Content-Length
1877
X-XSS-Protection
1; mode=block
Expires
Wed, 15 Jun 2022 20:01:48 GMT
illustration.png
sso4-prod.te.com/adfs/portal/illustration/ 		129 KB
129 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sso4-prod.te.com/adfs/portal/illustration/illustration.png?id=E37B86E5645907CA1EA410812510937994A7D5A4A9164B5E88CDB6881DFEFB8B
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.175.155.72 , United States, ASN3585 (AS3585, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e37b86e5645907ca1ea410812510937994a7d5a4a9164b5e88cdb6881dfefb8b
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; frame-src api-3daa245d.duosecurity.com
Strict-Transport-Security max-age = 31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sso4-prod.te.com/adfs/ls/?SAMLRequest=fZExT8MwEIX%2FSjZPjhPTtNRqiiq6VCpLCwws6OocqqXEDr5LBP%2BeJAhRBjqe9N53796tCJq6NZuOz%2F6A7x0SJxsijOyCvw%2BeugbjEWPvLD4d9qU4M7dklIK2TX3oA1apDY0aMQos3bUx9K7CWDLa4D1adr3jT5FsB7TzMHJ%2FKURhJgdLlTJOHKjeSNWkRLLbluI116Ct1oVcwuIkZ8sikye7XMhTlsNNVeAcittBStThzhOD51LoTGuZFTKfP%2BrMZLmZzV9E8oyRptU6zUTy0dSezBi6FF30JgA5Mh4aJMPWHDcPezMIDfxUcWlpr3uGczjYUIv1alSbKV1cXyuuQYYKGP5rb6UuSd%2FT36etvwA%3D&provider=teconnectivity&after_auth_path=https%3A%2F%2Fte.novoed.com%2F%23%21%2Finstitutions%2F528%2F&controller=saml&action=sso
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Strict-Transport-Security
max-age = 31536000
X-Content-Type-Options
nosniff
Server
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
ETag
E37B86E5645907CA1EA410812510937994A7D5A4A9164B5E88CDB6881DFEFB8B
Content-Type
image/png
Date
Mon, 16 May 2022 20:01:48 GMT
Content-Security-Policy
default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; frame-src api-3daa245d.duosecurity.com
Content-Length
131974
X-XSS-Protection
1; mode=block
Expires
Wed, 15 Jun 2022 20:01:49 GMT

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails function| LoginErrors number| maxPasswordLength function| InputUtil object| paginationManager object| PaginationUtil object| PaginationManager object| Login object| LoginManager object| options object| _self undefined| emails undefined| msViewportStyle undefined| viewport function| getStyle function| computeLoadIllustration function| SetIllustrationImage

5 Cookies

Domain/Path Name / Value
te.novoed.com/ Name: XSRF-TOKEN
Value: ZZ2kLzGCmN8Kj%2Bg9aKa%2Fcgjad1qoNf%2BGsiBPVAk0ZFm%2FISArp6ttZBvZ9Earzr8DYMVZp3XP0%2BVfNVtVWcBY%2BA%3D%3D
app.novoed.com/ Name: XSRF-TOKEN
Value: Wbd%2F9u%2FuFjY08o6Mfkgw411RsE6T4I0%2B%2BLpQyimOKfWDC%2FvyecfjjSWkkve9IDCSNU6es04aoV0Vr0TLeXoVVA%3D%3D
app.novoed.com/ Name: user_return_to
Value: https%3A%2F%2Fte.novoed.com%2F%23%21%2Finstitutions%2F528%2F
app.novoed.com/ Name: sso_provider
Value: teconnectivity
.novoed.com/ Name: _origami_production_shared_session
Value: VUNac2lVYjVsbTJROUJ3V2FoeXgxQTJPVC82ZTV3SlNtWitqSVhPS3dXQWcxM0ptVGN4QWJMV1A0RVVqcXBvdms1a1pnT1laU1NMNysrOWJSOGlYNTJ2SnBCNDFsRWd0M0NSWG83QTIzM1pGbnhJZ09Rc2hlVkJ5Qkc0UGNiaXFPV2VETFJVMjZhYnF2ZmNXV3lvU3VYLzFicHZYKzZid0xYMEdlcVFWcExWMldGbEFNK2pqcTZxQXUzcDVmOEsrRCtweW1BcXdkTlFzMWRUZFBXZXFKdjk0bUMvNTh6WXQxbFhjZ2JlWFhUK0M2d0NXQW5oRVgzSXpkYkJtWGF2NGhsOXhuTk9OU0VJL3RtUWdhU3g1RlE9PS0tRitsZmV1RVhWZlZ3aXdxRDhob01pdz09--9f172e52be21433995e028eaeac199e93a4a8fad

3 Console Messages

Source Level URL
Text
network error URL: https://te.novoed.com/my_account.json?bust=1652731305951
Message:
Failed to load resource: the server responded with a status of 401 (Unauthorized)
network error URL: https://te.novoed.com/institutions/528
Message:
Failed to load resource: the server responded with a status of 401 (Unauthorized)
network error URL: https://te.novoed.com/my_account.json?bust=1652731306077
Message:
Failed to load resource: the server responded with a status of 401 (Unauthorized)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=2678400; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.novoed.com
cdn.pendo.io
cdn.polyfill.io
d2d6mu5qcvgbk5.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
sentry.io
sso4-prod.te.com
te.novoed.com
url9041.novoed.com
www.google-analytics.com
www.gstatic.com
www.recaptcha.net
www.webrtc-experiment.com
167.89.118.83
198.175.155.72
2406:da00:ff00::36eb:bdef
2600:9000:2057:7e00:1f:aa31:7740:93a1
2600:9000:206f:3000:a:9eab:6140:21
2606:50c0:8000::153
2a00:1450:4001:800::2003
2a00:1450:4001:802::200e
2a00:1450:4001:809::2003
2a00:1450:4001:828::200a
2a00:1450:4001:82b::2003
2a04:4e42:200::282
35.188.42.15
04afed055d3ac528b563f32c35046d96f4b37998a3b9fb3fefe6ad2c37049655
05e383cc3c7312b5332e675ced11f8c7d5f7f1a3dfa672cf22b868b05bb5e6ba
11c390be332778760b2f69affe1a8543f5319db2b60f65af19fc4e4903f4f857
237b52086085db996d31b8eb9a5171eb3ac0efba44c92131adfde0aeb853b6dc
3c847426aaaed00c251e9fe383be470753dbc8e7caa05a5ace3bb0b72d908cf3
583427f8197527cba3c0b9d9ebe3376ab36f29b33143e1ffea7e7c9dd9998f77
64b4942cad519831ccd88fa6d93c76ec6e23fe22608034025442aa59b929bfb1
90ce8347a0dc7683589ff557824b7b7244a45960ea855f56b83ab350adc9c70e
92338c04b37f34373038e3d3ca77a79619356bceae716c46230f7adfdb3d3cbe
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
b054d92ad5e9092868fea534867e44f9d95b1a4a11b291a3e04ff45db72b8578
baec8cc6ebce476b74412ed8aeda15da6c22f1acb30cda33f2fe1684ef47c8f5
be21cd566373694d28839dff155e6f100189e4cbbed0ee6e9bec2716cd9cd3f0
c57e5e0321ee11c4d4f5d2788fb3c791af1924150a73aa8c688ccf78190aab41
c687ef96fe0d5df4d0b47c658acd43a2655b9e05934df930c109b232ac0f42e4
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
dc2ed5ac87802f1b345a5a28434dc6c8e57346198518962ee28235dfcff856f4
de9dd00383d82fc9c29d88a6718c69b6796228809256b07d8aae6a7b01d4e057
e1f5a10c9c619b5ce86e30a56d940b5550088287e725aa43aac9556a4dc64beb
e37b86e5645907ca1ea410812510937994a7d5a4a9164b5e88cdb6881dfefb8b
ec329368e705237001a90a1f83542015e01b8ed09a521e05caa412e0b82a802e