urlscan.io logo urlscan.io
SecurityTrails logo

weare.montefiore.org Open in urlscan Pro
2600:9000:223c:2800:1d:266f:4440:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://weare.montefiore.org/
Effective URL: https://weare.montefiore.org/users/sign_in
Submission: On August 17 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 7 domains to perform 18 HTTP transactions. The main IP is 2600:9000:223c:2800:1d:266f:4440:93a1, located in United States and belongs to AMAZON-02, US. The main domain is weare.montefiore.org.
TLS certificate: Issued by Amazon RSA 2048 M02 on August 13th 2024. Valid for: a year.
This is the only time weare.montefiore.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    2600:9000:223c:2800:1d:266f:4440:93a1 (United States)

ASN16509 (AMAZON-02, US)
weare.montefiore.org
9    143.204.98.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-67.fra50.r.cloudfront.net
assets.prod.us-east-1.advance.graduway.com
4    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    13.35.58.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-58-79.fra60.r.cloudfront.net
js.stripe.com
1    2606:4700:20::ac43:45ce (United States)

ASN13335 (CLOUDFLARENET, US)
browser-update.org
1    2a03:2880:f083:10e:face:b00c:0:2 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
graph.facebook.com
Apex Domain
Subdomains		 Transfer
9 graduway.com
assets.prod.us-east-1.advance.graduway.com
2 MB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
4 KB
2 montefiore.org
weare.montefiore.org
8 KB
1 facebook.com
graph.facebook.com — Cisco Umbrella Rank: 118
368 B
1 browser-update.org
browser-update.org — Cisco Umbrella Rank: 18090
4 KB
1 stripe.com
js.stripe.com — Cisco Umbrella Rank: 2856
156 KB
1 gstatic.com
fonts.gstatic.com
33 KB
18 7
Domain Requested by
9 assets.prod.us-east-1.advance.graduway.com weare.montefiore.org
assets.prod.us-east-1.advance.graduway.com
4 fonts.googleapis.com assets.prod.us-east-1.advance.graduway.com
client
2 weare.montefiore.org 1 redirects
1 graph.facebook.com assets.prod.us-east-1.advance.graduway.com
1 browser-update.org weare.montefiore.org
1 js.stripe.com assets.prod.us-east-1.advance.graduway.com
1 fonts.gstatic.com fonts.googleapis.com
18 7

This site contains no links.

Subject Issuer Validity Valid
weare.montefiore.org
Amazon RSA 2048 M02		 2024-08-13 -
2025-09-11		 a year crt.sh
assets.prod.us-east-1.advance.graduway.com
Amazon RSA 2048 M02		 2024-08-06 -
2025-09-03		 a year crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2024-07-23 -
2024-10-24		 3 months crt.sh
browser-update.org
WE1		 2024-08-01 -
2024-10-30		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-05-27 -
2024-08-25		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://weare.montefiore.org/users/sign_in
Frame ID: 9CA5C4C8B89A0480D48026EA5BB6111A
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Advance

Page URL History Show full URLs

  1. https://weare.montefiore.org/ HTTP 302
    https://weare.montefiore.org/users/sign_in Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

18
Requests

100 %
HTTPS

71 %
IPv6

7
Domains

7
Subdomains

7
IPs

2
Countries

2164 kB
Transfer

11058 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://weare.montefiore.org/ HTTP 302
    https://weare.montefiore.org/users/sign_in Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request sign_in
weare.montefiore.org/users/
Redirect Chain
  • https://weare.montefiore.org/
  • https://weare.montefiore.org/users/sign_in
6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://weare.montefiore.org/users/sign_in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:2800:1d:266f:4440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
53fe274b8ad2a491f3d8b6c0e5c4bf49ea3ccb590165572be49b920f26514c80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control
max-age=0, private, must-revalidate
content-type
text/html; charset=utf-8
date
Sat, 17 Aug 2024 19:49:21 GMT
etag
W/"53fe274b8ad2a491f3d8b6c0e5c4bf49"
referrer-policy
strict-origin-when-cross-origin
server
nginx/1.22.1
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
x-amz-cf-id
zxnOSo9fGrK_Bl3lols2ymT5rHvE3mxsUkF8EZAP3CMNMTyUbhEkbg==
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
bb6881fa-0afe-4c89-9661-9b7ca57fbc87
x-runtime
0.217850
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-cache
content-type
text/html; charset=utf-8
date
Sat, 17 Aug 2024 19:49:21 GMT
location
https://weare.montefiore.org/users/sign_in
referrer-policy
strict-origin-when-cross-origin
server
nginx/1.22.1
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
x-amz-cf-id
5zEm330aECqrVduPr_8tMKvsdkRC_ON3nx2d3fp5ec14GV0iY6Q98w==
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
ae1e6245-d8b0-4dc1-8fe0-63beba8b342d
x-runtime
0.226168
x-xss-protection
1; mode=block
application-1f9192e42e3e81070b9eb64d02e9f9f1cf02bc744f1451c7144bf6fb391c8e5e.css
assets.prod.us-east-1.advance.graduway.com/assets/ 		633 KB
105 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.prod.us-east-1.advance.graduway.com/assets/application-1f9192e42e3e81070b9eb64d02e9f9f1cf02bc744f1451c7144bf6fb391c8e5e.css
Requested by
Host: weare.montefiore.org
URL: https://weare.montefiore.org/users/sign_in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-67.fra50.r.cloudfront.net
Software
nginx/1.22.1 /
Resource Hash
f007177226114c28f4e873f44f630997571158b61d482a25b420fbbf25bc2f5f

Request headers

Referer
https://weare.montefiore.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 22:52:51 GMT
content-encoding
gzip
via
1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
last-modified
Tue, 13 Aug 2024 22:12:30 GMT
server
nginx/1.22.1
x-amz-cf-pop
FRA50-C1
age
334590
etag
W/"66bbda4e-9e21c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000, public
x-amz-cf-id
bVq3GP7MrdAUREJFd1FgFzZ8Zq6Ve-iLuMhnHoPgh7kztx1hPUud6g==
expires
Thu, 31 Dec 2037 23:55:55 GMT
application-d522b26d512e4e5f17cf147d42ee7963ea6a0502d55d1c592c2dbe399bfb5b10.js
assets.prod.us-east-1.advance.graduway.com/assets/ 		217 B
636 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.prod.us-east-1.advance.graduway.com/assets/application-d522b26d512e4e5f17cf147d42ee7963ea6a0502d55d1c592c2dbe399bfb5b10.js
Requested by
Host: weare.montefiore.org
URL: https://weare.montefiore.org/users/sign_in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-67.fra50.r.cloudfront.net
Software
nginx/1.22.1 /
Resource Hash
d522b26d512e4e5f17cf147d42ee7963ea6a0502d55d1c592c2dbe399bfb5b10

Request headers

Referer
https://weare.montefiore.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 08:58:43 GMT
via
1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
last-modified
Tue, 30 Apr 2024 19:48:06 GMT
server
nginx/1.22.1
x-amz-cf-pop
FRA50-C1
age
1680638
etag
"66314af6-d9"
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
217
x-amz-cf-id
JGI4AuhcRhhXpuWSaJKYlCyAB7H_Q40o0tdasmedb_S7HjCgmOHigg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
vendor-bundle-dc5fa8526444ffb33964.js
assets.prod.us-east-1.advance.graduway.com/packs/ 		8 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.prod.us-east-1.advance.graduway.com/packs/vendor-bundle-dc5fa8526444ffb33964.js
Requested by
Host: weare.montefiore.org
URL: https://weare.montefiore.org/users/sign_in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-67.fra50.r.cloudfront.net
Software
nginx/1.22.1 /
Resource Hash
e8a60891c4d1e0246ec3bbdfd75a34371de25370de2b05f418e7733979ffb597
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Referer
https://weare.montefiore.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
via
1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
date
Sat, 17 Aug 2024 15:50:38 GMT
last-modified
Fri, 16 Aug 2024 14:59:32 GMT
server
nginx/1.22.1
x-amz-cf-pop
FRA50-C1
age
14323
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
content-length
1700937
x-amz-cf-id
Nvfa4N2TldAqhs9XwQPBABE_ysPCVofTMy3qfufMnNPjDxLvgKLh8Q==
legacy-bundle-f5ac3cb655251788579e.js
assets.prod.us-east-1.advance.graduway.com/packs/ 		922 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.prod.us-east-1.advance.graduway.com/packs/legacy-bundle-f5ac3cb655251788579e.js
Requested by
Host: weare.montefiore.org
URL: https://weare.montefiore.org/users/sign_in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-67.fra50.r.cloudfront.net
Software
nginx/1.22.1 /
Resource Hash
7fae1c19dd828d7d5f3887690acf37837cb72c41b75d9eb03f7a30ba02602385
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Referer
https://weare.montefiore.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 03:12:38 GMT
content-encoding
gzip
via
1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubDomains
last-modified
Fri, 16 Aug 2024 14:59:32 GMT
server
nginx/1.22.1
x-amz-cf-pop
FRA50-C1
age
59803
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
content-length
61404
x-amz-cf-id
9v7NhGA1DM7PVPcOqPLPj1NG8pKcD1wNHDBg4nExpCy-q2Nc43N4Nw==
css2
fonts.googleapis.com/ 		9 KB
748 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600;700&display=swap
Requested by
Host: assets.prod.us-east-1.advance.graduway.com
URL: https://assets.prod.us-east-1.advance.graduway.com/assets/application-1f9192e42e3e81070b9eb64d02e9f9f1cf02bc744f1451c7144bf6fb391c8e5e.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a8364dad1c151156362a93903ed299fbeff8a50a53dc57b3011813f2865c194
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://assets.prod.us-east-1.advance.graduway.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 17 Aug 2024 19:49:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 17 Aug 2024 18:39:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 17 Aug 2024 19:49:22 GMT
css
fonts.googleapis.com/ 		414 B
504 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Droid+Sans+Mono
Requested by
Host: assets.prod.us-east-1.advance.graduway.com
URL: https://assets.prod.us-east-1.advance.graduway.com/assets/application-1f9192e42e3e81070b9eb64d02e9f9f1cf02bc744f1451c7144bf6fb391c8e5e.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d04ab8b0eccc5a02c228921fa6a2f9d90d55b992e114a85098f34254bd0d7736
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://assets.prod.us-east-1.advance.graduway.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 17 Aug 2024 19:49:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 17 Aug 2024 19:00:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 17 Aug 2024 19:49:22 GMT
css
fonts.googleapis.com/ 		22 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,800
Requested by
Host: assets.prod.us-east-1.advance.graduway.com
URL: https://assets.prod.us-east-1.advance.graduway.com/assets/application-1f9192e42e3e81070b9eb64d02e9f9f1cf02bc744f1451c7144bf6fb391c8e5e.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
11c978bac7ebb0ade5b8432fc48a676c0e2276824b2f717bd25a8ba82be22778
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://assets.prod.us-east-1.advance.graduway.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 17 Aug 2024 19:49:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 17 Aug 2024 19:11:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 17 Aug 2024 19:49:22 GMT
microsite-ionicons.min-18359f1a2d3eb196b7fcc8048d3ee7e5158f6adc55cbc14ab13d84ba6e2407b0.css
assets.prod.us-east-1.advance.graduway.com/assets/contentbox/ 		50 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.prod.us-east-1.advance.graduway.com/assets/contentbox/microsite-ionicons.min-18359f1a2d3eb196b7fcc8048d3ee7e5158f6adc55cbc14ab13d84ba6e2407b0.css
Requested by
Host: assets.prod.us-east-1.advance.graduway.com
URL: https://assets.prod.us-east-1.advance.graduway.com/assets/application-1f9192e42e3e81070b9eb64d02e9f9f1cf02bc744f1451c7144bf6fb391c8e5e.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-67.fra50.r.cloudfront.net
Software
nginx/1.22.1 /
Resource Hash
910c25fb33c1d1bd7d3d53efc02fa6c2e4d2442e0029f43eb388cb2edc2852e7

Request headers

Referer
https://assets.prod.us-east-1.advance.graduway.com/assets/application-1f9192e42e3e81070b9eb64d02e9f9f1cf02bc744f1451c7144bf6fb391c8e5e.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 12:26:23 GMT
content-encoding
gzip
via
1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
last-modified
Tue, 18 Jul 2023 16:54:38 GMT
server
nginx/1.22.1
x-amz-cf-pop
FRA50-C1
age
28624978
etag
W/"64b6c3ce-c947"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000, public
x-amz-cf-id
_bAMOjCI8YX2G4-7Qh2q3bVYTczL6nmWS-9sHPxp4IGxQSriDJ7hrg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
bentonsans-light-webfont-3c30e8146b24897b62a585508e358792d868df891ac1ad89d006583b430a46f2.woff2
assets.prod.us-east-1.advance.graduway.com/assets/ 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.prod.us-east-1.advance.graduway.com/assets/bentonsans-light-webfont-3c30e8146b24897b62a585508e358792d868df891ac1ad89d006583b430a46f2.woff2
Requested by
Host: assets.prod.us-east-1.advance.graduway.com
URL: https://assets.prod.us-east-1.advance.graduway.com/assets/application-1f9192e42e3e81070b9eb64d02e9f9f1cf02bc744f1451c7144bf6fb391c8e5e.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-67.fra50.r.cloudfront.net
Software
nginx/1.22.1 /
Resource Hash
3c30e8146b24897b62a585508e358792d868df891ac1ad89d006583b430a46f2

Request headers

Referer
https://assets.prod.us-east-1.advance.graduway.com/assets/application-1f9192e42e3e81070b9eb64d02e9f9f1cf02bc744f1451c7144bf6fb391c8e5e.css
Origin
https://weare.montefiore.org
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 19:49:22 GMT
via
1.1 baaf38f0a0d54e4834bf934fa5189cea.cloudfront.net (CloudFront)
last-modified
Wed, 17 Jul 2024 20:27:15 GMT
server
nginx/1.22.1
x-amz-cf-pop
FRA50-C1
etag
"66982923-44a4"
x-cache
Miss from cloudfront
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
17572
x-amz-cf-id
PeGfuBmgTjHHW-jBfqYho_F8iIhriKRr9r0P2ieg_XCYZnhiXWDQ0w==
expires
Thu, 31 Dec 2037 23:55:55 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://weare.montefiore.org
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 13:58:44 GMT
x-content-type-options
nosniff
age
366638
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Aug 2025 13:58:44 GMT
fontawesome-webfont-2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe.woff2
assets.prod.us-east-1.advance.graduway.com/assets/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.prod.us-east-1.advance.graduway.com/assets/fontawesome-webfont-2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe.woff2
Requested by
Host: assets.prod.us-east-1.advance.graduway.com
URL: https://assets.prod.us-east-1.advance.graduway.com/assets/application-1f9192e42e3e81070b9eb64d02e9f9f1cf02bc744f1451c7144bf6fb391c8e5e.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-67.fra50.r.cloudfront.net
Software
nginx/1.22.1 /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://assets.prod.us-east-1.advance.graduway.com/assets/application-1f9192e42e3e81070b9eb64d02e9f9f1cf02bc744f1451c7144bf6fb391c8e5e.css
Origin
https://weare.montefiore.org
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 19:49:22 GMT
via
1.1 baaf38f0a0d54e4834bf934fa5189cea.cloudfront.net (CloudFront)
last-modified
Fri, 16 Aug 2024 15:21:09 GMT
server
nginx/1.22.1
x-amz-cf-pop
FRA50-C1
etag
"66bf6e65-12d68"
x-cache
Miss from cloudfront
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
77160
x-amz-cf-id
_OuQLhVHeiL47lJ8D8DuQKJ6bHI-uWdJf9UEHN6KZaDZZGgkekoYCA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
bentonsans-bold-webfont-f648fd88c8fd0198974b1c58c5390e9ec219cd19a61f90dbbdb435ff2610146d.woff2
assets.prod.us-east-1.advance.graduway.com/assets/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.prod.us-east-1.advance.graduway.com/assets/bentonsans-bold-webfont-f648fd88c8fd0198974b1c58c5390e9ec219cd19a61f90dbbdb435ff2610146d.woff2
Requested by
Host: assets.prod.us-east-1.advance.graduway.com
URL: https://assets.prod.us-east-1.advance.graduway.com/assets/application-1f9192e42e3e81070b9eb64d02e9f9f1cf02bc744f1451c7144bf6fb391c8e5e.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-67.fra50.r.cloudfront.net
Software
nginx/1.22.1 /
Resource Hash
f648fd88c8fd0198974b1c58c5390e9ec219cd19a61f90dbbdb435ff2610146d

Request headers

Referer
https://assets.prod.us-east-1.advance.graduway.com/assets/application-1f9192e42e3e81070b9eb64d02e9f9f1cf02bc744f1451c7144bf6fb391c8e5e.css
Origin
https://weare.montefiore.org
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 19:49:22 GMT
via
1.1 baaf38f0a0d54e4834bf934fa5189cea.cloudfront.net (CloudFront)
last-modified
Wed, 17 Jul 2024 20:27:15 GMT
server
nginx/1.22.1
x-amz-cf-pop
FRA50-C1
etag
"66982923-47c4"
x-cache
Miss from cloudfront
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
18372
x-amz-cf-id
kwTXr9iKC8HFJXoUw-wGHfC88q7tO2HSpCeHpVJTPb6pL-tXOS0ouw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
css
fonts.googleapis.com/ 		419 B
394 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Permanent+Marker
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
089ca7c196871f14a5e353f41c417ef7bd6db262c7df9590a7f33e044f89c701
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://weare.montefiore.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 17 Aug 2024 19:49:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 17 Aug 2024 19:33:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 17 Aug 2024 19:49:22 GMT
v3
js.stripe.com/ 		641 KB
156 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3
Requested by
Host: assets.prod.us-east-1.advance.graduway.com
URL: https://assets.prod.us-east-1.advance.graduway.com/packs/vendor-bundle-dc5fa8526444ffb33964.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-79.fra60.r.cloudfront.net
Software
Cloudfront /
Resource Hash
7aa5c2b897778c5680849ce922dc77ecf24eb433472b89b8ca292eb213650d4b
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://weare.montefiore.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 19:48:31 GMT
content-encoding
br
via
1.1 6af229f397d391cfa25045f944cba714.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
52
x-amz-cf-pop
FRA60-P10
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Sat, 17 Aug 2024 00:16:22 GMT
server
Cloudfront
etag
W/"e898735b4382c3fcc5c586c3699b39d5"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
pkeUgKm8IynP6UnZiHQ1y5_H5KKm9IZocwuI4jvNBcHlr009_JJGhw==
update.min.js
browser-update.org/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://browser-update.org/update.min.js
Requested by
Host: weare.montefiore.org
URL: https://weare.montefiore.org/users/sign_in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:45ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aed226a20bef354fe7fa7b4eea049b79743eb10c3896ef337b3a5008895aba1c

Request headers

Referer
https://weare.montefiore.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 19:49:22 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 05 Jun 2024 10:35:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1502040
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GQzAbq00obM8%2FMVrYr55u5G02QkjALxC5DyoL0SFiPLuJ802%2B5PZMtSuAvshIFMssSHvkhysYs5grDchK4Wrv%2BJGzEMSjOs%2BLLd0%2B4We0Y2Af7O1v6PNMP%2BsAbIbOIwf%2FgUEBKHbCqG8g0XkXB8mRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=86400
content-disposition
inline; filename=update.min.js
cf-ray
8b4c2fe1ce229ffa-AMS
expires
Thu, 01 Aug 2024 10:35:22 GMT
/
graph.facebook.com/ 		251 B
368 B 		Script
General
Check archive.org
Download Go to
Full URL
https://graph.facebook.com/?id=https%3A%2F%2Fweare.montefiore.org%2Fusers%2Fsign_in&callback=jQuery350046031619600785967_1723924162227&_=1723924162228
Requested by
Host: assets.prod.us-east-1.advance.graduway.com
URL: https://assets.prod.us-east-1.advance.graduway.com/packs/vendor-bundle-dc5fa8526444ffb33964.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:10e:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
30610c2015097bc9cfc66cd95f41b360b9053629c134aee9e200bbf016aa49f0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

Referer
https://weare.montefiore.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
date
Sat, 17 Aug 2024 19:49:22 GMT
www-authenticate
OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
x-fb-server-load
44
x-fb-rev
1015764964
alt-svc
h3=":443"; ma=86400
content-length
251
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4623, tp=11, tpl=0, uplat=100, ullat=0
pragma
no-cache
x-fb-debug
Ypma4YXzJokkoMSRkUPdjVOX9uXqeFqvTDtfMSr0P+3XYHtKNXWXNMlyMcOPf0E56BNc4LQe/SlnzVZPklQaAw==
x-fb-trace-id
DVoK016gdcy
vary
Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-fb-request-id
AlkPy6hEjiHGLPLv2_t-27T
cache-control
no-store
facebook-api-version
v14.0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
favicon-629736f8b6e62e6d087c98c2b7574b435763bcd81f2ef6d94ca317742b8d7bc0.ico
assets.prod.us-east-1.advance.graduway.com/assets/ 		10 KB
11 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://assets.prod.us-east-1.advance.graduway.com/assets/favicon-629736f8b6e62e6d087c98c2b7574b435763bcd81f2ef6d94ca317742b8d7bc0.ico?v=20180117?v=20180117
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-67.fra50.r.cloudfront.net
Software
nginx/1.22.1 /
Resource Hash
629736f8b6e62e6d087c98c2b7574b435763bcd81f2ef6d94ca317742b8d7bc0

Request headers

Referer
https://weare.montefiore.org/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 07 Jul 2024 08:52:28 GMT
via
1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
last-modified
Tue, 30 Apr 2024 19:48:06 GMT
server
nginx/1.22.1
x-amz-cf-pop
FRA50-C1
age
3581814
etag
"66314af6-28de"
x-cache
Hit from cloudfront
content-type
image/x-icon
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
10462
x-amz-cf-id
_MosLl2mg4lUNHOyzSHz_NawuCMaqNJPkEyg43X7MK-h82xvIFskfA==
expires
Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| gon function| myUniqueJsonpFunction object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| $ function| jQuery object| ReactOnRails boolean| __REACT_ON_RAILS_EVENT_HANDLERS_RAN_ONCE__ number| 2f1acc6c3a606b082e5eef5e54414ffb function| _ function| Cropper object| $buoop function| $buo_f function| AnalyticsConstructor object| webpackChunkStripeJSouter function| noop function| Stripe object| $bu_ function| $buo function| $bu_getBrowser object| _buorgres

1 Cookies

Domain/Path Name / Value
weare.montefiore.org/ Name: _amplo_session
Value: Z3loREVDSXMrMGlEUW4zcTcxMGtCTU1vRVVNUERKNFQ1anczQzI1ZVNBUFNxU0xLNm55ZG81dmt1QlFOaEhNVEFBRmt4RFJGcmlqTW5vUVd2aTVhWkJNNXFVZDl0VFByNHUwWi83V3R6SXBGZDZZYk5adFJ5MGlhcTNEd2d0RllyMm16RW9FMHN4RHVNUEloVmNjaGV2b1M4Y2xXamhzV3FFdkpxVVQxcW9oeXdjc0lvbHg1ZEtBZ1lZY0NrSlFqLS1GQXcyYkEwVGE3ZnlySW4way9WRmpnPT0%3D--498ce51639bbff688619d3677c22bcd89330032b

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://weare.montefiore.org/users/sign_in
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.prod.us-east-1.advance.graduway.com
browser-update.org
fonts.googleapis.com
fonts.gstatic.com
graph.facebook.com
js.stripe.com
weare.montefiore.org
13.35.58.79
143.204.98.67
2600:9000:223c:2800:1d:266f:4440:93a1
2606:4700:20::ac43:45ce
2a00:1450:4001:80f::200a
2a00:1450:4001:830::2003
2a03:2880:f083:10e:face:b00c:0:2
089ca7c196871f14a5e353f41c417ef7bd6db262c7df9590a7f33e044f89c701
11c978bac7ebb0ade5b8432fc48a676c0e2276824b2f717bd25a8ba82be22778
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
30610c2015097bc9cfc66cd95f41b360b9053629c134aee9e200bbf016aa49f0
3c30e8146b24897b62a585508e358792d868df891ac1ad89d006583b430a46f2
53fe274b8ad2a491f3d8b6c0e5c4bf49ea3ccb590165572be49b920f26514c80
629736f8b6e62e6d087c98c2b7574b435763bcd81f2ef6d94ca317742b8d7bc0
7aa5c2b897778c5680849ce922dc77ecf24eb433472b89b8ca292eb213650d4b
7fae1c19dd828d7d5f3887690acf37837cb72c41b75d9eb03f7a30ba02602385
910c25fb33c1d1bd7d3d53efc02fa6c2e4d2442e0029f43eb388cb2edc2852e7
9a8364dad1c151156362a93903ed299fbeff8a50a53dc57b3011813f2865c194
aed226a20bef354fe7fa7b4eea049b79743eb10c3896ef337b3a5008895aba1c
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
d04ab8b0eccc5a02c228921fa6a2f9d90d55b992e114a85098f34254bd0d7736
d522b26d512e4e5f17cf147d42ee7963ea6a0502d55d1c592c2dbe399bfb5b10
e8a60891c4d1e0246ec3bbdfd75a34371de25370de2b05f418e7733979ffb597
f007177226114c28f4e873f44f630997571158b61d482a25b420fbbf25bc2f5f
f648fd88c8fd0198974b1c58c5390e9ec219cd19a61f90dbbdb435ff2610146d