reply.pon.harvard.edu Open in urlscan Pro
52.36.173.12 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://reply.pon.harvard.edu/dm?id=8E4C54FFF5532A0CDDE9602F6660F5B6051B5BE015513EF2
Submission: On September 03 via api (September 3rd 2023, 12:25:27 pm UTC) from ES — Scanned from ES

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 11 HTTP transactions. The main IP is 52.36.173.12, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is reply.pon.harvard.edu. The Cisco Umbrella rank of the primary domain is 593404.

This is the only time reply.pon.harvard.edu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	52.36.173.12 52.36.173.12	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
2	2600:9000:225... 2600:9000:225b:9000:19:35e0:7d40:93a1	16509 (AMAZON-02) (AMAZON-02)
4 8	192.124.249.56 192.124.249.56	30148 (SUCURI-SEC) (SUCURI-SEC)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
11	5

2 52.36.173.12 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-36-173-12.us-west-2.compute.amazonaws.com

reply.pon.harvard.edu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:225b:9000:19:35e0:7d40:93a1 (United States)

ASN16509 (AMAZON-02, US)

media.whatcounts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 192.124.249.56 (Menifee, United States) 4 redirects

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10056.sucuri.net

www.pon.harvard.edu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	harvard.edu 4 redirects reply.pon.harvard.edu — Cisco Umbrella Rank: 593404 www.pon.harvard.edu — Cisco Umbrella Rank: 306551	13 KB
2	gstatic.com fonts.gstatic.com	57 KB
2	whatcounts.com media.whatcounts.com — Cisco Umbrella Rank: 73901	34 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 41	977 B
11	4

	Domain	Requested by
8	www.pon.harvard.edu	4 redirects reply.pon.harvard.edu
2	fonts.gstatic.com	fonts.googleapis.com
2	media.whatcounts.com	reply.pon.harvard.edu
2	reply.pon.harvard.edu	reply.pon.harvard.edu
1	fonts.googleapis.com	reply.pon.harvard.edu
11	5

This site contains no links.

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://reply.pon.harvard.edu/dm?id=8E4C54FFF5532A0CDDE9602F6660F5B6051B5BE015513EF2
Frame ID: 37865197392A77C7617FB47A090C64E8
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Negotiation Events

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Page Statistics

11
Requests

27 %
HTTPS

60 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

102 kB
Transfer

122 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

http://www.pon.harvard.edu/wp-content/uploads/images/posts/nl-fb.gif HTTP 301
https://www.pon.harvard.edu/wp-content/uploads/images/posts/nl-fb.gif

Request Chain 3

http://www.pon.harvard.edu/wp-content/uploads/images/posts/nl-twitter.gif HTTP 301
https://www.pon.harvard.edu/wp-content/uploads/images/posts/nl-twitter.gif

Request Chain 4

http://www.pon.harvard.edu/wp-content/uploads/images/posts/nl-linkedin.gif HTTP 301
https://www.pon.harvard.edu/wp-content/uploads/images/posts/nl-linkedin.gif

Request Chain 5

http://www.pon.harvard.edu/wp-content/uploads/images/posts/nl-rss.gif HTTP 301
https://www.pon.harvard.edu/wp-content/uploads/images/posts/nl-rss.gif

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200 Primary Request dm Show response
reply.pon.harvard.edu/ 26 KB
6 KB 1821ms
254ms Document
text/html 52.36.173.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

http://reply.pon.harvard.edu/dm?id=8E4C54FFF5532A0CDDE9602F6660F5B6051B5BE015513EF2

Protocol

HTTP/1.1

Server

52.36.173.12 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-36-173-12.us-west-2.compute.amazonaws.com

Software

Resource Hash

dc61b2284a900f60bf852c83112e9d223433be1bdc5dc0c7ce845eea09edd578

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Sun, 03 Sep 2023 12:25:21 GMT
Keep-Alive: timeout=20
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
vary: accept-encoding

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
977 B 204ms
70ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Libre+Franklin:ital,wght@0,400;0,700;1,400;1,700&display=swap

Requested by

Host: reply.pon.harvard.edu
URL: http://reply.pon.harvard.edu/dm?id=8E4C54FFF5532A0CDDE9602F6660F5B6051B5BE015513EF2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3ffef880ca1bf27cd3c54f49bedf7888b9f8725505dfff5974b8bb5e655eb5a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://reply.pon.harvard.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 03 Sep 2023 12:25:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 03 Sep 2023 12:25:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 03 Sep 2023 12:25:22 GMT

GET
H/1.1 200
OK negotiation-leadership-executive-education.png
media.whatcounts.com/mequoda_ponharvard/nameplates-noborder/ 19 KB
19 KB 491ms
63ms Image
image/png 2600:9000:225b:9000:19:35e0:7d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://media.whatcounts.com/mequoda_ponharvard/nameplates-noborder/negotiation-leadership-executive-education.png?v1
Requested by: Host: reply.pon.harvard.edu
URL: http://reply.pon.harvard.edu/dm?id=8E4C54FFF5532A0CDDE9602F6660F5B6051B5BE015513EF2
Protocol: HTTP/1.1
Server: 2600:9000:225b:9000:19:35e0:7d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd528e1f6dac4d02265bae795ee8ffe2b9ad9049378b8797c2870d639cb62aaf

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://reply.pon.harvard.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Sun, 03 Sep 2023 12:02:12 GMT
Via: 1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
Last-Modified: Mon, 01 Nov 2021 19:33:16 GMT
Server: AmazonS3
X-Amz-Cf-Pop: MUC50-P1
Age: 13823
ETag: "a2f4e95de95aa90376b2d32a572c76d4"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: image/png
x-amz-meta-md5-hash: a2f4e95de95aa90376b2d32a572c76d4
Connection: keep-alive
Content-Length: 19434
X-Amz-Cf-Id: HycGa3fH2T4fquql2v7gaXGMWyVxcU31aqLQLHSbP4oXSRZ8EajFTQ==

GET
H2

200

nl-fb.gif
www.pon.harvard.edu/wp-content/uploads/images/posts/
Redirect Chain

http://www.pon.harvard.edu/wp-content/uploads/images/posts/nl-fb.gif
https://www.pon.harvard.edu/wp-content/uploads/images/posts/nl-fb.gif

207 B
743 B

167ms
54ms

Image
image/gif

192.124.249.56
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pon.harvard.edu/wp-content/uploads/images/posts/nl-fb.gif

Requested by

Host: reply.pon.harvard.edu
URL: http://reply.pon.harvard.edu/dm?id=8E4C54FFF5532A0CDDE9602F6660F5B6051B5BE015513EF2

Protocol

Server

192.124.249.56 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10056.sucuri.net

Software

nginx /

Resource Hash

ece984cb319165dd7c96fe29a1c979f1e5e4007830ee4425cd0001753bef8b82

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://reply.pon.harvard.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 12:25:21 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
via: 1.1 6cd1874959ee48e26855209aa18a4014.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P7
x-cache: RefreshHit from cloudfront
x-sucuri-cache: HIT
content-length: 207
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 16 Dec 2014 18:30:20 GMT
server: nginx
etag: "cf-50a598d260700"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=315360000
x-sucuri-id: 13006
accept-ranges: bytes
x-amz-cf-id: j6XBhUtWcXKOZsU8AZbsG-EcATGjX-qdbUt3jX9bQiFF_07tqexvHg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Date: Sun, 03 Sep 2023 12:25:21 GMT
Via: 1.1 06b0ae3f7e31c86dd483b6af7dc0cc98.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: LHR50-P7
X-Cache: Redirect from cloudfront
X-Sucuri-Cache: HIT
Connection: keep-alive
Content-Length: 167
X-XSS-Protection: 1; mode=block
Server: Sucuri/Cloudproxy
X-Frame-Options: SAMEORIGIN
Content-Type: text/html
Location: https://www.pon.harvard.edu/wp-content/uploads/images/posts/nl-fb.gif
Cache-Control: max-age=315360000
X-Sucuri-ID: 13006
X-Amz-Cf-Id: 3ksYEKt6EaS0VbD9qail_k2HRp6jtacNR21lCACyCyiD-iS5XQRF2w==
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

nl-twitter.gif
www.pon.harvard.edu/wp-content/uploads/images/posts/
Redirect Chain

http://www.pon.harvard.edu/wp-content/uploads/images/posts/nl-twitter.gif
https://www.pon.harvard.edu/wp-content/uploads/images/posts/nl-twitter.gif

577 B
1 KB

167ms
55ms

Image
image/gif

192.124.249.56
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pon.harvard.edu/wp-content/uploads/images/posts/nl-twitter.gif

Requested by

Host: reply.pon.harvard.edu
URL: http://reply.pon.harvard.edu/dm?id=8E4C54FFF5532A0CDDE9602F6660F5B6051B5BE015513EF2

Protocol

Server

192.124.249.56 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10056.sucuri.net

Software

nginx /

Resource Hash

81a53c364fb94385f0397bbfe6475c89bad2c18b9d9cd9178cdcb730cc44b688

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://reply.pon.harvard.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 12:25:21 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
via: 1.1 d5915fbf562d36d8917411262c8cd60a.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P7
x-cache: Miss from cloudfront
x-sucuri-cache: HIT
content-length: 577
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 16 Dec 2014 18:30:22 GMT
server: nginx
etag: "241-50a598d448b80"
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: max-age=315360000
x-sucuri-id: 13006
accept-ranges: bytes
x-amz-cf-id: JiQJ3jqyU4kKmhF1sxgVuJ2KzWdaZqeSJBh2I5Hj2FOXHGWUy9lGVw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Date: Sun, 03 Sep 2023 12:25:21 GMT
Via: 1.1 06b0ae3f7e31c86dd483b6af7dc0cc98.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: LHR50-P7
X-Cache: Redirect from cloudfront
X-Sucuri-Cache: HIT
Connection: keep-alive
Content-Length: 167
X-XSS-Protection: 1; mode=block
Server: Sucuri/Cloudproxy
X-Frame-Options: SAMEORIGIN
Content-Type: text/html
Location: https://www.pon.harvard.edu/wp-content/uploads/images/posts/nl-twitter.gif
Cache-Control: max-age=315360000
X-Sucuri-ID: 13006
X-Amz-Cf-Id: KdDLV09nVpt4aeWtnk3QFnw4B-E69x-eXJ57uvAE94SwpCh7BA7OIA==
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

nl-linkedin.gif
www.pon.harvard.edu/wp-content/uploads/images/posts/
Redirect Chain

http://www.pon.harvard.edu/wp-content/uploads/images/posts/nl-linkedin.gif
https://www.pon.harvard.edu/wp-content/uploads/images/posts/nl-linkedin.gif

332 B
847 B

166ms
53ms

Image
image/gif

192.124.249.56
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pon.harvard.edu/wp-content/uploads/images/posts/nl-linkedin.gif

Requested by

Host: reply.pon.harvard.edu
URL: http://reply.pon.harvard.edu/dm?id=8E4C54FFF5532A0CDDE9602F6660F5B6051B5BE015513EF2

Protocol

Server

192.124.249.56 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10056.sucuri.net

Software

nginx /

Resource Hash

9dc26bd80eba4b187ba751345000c61bd5d2535b6f5cd09636fb725dfb2032ec

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://reply.pon.harvard.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 12:25:21 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
via: 1.1 3d8e500d44b557879a1086daf1dc3aaa.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P7
x-cache: Hit from cloudfront
x-sucuri-cache: HIT
content-length: 332
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 16 Dec 2014 18:30:20 GMT
server: nginx
etag: "14c-50a598d260700"
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: max-age=315360000
x-sucuri-id: 13006
accept-ranges: bytes
x-amz-cf-id: 2jKTF0FPZ_-hTse5t7DUokSOr6sfE7s9BG_STWz9nG_ZKZM60BaWUw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Date: Sun, 03 Sep 2023 12:25:21 GMT
Via: 1.1 04fe04d0bfd79ff9f6c08102e28077b0.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: LHR50-P7
X-Cache: Redirect from cloudfront
X-Sucuri-Cache: HIT
Connection: keep-alive
Content-Length: 167
X-XSS-Protection: 1; mode=block
Server: Sucuri/Cloudproxy
X-Frame-Options: SAMEORIGIN
Content-Type: text/html
Location: https://www.pon.harvard.edu/wp-content/uploads/images/posts/nl-linkedin.gif
Cache-Control: max-age=315360000
X-Sucuri-ID: 13006
X-Amz-Cf-Id: bbct1DZR8qt7M6h1OtHRMH5aQfvcYmbR4yKwYqLuVjGYGLwN-DMjcQ==
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

nl-rss.gif
www.pon.harvard.edu/wp-content/uploads/images/posts/
Redirect Chain

http://www.pon.harvard.edu/wp-content/uploads/images/posts/nl-rss.gif
https://www.pon.harvard.edu/wp-content/uploads/images/posts/nl-rss.gif

599 B
1 KB

167ms
56ms

Image
image/gif

192.124.249.56
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pon.harvard.edu/wp-content/uploads/images/posts/nl-rss.gif

Requested by

Host: reply.pon.harvard.edu
URL: http://reply.pon.harvard.edu/dm?id=8E4C54FFF5532A0CDDE9602F6660F5B6051B5BE015513EF2

Protocol

Server

192.124.249.56 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10056.sucuri.net

Software

nginx /

Resource Hash

0d4fab772ad26a1f7204b9386b679256f8203d5b81dfd90141696821a3edd32b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://reply.pon.harvard.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 12:25:21 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
via: 1.1 0ea60c2157824130f5eeca7d62a81d62.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P7
age: 1
x-cache: Hit from cloudfront
x-sucuri-cache: HIT
content-length: 599
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 16 Dec 2014 18:30:19 GMT
server: nginx
etag: "257-50a598d16c4c0"
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: max-age=315360000
x-sucuri-id: 13006
accept-ranges: bytes
x-amz-cf-id: 5ERQlRI81Er3EDEXGB7RamypIu-tswD98d5kEeY87UK-pnFQkNHLaA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Date: Sun, 03 Sep 2023 12:25:21 GMT
Via: 1.1 06b0ae3f7e31c86dd483b6af7dc0cc98.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: LHR50-P7
X-Cache: Redirect from cloudfront
X-Sucuri-Cache: HIT
Connection: keep-alive
Content-Length: 167
X-XSS-Protection: 1; mode=block
Server: Sucuri/Cloudproxy
X-Frame-Options: SAMEORIGIN
Content-Type: text/html
Location: https://www.pon.harvard.edu/wp-content/uploads/images/posts/nl-rss.gif
Cache-Control: max-age=315360000
X-Sucuri-ID: 13006
X-Amz-Cf-Id: puQ2K_TGBMA-wnOgkQeivoqQFGY690ZkeUBAaxqwahP_arm-kAi7Vg==
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK pon-nameplate.png
media.whatcounts.com/mequoda_ponharvard/footer/ 14 KB
14 KB 497ms
67ms Image
image/png 2600:9000:225b:9000:19:35e0:7d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://media.whatcounts.com/mequoda_ponharvard/footer/pon-nameplate.png
Requested by: Host: reply.pon.harvard.edu
URL: http://reply.pon.harvard.edu/dm?id=8E4C54FFF5532A0CDDE9602F6660F5B6051B5BE015513EF2
Protocol: HTTP/1.1
Server: 2600:9000:225b:9000:19:35e0:7d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d266ae525c5a7d186a18bb57de65c2ae76646ce62b6243170b452afbb45d0409

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://reply.pon.harvard.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Sun, 03 Sep 2023 00:04:16 GMT
Via: 1.1 1a45d1e1304c39dfa9b034c2308f4976.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Mar 2022 16:19:02 GMT
Server: AmazonS3
X-Amz-Cf-Pop: MUC50-P1
Age: 44467
ETag: "3007b065f2502e9640672c4bd685e3df"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: image/png
x-amz-meta-md5-hash: 3007b065f2502e9640672c4bd685e3df
Connection: keep-alive
Content-Length: 13847
X-Amz-Cf-Id: HEdwlWcYlauBi5YOleWpSm2JEQpjfNzrhUk-N0soqTK2f4y6r_irXA==

GET
H/1.1 200 t
reply.pon.harvard.edu/ 49 B
387 B 192ms
191ms Image
image/gif 52.36.173.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://reply.pon.harvard.edu/t?c=4154628&r=1936&l=57378&t=10&e=8E4C54FFF5532A0CDDE9602F6660F5B6051B5BE015513EF2

Requested by

Host: reply.pon.harvard.edu
URL: http://reply.pon.harvard.edu/dm?id=8E4C54FFF5532A0CDDE9602F6660F5B6051B5BE015513EF2

Protocol

HTTP/1.1

Server

52.36.173.12 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-36-173-12.us-west-2.compute.amazonaws.com

Software

Resource Hash

2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: es-ES,es;q=0.9
Referer: http://reply.pon.harvard.edu/dm?id=8E4C54FFF5532A0CDDE9602F6660F5B6051B5BE015513EF2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Sun, 03 Sep 2023 12:25:21 GMT
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif;charset=UTF-8
P3P: CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND COM NAV INT"
Connection: keep-alive
Keep-Alive: timeout=20
X-XSS-Protection: 1; mode=block

GET
H2 200 jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2
fonts.gstatic.com/s/librefranklin/v13/ 27 KB
27 KB 186ms
59ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librefranklin/v13/jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Libre+Franklin:ital,wght@0,400;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c5b68b3ae23054815d89c5a2230ad7edf2d4b68732b4463d6be74cacb974055

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://reply.pon.harvard.edu
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 15:22:59 GMT
x-content-type-options: nosniff
age: 162143
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27268
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:56:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 31 Aug 2024 15:22:59 GMT

GET
H2 200 jizBREVItHgc8qDIbSTKq4XkRiUa6zUTjg.woff2
fonts.gstatic.com/s/librefranklin/v13/ 30 KB
30 KB 250ms
124ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librefranklin/v13/jizBREVItHgc8qDIbSTKq4XkRiUa6zUTjg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Libre+Franklin:ital,wght@0,400;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

efe16fd64edb961d670fd35ee4a211ec22cb9e2fa6850cbbf13464dace1b39e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://reply.pon.harvard.edu
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 15:19:40 GMT
x-content-type-options: nosniff
age: 162342
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30628
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:55:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 31 Aug 2024 15:19:40 GMT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
media.whatcounts.com
reply.pon.harvard.edu
www.pon.harvard.edu
192.124.249.56
2600:9000:225b:9000:19:35e0:7d40:93a1
2a00:1450:4001:80e::2003
2a00:1450:4001:81c::200a
52.36.173.12
0c5b68b3ae23054815d89c5a2230ad7edf2d4b68732b4463d6be74cacb974055
0d4fab772ad26a1f7204b9386b679256f8203d5b81dfd90141696821a3edd32b
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3ffef880ca1bf27cd3c54f49bedf7888b9f8725505dfff5974b8bb5e655eb5a7
81a53c364fb94385f0397bbfe6475c89bad2c18b9d9cd9178cdcb730cc44b688
9dc26bd80eba4b187ba751345000c61bd5d2535b6f5cd09636fb725dfb2032ec
bd528e1f6dac4d02265bae795ee8ffe2b9ad9049378b8797c2870d639cb62aaf
d266ae525c5a7d186a18bb57de65c2ae76646ce62b6243170b452afbb45d0409
dc61b2284a900f60bf852c83112e9d223433be1bdc5dc0c7ce845eea09edd578
ece984cb319165dd7c96fe29a1c979f1e5e4007830ee4425cd0001753bef8b82
efe16fd64edb961d670fd35ee4a211ec22cb9e2fa6850cbbf13464dace1b39e2

reply.pon.harvard.edu Open in urlscan Pro 52.36.173.12 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

11 Requests

27 %HTTPS

60 %IPv6

4 Domains

5 Subdomains

5 IPs

2 Countries

102 kBTransfer

122 kBSize

0 Cookies

0 Outgoing links

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

reply.pon.harvard.edu Open in urlscan Pro
52.36.173.12 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

27 %
HTTPS

60 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

102 kB
Transfer

122 kB
Size

0
Cookies

11 HTTP transactions
0 data transactions