fs.uwlax.edu Open in urlscan Pro
138.49.102.235 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://uwlax.evidence.com/
Effective URL:
https://fs.uwlax.edu/adfs/ls/?RelayState=ZI5vS8MwGMS%2FS6F91y1p2vkHgohTUFiVrtXVNyVNnrmwtCnpU50Vv7vRt8Lx4zgO7r6CAnByfe...
Submission: On March 21 via manual (March 21st 2022, 8:25:00 pm UTC) from US — Scanned from DE

Summary HTTP 20 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 4 IPs in 1 countries across 3 domains to perform 20 HTTP transactions. The main IP is 138.49.102.235, located in La Crosse, United States and belongs to BRUWS-AS3128, US. The main domain is fs.uwlax.edu.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on October 29th 2021. Valid for: a year.

This is the only time fs.uwlax.edu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 11	52.227.176.143 52.227.176.143	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 9	52.227.251.71 52.227.251.71	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	138.49.102.235 138.49.102.235	3128 (BRUWS-AS3128) (BRUWS-AS3128)
20	4

11 52.227.176.143 (Boydton, United States) 3 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: us1ge1-2.evidence.com

uwlax.evidence.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.227.251.71 (Boydton, United States) 2 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

id.evidence.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.49.102.235 (La Crosse, United States)

ASN3128 (BRUWS-AS3128, US)
PTR: fs.uwlax.edu

fs.uwlax.edu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	evidence.com 5 redirects uwlax.evidence.com id.evidence.com — Cisco Umbrella Rank: 133973	3 MB
4	uwlax.edu fs.uwlax.edu	747 KB
0	mixpanel.com Failed api-js.mixpanel.com Failed
20	3

	Domain	Requested by
11	uwlax.evidence.com	3 redirects uwlax.evidence.com
9	id.evidence.com	2 redirects uwlax.evidence.com id.evidence.com
4	fs.uwlax.edu	id.evidence.com fs.uwlax.edu
0	api-js.mixpanel.com Failed	id.evidence.com
20	4

This site contains links to these domains. Also see Links.

Domain
kb.uwlax.edu
www.uwlax.edu

Subject Issuer	Validity	Valid
*.evidence.com RapidSSL TLS RSA CA G1	`2020-05-13` - `2022-06-12`	2 years	crt.sh
*.uwlax.edu DigiCert SHA2 Secure Server CA	`2021-10-29` - `2022-11-27`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://fs.uwlax.edu/adfs/ls/?RelayState=ZI5vS8MwGMS%2FS6F91y1p2vkHgohTUFiVrtXVNyVNnrmwtCnpU50Vv7vRt8Lx4zgO7r6CAnByfeVMcBksrZjwsPyFdXqGqxEFAt%2BUNcnntyxf32ebsmL5DX2tj8870d3O2wQfBCkeX3Y1KagZ8%2BrEnkoSsnWkbCd0z6cPI04LeNcKegkLabvIgdIOJDaT0%2FyAOIwhuw6TO6%2F%2FbR%2BKQXv%2BnUu8kcKYVshjJI2GHhutOKUsSVUiYppBG6dUQdxeqDben69SsmL7rD1jfnYcbD9Cg58DcGkVBN8%2FAAAA%2F%2F8%3D&SAMLRequest=fJFNa8MwDIbv%2BxXBd%2BfDSbpEtIFCGQS2MbbRw26aq9JAYmeRsnX%2Ffmm6Q3upT0a8fh5JXjJ2bQ%2FrUQ7ulb5GYgnqzUo1O52l94mlRaHz6aazz6TUBeWoF5gUBuOkNHavgi0N3Hi3UiaMVVAzj1Q7FnQylWJjdJxqk7ybGEwGeRqmWZkU5YcKjl3rGGb9So2DA4%2FcMDjsiEEsvK2fHmGCQj948da3%2F09uhzsS3KGgqu6C%2BSxPBpj7Gi6ctynITINMY6nqINIzRNH40%2BIxpO9mR85SaH23jC7QV7oenidkvXnxbWN%2Fgwc%2FdCi3jafKtPP9HIX%2BtFQWcqKiM%2Fksu%2F6o6g8AAP%2F%2F
Frame ID: CC4225603D36B0F9EAF4C686A7A4B001
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Anmelden

Page URL History Show full URLs

http://uwlax.evidence.com/ HTTP 301
https://uwlax.evidence.com/ HTTP 302
https://uwlax.evidence.com/?class=UIX&proc=Login Page URL
https://uwlax.evidence.com/api/oauth2/login?redirect_uri=%2Faxon%2Fdashboard HTTP 302
https://id.evidence.com/oauth/authorize?state=MTY0Nzg5NDI5MTU3NC1ZYkVXamEzS2tJa0ROWXY0R1lsNUx3PT0%3D... HTTP 302
https://id.evidence.com/login?domain=uwlax.evidence.com&redirect_uri=%2Foauth%2Fauthorize%3Fstate%3D... Page URL
https://id.evidence.com/api/login/sso/saml?domain=uwlax.evidence.com&redirect_uri=%2Foauth%2Fauthori... HTTP 302
https://fs.uwlax.edu/adfs/ls/?RelayState=ZI5vS8MwGMS%2FS6F91y1p2vkHgohTUFiVrtXVNyVNnrmwtCnpU50Vv7... Page URL

Page Statistics

20
Requests

95 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

4
IPs

1
Countries

3410 kB
Transfer

4019 kB
Size

4
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://kb.uwlax.edu/93640
Title: Trouble logging in?

Search URL Search Domain Scan URL

URL: http://www.uwlax.edu/home/
Title: Home

Search URL Search Domain Scan URL

URL: http://www.uwlax.edu/its/eagle-help-desk/
Title: Help

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://uwlax.evidence.com/ HTTP 301
https://uwlax.evidence.com/ HTTP 302
https://uwlax.evidence.com/?class=UIX&proc=Login Page URL
https://uwlax.evidence.com/api/oauth2/login?redirect_uri=%2Faxon%2Fdashboard HTTP 302
https://id.evidence.com/oauth/authorize?state=MTY0Nzg5NDI5MTU3NC1ZYkVXamEzS2tJa0ROWXY0R1lsNUx3PT0%3D&domain=uwlax.evidence.com&redirect_uri=https%3A%2F%2Fuwlax.evidence.com%2Fapi%2Foauth2%2Fcallback&client_id=11324d2a-15eb-41de-b9db-f864063f5b73&response_type=code HTTP 302
https://id.evidence.com/login?domain=uwlax.evidence.com&redirect_uri=%2Foauth%2Fauthorize%3Fstate%3DMTY0Nzg5NDI5MTU3NC1ZYkVXamEzS2tJa0ROWXY0R1lsNUx3PT0%253D%26domain%3Duwlax.evidence.com%26redirect_uri%3Dhttps%253A%252F%252Fuwlax.evidence.com%252Fapi%252Foauth2%252Fcallback%26client_id%3D11324d2a-15eb-41de-b9db-f864063f5b73%26response_type%3Dcode Page URL
https://id.evidence.com/api/login/sso/saml?domain=uwlax.evidence.com&redirect_uri=%2Foauth%2Fauthorize%3Fstate%3DMTY0Nzg5NDI5MTU3NC1ZYkVXamEzS2tJa0ROWXY0R1lsNUx3PT0%253D%26domain%3Duwlax.evidence.com%26redirect_uri%3Dhttps%253A%252F%252Fuwlax.evidence.com%252Fapi%252Foauth2%252Fcallback%26client_id%3D11324d2a-15eb-41de-b9db-f864063f5b73%26response_type%3Dcode HTTP 302
https://fs.uwlax.edu/adfs/ls/?RelayState=ZI5vS8MwGMS%2FS6F91y1p2vkHgohTUFiVrtXVNyVNnrmwtCnpU50Vv7vRt8Lx4zgO7r6CAnByfeVMcBksrZjwsPyFdXqGqxEFAt%2BUNcnntyxf32ebsmL5DX2tj8870d3O2wQfBCkeX3Y1KagZ8%2BrEnkoSsnWkbCd0z6cPI04LeNcKegkLabvIgdIOJDaT0%2FyAOIwhuw6TO6%2F%2FbR%2BKQXv%2BnUu8kcKYVshjJI2GHhutOKUsSVUiYppBG6dUQdxeqDben69SsmL7rD1jfnYcbD9Cg58DcGkVBN8%2FAAAA%2F%2F8%3D&SAMLRequest=fJFNa8MwDIbv%2BxXBd%2BfDSbpEtIFCGQS2MbbRw26aq9JAYmeRsnX%2Ffmm6Q3upT0a8fh5JXjJ2bQ%2FrUQ7ulb5GYgnqzUo1O52l94mlRaHz6aazz6TUBeWoF5gUBuOkNHavgi0N3Hi3UiaMVVAzj1Q7FnQylWJjdJxqk7ybGEwGeRqmWZkU5YcKjl3rGGb9So2DA4%2FcMDjsiEEsvK2fHmGCQj948da3%2F09uhzsS3KGgqu6C%2BSxPBpj7Gi6ctynITINMY6nqINIzRNH40%2BIxpO9mR85SaH23jC7QV7oenidkvXnxbWN%2Fgwc%2FdCi3jafKtPP9HIX%2BtFQWcqKiM%2Fksu%2F6o6g8AAP%2F%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://uwlax.evidence.com/ HTTP 301
https://uwlax.evidence.com/ HTTP 302
https://uwlax.evidence.com/?class=UIX&proc=Login

Request Chain 8

https://uwlax.evidence.com/api/oauth2/login?redirect_uri=%2Faxon%2Fdashboard HTTP 302
https://id.evidence.com/oauth/authorize?state=MTY0Nzg5NDI5MTU3NC1ZYkVXamEzS2tJa0ROWXY0R1lsNUx3PT0%3D&domain=uwlax.evidence.com&redirect_uri=https%3A%2F%2Fuwlax.evidence.com%2Fapi%2Foauth2%2Fcallback&client_id=11324d2a-15eb-41de-b9db-f864063f5b73&response_type=code HTTP 302
https://id.evidence.com/login?domain=uwlax.evidence.com&redirect_uri=%2Foauth%2Fauthorize%3Fstate%3DMTY0Nzg5NDI5MTU3NC1ZYkVXamEzS2tJa0ROWXY0R1lsNUx3PT0%253D%26domain%3Duwlax.evidence.com%26redirect_uri%3Dhttps%253A%252F%252Fuwlax.evidence.com%252Fapi%252Foauth2%252Fcallback%26client_id%3D11324d2a-15eb-41de-b9db-f864063f5b73%26response_type%3Dcode

20 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
uwlax.evidence.com/
Redirect Chain

http://uwlax.evidence.com/
https://uwlax.evidence.com/
https://uwlax.evidence.com/?class=UIX&proc=Login

6 KB
3 KB

162ms
162ms

Document
text/html

52.227.176.143
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://uwlax.evidence.com/?class=UIX&proc=Login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.227.176.143 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

us1ge1-2.evidence.com

Software

nginx /

Resource Hash

d663a83ab5dcc1207ce28776e974e341aed5d6c406e877f28630089122bfb36b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx
Date: Mon, 21 Mar 2022 20:24:44 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, no-store
content-encoding: gzip
vary: Accept-Encoding
x-server: HTP001
Strict-Transport-Security: max-age=31536000
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff

Redirect headers

Server: nginx
Date: Mon, 21 Mar 2022 20:24:44 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, no-store
location: /?class=UIX&proc=Login
x-server: HTP001
Strict-Transport-Security: max-age=31536000
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK styles_less_css.min.css
uwlax.evidence.com/html/uix/compiled/ 136 KB
40 KB 197ms
196ms Stylesheet
text/css 52.227.176.143
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://uwlax.evidence.com/html/uix/compiled/styles_less_css.min.css?version=2022.2.0-release-2022-02-28759

Requested by

Host: uwlax.evidence.com
URL: https://uwlax.evidence.com/?class=UIX&proc=Login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.227.176.143 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

us1ge1-2.evidence.com

Software

nginx /

Resource Hash

131dff2e137fdb8d03831b9e5fe894f947d4831707cf251be2281693adb9e146

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uwlax.evidence.com/?class=UIX&proc=Login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 20:24:44 GMT
content-encoding: gzip
X-Content-Type-Options: nosniff
last-modified: Thu, 17 Feb 2022 18:17:40 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: text/css; charset=utf-8
cache-control: max-age=86400, private
x-server: HTP001
Strict-Transport-Security: max-age=31536000
accept-ranges: bytes
vary: Accept-Encoding
Content-Length: 40542
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK third_party_js.min.js Show response
uwlax.evidence.com/html/uix/compiled/ 307 KB
97 KB 399ms
208ms Script
application/javascript 52.227.176.143
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://uwlax.evidence.com/html/uix/compiled/third_party_js.min.js?version=2022.2.0-release-2022-02-28759

Requested by

Host: uwlax.evidence.com
URL: https://uwlax.evidence.com/?class=UIX&proc=Login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.227.176.143 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

us1ge1-2.evidence.com

Software

nginx /

Resource Hash

de27d233736d66665e51fbf61fbdc88e63370860d68dfc1b5fda1caa487ead10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uwlax.evidence.com/?class=UIX&proc=Login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 20:24:45 GMT
content-encoding: gzip
X-Content-Type-Options: nosniff
last-modified: Thu, 17 Feb 2022 18:17:06 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
cache-control: max-age=86400, private
x-server: HTP001
Strict-Transport-Security: max-age=31536000
accept-ranges: bytes
vary: Accept-Encoding
Content-Length: 99097
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK libphonenumber.min.js Show response
uwlax.evidence.com/html/uix/compiled/ 165 KB
44 KB 487ms
296ms Script
application/javascript 52.227.176.143
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://uwlax.evidence.com/html/uix/compiled/libphonenumber.min.js?version=2022.2.0-release-2022-02-28759

Requested by

Host: uwlax.evidence.com
URL: https://uwlax.evidence.com/?class=UIX&proc=Login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.227.176.143 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

us1ge1-2.evidence.com

Software

nginx /

Resource Hash

317653b1c52cff4aa7ef544abd26c94f01aa7b15c77d964bd3cd1cd77a720404

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uwlax.evidence.com/?class=UIX&proc=Login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 20:24:45 GMT
content-encoding: gzip
X-Content-Type-Options: nosniff
last-modified: Thu, 17 Feb 2022 18:17:20 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
cache-control: max-age=86400, private
x-server: HTP001
Strict-Transport-Security: max-age=31536000
accept-ranges: bytes
vary: Accept-Encoding
Content-Length: 45023
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK index.aspx
uwlax.evidence.com/html/uix/ 185 KB
62 KB 6503ms
6312ms Script
application/javascript 52.227.176.143
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://uwlax.evidence.com/html/uix/index.aspx?class=UIX&proc=GetLanguageStrings&lang=en-us&cache=2022.2.0-release-2022-02-28759

Requested by

Host: uwlax.evidence.com
URL: https://uwlax.evidence.com/?class=UIX&proc=Login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.227.176.143 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

us1ge1-2.evidence.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uwlax.evidence.com/?class=UIX&proc=Login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 20:24:51 GMT
content-encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
X-Frame-Options: SAMEORIGIN
vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
cache-control: public, max-age=1296000
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000
x-server: HTP001
X-XSS-Protection: 1; mode=block
expires: Tue, 05 Apr 2022 20:24:51 GMT

GET
H/1.1 200
OK common_not_logged_in_js.min.js Show response
uwlax.evidence.com/html/uix/compiled/ 84 KB
24 KB 394ms
202ms Script
application/javascript 52.227.176.143
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://uwlax.evidence.com/html/uix/compiled/common_not_logged_in_js.min.js?version=2022.2.0-release-2022-02-28759

Requested by

Host: uwlax.evidence.com
URL: https://uwlax.evidence.com/?class=UIX&proc=Login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.227.176.143 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

us1ge1-2.evidence.com

Software

nginx /

Resource Hash

5bb76d89ff3d286302793b7caf27f308deb428cabf18a21b83917d0f22bf2299

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uwlax.evidence.com/?class=UIX&proc=Login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 20:24:45 GMT
content-encoding: gzip
X-Content-Type-Options: nosniff
last-modified: Thu, 17 Feb 2022 18:17:26 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
cache-control: max-age=86400, private
x-server: HTP001
Strict-Transport-Security: max-age=31536000
accept-ranges: bytes
vary: Accept-Encoding
Content-Length: 23923
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Axon-Evidence.com.svg
uwlax.evidence.com/html/uix/images/ 3 KB
4 KB 113ms
113ms Image
image/svg+xml 52.227.176.143
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://uwlax.evidence.com/html/uix/images/Axon-Evidence.com.svg

Requested by

Host: uwlax.evidence.com
URL: https://uwlax.evidence.com/?class=UIX&proc=Login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.227.176.143 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

us1ge1-2.evidence.com

Software

nginx /

Resource Hash

da31bcecbc2f4423deb7424f1fcf10c852729b71e6053ec41e19065b300c17bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uwlax.evidence.com/?class=UIX&proc=Login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 20:24:45 GMT
X-Content-Type-Options: nosniff
last-modified: Thu, 17 Feb 2022 18:15:16 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: image/svg+xml
cache-control: max-age=86400, private
x-server: HTP001
Strict-Transport-Security: max-age=31536000
accept-ranges: bytes
Content-Length: 3353
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK logo.png
uwlax.evidence.com/html/uix/images/ 2 KB
2 KB 207ms
207ms Image
image/png 52.227.176.143
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://uwlax.evidence.com/html/uix/images/logo.png

Requested by

Host: uwlax.evidence.com
URL: https://uwlax.evidence.com/?class=UIX&proc=Login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.227.176.143 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

us1ge1-2.evidence.com

Software

nginx /

Resource Hash

64bef2eb1dfb1a542d93a8150bbc01eff2fc58944b13ff23398c409f86fec172

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uwlax.evidence.com/?class=UIX&proc=Login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 20:24:45 GMT
X-Content-Type-Options: nosniff
last-modified: Thu, 17 Feb 2022 18:15:16 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: image/png
cache-control: max-age=86400, private
x-server: HTP001
Strict-Transport-Security: max-age=31536000
accept-ranges: bytes
Content-Length: 1971
X-XSS-Protection: 1; mode=block

GET
H2

200

https://uwlax.evidence.com/api/oauth2/login?redirect_uri=%2Faxon%2Fdashboard
https://id.evidence.com/oauth/authorize?state=MTY0Nzg5NDI5MTU3NC1ZYkVXamEzS2tJa0ROWXY0R1lsNUx3PT0%3D&domain=uwlax.evidence.com&redirect_uri=https%3A%2F%2Fuwlax.evidence.com%2Fapi%2Foauth2%2Fcallbac...
https://id.evidence.com/login?domain=uwlax.evidence.com&redirect_uri=%2Foauth%2Fauthorize%3Fstate%3DMTY0Nzg5NDI5MTU3NC1ZYkVXamEzS2tJa0ROWXY0R1lsNUx3PT0%253D%26domain%3Duwlax.evidence.com%26redirect...

688 B
854 B

98ms
98ms

Document
text/html

52.227.251.71
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://id.evidence.com/login?domain=uwlax.evidence.com&redirect_uri=%2Foauth%2Fauthorize%3Fstate%3DMTY0Nzg5NDI5MTU3NC1ZYkVXamEzS2tJa0ROWXY0R1lsNUx3PT0%253D%26domain%3Duwlax.evidence.com%26redirect_uri%3Dhttps%253A%252F%252Fuwlax.evidence.com%252Fapi%252Foauth2%252Fcallback%26client_id%3D11324d2a-15eb-41de-b9db-f864063f5b73%26response_type%3Dcode

Requested by

Host: uwlax.evidence.com
URL: https://uwlax.evidence.com/?class=UIX&proc=Login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.227.251.71 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

7f158eb6ef3a2a147904154abe186b7cc20d4aa745d25722d03bb0b677297953

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://uwlax.evidence.com/?class=UIX&proc=Login

Response headers

date: Mon, 21 Mar 2022 20:24:52 GMT
content-type: text/html
content-length: 688
last-modified: Wed, 16 Mar 2022 06:19:27 GMT
etag: "6231816f-2b0"
cache-control: no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
accept-ranges: bytes
strict-transport-security: max-age=15724800; includeSubDomains
x-envoy-upstream-service-time: 0
server: istio-envoy

Redirect headers

date: Mon, 21 Mar 2022 20:24:51 GMT
content-length: 0
vary: Accept
location: /login?domain=uwlax.evidence.com&redirect_uri=%2Foauth%2Fauthorize%3Fstate%3DMTY0Nzg5NDI5MTU3NC1ZYkVXamEzS2tJa0ROWXY0R1lsNUx3PT0%253D%26domain%3Duwlax.evidence.com%26redirect_uri%3Dhttps%253A%252F%252Fuwlax.evidence.com%252Fapi%252Foauth2%252Fcallback%26client_id%3D11324d2a-15eb-41de-b9db-f864063f5b73%26response_type%3Dcode
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=15724800; includeSubDomains
x-envoy-upstream-service-time: 12
server: istio-envoy

GET
H2 200 lib.435fb253d525da64ca36.js Show response
id.evidence.com/axon/assets/login/ 1020 KB
1021 KB 99ms
98ms Script
application/javascript 52.227.251.71
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://id.evidence.com/axon/assets/login/lib.435fb253d525da64ca36.js

Requested by

Host: id.evidence.com
URL: https://id.evidence.com/login?domain=uwlax.evidence.com&redirect_uri=%2Foauth%2Fauthorize%3Fstate%3DMTY0Nzg5NDI5MTU3NC1ZYkVXamEzS2tJa0ROWXY0R1lsNUx3PT0%253D%26domain%3Duwlax.evidence.com%26redirect_uri%3Dhttps%253A%252F%252Fuwlax.evidence.com%252Fapi%252Foauth2%252Fcallback%26client_id%3D11324d2a-15eb-41de-b9db-f864063f5b73%26response_type%3Dcode

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.227.251.71 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

bd828ff88f79308dbd52b585ab4054c17a7c72d57c40715e1451cb54325a77ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://id.evidence.com/login?domain=uwlax.evidence.com&redirect_uri=%2Foauth%2Fauthorize%3Fstate%3DMTY0Nzg5NDI5MTU3NC1ZYkVXamEzS2tJa0ROWXY0R1lsNUx3PT0%253D%26domain%3Duwlax.evidence.com%26redirect_uri%3Dhttps%253A%252F%252Fuwlax.evidence.com%252Fapi%252Foauth2%252Fcallback%26client_id%3D11324d2a-15eb-41de-b9db-f864063f5b73%26response_type%3Dcode
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 20:24:52 GMT
last-modified: Wed, 16 Mar 2022 06:19:27 GMT
server: istio-envoy
etag: "6231816f-ff074"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/javascript
cache-control: public, no-transform, max-age=2630000, immutable
x-envoy-upstream-service-time: 0
accept-ranges: bytes
content-length: 1044596

GET
H2 200 axon.e0e32b069cb44183b3ce.js Show response
id.evidence.com/axon/assets/login/ 349 KB
350 KB 671ms
671ms Script
application/javascript 52.227.251.71
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://id.evidence.com/axon/assets/login/axon.e0e32b069cb44183b3ce.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.227.251.71 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

e601945481bbef280bc44825d6760a471423e8f428ca754a86bda221b01d772a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://id.evidence.com/login?domain=uwlax.evidence.com&redirect_uri=%2Foauth%2Fauthorize%3Fstate%3DMTY0Nzg5NDI5MTU3NC1ZYkVXamEzS2tJa0ROWXY0R1lsNUx3PT0%253D%26domain%3Duwlax.evidence.com%26redirect_uri%3Dhttps%253A%252F%252Fuwlax.evidence.com%252Fapi%252Foauth2%252Fcallback%26client_id%3D11324d2a-15eb-41de-b9db-f864063f5b73%26response_type%3Dcode
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 20:24:52 GMT
last-modified: Wed, 16 Mar 2022 06:19:27 GMT
server: istio-envoy
etag: "6231816f-5752f"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/javascript
cache-control: public, no-transform, max-age=2630000, immutable
x-envoy-upstream-service-time: 378
accept-ranges: bytes
content-length: 357679

GET
H2 200 app.beed59dbee6b0a557ec0.js Show response
id.evidence.com/axon/assets/login/ 194 KB
194 KB 381ms
381ms Script
application/javascript 52.227.251.71
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://id.evidence.com/axon/assets/login/app.beed59dbee6b0a557ec0.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.227.251.71 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

bcc0373a3c1149cc40e9c5059bcb61753c3e1a87389735935da151f3c48c5bb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://id.evidence.com/login?domain=uwlax.evidence.com&redirect_uri=%2Foauth%2Fauthorize%3Fstate%3DMTY0Nzg5NDI5MTU3NC1ZYkVXamEzS2tJa0ROWXY0R1lsNUx3PT0%253D%26domain%3Duwlax.evidence.com%26redirect_uri%3Dhttps%253A%252F%252Fuwlax.evidence.com%252Fapi%252Foauth2%252Fcallback%26client_id%3D11324d2a-15eb-41de-b9db-f864063f5b73%26response_type%3Dcode
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 20:24:52 GMT
last-modified: Wed, 16 Mar 2022 06:19:27 GMT
server: istio-envoy
etag: "6231816f-308db"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/javascript
cache-control: public, no-transform, max-age=2630000, immutable
x-envoy-upstream-service-time: 1
accept-ranges: bytes
content-length: 198875

GET
H2 200 en-us-json.1a289fb3238e11e4764d.js Show response
id.evidence.com/axon/assets/login/i18n/ 820 KB
821 KB 98ms
97ms Script
application/javascript 52.227.251.71
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://id.evidence.com/axon/assets/login/i18n/en-us-json.1a289fb3238e11e4764d.js

Requested by

Host: id.evidence.com
URL: https://id.evidence.com/axon/assets/login/app.beed59dbee6b0a557ec0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.227.251.71 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

f0838919e612428f8d91f1bde586ec35cfeba09bfdda4881cd9559a82260b35b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://id.evidence.com/login?domain=uwlax.evidence.com&redirect_uri=%2Foauth%2Fauthorize%3Fstate%3DMTY0Nzg5NDI5MTU3NC1ZYkVXamEzS2tJa0ROWXY0R1lsNUx3PT0%253D%26domain%3Duwlax.evidence.com%26redirect_uri%3Dhttps%253A%252F%252Fuwlax.evidence.com%252Fapi%252Foauth2%252Fcallback%26client_id%3D11324d2a-15eb-41de-b9db-f864063f5b73%26response_type%3Dcode
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 20:24:52 GMT
last-modified: Wed, 16 Mar 2022 06:19:27 GMT
server: istio-envoy
etag: "6231816f-cd04d"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/javascript
cache-control: public, no-transform, max-age=2630000, immutable
x-envoy-upstream-service-time: 0
accept-ranges: bytes
content-length: 839757

GET
H2 200 method
id.evidence.com/api/login/ 184 B
232 B 129ms
128ms XHR
application/json 52.227.251.71
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://id.evidence.com/api/login/method?domain=uwlax.evidence.com

Requested by

Host: id.evidence.com
URL: https://id.evidence.com/axon/assets/login/lib.435fb253d525da64ca36.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.227.251.71 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://id.evidence.com/login?domain=uwlax.evidence.com&redirect_uri=%2Foauth%2Fauthorize%3Fstate%3DMTY0Nzg5NDI5MTU3NC1ZYkVXamEzS2tJa0ROWXY0R1lsNUx3PT0%253D%26domain%3Duwlax.evidence.com%26redirect_uri%3Dhttps%253A%252F%252Fuwlax.evidence.com%252Fapi%252Foauth2%252Fcallback%26client_id%3D11324d2a-15eb-41de-b9db-f864063f5b73%26response_type%3Dcode
X-Requested-With: login
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 20:24:53 GMT
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
content-type: application/json
x-envoy-upstream-service-time: 14
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 184
x-xss-protection: 1; mode=block
server: istio-envoy

GET
H2 404 state
id.evidence.com/api/login/ 134 B
213 B 115ms
114ms XHR
application/json 52.227.251.71
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://id.evidence.com/api/login/state?domain=uwlax.evidence.com

Requested by

Host: id.evidence.com
URL: https://id.evidence.com/axon/assets/login/lib.435fb253d525da64ca36.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.227.251.71 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://id.evidence.com/login?domain=uwlax.evidence.com&redirect_uri=%2Foauth%2Fauthorize%3Fstate%3DMTY0Nzg5NDI5MTU3NC1ZYkVXamEzS2tJa0ROWXY0R1lsNUx3PT0%253D%26domain%3Duwlax.evidence.com%26redirect_uri%3Dhttps%253A%252F%252Fuwlax.evidence.com%252Fapi%252Foauth2%252Fcallback%26client_id%3D11324d2a-15eb-41de-b9db-f864063f5b73%26response_type%3Dcode
X-Requested-With: login
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 20:24:53 GMT
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
content-type: application/json
x-envoy-upstream-service-time: 1
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 134
x-xss-protection: 1; mode=block
server: istio-envoy

GET
H/1.1

200
OK

Primary Request / Show response
fs.uwlax.edu/adfs/ls/
Redirect Chain

https://id.evidence.com/api/login/sso/saml?domain=uwlax.evidence.com&redirect_uri=%2Foauth%2Fauthorize%3Fstate%3DMTY0Nzg5NDI5MTU3NC1ZYkVXamEzS2tJa0ROWXY0R1lsNUx3PT0%253D%26domain%3Duwlax.evidence.c...
https://fs.uwlax.edu/adfs/ls/?RelayState=ZI5vS8MwGMS%2FS6F91y1p2vkHgohTUFiVrtXVNyVNnrmwtCnpU50Vv7vRt8Lx4zgO7r6CAnByfeVMcBksrZjwsPyFdXqGqxEFAt%2BUNcnntyxf32ebsmL5DX2tj8870d3O2wQfBCkeX3Y1KagZ8%2BrEnk...

25 KB
25 KB

913ms
271ms

Document
text/html

138.49.102.235
BRUWS-AS3128

General

Check archive.org

Show headers Download Go to

Full URL

https://fs.uwlax.edu/adfs/ls/?RelayState=ZI5vS8MwGMS%2FS6F91y1p2vkHgohTUFiVrtXVNyVNnrmwtCnpU50Vv7vRt8Lx4zgO7r6CAnByfeVMcBksrZjwsPyFdXqGqxEFAt%2BUNcnntyxf32ebsmL5DX2tj8870d3O2wQfBCkeX3Y1KagZ8%2BrEnkoSsnWkbCd0z6cPI04LeNcKegkLabvIgdIOJDaT0%2FyAOIwhuw6TO6%2F%2FbR%2BKQXv%2BnUu8kcKYVshjJI2GHhutOKUsSVUiYppBG6dUQdxeqDben69SsmL7rD1jfnYcbD9Cg58DcGkVBN8%2FAAAA%2F%2F8%3D&SAMLRequest=fJFNa8MwDIbv%2BxXBd%2BfDSbpEtIFCGQS2MbbRw26aq9JAYmeRsnX%2Ffmm6Q3upT0a8fh5JXjJ2bQ%2FrUQ7ulb5GYgnqzUo1O52l94mlRaHz6aazz6TUBeWoF5gUBuOkNHavgi0N3Hi3UiaMVVAzj1Q7FnQylWJjdJxqk7ybGEwGeRqmWZkU5YcKjl3rGGb9So2DA4%2FcMDjsiEEsvK2fHmGCQj948da3%2F09uhzsS3KGgqu6C%2BSxPBpj7Gi6ctynITINMY6nqINIzRNH40%2BIxpO9mR85SaH23jC7QV7oenidkvXnxbWN%2Fgwc%2FdCi3jafKtPP9HIX%2BtFQWcqKiM%2Fksu%2F6o6g8AAP%2F%2F

Requested by

Host: id.evidence.com
URL: https://id.evidence.com/axon/assets/login/app.beed59dbee6b0a557ec0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

138.49.102.235 La Crosse, United States, ASN3128 (BRUWS-AS3128, US),

Reverse DNS

fs.uwlax.edu

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

fcfe3bc2160e137927611e01976e3c4189761bafea3d604e9d989d942665f4d8

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://id.evidence.com/

Response headers

Cache-Control: no-cache,no-store
Pragma: no-cache
Content-Length: 25663
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-HTTPAPI/2.0
X-Frame-Options: DENY
Date: Mon, 21 Mar 2022 20:24:53 GMT

Redirect headers

date: Mon, 21 Mar 2022 20:24:53 GMT
content-length: 0
location: https://fs.uwlax.edu/adfs/ls/?RelayState=ZI5vS8MwGMS%2FS6F91y1p2vkHgohTUFiVrtXVNyVNnrmwtCnpU50Vv7vRt8Lx4zgO7r6CAnByfeVMcBksrZjwsPyFdXqGqxEFAt%2BUNcnntyxf32ebsmL5DX2tj8870d3O2wQfBCkeX3Y1KagZ8%2BrEnkoSsnWkbCd0z6cPI04LeNcKegkLabvIgdIOJDaT0%2FyAOIwhuw6TO6%2F%2FbR%2BKQXv%2BnUu8kcKYVshjJI2GHhutOKUsSVUiYppBG6dUQdxeqDben69SsmL7rD1jfnYcbD9Cg58DcGkVBN8%2FAAAA%2F%2F8%3D&SAMLRequest=fJFNa8MwDIbv%2BxXBd%2BfDSbpEtIFCGQS2MbbRw26aq9JAYmeRsnX%2Ffmm6Q3upT0a8fh5JXjJ2bQ%2FrUQ7ulb5GYgnqzUo1O52l94mlRaHz6aazz6TUBeWoF5gUBuOkNHavgi0N3Hi3UiaMVVAzj1Q7FnQylWJjdJxqk7ybGEwGeRqmWZkU5YcKjl3rGGb9So2DA4%2FcMDjsiEEsvK2fHmGCQj948da3%2F09uhzsS3KGgqu6C%2BSxPBpj7Gi6ctynITINMY6nqINIzRNH40%2BIxpO9mR85SaH23jC7QV7oenidkvXnxbWN%2Fgwc%2FdCi3jafKtPP9HIX%2BtFQWcqKiM%2Fksu%2F6o6g8AAP%2F%2F
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=15724800; includeSubDomains
x-envoy-upstream-service-time: 10
server: istio-envoy

POST /
api-js.mixpanel.com/track/ 0
0

GET
H/1.1 200
OK style.css
fs.uwlax.edu/adfs/portal/css/ 22 KB
23 KB 220ms
118ms Stylesheet
text/css 138.49.102.235
BRUWS-AS3128

General

Check archive.org

Show headers Download Go to

Full URL: https://fs.uwlax.edu/adfs/portal/css/style.css?id=50C61FA715316FF0CB240D9E4944879BC84514871B93F4C0E14FA474C96ECC88
Requested by: Host: fs.uwlax.edu
URL: https://fs.uwlax.edu/adfs/ls/?RelayState=ZI5vS8MwGMS%2FS6F91y1p2vkHgohTUFiVrtXVNyVNnrmwtCnpU50Vv7vRt8Lx4zgO7r6CAnByfeVMcBksrZjwsPyFdXqGqxEFAt%2BUNcnntyxf32ebsmL5DX2tj8870d3O2wQfBCkeX3Y1KagZ8%2BrEnkoSsnWkbCd0z6cPI04LeNcKegkLabvIgdIOJDaT0%2FyAOIwhuw6TO6%2F%2FbR%2BKQXv%2BnUu8kcKYVshjJI2GHhutOKUsSVUiYppBG6dUQdxeqDben69SsmL7rD1jfnYcbD9Cg58DcGkVBN8%2FAAAA%2F%2F8%3D&SAMLRequest=fJFNa8MwDIbv%2BxXBd%2BfDSbpEtIFCGQS2MbbRw26aq9JAYmeRsnX%2Ffmm6Q3upT0a8fh5JXjJ2bQ%2FrUQ7ulb5GYgnqzUo1O52l94mlRaHz6aazz6TUBeWoF5gUBuOkNHavgi0N3Hi3UiaMVVAzj1Q7FnQylWJjdJxqk7ybGEwGeRqmWZkU5YcKjl3rGGb9So2DA4%2FcMDjsiEEsvK2fHmGCQj948da3%2F09uhzsS3KGgqu6C%2BSxPBpj7Gi6ctynITINMY6nqINIzRNH40%2BIxpO9mR85SaH23jC7QV7oenidkvXnxbWN%2Fgwc%2FdCi3jafKtPP9HIX%2BtFQWcqKiM%2Fksu%2F6o6g8AAP%2F%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.49.102.235 La Crosse, United States, ASN3128 (BRUWS-AS3128, US),
Reverse DNS: fs.uwlax.edu
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: 50c61fa715316ff0cb240d9e4944879bc84514871b93f4c0e14fa474c96ecc88

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fs.uwlax.edu/adfs/ls/?RelayState=ZI5vS8MwGMS%2FS6F91y1p2vkHgohTUFiVrtXVNyVNnrmwtCnpU50Vv7vRt8Lx4zgO7r6CAnByfeVMcBksrZjwsPyFdXqGqxEFAt%2BUNcnntyxf32ebsmL5DX2tj8870d3O2wQfBCkeX3Y1KagZ8%2BrEnkoSsnWkbCd0z6cPI04LeNcKegkLabvIgdIOJDaT0%2FyAOIwhuw6TO6%2F%2FbR%2BKQXv%2BnUu8kcKYVshjJI2GHhutOKUsSVUiYppBG6dUQdxeqDben69SsmL7rD1jfnYcbD9Cg58DcGkVBN8%2FAAAA%2F%2F8%3D&SAMLRequest=fJFNa8MwDIbv%2BxXBd%2BfDSbpEtIFCGQS2MbbRw26aq9JAYmeRsnX%2Ffmm6Q3upT0a8fh5JXjJ2bQ%2FrUQ7ulb5GYgnqzUo1O52l94mlRaHz6aazz6TUBeWoF5gUBuOkNHavgi0N3Hi3UiaMVVAzj1Q7FnQylWJjdJxqk7ybGEwGeRqmWZkU5YcKjl3rGGb9So2DA4%2FcMDjsiEEsvK2fHmGCQj948da3%2F09uhzsS3KGgqu6C%2BSxPBpj7Gi6ctynITINMY6nqINIzRNH40%2BIxpO9mR85SaH23jC7QV7oenidkvXnxbWN%2Fgwc%2FdCi3jafKtPP9HIX%2BtFQWcqKiM%2Fksu%2F6o6g8AAP%2F%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 20:24:53 GMT
Expires: Wed, 20 Apr 2022 20:24:54 GMT
Server: Microsoft-HTTPAPI/2.0
ETag: 50C61FA715316FF0CB240D9E4944879BC84514871B93F4C0E14FA474C96ECC88
Content-Length: 22928
Content-Type: text/css

GET
H/1.1 200
OK logo.png
fs.uwlax.edu/adfs/portal/logo/ 74 KB
74 KB 339ms
118ms Image
image/png 138.49.102.235
BRUWS-AS3128

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fs.uwlax.edu/adfs/portal/logo/logo.png?id=7C0547C3C3BF65CE1CE42810472AB171683641CB8817C0AA588D57DB993F4BB3
Requested by: Host: fs.uwlax.edu
URL: https://fs.uwlax.edu/adfs/ls/?RelayState=ZI5vS8MwGMS%2FS6F91y1p2vkHgohTUFiVrtXVNyVNnrmwtCnpU50Vv7vRt8Lx4zgO7r6CAnByfeVMcBksrZjwsPyFdXqGqxEFAt%2BUNcnntyxf32ebsmL5DX2tj8870d3O2wQfBCkeX3Y1KagZ8%2BrEnkoSsnWkbCd0z6cPI04LeNcKegkLabvIgdIOJDaT0%2FyAOIwhuw6TO6%2F%2FbR%2BKQXv%2BnUu8kcKYVshjJI2GHhutOKUsSVUiYppBG6dUQdxeqDben69SsmL7rD1jfnYcbD9Cg58DcGkVBN8%2FAAAA%2F%2F8%3D&SAMLRequest=fJFNa8MwDIbv%2BxXBd%2BfDSbpEtIFCGQS2MbbRw26aq9JAYmeRsnX%2Ffmm6Q3upT0a8fh5JXjJ2bQ%2FrUQ7ulb5GYgnqzUo1O52l94mlRaHz6aazz6TUBeWoF5gUBuOkNHavgi0N3Hi3UiaMVVAzj1Q7FnQylWJjdJxqk7ybGEwGeRqmWZkU5YcKjl3rGGb9So2DA4%2FcMDjsiEEsvK2fHmGCQj948da3%2F09uhzsS3KGgqu6C%2BSxPBpj7Gi6ctynITINMY6nqINIzRNH40%2BIxpO9mR85SaH23jC7QV7oenidkvXnxbWN%2Fgwc%2FdCi3jafKtPP9HIX%2BtFQWcqKiM%2Fksu%2F6o6g8AAP%2F%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.49.102.235 La Crosse, United States, ASN3128 (BRUWS-AS3128, US),
Reverse DNS: fs.uwlax.edu
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: 7c0547c3c3bf65ce1ce42810472ab171683641cb8817c0aa588d57db993f4bb3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fs.uwlax.edu/adfs/ls/?RelayState=ZI5vS8MwGMS%2FS6F91y1p2vkHgohTUFiVrtXVNyVNnrmwtCnpU50Vv7vRt8Lx4zgO7r6CAnByfeVMcBksrZjwsPyFdXqGqxEFAt%2BUNcnntyxf32ebsmL5DX2tj8870d3O2wQfBCkeX3Y1KagZ8%2BrEnkoSsnWkbCd0z6cPI04LeNcKegkLabvIgdIOJDaT0%2FyAOIwhuw6TO6%2F%2FbR%2BKQXv%2BnUu8kcKYVshjJI2GHhutOKUsSVUiYppBG6dUQdxeqDben69SsmL7rD1jfnYcbD9Cg58DcGkVBN8%2FAAAA%2F%2F8%3D&SAMLRequest=fJFNa8MwDIbv%2BxXBd%2BfDSbpEtIFCGQS2MbbRw26aq9JAYmeRsnX%2Ffmm6Q3upT0a8fh5JXjJ2bQ%2FrUQ7ulb5GYgnqzUo1O52l94mlRaHz6aazz6TUBeWoF5gUBuOkNHavgi0N3Hi3UiaMVVAzj1Q7FnQylWJjdJxqk7ybGEwGeRqmWZkU5YcKjl3rGGb9So2DA4%2FcMDjsiEEsvK2fHmGCQj948da3%2F09uhzsS3KGgqu6C%2BSxPBpj7Gi6ctynITINMY6nqINIzRNH40%2BIxpO9mR85SaH23jC7QV7oenidkvXnxbWN%2Fgwc%2FdCi3jafKtPP9HIX%2BtFQWcqKiM%2Fksu%2F6o6g8AAP%2F%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 20:24:53 GMT
Expires: Wed, 20 Apr 2022 20:24:54 GMT
Server: Microsoft-HTTPAPI/2.0
ETag: 7C0547C3C3BF65CE1CE42810472AB171683641CB8817C0AA588D57DB993F4BB3
Content-Length: 75285
Content-Type: image/png

GET
H/1.1 200
OK illustration.jpg
fs.uwlax.edu/adfs/portal/illustration/ 625 KB
625 KB 121ms
120ms Image
image/jpeg 138.49.102.235
BRUWS-AS3128

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fs.uwlax.edu/adfs/portal/illustration/illustration.jpg?id=4B8178177B710868E34A312150520F6328AA8EB377113578A7B0BA4F1E91B68D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.49.102.235 La Crosse, United States, ASN3128 (BRUWS-AS3128, US),
Reverse DNS: fs.uwlax.edu
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: 4b8178177b710868e34a312150520f6328aa8eb377113578a7b0ba4f1e91b68d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fs.uwlax.edu/adfs/ls/?RelayState=ZI5vS8MwGMS%2FS6F91y1p2vkHgohTUFiVrtXVNyVNnrmwtCnpU50Vv7vRt8Lx4zgO7r6CAnByfeVMcBksrZjwsPyFdXqGqxEFAt%2BUNcnntyxf32ebsmL5DX2tj8870d3O2wQfBCkeX3Y1KagZ8%2BrEnkoSsnWkbCd0z6cPI04LeNcKegkLabvIgdIOJDaT0%2FyAOIwhuw6TO6%2F%2FbR%2BKQXv%2BnUu8kcKYVshjJI2GHhutOKUsSVUiYppBG6dUQdxeqDben69SsmL7rD1jfnYcbD9Cg58DcGkVBN8%2FAAAA%2F%2F8%3D&SAMLRequest=fJFNa8MwDIbv%2BxXBd%2BfDSbpEtIFCGQS2MbbRw26aq9JAYmeRsnX%2Ffmm6Q3upT0a8fh5JXjJ2bQ%2FrUQ7ulb5GYgnqzUo1O52l94mlRaHz6aazz6TUBeWoF5gUBuOkNHavgi0N3Hi3UiaMVVAzj1Q7FnQylWJjdJxqk7ybGEwGeRqmWZkU5YcKjl3rGGb9So2DA4%2FcMDjsiEEsvK2fHmGCQj948da3%2F09uhzsS3KGgqu6C%2BSxPBpj7Gi6ctynITINMY6nqINIzRNH40%2BIxpO9mR85SaH23jC7QV7oenidkvXnxbWN%2Fgwc%2FdCi3jafKtPP9HIX%2BtFQWcqKiM%2Fksu%2F6o6g8AAP%2F%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 20:24:54 GMT
Expires: Wed, 20 Apr 2022 20:24:54 GMT
Server: Microsoft-HTTPAPI/2.0
ETag: 4B8178177B710868E34A312150520F6328AA8EB377113578A7B0BA4F1E91B68D
Content-Length: 639827
Content-Type: image/jpeg

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api-js.mixpanel.com
URL: https://api-js.mixpanel.com/track/?verbose=1&ip=0&_=1647894294316

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
uwlax.evidence.com/	1969-12-31 23:59:59	Name: OAUTH_SESSION Value: eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7Ik1UWTBOemc1TkRJNU1UVTNOQzFaWWtWWGFtRXpTMnRKYTBST1dYWTBSMWxzTlV4M1BUMD0iOiIvYXhvbi9kYXNoYm9hcmQifSwibmJmIjoxNjQ3ODk0MjkxLCJpYXQiOjE2NDc4OTQyOTF9.8OLSdEoEsthyMjA4l0B92VQfbzlN8PyhO3OlLi3Gv_0
uwlax.evidence.com/	1969-12-31 23:59:59	Name: csrfToken Value: a893c27bea7d0bd5eaed4e32fc7a2bcfa4ff704e-1647894291574-6695ff69571b206f91a2f65e
.evidence.com/	1970-01-20 02:28:06	Name: AL-A Value: W3siaWQiOiI5N2M0ZTY4Ni01ZDg0LTQ0ZWQtODkxYS0xMmJkMmJmZjk5MWYiLCJuYW1lIjoiVW5pdmVyc2l0eSBvZiBXaXNjb25zaW4gUEQgLSBMYUNyb3NzZSIsImRvbWFpbiI6InV3bGF4LmV2aWRlbmNlLmNvbSJ9XQ%3D%3D
id.evidence.com/	1970-01-20 10:30:30	Name: mp_b6bd4bca3eea571b87c43b27477755c4_mixpanel Value: %7B%22distinct_id%22%3A%20%2217fae2769af304-08d1c0259152c3-977173c-1d4c00-17fae2769b03cf%22%2C%22%24device_id%22%3A%20%2217fae2769af304-08d1c0259152c3-977173c-1d4c00-17fae2769b03cf%22%2C%22Region%22%3A%20%22us1%22%2C%22Production%22%3A%20true%2C%22Page%20Name%22%3A%20%22Login%20-%20DetermineStep%22%2C%22URL%22%3A%20%22%2Flogin%22%2C%22__timers%22%3A%20%7B%7D%2C%22__mps%22%3A%20%7B%7D%2C%22__mpso%22%3A%20%7B%7D%2C%22__mpus%22%3A%20%7B%7D%2C%22__mpa%22%3A%20%7B%22Total%20page%20views%22%3A%202%7D%2C%22__mpu%22%3A%20%7B%7D%2C%22__mpr%22%3A%20%5B%5D%2C%22__mpap%22%3A%20%5B%5D%7D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://id.evidence.com/api/login/state?domain=uwlax.evidence.com Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-js.mixpanel.com
fs.uwlax.edu
id.evidence.com
uwlax.evidence.com
api-js.mixpanel.com
138.49.102.235
52.227.176.143
52.227.251.71
131dff2e137fdb8d03831b9e5fe894f947d4831707cf251be2281693adb9e146
317653b1c52cff4aa7ef544abd26c94f01aa7b15c77d964bd3cd1cd77a720404
4b8178177b710868e34a312150520f6328aa8eb377113578a7b0ba4f1e91b68d
50c61fa715316ff0cb240d9e4944879bc84514871b93f4c0e14fa474c96ecc88
5bb76d89ff3d286302793b7caf27f308deb428cabf18a21b83917d0f22bf2299
64bef2eb1dfb1a542d93a8150bbc01eff2fc58944b13ff23398c409f86fec172
7c0547c3c3bf65ce1ce42810472ab171683641cb8817c0aa588d57db993f4bb3
7f158eb6ef3a2a147904154abe186b7cc20d4aa745d25722d03bb0b677297953
bcc0373a3c1149cc40e9c5059bcb61753c3e1a87389735935da151f3c48c5bb7
bd828ff88f79308dbd52b585ab4054c17a7c72d57c40715e1451cb54325a77ef
d663a83ab5dcc1207ce28776e974e341aed5d6c406e877f28630089122bfb36b
da31bcecbc2f4423deb7424f1fcf10c852729b71e6053ec41e19065b300c17bb
de27d233736d66665e51fbf61fbdc88e63370860d68dfc1b5fda1caa487ead10
e601945481bbef280bc44825d6760a471423e8f428ca754a86bda221b01d772a
f0838919e612428f8d91f1bde586ec35cfeba09bfdda4881cd9559a82260b35b
fcfe3bc2160e137927611e01976e3c4189761bafea3d604e9d989d942665f4d8

fs.uwlax.edu Open in urlscan Pro 138.49.102.235 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

20 Requests

95 %HTTPS

0 %IPv6

3 Domains

4 Subdomains

4 IPs

1 Countries

3410 kBTransfer

4019 kBSize

4 Cookies

3 Outgoing links

Page URL History

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

4 Cookies

1 Console Messages

Security Headers

Indicators

fs.uwlax.edu Open in urlscan Pro
138.49.102.235 Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

95 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

4
IPs

1
Countries

3410 kB
Transfer

4019 kB
Size

4
Cookies

20 HTTP transactions
0 data transactions