rise.as.tufts.edu Open in urlscan Pro
172.81.118.16 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://rise.as.tufts.edu/w-email-spectrum_cont.update/webmail.spectrumwebmail_webmail.spectrumwebmail-webmail.spectrumweb...
Submission: On September 27 via manual (September 27th 2021, 8:45:42 pm UTC) from US — Scanned from DE

Summary HTTP 43 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 9 IPs in 1 countries across 7 domains to perform 43 HTTP transactions. The main IP is 172.81.118.16, located in United States and belongs to IMH-IAD, US. The main domain is rise.as.tufts.edu.
TLS certificate: Issued by cPanel, Inc. Certification Authority on August 25th 2021. Valid for: 3 months.

This is the only time rise.as.tufts.edu was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Spectrum (Telecommunication)

Domain & IP information

	IP Address	AS Autonomous System
1	172.81.118.16 172.81.118.16	54641 (IMH-IAD) (IMH-IAD)
11	3.211.188.127 3.211.188.127	14618 (AMAZON-AES) (AMAZON-AES)
2	142.250.184.196 142.250.184.196	15169 (GOOGLE) (GOOGLE)
4	143.204.101.23 143.204.101.23	16509 (AMAZON-02) (AMAZON-02)
16	91.235.134.5 91.235.134.5	30286 (THM) (THM)
3	216.58.212.131 216.58.212.131	15169 (GOOGLE) (GOOGLE)
1 4	91.235.132.130 91.235.132.130	30286 (THM) (THM)
1	91.235.134.131 91.235.134.131	30286 (THM) (THM)
43	9

1 172.81.118.16 (United States)

ASN54641 (IMH-IAD, US)
PTR: vps65799.inmotionhosting.com

rise.as.tufts.edu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 3.211.188.127 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-188-127.compute-1.amazonaws.com

webmail.spectrum.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 143.204.101.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-23.fra50.r.cloudfront.net

d1ff979u6gd5fc.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 91.235.134.5 (United States)

ASN30286 (THM, US)

pov.spectrum.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.212.131 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 91.235.132.130 (United States) 1 redirects

ASN30286 (THM, US)
PTR: h.online-metrix.net

h.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.235.134.131 (United States)

ASN30286 (THM, US)

9a34yc6ov5i2p3r5kmsfvwgv6hspm7imy7eojpzr679e8465dd83f6bdam1.e.aa.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	spectrum.net webmail.spectrum.net www.spectrum.net Failed pov.spectrum.net	655 KB
5	online-metrix.net 1 redirects h.online-metrix.net 9a34yc6ov5i2p3r5kmsfvwgv6hspm7imy7eojpzr679e8465dd83f6bdam1.e.aa.online-metrix.net	16 KB
4	cloudfront.net d1ff979u6gd5fc.cloudfront.net	160 KB
3	gstatic.com www.gstatic.com	293 KB
2	google.com www.google.com	2 KB
1	tufts.edu rise.as.tufts.edu	10 KB
0	Failed function sub() { [native code] }. Failed
43	7

	Domain	Requested by
16	pov.spectrum.net	webmail.spectrum.net pov.spectrum.net
11	webmail.spectrum.net	rise.as.tufts.edu
4	h.online-metrix.net	1 redirects pov.spectrum.net
4	d1ff979u6gd5fc.cloudfront.net	webmail.spectrum.net
3	www.gstatic.com	www.google.com
2	www.google.com	rise.as.tufts.edu www.gstatic.com
1	9a34yc6ov5i2p3r5kmsfvwgv6hspm7imy7eojpzr679e8465dd83f6bdam1.e.aa.online-metrix.net
1	rise.as.tufts.edu
0	ghbmnnjooekpmoecnnnilnnbdlolhkhi Failed	pov.spectrum.net
0	www.spectrum.net Failed	webmail.spectrum.net
43	10

This site contains links to these domains. Also see Links.

Domain
www.spectrum.net
watch.spectrum.net
urt.rr.com
pt.rr.com
www.spectrumreach.com
www.spectrum.com
spectrum.com

Subject Issuer	Validity	Valid
rise.as.tufts.edu cPanel, Inc. Certification Authority	`2021-08-25` - `2021-11-23`	3 months	crt.sh
*.spectrum.net Amazon	`2021-06-07` - `2022-07-06`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
pov.spectrum.net DigiCert SHA2 Secure Server CA	`2020-11-04` - `2021-11-08`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
h.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2021-01-21` - `2022-01-21`	a year	crt.sh
*.e.aa.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2021-07-30` - `2022-08-01`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://rise.as.tufts.edu/w-email-spectrum_cont.update/webmail.spectrumwebmail_webmail.spectrumwebmail-webmail.spectrumwebmail.webmail.spectrumwebmail.webmail.spectrumwebmail.webmail.spectrumwebmail_webmail.spectrumwebmail76234.webmail.spectrumwebmail723823-73g52hs_gs638d.1083gdu/b532_0282682.z6653gss_837dt53h-arqtwbt63_HUIJDYUIUS_83637dg5r3gd_dmgste6382.html
Frame ID: 4849CBED01895A08034FCC45FAB08709
Requests: 20 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfRsggUAAAAABJBT04IBvG0gWCNSB_FuhkC4PAx&co=aHR0cHM6Ly9yaXNlLmFzLnR1ZnRzLmVkdTo0NDM.&hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&size=normal&cb=gdoq5eb5c9t9
Frame ID: E6CFF7A58A23799E1E67ADF5C3476398
Requests: 3 HTTP requests in this frame

Frame: https://pov.spectrum.net/-qXEkTIj4jqgx8bk?bf2472666dd57923=LyUxw9-iVxxmspxOTCd46F9Mw3BHUgxAh94HIWVptOOGQlTZQj-vPPw7cELLGOiyO9tcMNAbzwvMTWlZa3pv2-WQdzKi-im6ceNtHsjoX7m8lZAFo0dJRxLt3Y5IpVUUKBHd3a1qRw-i4nWQM7J9vLwtdK_iTyFs1dBNj0X9kzxF_paBPKeBMASQzyzyoYgOBPhYBb9qf9havIsA&jb=363b242468716d773544616e7770266a736f354c616e777026687b62753d4b687a6f6d65246871603f416a7067656d2530383933
Frame ID: DC0209B71D43389BD6E7B429C54E9E2A
Requests: 12 HTTP requests in this frame

Frame: https://pov.spectrum.net/jVwhQjtYJBRIHHQv?fbd50714d2a4f099=e9y2z5Z8oL1ScpASUwctckCOAGaBjpSWGb9t0CNcs2IhWOTw9Dhd0o_b4ws6YJsAKqt5spx22enEY6s2I6jq7QF_Cb9v6UFO6zLo9DwPa2ukRc9hVkDQzl48U2992VJ7Fe6Dkte8PoYo_0SjsruaFaK1_r0&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Frame ID: D67F08244E24E2C109426F098673008C
Requests: 3 HTTP requests in this frame

Frame: https://pov.spectrum.net/VtzqHdb4o8H2OfKO?6b49e45324b53166=fLbPEM05GaNUOiGKhc6bfyCcJT7QXi7Kx50Lklnp7FSQmyCNCjLWAaqzOb9w9rVSFKZDusxWV9_cK-V2NxUrIcKN8ZxWtNZbYN7KOy8BiNpQxFB7AoD6BGKlr16wZ23Vb3wME0NxZi_mh5W_dD7frm4x7e1erOfms5R5X3sh3Xblp0XIZSaU1-jf20EU19o_1SLZuXkofo1qZXy2Bvw
Frame ID: 829D3BF48E221AFD6793A1B787619B22
Requests: 2 HTTP requests in this frame

Frame: https://h.online-metrix.net/dy_MoqnG96Nhx9fm?3ec6d6e76a2ed0af=_J6Lcpf9cPw3aEKg3bA_1BExX-eZXpvVzrVjINXThYNA-j8EOM4-oQnVVidMdJg6_QBwxOuSgzF7b7bOoebtwpgQbUGxhfIBmHw0860K2nwsNEQLXoGm3FmYEFmq9VNZsfUI8NuGvmSqA_wzKehGoC_4ql9jEslOTlf8m00PTYD-n_nIO2JRZUJHPRnYqhwsLW7PAle1EVtYD-pxkJce
Frame ID: E7D4D8274BA005B23F94BAB03AE5BF80
Requests: 2 HTTP requests in this frame

Frame: https://pov.spectrum.net/RCs1IHaNzCs2TYj_?10740f3504c715f7=9IkZqEERMEYOOZSSAJgr3pORVWkBheE8fKMPQX4mNux8fCMU1Vgsi-iTntupRl0fFtS6buMFI5b6T3PCdbHYFQ4Kyp92Q60KL7SEuxi0z-dGcyv6FSYEUhocc1dDKusxLBMzGc8Qy1XSfWzNd76sd9HJcrGfbOA1sQsbcHCtcg3APMdMPruHtzdTHSeAX5aLoHFGcfFFHFYZNNbR937p
Frame ID: F332CD15DE3E2DF0DC2C95B6C22BA89E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Log In - Webmail

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

<div[^>]+class="g-recaptcha"
/recaptcha/api\.js

Page Statistics

43
Requests

95 %
HTTPS

0 %
IPv6

7
Domains

10
Subdomains

9
IPs

1
Countries

1136 kB
Transfer

2350 kB
Size

3
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://www.spectrum.net/login/
Title: Manage Account

Search URL Search Domain Scan URL

URL: https://www.spectrum.net/support/
Title: Get Support

Search URL Search Domain Scan URL

URL: https://watch.spectrum.net/
Title: Watch TV

Search URL Search Domain Scan URL

URL: https://www.spectrum.net/hoh
Title: Create an Email Address

Search URL Search Domain Scan URL

URL: https://urt.rr.com/
Title: Forgot Email Address?

Search URL Search Domain Scan URL

URL: https://pt.rr.com/
Title: Forgot Email Password?

Search URL Search Domain Scan URL

URL: https://www.spectrumreach.com/
Title: Advertise with Us

Search URL Search Domain Scan URL

URL: https://www.spectrum.com/policies/your-privacy-rights
Title: Your Privacy Rights

Search URL Search Domain Scan URL

URL: https://www.spectrum.com/policies/website-privacy-policy.html
Title: Web Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.spectrum.com/policies/california
Title: California Consumer Privacy Rights

Search URL Search Domain Scan URL

URL: https://spectrum.com/policies/your-privacy-rights-opt-out
Title: California Consumer Do Not Sell My Personal Information

Search URL Search Domain Scan URL

URL: https://www.spectrum.com/policies/terms-of-service.html
Title: Spectrum Subscriber Policies

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://h.online-metrix.net/b3sgZmUvr6nYgeuQ?2efcd31e6f765506=BZhcRxrFUP6610OGP0FtSNOdnJFopIfifw0Stsxgp0G1h-aAsEJJrLNnTNJq3n7BsgnF5lEN_pYkMof1BIyy8KyOOdoi1ohYwS9I-99_0Uz3sBt9yudVdGDWV1KPyrTORxA69t8dS0YXLv6H98tjSmFBhV4uSxp73HEzwV57PTEnRkg HTTP 302
https://h.online-metrix.net/b3sgZmUvr6nYgeuQ?0e4915cb7a1e48b7=BZhcRxrFUP6610OGP0FtSNOdnJFopIfifw0Stsxgp0G1h-aAsEJJrLNnTNJq3n7BsgnF5lEN_pYkMof1BIyy8KyOOdoi1ohYwS9I-99_0Uz3sBt9yudVdGDWV1KPyrTORxA69gGJdodKALsaGtttq6kmlRY&k=2

43 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request b532_0282682.z6653gss_837dt53h-arqtwbt63_HUIJDYUIUS_83637dg5r3gd_dmgste6382.html Show response
rise.as.tufts.edu/w-email-spectrum_cont.update/webmail.spectrumwebmail_webmail.spectrumwebmail-webmail.spectrumwebmail.webmail.spectrumwebmail.webmail.spectrumwebmail.webmail.spectrumwebmail_webmai... 10 KB
10 KB 306ms
96ms Document
text/html 172.81.118.16
IMH-IAD

General

Check archive.org

Show headers Download Go to

Full URL: https://rise.as.tufts.edu/w-email-spectrum_cont.update/webmail.spectrumwebmail_webmail.spectrumwebmail-webmail.spectrumwebmail.webmail.spectrumwebmail.webmail.spectrumwebmail.webmail.spectrumwebmail_webmail.spectrumwebmail76234.webmail.spectrumwebmail723823-73g52hs_gs638d.1083gdu/b532_0282682.z6653gss_837dt53h-arqtwbt63_HUIJDYUIUS_83637dg5r3gd_dmgste6382.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 172.81.118.16 , United States, ASN54641 (IMH-IAD, US),
Reverse DNS: vps65799.inmotionhosting.com
Software: Apache /
Resource Hash: 8936137b6c5dc0d82f8f1f3bdd7adb8b4d5992a2c760526c5254e08e5bc598c4

Request headers

Host: rise.as.tufts.edu
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Mon, 27 Sep 2021 20:45:36 GMT
Server: Apache
Last-Modified: Mon, 18 May 2020 20:30:36 GMT
Accept-Ranges: bytes
Content-Length: 10304
Cache-Control: max-age=2592000
Expires: Wed, 27 Oct 2021 20:45:36 GMT
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html

GET
H2 200 jquery-1.9.1.min.js Show response
webmail.spectrum.net/application/modules/mail/views/scripts/mail/js/ 90 KB
91 KB 572ms
368ms Script
application/javascript 3.211.188.127
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://webmail.spectrum.net/application/modules/mail/views/scripts/mail/js/jquery-1.9.1.min.js?v=2.11.1_3
Requested by: Host: rise.as.tufts.edu
URL: https://rise.as.tufts.edu/w-email-spectrum_cont.update/webmail.spectrumwebmail_webmail.spectrumwebmail-webmail.spectrumwebmail.webmail.spectrumwebmail.webmail.spectrumwebmail.webmail.spectrumwebmail_webmail.spectrumwebmail76234.webmail.spectrumwebmail723823-73g52hs_gs638d.1083gdu/b532_0282682.z6653gss_837dt53h-arqtwbt63_HUIJDYUIUS_83637dg5r3gd_dmgste6382.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.211.188.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-211-188-127.compute-1.amazonaws.com
Software: nginx /
Resource Hash: c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rise.as.tufts.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 20:45:37 GMT
last-modified: Wed, 30 Jun 2021 16:56:28 GMT
server: nginx
etag: "60dca23c-169d5"
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 92629
expires: Wed, 27 Oct 2021 20:45:37 GMT

GET
H2 200 jquery-ui.min.js Show response
webmail.spectrum.net/application/modules/mail/views/scripts/mail/js/ 248 KB
249 KB 572ms
368ms Script
application/javascript 3.211.188.127
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://webmail.spectrum.net/application/modules/mail/views/scripts/mail/js/jquery-ui.min.js?v=2.11.1_3
Requested by: Host: rise.as.tufts.edu
URL: https://rise.as.tufts.edu/w-email-spectrum_cont.update/webmail.spectrumwebmail_webmail.spectrumwebmail-webmail.spectrumwebmail.webmail.spectrumwebmail.webmail.spectrumwebmail.webmail.spectrumwebmail_webmail.spectrumwebmail76234.webmail.spectrumwebmail723823-73g52hs_gs638d.1083gdu/b532_0282682.z6653gss_837dt53h-arqtwbt63_HUIJDYUIUS_83637dg5r3gd_dmgste6382.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.211.188.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-211-188-127.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 760a15d9494ff6aa1ac847466eabe5e554524851c26233b4cb91765dfa724c32

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rise.as.tufts.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 20:45:37 GMT
last-modified: Wed, 30 Jun 2021 16:56:28 GMT
server: nginx
etag: "60dca23c-3dee4"
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 253668
expires: Wed, 27 Oct 2021 20:45:37 GMT

GET
H2 200 login.js Show response
webmail.spectrum.net/application/modules/mail/views/scripts/auth/js/ 2 KB
3 KB 571ms
367ms Script
application/javascript 3.211.188.127
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://webmail.spectrum.net/application/modules/mail/views/scripts/auth/js/login.js?v=2.11.1_3
Requested by: Host: rise.as.tufts.edu
URL: https://rise.as.tufts.edu/w-email-spectrum_cont.update/webmail.spectrumwebmail_webmail.spectrumwebmail-webmail.spectrumwebmail.webmail.spectrumwebmail.webmail.spectrumwebmail.webmail.spectrumwebmail_webmail.spectrumwebmail76234.webmail.spectrumwebmail723823-73g52hs_gs638d.1083gdu/b532_0282682.z6653gss_837dt53h-arqtwbt63_HUIJDYUIUS_83637dg5r3gd_dmgste6382.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.211.188.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-211-188-127.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 164661dbf5eaeed1f00e417d220424bf968a7776f831a042a41a4a8b538b8992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rise.as.tufts.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 20:45:37 GMT
last-modified: Wed, 30 Jun 2021 16:56:27 GMT
server: nginx
etag: "60dca23b-909"
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2313
expires: Wed, 27 Oct 2021 20:45:37 GMT

GET
H2 200 spectrumloginheader.js Show response
webmail.spectrum.net/application/modules/mail/views/scripts/auth/js/ 4 KB
4 KB 572ms
368ms Script
application/javascript 3.211.188.127
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://webmail.spectrum.net/application/modules/mail/views/scripts/auth/js/spectrumloginheader.js?v=2.11.1_3
Requested by: Host: rise.as.tufts.edu
URL: https://rise.as.tufts.edu/w-email-spectrum_cont.update/webmail.spectrumwebmail_webmail.spectrumwebmail-webmail.spectrumwebmail.webmail.spectrumwebmail.webmail.spectrumwebmail.webmail.spectrumwebmail_webmail.spectrumwebmail76234.webmail.spectrumwebmail723823-73g52hs_gs638d.1083gdu/b532_0282682.z6653gss_837dt53h-arqtwbt63_HUIJDYUIUS_83637dg5r3gd_dmgste6382.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.211.188.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-211-188-127.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6606d74edb92d677837db730b3b6d16380003ec99bc551c3000c3362f03f0cdc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rise.as.tufts.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 20:45:37 GMT
last-modified: Wed, 30 Jun 2021 16:56:27 GMT
server: nginx
etag: "60dca23b-e62"
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 3682
expires: Wed, 27 Oct 2021 20:45:37 GMT

GET
H2 200 rutledge.css
webmail.spectrum.net/application/modules/mail/views/scripts/mail/css/ 5 KB
5 KB 386ms
183ms Stylesheet
text/css 3.211.188.127
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://webmail.spectrum.net/application/modules/mail/views/scripts/mail/css/rutledge.css?v=2.11.1_3
Requested by: Host: rise.as.tufts.edu
URL: https://rise.as.tufts.edu/w-email-spectrum_cont.update/webmail.spectrumwebmail_webmail.spectrumwebmail-webmail.spectrumwebmail.webmail.spectrumwebmail.webmail.spectrumwebmail.webmail.spectrumwebmail_webmail.spectrumwebmail76234.webmail.spectrumwebmail723823-73g52hs_gs638d.1083gdu/b532_0282682.z6653gss_837dt53h-arqtwbt63_HUIJDYUIUS_83637dg5r3gd_dmgste6382.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.211.188.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-211-188-127.compute-1.amazonaws.com
Software: nginx /
Resource Hash: d0ccab8c62e3914173619ccb183a8bbe6df396a5e7bc788c8c28c1f7b2182d66

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rise.as.tufts.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 20:45:37 GMT
last-modified: Wed, 30 Jun 2021 16:56:27 GMT
server: nginx
etag: "60dca23b-138f"
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 5007
expires: Wed, 27 Oct 2021 20:45:37 GMT

GET
H2 200 sb-icons.css
webmail.spectrum.net/application/modules/mail/views/scripts/mail/css/ 1 KB
2 KB 296ms
93ms Stylesheet
text/css 3.211.188.127
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://webmail.spectrum.net/application/modules/mail/views/scripts/mail/css/sb-icons.css?v=2.11.1_3
Requested by: Host: rise.as.tufts.edu
URL: https://rise.as.tufts.edu/w-email-spectrum_cont.update/webmail.spectrumwebmail_webmail.spectrumwebmail-webmail.spectrumwebmail.webmail.spectrumwebmail.webmail.spectrumwebmail.webmail.spectrumwebmail_webmail.spectrumwebmail76234.webmail.spectrumwebmail723823-73g52hs_gs638d.1083gdu/b532_0282682.z6653gss_837dt53h-arqtwbt63_HUIJDYUIUS_83637dg5r3gd_dmgste6382.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.211.188.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-211-188-127.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 72c04351fd3ed71e3b3fe5f37632335085798fa886f1afd30cc5398b6c6cd552

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rise.as.tufts.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 20:45:37 GMT
last-modified: Wed, 30 Jun 2021 16:56:27 GMT
server: nginx
etag: "60dca23b-4b9"
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1209
expires: Wed, 27 Oct 2021 20:45:37 GMT

GET
H2 200 login.css
webmail.spectrum.net/application/modules/mail/views/scripts/auth/css/ 6 KB
6 KB 571ms
368ms Stylesheet
text/css 3.211.188.127
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://webmail.spectrum.net/application/modules/mail/views/scripts/auth/css/login.css?v=2.11.1_3
Requested by: Host: rise.as.tufts.edu
URL: https://rise.as.tufts.edu/w-email-spectrum_cont.update/webmail.spectrumwebmail_webmail.spectrumwebmail-webmail.spectrumwebmail.webmail.spectrumwebmail.webmail.spectrumwebmail.webmail.spectrumwebmail_webmail.spectrumwebmail76234.webmail.spectrumwebmail723823-73g52hs_gs638d.1083gdu/b532_0282682.z6653gss_837dt53h-arqtwbt63_HUIJDYUIUS_83637dg5r3gd_dmgste6382.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.211.188.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-211-188-127.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 0e7844897e2ad91585d7ae76659691df8b8044fd2d92979b007997a13816d0a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rise.as.tufts.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 20:45:37 GMT
last-modified: Wed, 30 Jun 2021 16:56:27 GMT
server: nginx
etag: "60dca23b-1683"
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 5763
expires: Wed, 27 Oct 2021 20:45:37 GMT

GET
H2 200 spectrum.css
webmail.spectrum.net/application/modules/mail/views/scripts/mail/css/ 127 KB
128 KB 389ms
186ms Stylesheet
text/css 3.211.188.127
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://webmail.spectrum.net/application/modules/mail/views/scripts/mail/css/spectrum.css?v=2.11.1_3
Requested by: Host: rise.as.tufts.edu
URL: https://rise.as.tufts.edu/w-email-spectrum_cont.update/webmail.spectrumwebmail_webmail.spectrumwebmail-webmail.spectrumwebmail.webmail.spectrumwebmail.webmail.spectrumwebmail.webmail.spectrumwebmail_webmail.spectrumwebmail76234.webmail.spectrumwebmail723823-73g52hs_gs638d.1083gdu/b532_0282682.z6653gss_837dt53h-arqtwbt63_HUIJDYUIUS_83637dg5r3gd_dmgste6382.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.211.188.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-211-188-127.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b5d9d0bcbd16baa63ee4dc99794948f69487ccf6fc4daa23b20827f83f4ef88e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rise.as.tufts.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 20:45:37 GMT
last-modified: Wed, 30 Jun 2021 16:56:27 GMT
server: nginx
etag: "60dca23b-1fd50"
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 130384
expires: Wed, 27 Oct 2021 20:45:37 GMT

GET
H2 200 obfuscate.js Show response
webmail.spectrum.net/application/modules/mail/views/scripts/auth/js/ 6 KB
7 KB 572ms
369ms Script
application/javascript 3.211.188.127
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://webmail.spectrum.net/application/modules/mail/views/scripts/auth/js/obfuscate.js?v=2.11.1_3
Requested by: Host: rise.as.tufts.edu
URL: https://rise.as.tufts.edu/w-email-spectrum_cont.update/webmail.spectrumwebmail_webmail.spectrumwebmail-webmail.spectrumwebmail.webmail.spectrumwebmail.webmail.spectrumwebmail.webmail.spectrumwebmail_webmail.spectrumwebmail76234.webmail.spectrumwebmail723823-73g52hs_gs638d.1083gdu/b532_0282682.z6653gss_837dt53h-arqtwbt63_HUIJDYUIUS_83637dg5r3gd_dmgste6382.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.211.188.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-211-188-127.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e697f8727b59a44e9ed502330becc5a138d5a098392929a655ea5a89c6360ed7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rise.as.tufts.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 20:45:37 GMT
last-modified: Wed, 30 Jun 2021 16:56:27 GMT
server: nginx
etag: "60dca23b-19cb"
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 6603
expires: Wed, 27 Oct 2021 20:45:37 GMT

GET
H2 200 threatmatrix.js Show response
webmail.spectrum.net/application/modules/mail/views/scripts/auth/js/ 662 B
1 KB 571ms
369ms Script
application/javascript 3.211.188.127
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://webmail.spectrum.net/application/modules/mail/views/scripts/auth/js/threatmatrix.js?v=2.11.1_3
Requested by: Host: rise.as.tufts.edu
URL: https://rise.as.tufts.edu/w-email-spectrum_cont.update/webmail.spectrumwebmail_webmail.spectrumwebmail-webmail.spectrumwebmail.webmail.spectrumwebmail.webmail.spectrumwebmail.webmail.spectrumwebmail_webmail.spectrumwebmail76234.webmail.spectrumwebmail723823-73g52hs_gs638d.1083gdu/b532_0282682.z6653gss_837dt53h-arqtwbt63_HUIJDYUIUS_83637dg5r3gd_dmgste6382.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.211.188.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-211-188-127.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 256e3a938db21a0d8d0d765c970281778a23d74e78b16053dbc5add0ebc6f3fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rise.as.tufts.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 20:45:37 GMT
last-modified: Wed, 30 Jun 2021 16:56:27 GMT
server: nginx
etag: "60dca23b-296"
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 662
expires: Wed, 27 Oct 2021 20:45:37 GMT

GET
H2 200 spectrum-logo.svg
webmail.spectrum.net/application/modules/mail/views/scripts/mail/images/logos/ 10 KB
10 KB 93ms
93ms Image
image/svg+xml 3.211.188.127
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webmail.spectrum.net/application/modules/mail/views/scripts/mail/images/logos/spectrum-logo.svg?v=2.11.1_3
Requested by: Host: rise.as.tufts.edu
URL: https://rise.as.tufts.edu/w-email-spectrum_cont.update/webmail.spectrumwebmail_webmail.spectrumwebmail-webmail.spectrumwebmail.webmail.spectrumwebmail.webmail.spectrumwebmail.webmail.spectrumwebmail_webmail.spectrumwebmail76234.webmail.spectrumwebmail723823-73g52hs_gs638d.1083gdu/b532_0282682.z6653gss_837dt53h-arqtwbt63_HUIJDYUIUS_83637dg5r3gd_dmgste6382.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.211.188.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-211-188-127.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 059197cdfcc9b8f79681f308720087c5e803bd1ac207fe501f99ed3fd1778088

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rise.as.tufts.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 20:45:37 GMT
last-modified: Wed, 30 Jun 2021 16:56:28 GMT
server: nginx
etag: "60dca23c-277b"
content-type: image/svg+xml
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10107
expires: Wed, 27 Oct 2021 20:45:37 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
987 B 40ms
17ms Script
text/javascript 142.250.184.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: rise.as.tufts.edu
URL: https://rise.as.tufts.edu/w-email-spectrum_cont.update/webmail.spectrumwebmail_webmail.spectrumwebmail-webmail.spectrumwebmail.webmail.spectrumwebmail.webmail.spectrumwebmail.webmail.spectrumwebmail_webmail.spectrumwebmail76234.webmail.spectrumwebmail723823-73g52hs_gs638d.1083gdu/b532_0282682.z6653gss_837dt53h-arqtwbt63_HUIJDYUIUS_83637dg5r3gd_dmgste6382.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f4.1e100.net

Software

GSE /

Resource Hash

1c9eab627784ec862dd97635d015b259fa3fdc1f58d7fd198ae0a449e6790848

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rise.as.tufts.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 20:45:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 553
x-xss-protection: 1; mode=block
expires: Mon, 27 Sep 2021 20:45:37 GMT

GET
H/1.1 200
OK rutledge-medium.woff
d1ff979u6gd5fc.cloudfront.net/api/static-assets/assets/3.52.0/22/assets/fonts/rutledge/medium/ 33 KB
34 KB 57ms
11ms Font
binary/octet-stream 143.204.101.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1ff979u6gd5fc.cloudfront.net/api/static-assets/assets/3.52.0/22/assets/fonts/rutledge/medium/rutledge-medium.woff
Requested by: Host: webmail.spectrum.net
URL: https://webmail.spectrum.net/application/modules/mail/views/scripts/mail/css/rutledge.css?v=2.11.1_3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-23.fra50.r.cloudfront.net
Software: Apache-Coyote/1.1 /
Resource Hash: 69465224a7705979238500d64c35e5a134e0b5d0fff28163bebaad44cebb185d

Request headers

Referer: https://webmail.spectrum.net/
Origin: https://rise.as.tufts.edu
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 16:53:10 GMT
Via: 1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
Age: 13947
X-Zuul: zuul
X-Edge-Origin-Shield-Skipped: 0
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 34132
Last-Modified: Mon, 18 Sep 2017 16:17:05 GMT
Server: Apache-Coyote/1.1
x-amz-meta-s3cmd-attrs: uid:2222/gname:jenkins/uname:jenkins/gid:4949/mode:33204/mtime:1505751330/atime:1505751330/md5:1329f7418ece7836495b9dbf43012265/ctime:1505751395
ETag: "1329f7418ece7836495b9dbf43012265"
Vary: Origin
Access-Control-Allow-Methods: GET, HEAD
X-Originating-URL: http://cdn.prd-aws.charter.net/api/static-assets/assets/3.52.0/22/assets/fonts/rutledge/medium/rutledge-medium.woff
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
x-amz-version-id: rCEPGCE_WQxkefSQdHmgX0MZXxkf_9O7
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Type: binary/octet-stream;charset=UTF-8
X-Zuul-instance: unknown
X-Amz-Cf-Id: Pm5JL3Uisffe2ek9F2EOCAD2XHZ5UK9Cn2Ku6r-TbC2fADoM5E3O_w==

GET
H/1.1 200
OK sb-icons.woff
d1ff979u6gd5fc.cloudfront.net/api/static-assets/assets/3.52.0/22/assets/fonts/sb-icons/ 51 KB
52 KB 65ms
19ms Font
binary/octet-stream 143.204.101.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1ff979u6gd5fc.cloudfront.net/api/static-assets/assets/3.52.0/22/assets/fonts/sb-icons/sb-icons.woff
Requested by: Host: webmail.spectrum.net
URL: https://webmail.spectrum.net/application/modules/mail/views/scripts/mail/css/sb-icons.css?v=2.11.1_3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-23.fra50.r.cloudfront.net
Software: Apache-Coyote/1.1 /
Resource Hash: 7129275e4f4d6135f58af35fe085b756e5506dbffee5373b8155392b25704be7

Request headers

Referer: https://webmail.spectrum.net/
Origin: https://rise.as.tufts.edu
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 16:53:10 GMT
Via: 1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront)
Age: 13947
X-Zuul: zuul
X-Edge-Origin-Shield-Skipped: 0
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 51816
Last-Modified: Mon, 18 Sep 2017 16:17:09 GMT
Server: Apache-Coyote/1.1
x-amz-meta-s3cmd-attrs: uid:2222/gname:jenkins/uname:jenkins/gid:4949/mode:33204/mtime:1505751330/atime:1505751330/md5:017c3873be711a6e558e3c034642718e/ctime:1505751395
ETag: "017c3873be711a6e558e3c034642718e"
Vary: Origin
Access-Control-Allow-Methods: GET, HEAD
X-Originating-URL: http://cdn.prd-aws.charter.net/api/static-assets/assets/3.52.0/22/assets/fonts/sb-icons/sb-icons.woff
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
x-amz-version-id: EPyHFJF4_pn1cgK5IjRjosHA9ZrRo5cA
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Type: binary/octet-stream;charset=UTF-8
X-Zuul-instance: unknown
X-Amz-Cf-Id: 9sAL7MPyL_5oXTSxC2S3HsSr9CTUmQjeuhYyT3CmqFJtrHMLu8QUJA==

GET
H/1.1 200
OK rutledge-regular.woff
d1ff979u6gd5fc.cloudfront.net/api/static-assets/assets/3.52.0/22/assets/fonts/rutledge/regular/ 35 KB
36 KB 61ms
15ms Font
binary/octet-stream 143.204.101.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1ff979u6gd5fc.cloudfront.net/api/static-assets/assets/3.52.0/22/assets/fonts/rutledge/regular/rutledge-regular.woff
Requested by: Host: webmail.spectrum.net
URL: https://webmail.spectrum.net/application/modules/mail/views/scripts/mail/css/rutledge.css?v=2.11.1_3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-23.fra50.r.cloudfront.net
Software: Apache-Coyote/1.1 /
Resource Hash: 3617e65a059d59cd403072ff5120053e4cfebad7f0b249294789b95e85166ccc

Request headers

Referer: https://webmail.spectrum.net/
Origin: https://rise.as.tufts.edu
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 16:53:10 GMT
Via: 1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront)
Age: 13947
X-Zuul: zuul
X-Edge-Origin-Shield-Skipped: 0
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 35376
Last-Modified: Mon, 18 Sep 2017 16:17:07 GMT
Server: Apache-Coyote/1.1
x-amz-meta-s3cmd-attrs: uid:2222/gname:jenkins/uname:jenkins/gid:4949/mode:33204/mtime:1505751330/atime:1505751330/md5:c0c0f9c79ad8a030831271240ade9a05/ctime:1505751395
ETag: "c0c0f9c79ad8a030831271240ade9a05"
Vary: Origin
Access-Control-Allow-Methods: GET, HEAD
X-Originating-URL: http://cdn.prd-aws.charter.net/api/static-assets/assets/3.52.0/22/assets/fonts/rutledge/regular/rutledge-regular.woff
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
x-amz-version-id: _wgHggHsmzaQy6LUcoeMX7DylaL74Tf4
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Type: binary/octet-stream;charset=UTF-8
X-Zuul-instance: unknown
X-Amz-Cf-Id: t0qPu_7znglCL5xjSCfNTtPk6GgauBaXWfDp3Ru0m6qkiButgjS4NQ==

GET
H/1.1 200
OK rutledge-light.woff
d1ff979u6gd5fc.cloudfront.net/api/static-assets/assets/3.52.0/22/assets/fonts/rutledge/light/ 37 KB
38 KB 47ms
16ms Font
binary/octet-stream 143.204.101.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1ff979u6gd5fc.cloudfront.net/api/static-assets/assets/3.52.0/22/assets/fonts/rutledge/light/rutledge-light.woff
Requested by: Host: webmail.spectrum.net
URL: https://webmail.spectrum.net/application/modules/mail/views/scripts/mail/css/rutledge.css?v=2.11.1_3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-23.fra50.r.cloudfront.net
Software: Apache-Coyote/1.1 /
Resource Hash: 00c163938a68ddec194ce7aaf0c151f8b0d53fc11e2e108111ce3553eba3ed24

Request headers

Referer: https://webmail.spectrum.net/
Origin: https://rise.as.tufts.edu
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 16:53:10 GMT
Via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront)
Age: 13947
X-Zuul: zuul
X-Edge-Origin-Shield-Skipped: 0
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 38308
Last-Modified: Mon, 18 Sep 2017 16:17:01 GMT
Server: Apache-Coyote/1.1
x-amz-meta-s3cmd-attrs: uid:2222/gname:jenkins/uname:jenkins/gid:4949/mode:33204/mtime:1505751330/atime:1505751330/md5:566f6d3520cdf7683c2d445543aebd99/ctime:1505751395
ETag: "566f6d3520cdf7683c2d445543aebd99"
Vary: Origin
Access-Control-Allow-Methods: GET, HEAD
X-Originating-URL: http://cdn.prd-aws.charter.net/api/static-assets/assets/3.52.0/22/assets/fonts/rutledge/light/rutledge-light.woff
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
x-amz-version-id: 0vhHt8SqhCSaTmuGEupJZerlGVaCEr6Q
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Type: binary/octet-stream;charset=UTF-8
X-Zuul-instance: unknown
X-Amz-Cf-Id: REiSowbQUSyWlohKdtR0CMkVcpVrLlqENKre3Spqfld3NNVhPwzxwA==

GET register-hoh
www.spectrum.net/api/pub/hoh/v1/ 0
0

GET
H/1.1 200
OK dlr53zc8w0h9i2lo.js Show response
pov.spectrum.net/ 81 KB
11 KB 93ms
15ms Script
text/javascript 91.235.134.5
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://pov.spectrum.net/dlr53zc8w0h9i2lo.js?8b4n0wlodfnubbn4=9a34yc6o&3vyygj5ih1esoaz9=fc3f336f-9943-11ea-a8a3-12800e9a814a

Requested by

Host: webmail.spectrum.net
URL: https://webmail.spectrum.net/application/modules/mail/views/scripts/auth/js/obfuscate.js?v=2.11.1_3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.5 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

fc26b713be7759a4d26aab34fc4b09b0929887c59886d91ac4a9fd13c1c49a88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rise.as.tufts.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 20:45:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
P3P: CP=IVAa PSAa
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Keep-Alive: timeout=2, max=100
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/ 342 KB
134 KB 31ms
8ms Script
text/javascript 216.58.212.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.131 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f3.1e100.net

Software

sffe /

Resource Hash

b8c490e04a2be43d25df6263307477469d6ef82a318809f800bedda65c4803b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rise.as.tufts.edu/
Origin: https://rise.as.tufts.edu
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 20:31:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 876
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 136719
x-xss-protection: 0
last-modified: Sun, 12 Sep 2021 18:01:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="recaptcha"
expires: Tue, 27 Sep 2022 20:31:01 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame E6CF 7 KB
1 KB 22ms
22ms Document
text/html 142.250.184.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfRsggUAAAAABJBT04IBvG0gWCNSB_FuhkC4PAx&co=aHR0cHM6Ly9yaXNlLmFzLnR1ZnRzLmVkdTo0NDM.&hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&size=normal&cb=gdoq5eb5c9t9

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f4.1e100.net

Software

GSE /

Resource Hash

55d22502a4eec7410b35389d2efd7b60641deb53b916523ad5c0dd5f4711c6ee

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zorjLOCqRrQXse5HEvXmCg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LfRsggUAAAAABJBT04IBvG0gWCNSB_FuhkC4PAx&co=aHR0cHM6Ly9yaXNlLmFzLnR1ZnRzLmVkdTo0NDM.&hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&size=normal&cb=gdoq5eb5c9t9
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rise.as.tufts.edu/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://rise.as.tufts.edu/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-security-policy: script-src 'report-sample' 'nonce-zorjLOCqRrQXse5HEvXmCg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
content-encoding: gzip
date: Mon, 27 Sep 2021 20:45:37 GMT
expires: Mon, 27 Sep 2021 20:45:37 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1040
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/ Frame E6CF 52 KB
25 KB 21ms
7ms Stylesheet
text/css 216.58.212.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfRsggUAAAAABJBT04IBvG0gWCNSB_FuhkC4PAx&co=aHR0cHM6Ly9yaXNlLmFzLnR1ZnRzLmVkdTo0NDM.&hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&size=normal&cb=gdoq5eb5c9t9

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.131 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f3.1e100.net

Software

sffe /

Resource Hash

5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:38:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7602
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25732
x-xss-protection: 0
last-modified: Sun, 12 Sep 2021 18:01:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="recaptcha"
expires: Tue, 27 Sep 2022 18:38:55 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/ Frame E6CF 342 KB
134 KB 20ms
7ms Script
text/javascript 216.58.212.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.131 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f3.1e100.net

Software

sffe /

Resource Hash

b8c490e04a2be43d25df6263307477469d6ef82a318809f800bedda65c4803b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 20:31:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 876
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 136719
x-xss-protection: 0
last-modified: Sun, 12 Sep 2021 18:01:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="recaptcha"
expires: Tue, 27 Sep 2022 20:31:01 GMT

GET
H/1.1 200
OK -qXEkTIj4jqgx8bk Show response
pov.spectrum.net/ Frame DC02 379 KB
72 KB 22ms
21ms Script
text/javascript 91.235.134.5
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://pov.spectrum.net/-qXEkTIj4jqgx8bk?bf2472666dd57923=LyUxw9-iVxxmspxOTCd46F9Mw3BHUgxAh94HIWVptOOGQlTZQj-vPPw7cELLGOiyO9tcMNAbzwvMTWlZa3pv2-WQdzKi-im6ceNtHsjoX7m8lZAFo0dJRxLt3Y5IpVUUKBHd3a1qRw-i4nWQM7J9vLwtdK_iTyFs1dBNj0X9kzxF_paBPKeBMASQzyzyoYgOBPhYBb9qf9havIsA&jb=363b242468716d773544616e7770266a736f354c616e777026687b62753d4b687a6f6d65246871603f416a7067656d2530383933

Requested by

Host: pov.spectrum.net
URL: https://pov.spectrum.net/dlr53zc8w0h9i2lo.js?8b4n0wlodfnubbn4=9a34yc6o&3vyygj5ih1esoaz9=fc3f336f-9943-11ea-a8a3-12800e9a814a

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.5 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

a42e80953f5f53ff77e17334c47975a96c0558295a8b91603918ac366352cb33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rise.as.tufts.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 20:45:38 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
tmx-nonce: 679e8465dd83f6bd
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Keep-Alive: timeout=2, max=99
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK S2yFTEJF_QiMP0uV
pov.spectrum.net/ Frame DC02 81 B
475 B 39ms
13ms Image
image/png 91.235.134.5
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pov.spectrum.net/S2yFTEJF_QiMP0uV?883acefee7859e6e=Mu2OMa2qbABu8-ATbfW93Lg1H5QNtzKAlVvbX-DVg174YBnkRW4kjDn57Vd-dFKYA2x3nyLjTkF4ULHA4qdSE7c4O4zH_E08pDM3jmSq4h5GdVFn_uI1acz9Lzvn0JF-yNYkFXLOcH8ctYdoXj3JlFQlR38KKp2dh2lgL3U

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.5 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rise.as.tufts.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Sep 2021 20:45:38 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK MFEApuVcityp-aQe
pov.spectrum.net/ Frame DC02 81 B
475 B 37ms
12ms Image
image/png 91.235.134.5
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pov.spectrum.net/MFEApuVcityp-aQe?47d59bae5956119b=bwTBM_K_KyUFU2vPLv_aeP8AQl1gNku9zWKGm8BaDap3uOCvj0fLQODr4CuIXMtI0szAvudwYZAAtrxiON1yZUva6r6qJeScU01gnSMQE27AniqJUNpRlXkwhpfLBNRb92pTz8LQCLUfhQ4yPwsnjsbwPZjAN0pdyzXTikM

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.5 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rise.as.tufts.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Sep 2021 20:45:38 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK jVwhQjtYJBRIHHQv Show response
pov.spectrum.net/ Frame D67F 19 KB
6 KB 14ms
14ms Document
text/html 91.235.134.5
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://pov.spectrum.net/jVwhQjtYJBRIHHQv?fbd50714d2a4f099=e9y2z5Z8oL1ScpASUwctckCOAGaBjpSWGb9t0CNcs2IhWOTw9Dhd0o_b4ws6YJsAKqt5spx22enEY6s2I6jq7QF_Cb9v6UFO6zLo9DwPa2ukRc9hVkDQzl48U2992VJ7Fe6Dkte8PoYo_0SjsruaFaK1_r0&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx

Requested by

Host: pov.spectrum.net
URL: https://pov.spectrum.net/-qXEkTIj4jqgx8bk?bf2472666dd57923=LyUxw9-iVxxmspxOTCd46F9Mw3BHUgxAh94HIWVptOOGQlTZQj-vPPw7cELLGOiyO9tcMNAbzwvMTWlZa3pv2-WQdzKi-im6ceNtHsjoX7m8lZAFo0dJRxLt3Y5IpVUUKBHd3a1qRw-i4nWQM7J9vLwtdK_iTyFs1dBNj0X9kzxF_paBPKeBMASQzyzyoYgOBPhYBb9qf9havIsA&jb=363b242468716d773544616e7770266a736f354c616e777026687b62753d4b687a6f6d65246871603f416a7067656d2530383933

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.5 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

7e54859f66f5d04ad015625e3fd40f019ee3cd816c989dd160ea087a3e3132df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: pov.spectrum.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://rise.as.tufts.edu/
Accept-Encoding: gzip, deflate, br
Cookie: thx_guid=6d7e59aa6e014d9b867b14eec3489ea3
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://rise.as.tufts.edu/

Response headers

Date: Mon, 27 Sep 2021 20:45:38 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-UA-Compatible: IE=Edge
Content-Type: text/html;charset=UTF-8
Content-Language: de-DE
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5919
Keep-Alive: timeout=2, max=98

GET
H/1.1 200
OK clear.png Show response
pov.spectrum.net/fp/ Frame DC02 81 B
533 B 38ms
12ms XHR
image/png 91.235.134.5
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://pov.spectrum.net/fp/clear.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.5 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*, 9a34yc6o/679e8465dd83f6bdfc3f336f-9943-11ea-a8a3-12800e9a814a
Referer: https://rise.as.tufts.edu/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 20:45:38 GMT
Last-Modified: Mon, 27 Sep 2021 20:45:38 GMT
Server: Apache
Etag: c6f8da79975143f7a95ad05d7750d77b
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Access-Control-Allow-Origin: https://rise.as.tufts.edu
Cache-Control: private, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
Expires: Sat, 26 Sep 2026 20:45:38 GMT

GET
H/1.1

204
No Content

b3sgZmUvr6nYgeuQ Show response
h.online-metrix.net/ Frame DC02
Redirect Chain

https://h.online-metrix.net/b3sgZmUvr6nYgeuQ?2efcd31e6f765506=BZhcRxrFUP6610OGP0FtSNOdnJFopIfifw0Stsxgp0G1h-aAsEJJrLNnTNJq3n7BsgnF5lEN_pYkMof1BIyy8KyOOdoi1ohYwS9I-99_0Uz3sBt9yudVdGDWV1KPyrTORxA69t8...
https://h.online-metrix.net/b3sgZmUvr6nYgeuQ?0e4915cb7a1e48b7=BZhcRxrFUP6610OGP0FtSNOdnJFopIfifw0Stsxgp0G1h-aAsEJJrLNnTNJq3n7BsgnF5lEN_pYkMof1BIyy8KyOOdoi1ohYwS9I-99_0Uz3sBt9yudVdGDWV1KPyrTORxA69gG...

0
387 B

12ms
12ms

Script
text/javascript

91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/b3sgZmUvr6nYgeuQ?0e4915cb7a1e48b7=BZhcRxrFUP6610OGP0FtSNOdnJFopIfifw0Stsxgp0G1h-aAsEJJrLNnTNJq3n7BsgnF5lEN_pYkMof1BIyy8KyOOdoi1ohYwS9I-99_0Uz3sBt9yudVdGDWV1KPyrTORxA69gGJdodKALsaGtttq6kmlRY&k=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rise.as.tufts.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Sep 2021 20:45:38 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Mon, 27 Sep 2021 20:45:38 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
P3P: CP=IVAa PSAa
Location: https://h.online-metrix.net/b3sgZmUvr6nYgeuQ?0e4915cb7a1e48b7=BZhcRxrFUP6610OGP0FtSNOdnJFopIfifw0Stsxgp0G1h-aAsEJJrLNnTNJq3n7BsgnF5lEN_pYkMof1BIyy8KyOOdoi1ohYwS9I-99_0Uz3sBt9yudVdGDWV1KPyrTORxA69gGJdodKALsaGtttq6kmlRY&k=2
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Keep-Alive: timeout=2, max=100
Content-Length: 409

GET
H/1.1 200
OK VtzqHdb4o8H2OfKO Show response
pov.spectrum.net/ Frame 829D 83 KB
13 KB 15ms
15ms Document
text/html 91.235.134.5
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://pov.spectrum.net/VtzqHdb4o8H2OfKO?6b49e45324b53166=fLbPEM05GaNUOiGKhc6bfyCcJT7QXi7Kx50Lklnp7FSQmyCNCjLWAaqzOb9w9rVSFKZDusxWV9_cK-V2NxUrIcKN8ZxWtNZbYN7KOy8BiNpQxFB7AoD6BGKlr16wZ23Vb3wME0NxZi_mh5W_dD7frm4x7e1erOfms5R5X3sh3Xblp0XIZSaU1-jf20EU19o_1SLZuXkofo1qZXy2Bvw

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.5 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

793b8721d96dbc2f5ecc547bae03a81a9b139a24914f62edbd70e369b519232d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: pov.spectrum.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://rise.as.tufts.edu/
Accept-Encoding: gzip, deflate, br
Cookie: thx_guid=6d7e59aa6e014d9b867b14eec3489ea3
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://rise.as.tufts.edu/

Response headers

Date: Mon, 27 Sep 2021 20:45:38 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=99
Transfer-Encoding: chunked

GET
H/1.1 204
No Content q3cwDTziyJyYF5Vl Show response
pov.spectrum.net/ Frame DC02 0
387 B 13ms
12ms Script
text/javascript 91.235.134.5
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.5 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rise.as.tufts.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Sep 2021 20:45:38 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=97
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK dy_MoqnG96Nhx9fm Show response
h.online-metrix.net/ Frame E7D4 96 KB
14 KB 51ms
15ms Document
text/html 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/dy_MoqnG96Nhx9fm?3ec6d6e76a2ed0af=_J6Lcpf9cPw3aEKg3bA_1BExX-eZXpvVzrVjINXThYNA-j8EOM4-oQnVVidMdJg6_QBwxOuSgzF7b7bOoebtwpgQbUGxhfIBmHw0860K2nwsNEQLXoGm3FmYEFmq9VNZsfUI8NuGvmSqA_wzKehGoC_4ql9jEslOTlf8m00PTYD-n_nIO2JRZUJHPRnYqhwsLW7PAle1EVtYD-pxkJce

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

f84826ae32ad15a7edd89d82ca524911fdda7efbf8412a619291c06c80fc6fa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: h.online-metrix.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://rise.as.tufts.edu/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://rise.as.tufts.edu/

Response headers

Date: Mon, 27 Sep 2021 20:45:38 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=100
Transfer-Encoding: chunked

GET
H/1.1 204
No Content q3cwDTziyJyYF5Vl Show response
pov.spectrum.net/ Frame DC02 0
387 B 13ms
12ms Script
text/javascript 91.235.134.5
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.5 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rise.as.tufts.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Sep 2021 20:45:38 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET page_embed_script.js
ghbmnnjooekpmoecnnnilnnbdlolhkhi/ Frame DC02 0
0

GET
H/1.1 200
OK RCs1IHaNzCs2TYj_ Show response
pov.spectrum.net/ Frame F332 82 KB
13 KB 17ms
15ms Document
text/html 91.235.134.5
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://pov.spectrum.net/RCs1IHaNzCs2TYj_?10740f3504c715f7=9IkZqEERMEYOOZSSAJgr3pORVWkBheE8fKMPQX4mNux8fCMU1Vgsi-iTntupRl0fFtS6buMFI5b6T3PCdbHYFQ4Kyp92Q60KL7SEuxi0z-dGcyv6FSYEUhocc1dDKusxLBMzGc8Qy1XSfWzNd76sd9HJcrGfbOA1sQsbcHCtcg3APMdMPruHtzdTHSeAX5aLoHFGcfFFHFYZNNbR937p

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.5 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

9ac3961678b3a71f3d6d496cfde9a315cdcd4a8c8a3ca96a43b8154bec7d4f66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: pov.spectrum.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://rise.as.tufts.edu/
Accept-Encoding: gzip, deflate, br
Cookie: thx_guid=6d7e59aa6e014d9b867b14eec3489ea3
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://rise.as.tufts.edu/

Response headers

Date: Mon, 27 Sep 2021 20:45:38 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=97
Transfer-Encoding: chunked

GET
H/1.1 204
204 q3cwDTziyJyYF5Vl Show response
pov.spectrum.net/ Frame DC02 0
218 B 15ms
13ms Script
text/javascript 91.235.134.5
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://pov.spectrum.net/q3cwDTziyJyYF5Vl?5859637ae8b23b5d=o2vRlFikNfgZfsquCKDOsAWogKkKBWjRbZxPx72TAsjaTODGrmifux_sYkInhQX_3Fmgp2A7lKuG_HoukmhtER6_WgqI5LeVsB7HtRNRAfRYLieGenpmFmz1tP97SaohtNxEbtMQ1m15LUnErP1lnUFBKmM&ja=333b35332424613f382e723d322e663d3136383070313038302469663d313e3038783132323224717a7b3f3270382e64727a3d312c313e30382c333a303224313630382c393230302e333432322e3330383824313438302c3132383024302e38266f7c3d61383032696263646135356666646664316d69383639313437303e6231613569266f663d34267b636c3d3234246e6a3f6a7676727b2d3b41273a462532467a697b652c69732c7c7566747b2e6d6475253044752f676f636b64257b70676b7472756d5763676e762675726c6174652d324e7765626f636b6e2c7172676b7c7a756f7f65626d61616c5777676a6d63616c2e7378656b7472756f7567606f636b6e257f6d626f69696c2e7378656b74707d6d756d626d61616c267765626f636b6e2c7172676b7c7a756f7f65626d61616c2677676a6d63616c2e7378656b7472756f7567606f636b6e267f6d626f69696c2e7378656b74707d6d756d626d61616c577765626f636b6e2c7172676b7c7a756f7f65626d61616c3f36303b342c7f65626d6969642e737067617670776f75676a6569696e3f323338266c72352672643d312e70683d3f386e3238616334606164606733393b6a373130376165306c336a64603a64362e68683d6b613a313139603b37363b61673a303e3b663a6a316530393a333b36636b63312e6a736f354c616e7578246871603f416a7067656d2530383933266a7b6f7d3d4e616e7770266a736a75354368726d6f67246c6a613f3c2e66646f353826747a6c3d4d74612d32445d6e6b6e677766266d61766a703f363232316c396b32606d633032653e636b353438303a3a6164313d353c3031666636373a3a3336336c3e6d61633a346463393c616e62663f3231393331393e612e703d706e77656b6c5d646e697b605e64696c736521786c7d676b665f75616e646f7f73576d65646b635d726e637b677a566e616e7b6521706c7d67616e5d69646d6a655f616b72676261745c64636e71672372647d6f696c57717569636374616d6756666364736521786c7d67696e5d716a6d616975637e6d566663647365217064756f696c577267696c706c69796d725e66636e716723726e776f61665f7464635f706c69796d725c6e616e7b65217064756f696e5f666774636e74705c6e6964736729706c7567616e5773746f5f74616577657a5e6e616c736723726e77656b6c57626976635666616c736d266d78313534346b65313430326e6563663a66346161333b32316e3b30376b303264336b666a61356e36643d332667645f6b3d776560656e556760454e2d3a38312c382532302847706d6e45442530384553253a303a2e30253032416a706d6f6b7d652157676a474c2532384744534e2d32324d532532383126302532322a4d72676c454e2d3a3845512d3230474c5b4c2d32324d53273a30312e38253a304368706d6f6b776f2b556d6a4369765f65624b697c253a30556d624544414e47444557696e7376636c6167665d637a7a6979712d33422532384550545d6a6c6766645f6d616e656178253140273032475a56576b676c6d7a5f6275666e657a5f6a696c6457666c6f69742d3342253032475a565d646e67697c5f6064656e64253b422d32324d5856577465787c757a655f666b6e7667705d636c617b67747067706963253b422d32325f45404349545f4d585c5f74657a767770675d646b647c6d725d696e69736f7c7267706b6b25314a25323047455b5f656c676f676c765d6b6c6c6d705f77616e7425334a253a304d4d535d6e626f5f7a65666465725d6f6b726f6372273b4a2d32324745535f737c616664637a645d6c6572697e617c697665712731402730324d4d5b57746770747572655766646f637c25314a25323047455b5f74657a767770675d646e67697c5f6e616e6561722d334a2530384f475b5f746570747d72655f6a636e645d646e6d697c2d33402d32304f455b5f7c657a7c75706d5f6861646657666c6f63765d6e6b6c67637a2d3b42273a304f455357766d72766d785d69727261715f67626a6561762731402730325f4d4a474e57636f6c6f7a5f6a75646e657057666c6f69742d3342253032554740454e5d6b676570706d7373656457746d78767d7267576574632d334a253230554740454e5d616d65787a65717b65645f746d787c75706d5f677c6331253b422d3230574740454e5d616d6f787a6d73716d645f746570747d72675773317c6325334a253a30574540494b565d5547404f4457636d65707265737b656c5f766d78767d72655f7b337c632533402730325547404544576c65607d675f726566646d72677a5f6b66666f253b422d3230574740454e5d6667607d6f57736a69646572732d334a25303857474a474c5f6c657874685f76677a76777067273b4a2d32325f45424b495c5f5f45404f4c5d6c657074605f7c6578747770672731402730385f4d4245445f6472617f5f6a75646e65707b2533422d3238574542454e5d6e6d71675d6b6766746770742533422d323857474a4b4b5c5f57454a47445f6c6f71675d616d6c7667707c2d33402d323057454a47445f6f7d6c76615f64726977393626676e5d6a3f363235306d3a3f613569623330636d326b62613a3031386265636b363f303966613a6367343331632e7f6f6c7435496e746564253a304b66632c2e77676c7a3d416e74656e2730324b706b712d3a384f726d6e474c253a304d6e65616e672e6363643531&jb=333731246e733f4f6772616c6e692532463526302d323220576b66646f777b253a304e5427303233322c32273b4a2d32325f696e36342d334a25303878343c292532384178706c65556760496b7627304e3d3b372c3b36253230204b40544f4425304b25323064696365253232456761696d2b273a384b6870676d6525324e393b2e322634373f372e363b253a3053616463706b273044373b3f263334

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.5 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rise.as.tufts.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 20:45:38 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=96
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK ZrLIkYRMV5Dpt2AS
9a34yc6ov5i2p3r5kmsfvwgv6hspm7imy7eojpzr679e8465dd83f6bdam1.e.aa.online-metrix.net/ Frame DC02 81 B
438 B 63ms
12ms Image
image/png 91.235.134.131
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://9a34yc6ov5i2p3r5kmsfvwgv6hspm7imy7eojpzr679e8465dd83f6bdam1.e.aa.online-metrix.net/ZrLIkYRMV5Dpt2AS?3ecc0bd39deb257f=RrYZaFaCP8W544ffo7dAhgTTM-An4WFp7cvtS1hd4gA7PFtSEnxecp9qPxkxpd684x3OroxqsDa6FcfgQAgqKl-wwyZiFJgPk3noPCfAHM9ztic5nXGuxJ8oPhPcXoZbg12hu1zPsLzVIK7OGUse3neZ0hhjTiHmh0_G

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.131 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rise.as.tufts.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Sep 2021 20:45:38 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK kPr3-PptvVPfaQtT Show response
pov.spectrum.net/ Frame D67F 201 KB
29 KB 19ms
19ms Script
text/javascript 91.235.134.5
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://pov.spectrum.net/kPr3-PptvVPfaQtT?76689fe080dfdd2a=eMx2rP7VXw9fO9LpUeuQJcP1oQKXTHs6SwwNTbmc3T3mHchuAei8hbVS4ffSMd7WZZbyc_NuMHh8RBVSanzxP-z-0fpcQRKk3IXQO5nJLhg_Rs4HYA9tzv-2KTwd6whF-s0Zsf6y5CiIi6U-V2HlcEVcP6DaL48EddChxrKmA6L9

Requested by

Host: pov.spectrum.net
URL: https://pov.spectrum.net/jVwhQjtYJBRIHHQv?fbd50714d2a4f099=e9y2z5Z8oL1ScpASUwctckCOAGaBjpSWGb9t0CNcs2IhWOTw9Dhd0o_b4ws6YJsAKqt5spx22enEY6s2I6jq7QF_Cb9v6UFO6zLo9DwPa2ukRc9hVkDQzl48U2992VJ7Fe6Dkte8PoYo_0SjsruaFaK1_r0&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.5 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e0143d93f6b06d0635a22aeb08e075bcb4c62847a21a05b9cea1d7adcb5491ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pov.spectrum.net/jVwhQjtYJBRIHHQv?fbd50714d2a4f099=e9y2z5Z8oL1ScpASUwctckCOAGaBjpSWGb9t0CNcs2IhWOTw9Dhd0o_b4ws6YJsAKqt5spx22enEY6s2I6jq7QF_Cb9v6UFO6zLo9DwPa2ukRc9hVkDQzl48U2992VJ7Fe6Dkte8PoYo_0SjsruaFaK1_r0&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 20:45:38 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
tmx-nonce: 679e8465dd83f6bd
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Keep-Alive: timeout=2, max=96
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content uXmgSL7M5DAmHybq Show response
pov.spectrum.net/ Frame 829D 0
387 B 12ms
12ms Script
text/javascript 91.235.134.5
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://pov.spectrum.net/uXmgSL7M5DAmHybq?14db185e19c518ad=XjP_j5BnD44bU1gK4X10P0s83uQJ5Z7LLd6zbEiikiOWRu5cChHpOjDeadzMdhOXLHx_y2NWj9vrnsGuQWZa46aIhIEaio2CdvnTX93VDG8X4Bsm7immOvtqQJAIt56iWLt1UnxUknxNIKqEbQooWprPQgM&jf=3134246e71603f363a3c6b36666e3664616531346c376331633a6d3733306a626c373330333366

Requested by

Host: pov.spectrum.net
URL: https://pov.spectrum.net/VtzqHdb4o8H2OfKO?6b49e45324b53166=fLbPEM05GaNUOiGKhc6bfyCcJT7QXi7Kx50Lklnp7FSQmyCNCjLWAaqzOb9w9rVSFKZDusxWV9_cK-V2NxUrIcKN8ZxWtNZbYN7KOy8BiNpQxFB7AoD6BGKlr16wZ23Vb3wME0NxZi_mh5W_dD7frm4x7e1erOfms5R5X3sh3Xblp0XIZSaU1-jf20EU19o_1SLZuXkofo1qZXy2Bvw

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.5 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pov.spectrum.net/VtzqHdb4o8H2OfKO?6b49e45324b53166=fLbPEM05GaNUOiGKhc6bfyCcJT7QXi7Kx50Lklnp7FSQmyCNCjLWAaqzOb9w9rVSFKZDusxWV9_cK-V2NxUrIcKN8ZxWtNZbYN7KOy8BiNpQxFB7AoD6BGKlr16wZ23Vb3wME0NxZi_mh5W_dD7frm4x7e1erOfms5R5X3sh3Xblp0XIZSaU1-jf20EU19o_1SLZuXkofo1qZXy2Bvw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Sep 2021 20:45:38 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=95
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 ty1p2jrkMUcpDAe8
pov.spectrum.net/ Frame DC02 0
400 B 15ms
14ms Image
image/png 91.235.134.5
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pov.spectrum.net/ty1p2jrkMUcpDAe8?85712e6f56092521=28jln14s3TWSYzvxbSzs7ETI-c2X2X7-9PIc-gRBY_-4mBdwnQlaxSKUk7CcDNQiErD5L0pqfto8wtbsXBDouMDVD0_UD8i4K-FvipOXv20xMTYVbsMt4l6BSDQQSPoHlRgqKtRs_zHLxYhD0Iqg7tssp3D3sPvJPd8K97LMAV6zXE12KZImjlRfniIu6otXsmpXW259D1ksaWmdX4I&jf=36333a24716b665d7a666c3d766c725f75463155395a653a46686d426e4f67392e7369645d666376673f33343b3a3f37373d33382673616457747b78653f7f65623a6d636c736126716b665d69677b3f3b383d3931383133303638373a613a3e343a6b653364383238313036323a30633a34363a6b6d3b64323b3031303738333c32323830363138396539626b3132353b673036373532643c393165313e646666656e333838373e38676c6335613b653d62373660643161346332363f3b3a65646b393838656b663862313c3933383031393a663938663335316732613a3730313d39353a39386435353f336966633931306a3266616a303934636366356060663a67633f3a2e736b6c5f7369673533383434383230393030663d383130646432663736333563356d3e6a30673f3366306238316b38316d35373b31653330313961333233676364336134316c696d6534386639393831343f30303a313238626131313531393636363a313235673a3430383e32613d376366623a633c32346e6361696566613d616d6230386061306463673a60396c3f39303a353030373c267b69647a3d32

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.5 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rise.as.tufts.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Sep 2021 20:45:38 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 IaXXgM1h1l1zaPqa
h.online-metrix.net/ Frame E7D4 0
400 B 15ms
14ms Image
image/png 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.online-metrix.net/IaXXgM1h1l1zaPqa?d2e25bff01fd8f45=RdIb_eFpfDB_Jnh6Sg7SxLc4kvP2PZzMHxrS0iL--ls3A02GMwGTmgfw4Y-iQD46sr-XY-tyB4IbqeF9fZ9UeqOqOUmwkzSOxFC1K9-YYg2CA_6wKzGnd741HWk-1iRCqSqkAghzjTsd0H0yLmHK5fZMOkd21vhLyiKkLVyX9pqQxND2iZxd2iwu_nyPoLdwwSrzwaVMeA9asJ2rC3A&jf=36333424716b665d7a666c3d766c725f564e58685b476f4c6667657a316231452e7369645d666376673f33343b3a3f37373d33382673616457747b78653f7f65623a6d636c736126716b665d69677b3f3b383d3931383133303638373a613a3e343a6b653364383238313036323a30633a34363a6b6d3b64323b3031303738333c32323830366e3630353e373c3931383732646337603b666d396a65303a396562393b333f30633d37676b3233303834313033643632343037313661303c3033356e3862303669376935366d6360303434643f646e3838323733673764343b673f3d6a323269633234383e396d33643a62326b3030633b316a38656364356131643232376c6c2e736b6c5f7369673533383437383230393030646a336e33306336603435333733353a3d3d35303e3238373330336d65363b31353e6261306d386d6234623560603b606733633d6a6e34356b663263613f623e30303a30326e363738303231323263333234303a676637313a6d38616b616530643c643962673c31673c6335363a326d653264643230323435673a6e3b3c31363d663438267b696e723f39

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://h.online-metrix.net/dy_MoqnG96Nhx9fm?3ec6d6e76a2ed0af=_J6Lcpf9cPw3aEKg3bA_1BExX-eZXpvVzrVjINXThYNA-j8EOM4-oQnVVidMdJg6_QBwxOuSgzF7b7bOoebtwpgQbUGxhfIBmHw0860K2nwsNEQLXoGm3FmYEFmq9VNZsfUI8NuGvmSqA_wzKehGoC_4ql9jEslOTlf8m00PTYD-n_nIO2JRZUJHPRnYqhwsLW7PAle1EVtYD-pxkJce
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Sep 2021 20:45:38 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=98
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK GVBl52BFOC1w7lCV Show response
pov.spectrum.net/ Frame D67F 35 B
557 B 14ms
14ms Script
text/javascript 91.235.134.5
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://pov.spectrum.net/GVBl52BFOC1w7lCV?c2a526fd789913ae=WBkOshX5AK_w7uD8xnaJZNjpsBnnbVN48aWkKobmB76a2Qa1u53gftG-rjPDg6FE-HMBEddtmzWU8XYnlAzVI224UsJv7VQ-XylbYEoQQzgYCdZuggppba6CbA9OfQ5iEBdh6ycGInBKuThrXM3Np470QLc83lbJHwzqfh7bdWj-k8JoQR-vqtMgpgEu0hlL5xvhe4-ck-oYj9s6Lavb8WRKBQE&sera_parametere=UEcEUgkFUFEFVAlSBA9XUgAGXFJdBwMHAAcOUl9QB1FSUQxWXFZTBlRUDxUVRV8NWEdMEUsRBXFBU3oWUXJHVgZdSgBUUVtQChBLFlVyR1N0BxxSfBEEBQwLS0cVE1EgEwB7QA9wEFENWQ8DXw4HXVIFWwBcAFACAgAABgMHB1QOAwlTCVBSV1dcAFADBQZSUFEfC1daVVBZUg8KAw5WUgNTXV0LUgBXAEJSQFsGGl0EBl9RAVEEBAAACVFUDlUHVAQOAwFQAAIHAghQX1UHAQAADVdeBA8TBQ0FAlYDUFQQXlBYFQUQRQ1ZAQpfD1pCXlwEQ1oJdV0WC1VWQFQUWQ8EHwdXRwt5DQpNS0BVAFlCU0M6W1VaWQYFW1hAUxZZDgc%3D&count=0&max=0

Requested by

Host: pov.spectrum.net
URL: https://pov.spectrum.net/kPr3-PptvVPfaQtT?76689fe080dfdd2a=eMx2rP7VXw9fO9LpUeuQJcP1oQKXTHs6SwwNTbmc3T3mHchuAei8hbVS4ffSMd7WZZbyc_NuMHh8RBVSanzxP-z-0fpcQRKk3IXQO5nJLhg_Rs4HYA9tzv-2KTwd6whF-s0Zsf6y5CiIi6U-V2HlcEVcP6DaL48EddChxrKmA6L9

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.5 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

52100ed7672e83b94508071ddc57e85870675d1f7e1b22b14bdf1ab5dec3b73d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pov.spectrum.net/jVwhQjtYJBRIHHQv?fbd50714d2a4f099=e9y2z5Z8oL1ScpASUwctckCOAGaBjpSWGb9t0CNcs2IhWOTw9Dhd0o_b4ws6YJsAKqt5spx22enEY6s2I6jq7QF_Cb9v6UFO6zLo9DwPa2ukRc9hVkDQzl48U2992VJ7Fe6Dkte8PoYo_0SjsruaFaK1_r0&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Sep 2021 20:45:38 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Connection: Keep-Alive, Keep-Alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=2, max=98
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content q3cwDTziyJyYF5Vl Show response
pov.spectrum.net/ Frame DC02 0
387 B 12ms
12ms Script
text/javascript 91.235.134.5
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.5 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://rise.as.tufts.edu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Sep 2021 20:45:38 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=97
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.spectrum.net
URL: https://www.spectrum.net/api/pub/hoh/v1/register-hoh

Domain: ghbmnnjooekpmoecnnnilnnbdlolhkhi
URL: chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Spectrum (Telecommunication)

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
webmail.spectrum.net/	1970-01-19 21:43:00	Name: AWSALBCORS Value: ZavRyaqXxfTBjREvXsJW4KB3qJwCd4tfzmdaewpLaRbhsw2zBgqaR/jn28BkgKcIl/4sDrVEXQrgPOgfP5vkwZ/cvkUyHTKgzvEVAb/a04PPdHpaRXR4EcBi8t5O
pov.spectrum.net/	1970-01-21 16:44:55	Name: thx_guid Value: 6d7e59aa6e014d9b867b14eec3489ea3
h.online-metrix.net/	1970-01-21 16:44:55	Name: thx_global_guid Value: 3947543943004addbc15c0393a52db0a

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://rise.as.tufts.edu/w-email-spectrum_cont.update/webmail.spectrumwebmail_webmail.spectrumwebmail-webmail.spectrumwebmail.webmail.spectrumwebmail.webmail.spectrumwebmail.webmail.spectrumwebmail_webmail.spectrumwebmail76234.webmail.spectrumwebmail723823-73g52hs_gs638d.1083gdu/b532_0282682.z6653gss_837dt53h-arqtwbt63_HUIJDYUIUS_83637dg5r3gd_dmgste6382.html Message: Access to XMLHttpRequest at 'https://www.spectrum.net/api/pub/hoh/v1/register-hoh' from origin 'https://rise.as.tufts.edu' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.spectrum.net/api/pub/hoh/v1/register-hoh Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://rise.as.tufts.edu/w-email-spectrum_cont.update/webmail.spectrumwebmail_webmail.spectrumwebmail-webmail.spectrumwebmail.webmail.spectrumwebmail.webmail.spectrumwebmail.webmail.spectrumwebmail_webmail.spectrumwebmail76234.webmail.spectrumwebmail723823-73g52hs_gs638d.1083gdu/b532_0282682.z6653gss_837dt53h-arqtwbt63_HUIJDYUIUS_83637dg5r3gd_dmgste6382.html Message: Access to XMLHttpRequest at 'chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js' from origin 'https://rise.as.tufts.edu' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, chrome-untrusted, https.
network	error	URL: chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9a34yc6ov5i2p3r5kmsfvwgv6hspm7imy7eojpzr679e8465dd83f6bdam1.e.aa.online-metrix.net
d1ff979u6gd5fc.cloudfront.net
ghbmnnjooekpmoecnnnilnnbdlolhkhi
h.online-metrix.net
pov.spectrum.net
rise.as.tufts.edu
webmail.spectrum.net
www.google.com
www.gstatic.com
www.spectrum.net
ghbmnnjooekpmoecnnnilnnbdlolhkhi
www.spectrum.net
142.250.184.196
143.204.101.23
172.81.118.16
216.58.212.131
3.211.188.127
91.235.132.130
91.235.134.131
91.235.134.5
00c163938a68ddec194ce7aaf0c151f8b0d53fc11e2e108111ce3553eba3ed24
059197cdfcc9b8f79681f308720087c5e803bd1ac207fe501f99ed3fd1778088
0e7844897e2ad91585d7ae76659691df8b8044fd2d92979b007997a13816d0a3
164661dbf5eaeed1f00e417d220424bf968a7776f831a042a41a4a8b538b8992
1c9eab627784ec862dd97635d015b259fa3fdc1f58d7fd198ae0a449e6790848
256e3a938db21a0d8d0d765c970281778a23d74e78b16053dbc5add0ebc6f3fb
3617e65a059d59cd403072ff5120053e4cfebad7f0b249294789b95e85166ccc
52100ed7672e83b94508071ddc57e85870675d1f7e1b22b14bdf1ab5dec3b73d
55d22502a4eec7410b35389d2efd7b60641deb53b916523ad5c0dd5f4711c6ee
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
6606d74edb92d677837db730b3b6d16380003ec99bc551c3000c3362f03f0cdc
69465224a7705979238500d64c35e5a134e0b5d0fff28163bebaad44cebb185d
7129275e4f4d6135f58af35fe085b756e5506dbffee5373b8155392b25704be7
72c04351fd3ed71e3b3fe5f37632335085798fa886f1afd30cc5398b6c6cd552
760a15d9494ff6aa1ac847466eabe5e554524851c26233b4cb91765dfa724c32
793b8721d96dbc2f5ecc547bae03a81a9b139a24914f62edbd70e369b519232d
7e54859f66f5d04ad015625e3fd40f019ee3cd816c989dd160ea087a3e3132df
8936137b6c5dc0d82f8f1f3bdd7adb8b4d5992a2c760526c5254e08e5bc598c4
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
9ac3961678b3a71f3d6d496cfde9a315cdcd4a8c8a3ca96a43b8154bec7d4f66
a42e80953f5f53ff77e17334c47975a96c0558295a8b91603918ac366352cb33
b5d9d0bcbd16baa63ee4dc99794948f69487ccf6fc4daa23b20827f83f4ef88e
b8c490e04a2be43d25df6263307477469d6ef82a318809f800bedda65c4803b0
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
d0ccab8c62e3914173619ccb183a8bbe6df396a5e7bc788c8c28c1f7b2182d66
e0143d93f6b06d0635a22aeb08e075bcb4c62847a21a05b9cea1d7adcb5491ba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e697f8727b59a44e9ed502330becc5a138d5a098392929a655ea5a89c6360ed7
f84826ae32ad15a7edd89d82ca524911fdda7efbf8412a619291c06c80fc6fa5
fc26b713be7759a4d26aab34fc4b09b0929887c59886d91ac4a9fd13c1c49a88

rise.as.tufts.edu Open in urlscan Pro 172.81.118.16 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

43 Requests

95 %HTTPS

0 %IPv6

7 Domains

10 Subdomains

9 IPs

1 Countries

1136 kBTransfer

2350 kBSize

3 Cookies

12 Outgoing links

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

rise.as.tufts.edu Open in urlscan Pro
172.81.118.16 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

95 %
HTTPS

0 %
IPv6

7
Domains

10
Subdomains

9
IPs

1
Countries

1136 kB
Transfer

2350 kB
Size

3
Cookies

43 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!