login.microsoftonline.com Open in urlscan Pro
2603:1026:3000:148::10 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://u29468721.ct.sendgrid.net/ls/click?upn=Fu5OgGSoIy06aMFYSG7T4iLb1CAikfevDNFROe-2FC3fnHHeanj3TLAPqNTjrYkcv-2Bke4I_uAGIKxVHnz...
Effective URL:
https://login.microsoftonline.com/1984aac0-7e83-4a2b-925d-f834a5a9cbd4/saml2?SAMLRequest=hZJBb6MwEIX%2FCvLdQAw0YIVU2a2qrdTVRg3dw94...
Submission: On September 23 via manual (September 23rd 2023, 2:53:36 am UTC) from US — Scanned from DE

Summary HTTP 39 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 2 countries across 12 domains to perform 39 HTTP transactions. The main IP is 2603:1026:3000:148::10, located in and belongs to . The main domain is login.microsoftonline.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on August 25th 2023. Valid for: a year.

This is the only time login.microsoftonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.115.147 167.89.115.147	11377 (SENDGRID) (SENDGRID)
12	34.107.177.173 34.107.177.173	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2600:9000:224... 2600:9000:2240:4e00:2:49a2:4500:93a1	16509 (AMAZON-02) (AMAZON-02)
1	34.120.236.141 34.120.236.141	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
11	2606:4700::68... 2606:4700::6812:83ec	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:9b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	34.120.16.65 34.120.16.65	() ()
1	2603:1026:300... 2603:1026:3000:148::10	() ()
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
39	12

1 167.89.115.147 (United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789115x147.outbound-mail.sendgrid.net

u29468721.ct.sendgrid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 34.107.177.173 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 173.177.107.34.bc.googleusercontent.com

bjc.culturenxt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2240:4e00:2:49a2:4500:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets4.lottiefiles.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.236.141 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 141.236.120.34.bc.googleusercontent.com

app-cdn.culturenxt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6812:83ec (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.16.65 (None, ) 1 redirects

ASN- ()

saml-api.salesnext.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2603:1026:3000:148::10 (None, )

ASN- ()

login.microsoftonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	culturenxt.com bjc.culturenxt.com app-cdn.culturenxt.com	756 KB
11	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 635	140 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 96 region1.google-analytics.com — Cisco Umbrella Rank: 1878	21 KB
2	gstatic.com fonts.gstatic.com	46 KB
2	lottiefiles.com assets4.lottiefiles.com — Cisco Umbrella Rank: 447220	12 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 111	176 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 113	1012 B
1	microsoftonline.com login.microsoftonline.com
1	salesnext.com 1 redirects saml-api.salesnext.com	957 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 958	304 B
1	sendgrid.net 1 redirects u29468721.ct.sendgrid.net	229 B
0	msftauth.net Failed aadcdn.msftauth.net Failed
39	12

	Domain	Requested by
12	bjc.culturenxt.com	bjc.culturenxt.com
11	cdn.cookielaw.org	bjc.culturenxt.com cdn.cookielaw.org
2	fonts.gstatic.com	fonts.googleapis.com
2	assets4.lottiefiles.com	bjc.culturenxt.com
2	region1.google-analytics.com	www.googletagmanager.com
2	www.googletagmanager.com	bjc.culturenxt.com www.googletagmanager.com
1	fonts.googleapis.com	bjc.culturenxt.com
1	login.microsoftonline.com	bjc.culturenxt.com
1	saml-api.salesnext.com	1 redirects
1	geolocation.onetrust.com	cdn.cookielaw.org
1	app-cdn.culturenxt.com	bjc.culturenxt.com
1	www.google-analytics.com	www.googletagmanager.com
1	u29468721.ct.sendgrid.net	1 redirects
0	aadcdn.msftauth.net Failed	login.microsoftonline.com
39	14

This site contains no links.

Subject Issuer	Validity	Valid
fieldawards.culturenxt.com GTS CA 1D4	`2023-09-18` - `2023-12-17`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.lottiefiles.com Amazon RSA 2048 M01	`2023-08-25` - `2024-09-22`	a year	crt.sh
app-cdn.culturenxt.com GTS CA 1D4	`2023-08-25` - `2023-11-23`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh
stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA	`2023-08-25` - `2024-08-25`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://login.microsoftonline.com/1984aac0-7e83-4a2b-925d-f834a5a9cbd4/saml2?SAMLRequest=hZJBb6MwEIX%2FCvLdQAw0YIVU2a2qrdTVRg3dw94GMySOwKYeE%2FXnLyWJ2l7ao%2FXevKeZz6vb174LTuhIW1OyRRizAI2yjTb7kj1X9zxnt%2BsVQd%2BJQW5GfzBP%2BDIi%2BWAaNCTPSslGZ6QF0iQN9EjSK7nb%2FH6UIozl4Ky3ynYs2BCh81PVT2to7NHt0J20wuenx5IdvB9IRtFbJIdBhwQdksFXHyrbR24qnbWIyEbQaaCoPioW3E2CNuDnDa4hnd1rE%2FZaOUu29dZ02uCcsyjyFEDFfIl5wlMQNS9E1vA2T1LIoFB1k849ggX31imcty5ZCx0hCx7uSga1QLFslqmAZdMWWbZo96rODkdID8d28tAWiPQJ36eIRnww5MH4kolYJDwuuEiqWMgskUkWFjf5PxZsL6f6oc0ZwVd3rc8mkr%2Bqasu3f3YVC%2F5eUU4GdgEn53b3kdjXwXDFxNbfQDnzGN5ArKKPZevL8%2FOnWf8H&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=TH7Bk7rue9Q922OenxaORUOdlWPtQqC%2B42raR0ZyJNLLxKXfFQwtkRcXd6VDC%2F4GM5Ty9OF7vB0qmt%2Bh5805p9ln8kzEV%2FpTjcIZNZj29bFesMAWy98rcSyt%2BOFJ%2BaWaGxNbIlQaSGwKBNXxVgchZEDZ7lPo%2F39qIRzyvGPewT2Z1Aa7BhhKiqZuA%2BPAPwlKj%2FTbY%2B2RB3TRkGLWjvE34R5TvbqwM4jNcV1DXxGSfbRIg0XvQtrb%2BVs%2F5TPGyxJLnfyMzVy35np0OyTJ5Ro%2B7e7CuaKtnZE0D5qnodwQYcskIrOhn0IL6PCYKu8fhEuXSn1CT4Q5j2RnT2PPo7%2BDYA%3D%3D
Frame ID: 7A3495958FE05781A51BF26294D36D31
Requests: 40 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://u29468721.ct.sendgrid.net/ls/click?upn=Fu5OgGSoIy06aMFYSG7T4iLb1CAikfevDNFROe-2FC3fnHHeanj3TLAPqNTjrYk... HTTP 302
https://bjc.culturenxt.com/ Page URL
https://saml-api.salesnext.com/rest/saml/login/projects/bjc HTTP 302
https://login.microsoftonline.com/1984aac0-7e83-4a2b-925d-f834a5a9cbd4/saml2?SAMLRequest=hZJBb6MwEIX%2FCvLdQAw... Page URL

Detected technologies

Nuxt.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/_nuxt/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Page Statistics

39
Requests

92 %
HTTPS

69 %
IPv6

12
Domains

14
Subdomains

12
IPs

2
Countries

1153 kB
Transfer

4743 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://u29468721.ct.sendgrid.net/ls/click?upn=Fu5OgGSoIy06aMFYSG7T4iLb1CAikfevDNFROe-2FC3fnHHeanj3TLAPqNTjrYkcv-2Bke4I_uAGIKxVHnzoGVmPcnUwHme7sKldOp-2BOrJLqpMe5y4iry7YcqYeZThAzBZMWn5rM1RTuktWHMqotRSehENR3vLhgl2iulVzOH7NE79XzLOTRb3o5pJ-2BEOMBQ3anfmEJ8MgyF6dg1LrgW8fjKd6ST6QgWRI8psW9wZR0XKIVjZ91EoGr5gSnp1xyrAf28yoRfLGMMgAXb4LOUJcWFKNtMiHXgKbJlLCbPFxQD2qoTufnSufKkb77508VkKdv-2Bkx12F9-2F7mTAeG-2FWa1fkLczIFZ6LamDRjlK6L2HL-2F-2Bt7WBgeJEWemGf1AQZ-2BsO2-2BZw8kk-2F0lwCcPDyUmPo1jCFk581p-2Fl1kRIQepKDXqs-2F0d04wAzhEysML2lZW5prqR0yXPwks4PVxDQQlj9eYqUZQkWpq8V7lQ-2FrSLz4zqs-2Fw-2BIxPwZqX-2FLRXD-2FvWzri1e9TcJcOY0LwZeHwD67fD0N6fLg9QOOoduUrJdo6hFhMcRfi0fzhJGLFvZlxiygikfnyoY6n HTTP 302
https://bjc.culturenxt.com/ Page URL
https://saml-api.salesnext.com/rest/saml/login/projects/bjc HTTP 302
https://login.microsoftonline.com/1984aac0-7e83-4a2b-925d-f834a5a9cbd4/saml2?SAMLRequest=hZJBb6MwEIX%2FCvLdQAw0YIVU2a2qrdTVRg3dw94GMySOwKYeE%2FXnLyWJ2l7ao%2FXevKeZz6vb174LTuhIW1OyRRizAI2yjTb7kj1X9zxnt%2BsVQd%2BJQW5GfzBP%2BDIi%2BWAaNCTPSslGZ6QF0iQN9EjSK7nb%2FH6UIozl4Ky3ynYs2BCh81PVT2to7NHt0J20wuenx5IdvB9IRtFbJIdBhwQdksFXHyrbR24qnbWIyEbQaaCoPioW3E2CNuDnDa4hnd1rE%2FZaOUu29dZ02uCcsyjyFEDFfIl5wlMQNS9E1vA2T1LIoFB1k849ggX31imcty5ZCx0hCx7uSga1QLFslqmAZdMWWbZo96rODkdID8d28tAWiPQJ36eIRnww5MH4kolYJDwuuEiqWMgskUkWFjf5PxZsL6f6oc0ZwVd3rc8mkr%2Bqasu3f3YVC%2F5eUU4GdgEn53b3kdjXwXDFxNbfQDnzGN5ArKKPZevL8%2FOnWf8H&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=TH7Bk7rue9Q922OenxaORUOdlWPtQqC%2B42raR0ZyJNLLxKXfFQwtkRcXd6VDC%2F4GM5Ty9OF7vB0qmt%2Bh5805p9ln8kzEV%2FpTjcIZNZj29bFesMAWy98rcSyt%2BOFJ%2BaWaGxNbIlQaSGwKBNXxVgchZEDZ7lPo%2F39qIRzyvGPewT2Z1Aa7BhhKiqZuA%2BPAPwlKj%2FTbY%2B2RB3TRkGLWjvE34R5TvbqwM4jNcV1DXxGSfbRIg0XvQtrb%2BVs%2F5TPGyxJLnfyMzVy35np0OyTJ5Ro%2B7e7CuaKtnZE0D5qnodwQYcskIrOhn0IL6PCYKu8fhEuXSn1CT4Q5j2RnT2PPo7%2BDYA%3D%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://u29468721.ct.sendgrid.net/ls/click?upn=Fu5OgGSoIy06aMFYSG7T4iLb1CAikfevDNFROe-2FC3fnHHeanj3TLAPqNTjrYkcv-2Bke4I_uAGIKxVHnzoGVmPcnUwHme7sKldOp-2BOrJLqpMe5y4iry7YcqYeZThAzBZMWn5rM1RTuktWHMqotRSehENR3vLhgl2iulVzOH7NE79XzLOTRb3o5pJ-2BEOMBQ3anfmEJ8MgyF6dg1LrgW8fjKd6ST6QgWRI8psW9wZR0XKIVjZ91EoGr5gSnp1xyrAf28yoRfLGMMgAXb4LOUJcWFKNtMiHXgKbJlLCbPFxQD2qoTufnSufKkb77508VkKdv-2Bkx12F9-2F7mTAeG-2FWa1fkLczIFZ6LamDRjlK6L2HL-2F-2Bt7WBgeJEWemGf1AQZ-2BsO2-2BZw8kk-2F0lwCcPDyUmPo1jCFk581p-2Fl1kRIQepKDXqs-2F0d04wAzhEysML2lZW5prqR0yXPwks4PVxDQQlj9eYqUZQkWpq8V7lQ-2FrSLz4zqs-2Fw-2BIxPwZqX-2FLRXD-2FvWzri1e9TcJcOY0LwZeHwD67fD0N6fLg9QOOoduUrJdo6hFhMcRfi0fzhJGLFvZlxiygikfnyoY6n HTTP 302
https://bjc.culturenxt.com/

39 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
bjc.culturenxt.com/
Redirect Chain

https://u29468721.ct.sendgrid.net/ls/click?upn=Fu5OgGSoIy06aMFYSG7T4iLb1CAikfevDNFROe-2FC3fnHHeanj3TLAPqNTjrYkcv-2Bke4I_uAGIKxVHnzoGVmPcnUwHme7sKldOp-2BOrJLqpMe5y4iry7YcqYeZThAzBZMWn5rM1RTuktWHMqot...
https://bjc.culturenxt.com/

4 KB
3 KB

185ms
127ms

Document
text/html

34.107.177.173
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://bjc.culturenxt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.177.173 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

173.177.107.34.bc.googleusercontent.com

Software

Resource Hash

c9bde738be22d42cfa2f7f00799cf3c1104f5337adf3a340e626db4994b9800d

Security Headers

Name

Value

Content-Security-Policy

default-src 'self' https://datastudio.google.com/ https://lookerstudio.google.com/ https://*.culturenxt.com https://assets4.lottiefiles.com https://c.bing.com 'unsafe-inline'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://tagmanager.google.com https://*.googletagmanager.com https://assets4.lottiefiles.com https://www.google-analytics.com https://cdn.cookielaw.org; font-src 'self' data: https://fonts.gstatic.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://tagmanager.google.com https://fonts.googleapis.com https://fonts.googleapis.com; img-src 'self' blob: data: https://cdn.cookielaw.org https://ssl.gstatic.com https://www.gstatic.com https://media.giphy.com https://*.google-analytics.com https://*.googletagmanager.com https://*.culturenxt.com https://play.google.com https://developer.apple.com; connect-src blob: https://privacyportal.onetrust.com https://geolocation.onetrust.com https://*.onetrust.com https://*.cookielaw.org https://*.culturenxt.com https://*.culturenxt.com https://assets4.lottiefiles.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://api.giphy.com; frame-ancestors 'self' https://lookerstudio.google.com/ https://datastudio.google.com teams.microsoft.com *.teams.microsoft.com *.skype.com

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-security-policy: default-src 'self' https://datastudio.google.com/ https://lookerstudio.google.com/ https://*.culturenxt.com https://assets4.lottiefiles.com https://c.bing.com 'unsafe-inline'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://tagmanager.google.com https://*.googletagmanager.com https://assets4.lottiefiles.com https://www.google-analytics.com https://cdn.cookielaw.org; font-src 'self' data: https://fonts.gstatic.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://tagmanager.google.com https://fonts.googleapis.com https://fonts.googleapis.com; img-src 'self' blob: data: https://cdn.cookielaw.org https://ssl.gstatic.com https://www.gstatic.com https://media.giphy.com https://*.google-analytics.com https://*.googletagmanager.com https://*.culturenxt.com https://play.google.com https://developer.apple.com; connect-src blob: https://privacyportal.onetrust.com https://geolocation.onetrust.com https://*.onetrust.com https://*.cookielaw.org https://*.culturenxt.com https://*.culturenxt.com https://assets4.lottiefiles.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://api.giphy.com; frame-ancestors 'self' https://lookerstudio.google.com/ https://datastudio.google.com teams.microsoft.com *.teams.microsoft.com *.skype.com
content-type: text/html; charset=utf-8
date: Sat, 23 Sep 2023 02:53:29 GMT
etag: "f78-DDJeQRF4l0O4s2EYtkqSFcK506k"
referrer-policy: no-referrer
vary: Accept-Encoding
via: 1.1 google

Redirect headers

Connection: keep-alive
Content-Length: 49
Content-Type: text/html; charset=utf-8
Date: Sat, 23 Sep 2023 02:53:29 GMT
Location: https://bjc.culturenxt.com
Server: nginx
X-Robots-Tag: noindex, nofollow

GET
H2 200 75d269c.js Show response
bjc.culturenxt.com/_nuxt/ 29 KB
6 KB 124ms
123ms Script
application/javascript 34.107.177.173
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://bjc.culturenxt.com/_nuxt/75d269c.js

Requested by

Host: bjc.culturenxt.com
URL: https://bjc.culturenxt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.177.173 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

173.177.107.34.bc.googleusercontent.com

Software

Resource Hash

339b74559022d1d09a9866a036b9b855e5be240674b182f472c3b0d2e821cbf3

Security Headers

Name

Value

Content-Security-Policy

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 02:53:29 GMT
content-encoding: gzip
via: 1.1 google
content-security-policy: default-src 'self' https://datastudio.google.com/ https://lookerstudio.google.com/ https://*.culturenxt.com https://assets4.lottiefiles.com https://c.bing.com 'unsafe-inline'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://tagmanager.google.com https://*.googletagmanager.com https://assets4.lottiefiles.com https://www.google-analytics.com https://cdn.cookielaw.org; font-src 'self' data: https://fonts.gstatic.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://tagmanager.google.com https://fonts.googleapis.com https://fonts.googleapis.com; img-src 'self' blob: data: https://cdn.cookielaw.org https://ssl.gstatic.com https://www.gstatic.com https://media.giphy.com https://*.google-analytics.com https://*.googletagmanager.com https://*.culturenxt.com https://play.google.com https://developer.apple.com; connect-src blob: https://privacyportal.onetrust.com https://geolocation.onetrust.com https://*.onetrust.com https://*.cookielaw.org https://*.culturenxt.com https://*.culturenxt.com https://assets4.lottiefiles.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://api.giphy.com; frame-ancestors 'self' https://lookerstudio.google.com/ https://datastudio.google.com teams.microsoft.com *.teams.microsoft.com *.skype.com
last-modified: Wed, 20 Sep 2023 01:00:54 GMT
referrer-policy: no-referrer
etag: W/"7479-18ab01ab170"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 8319ed7.js Show response
bjc.culturenxt.com/_nuxt/ 350 KB
120 KB 126ms
125ms Script
application/javascript 34.107.177.173
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://bjc.culturenxt.com/_nuxt/8319ed7.js

Requested by

Host: bjc.culturenxt.com
URL: https://bjc.culturenxt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.177.173 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

173.177.107.34.bc.googleusercontent.com

Software

Resource Hash

a49287cc88741bc17a21d4ab7eca6e3578e81b2d1040f87d4b100e40c37c4ec0

Security Headers

Name

Value

Content-Security-Policy

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 02:53:29 GMT
content-encoding: gzip
via: 1.1 google
content-security-policy: default-src 'self' https://datastudio.google.com/ https://lookerstudio.google.com/ https://*.culturenxt.com https://assets4.lottiefiles.com https://c.bing.com 'unsafe-inline'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://tagmanager.google.com https://*.googletagmanager.com https://assets4.lottiefiles.com https://www.google-analytics.com https://cdn.cookielaw.org; font-src 'self' data: https://fonts.gstatic.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://tagmanager.google.com https://fonts.googleapis.com https://fonts.googleapis.com; img-src 'self' blob: data: https://cdn.cookielaw.org https://ssl.gstatic.com https://www.gstatic.com https://media.giphy.com https://*.google-analytics.com https://*.googletagmanager.com https://*.culturenxt.com https://play.google.com https://developer.apple.com; connect-src blob: https://privacyportal.onetrust.com https://geolocation.onetrust.com https://*.onetrust.com https://*.cookielaw.org https://*.culturenxt.com https://*.culturenxt.com https://assets4.lottiefiles.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://api.giphy.com; frame-ancestors 'self' https://lookerstudio.google.com/ https://datastudio.google.com teams.microsoft.com *.teams.microsoft.com *.skype.com
last-modified: Wed, 20 Sep 2023 01:00:53 GMT
referrer-policy: no-referrer
etag: W/"578a5-18ab01aad88"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 3cbae36.js Show response
bjc.culturenxt.com/_nuxt/ 2 MB
466 KB 126ms
125ms Script
application/javascript 34.107.177.173
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://bjc.culturenxt.com/_nuxt/3cbae36.js

Requested by

Host: bjc.culturenxt.com
URL: https://bjc.culturenxt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.177.173 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

173.177.107.34.bc.googleusercontent.com

Software

Resource Hash

82c5b648e7431eccb1e0d3b2162f015889e63ecaef8f9875aedd4a130574f165

Security Headers

Name

Value

Content-Security-Policy

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 02:53:29 GMT
content-encoding: gzip
via: 1.1 google
content-security-policy: default-src 'self' https://datastudio.google.com/ https://lookerstudio.google.com/ https://*.culturenxt.com https://assets4.lottiefiles.com https://c.bing.com 'unsafe-inline'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://tagmanager.google.com https://*.googletagmanager.com https://assets4.lottiefiles.com https://www.google-analytics.com https://cdn.cookielaw.org; font-src 'self' data: https://fonts.gstatic.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://tagmanager.google.com https://fonts.googleapis.com https://fonts.googleapis.com; img-src 'self' blob: data: https://cdn.cookielaw.org https://ssl.gstatic.com https://www.gstatic.com https://media.giphy.com https://*.google-analytics.com https://*.googletagmanager.com https://*.culturenxt.com https://play.google.com https://developer.apple.com; connect-src blob: https://privacyportal.onetrust.com https://geolocation.onetrust.com https://*.onetrust.com https://*.cookielaw.org https://*.culturenxt.com https://*.culturenxt.com https://assets4.lottiefiles.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://api.giphy.com; frame-ancestors 'self' https://lookerstudio.google.com/ https://datastudio.google.com teams.microsoft.com *.teams.microsoft.com *.skype.com
last-modified: Wed, 20 Sep 2023 01:00:54 GMT
referrer-policy: no-referrer
etag: W/"1e78c8-18ab01ab170"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 9f29d63.js Show response
bjc.culturenxt.com/_nuxt/ 924 KB
116 KB 124ms
123ms Script
application/javascript 34.107.177.173
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://bjc.culturenxt.com/_nuxt/9f29d63.js

Requested by

Host: bjc.culturenxt.com
URL: https://bjc.culturenxt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.177.173 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

173.177.107.34.bc.googleusercontent.com

Software

Resource Hash

2a508bc979fbf6f20df6bb6be352b2e91bd49a633eb0f6ec070f6726107d3373

Security Headers

Name

Value

Content-Security-Policy

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 02:53:29 GMT
content-encoding: gzip
via: 1.1 google
content-security-policy: default-src 'self' https://datastudio.google.com/ https://lookerstudio.google.com/ https://*.culturenxt.com https://assets4.lottiefiles.com https://c.bing.com 'unsafe-inline'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://tagmanager.google.com https://*.googletagmanager.com https://assets4.lottiefiles.com https://www.google-analytics.com https://cdn.cookielaw.org; font-src 'self' data: https://fonts.gstatic.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://tagmanager.google.com https://fonts.googleapis.com https://fonts.googleapis.com; img-src 'self' blob: data: https://cdn.cookielaw.org https://ssl.gstatic.com https://www.gstatic.com https://media.giphy.com https://*.google-analytics.com https://*.googletagmanager.com https://*.culturenxt.com https://play.google.com https://developer.apple.com; connect-src blob: https://privacyportal.onetrust.com https://geolocation.onetrust.com https://*.onetrust.com https://*.cookielaw.org https://*.culturenxt.com https://*.culturenxt.com https://assets4.lottiefiles.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://api.giphy.com; frame-ancestors 'self' https://lookerstudio.google.com/ https://datastudio.google.com teams.microsoft.com *.teams.microsoft.com *.skype.com
last-modified: Wed, 20 Sep 2023 01:00:53 GMT
referrer-policy: no-referrer
etag: W/"e6f79-18ab01aad88"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 350 KB
92 KB 78ms
55ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NRLFHJK

Requested by

Host: bjc.culturenxt.com
URL: https://bjc.culturenxt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e9e8f89bb6ef64abac5d21675abbad78fa8d4eddd329aa74ba41f775beb02b49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 02:53:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 93939
x-xss-protection: 0
last-modified: Sat, 23 Sep 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 23 Sep 2023 02:53:29 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 39ms
7ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NRLFHJK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 23 Sep 2023 01:49:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3827
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 23 Sep 2023 03:49:43 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 239 KB
83 KB 25ms
23ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6GERH5VF5R&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NRLFHJK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

015576fe47f5680cadb3d820e7320190e9818daceb7fb34bdf14290c9b72f7d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 02:53:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85235
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 23 Sep 2023 02:53:30 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 41ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-6GERH5VF5R&gtm=45je39k0&_p=1336934839&cid=1066368024.1695437610&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1695437610&sct=1&seg=0&dl=https%3A%2F%2Fbjc.culturenxt.com%2F&dt=CultureNext%20-%20Employee%20Recognition&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6GERH5VF5R&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Sep 2023 02:53:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bjc.culturenxt.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lf30_bpru2nsg.json Show response
assets4.lottiefiles.com/private_files/ 51 KB
6 KB 69ms
10ms XHR
text/plain 2600:9000:2240:4e00:2:49a2:4500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets4.lottiefiles.com/private_files/lf30_bpru2nsg.json
Requested by: Host: bjc.culturenxt.com
URL: https://bjc.culturenxt.com/_nuxt/3cbae36.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:4e00:2:49a2:4500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fbaef668a9eedf9701e961d31d64f7d1be17e67fe4bac7f61240bd9503e4a2fe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-amz-version-id: Bo6tLC5iYYDBYLZJu1gRSz39H2eTi5Se
content-encoding: gzip
via: 1.1 6fd3ab2be93b19c970fb371964d46d94.cloudfront.net (CloudFront)
date: Sat, 23 Sep 2023 02:53:30 GMT
x-amz-cf-pop: FRA60-P1
age: 16
x-cache: Hit from cloudfront
last-modified: Wed, 09 Feb 2022 15:38:43 GMT
server: AmazonS3
etag: W/"6aef60b3727dd77a283483630c6f8d8a"
access-control-max-age: 1800
access-control-allow-methods: GET
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding,Origin
x-amz-cf-id: MJRbszzWqNPos8gdF7KX5WNWwBotM9Jq8EDPeyw1GHi3TcJcuwR8fw==

GET
H2 200 lf30_bpru2nsg.json Show response
assets4.lottiefiles.com/private_files/ 51 KB
6 KB 70ms
11ms Fetch
text/plain 2600:9000:2240:4e00:2:49a2:4500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets4.lottiefiles.com/private_files/lf30_bpru2nsg.json
Requested by: Host: bjc.culturenxt.com
URL: https://bjc.culturenxt.com/_nuxt/3cbae36.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:4e00:2:49a2:4500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fbaef668a9eedf9701e961d31d64f7d1be17e67fe4bac7f61240bd9503e4a2fe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-amz-version-id: Bo6tLC5iYYDBYLZJu1gRSz39H2eTi5Se
content-encoding: gzip
via: 1.1 6fd3ab2be93b19c970fb371964d46d94.cloudfront.net (CloudFront)
date: Sat, 23 Sep 2023 02:53:30 GMT
x-amz-cf-pop: FRA60-P1
age: 16
x-cache: Hit from cloudfront
last-modified: Wed, 09 Feb 2022 15:38:43 GMT
server: AmazonS3
etag: W/"6aef60b3727dd77a283483630c6f8d8a"
access-control-max-age: 1800
access-control-allow-methods: GET
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding,Origin
x-amz-cf-id: NRpbsxQXGRqWfLXKM0Hz1XcATCW9wfx2LKhGpPipMmGv6Ll_hYYb2w==

GET
H3 200 0f8e45a.js Show response
bjc.culturenxt.com/_nuxt/ 68 KB
20 KB 128ms
127ms Script
application/javascript 34.107.177.173
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://bjc.culturenxt.com/_nuxt/0f8e45a.js

Requested by

Host: bjc.culturenxt.com
URL: https://bjc.culturenxt.com/_nuxt/75d269c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.107.177.173 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

173.177.107.34.bc.googleusercontent.com

Software

Resource Hash

69fc87976a17e6312b47a024836622aac1213740047ac40d9e57d889d870f0b5

Security Headers

Name

Value

Content-Security-Policy

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 02:53:30 GMT
content-encoding: gzip
via: 1.1 google
content-security-policy: default-src 'self' https://datastudio.google.com/ https://lookerstudio.google.com/ https://*.culturenxt.com https://assets4.lottiefiles.com https://c.bing.com 'unsafe-inline'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://tagmanager.google.com https://*.googletagmanager.com https://assets4.lottiefiles.com https://www.google-analytics.com https://cdn.cookielaw.org; font-src 'self' data: https://fonts.gstatic.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://tagmanager.google.com https://fonts.googleapis.com https://fonts.googleapis.com; img-src 'self' blob: data: https://cdn.cookielaw.org https://ssl.gstatic.com https://www.gstatic.com https://media.giphy.com https://*.google-analytics.com https://*.googletagmanager.com https://*.culturenxt.com https://play.google.com https://developer.apple.com; connect-src blob: https://privacyportal.onetrust.com https://geolocation.onetrust.com https://*.onetrust.com https://*.cookielaw.org https://*.culturenxt.com https://*.culturenxt.com https://assets4.lottiefiles.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://api.giphy.com; frame-ancestors 'self' https://lookerstudio.google.com/ https://datastudio.google.com teams.microsoft.com *.teams.microsoft.com *.skype.com
last-modified: Wed, 20 Sep 2023 01:00:53 GMT
referrer-policy: no-referrer
etag: W/"10e3b-18ab01aad88"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 project-profile Show response
bjc.culturenxt.com/rest/ 3 KB
3 KB 302ms
301ms XHR
application/json 34.107.177.173
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://bjc.culturenxt.com/rest/project-profile
Requested by: Host: bjc.culturenxt.com
URL: https://bjc.culturenxt.com/_nuxt/8319ed7.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.177.173 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 173.177.107.34.bc.googleusercontent.com
Software: /
Resource Hash: 3a59e30f64dd88cc73c917beab13fae23f3abd245c558acf8db911e8ea28b4b1

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Sep 2023 02:53:31 GMT
via: 1.1 google
content-type: application/json;charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-application-context: application:production,actuator
expires: 0

GET
H3 200 branding Show response
bjc.culturenxt.com/rest/ 273 B
289 B 153ms
153ms XHR
application/json 34.107.177.173
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://bjc.culturenxt.com/rest/branding
Requested by: Host: bjc.culturenxt.com
URL: https://bjc.culturenxt.com/_nuxt/8319ed7.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.177.173 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 173.177.107.34.bc.googleusercontent.com
Software: /
Resource Hash: 20225b2a828a6df564691f0894c186878d4633ab5ad6d4dfc821b8fc17a14da2

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Sep 2023 02:53:31 GMT
via: 1.1 google
content-type: application/json;charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-application-context: application:production,actuator
expires: 0

GET
H2 200 658a42ac-7066-4cd9-a7de-3394673f8602.png Show response
app-cdn.culturenxt.com/bjc/ 15 KB
16 KB 487ms
443ms XHR
image/png 34.120.236.141
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://app-cdn.culturenxt.com/bjc/658a42ac-7066-4cd9-a7de-3394673f8602.png?Expires=4849037611&KeyName=url-key-2021-09-09&Signature=E-FPgJgOwowlzVo6dnABIv8hlMc=
Requested by: Host: bjc.culturenxt.com
URL: https://bjc.culturenxt.com/_nuxt/8319ed7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.236.141 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 141.236.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: a8e599e46621fd1d5f032f49c3c3841bfc446fe860464a0d33254fbd383817b3

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 02:53:31 GMT
x-guploader-uploadid: ADPycdsF7Fj_cQJWFgGWueeYxD54XSkupg-2BeyAy8JhXBQBGFLvf0XwQM4sXUWNBztOnu_es25yVkuvRbaW_68FKavm6PVOvMDs
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15733
last-modified: Wed, 09 Nov 2022 19:30:56 GMT
server: UploadServer
etag: "74a851bce5cbdc01479a67d547c320c6"
vary: Origin
x-goog-generation: 1668022256447570
content-type: image/png
access-control-allow-origin: https://bjc.culturenxt.com
x-goog-hash: crc32c=O01lYg==, md5=dKhRvOXL3AFHmmfVR8Mgxg==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: private,max-age=0,public
x-goog-stored-content-length: 15733
accept-ranges: bytes

GET
H3 200 messages Show response
bjc.culturenxt.com/rest/ 577 B
593 B 129ms
128ms XHR
application/json 34.107.177.173
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://bjc.culturenxt.com/rest/messages
Requested by: Host: bjc.culturenxt.com
URL: https://bjc.culturenxt.com/_nuxt/8319ed7.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.177.173 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 173.177.107.34.bc.googleusercontent.com
Software: /
Resource Hash: f640de038a2822e8a6500f5f6d96bf535254409660028438d537fabfac54b610

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Sep 2023 02:53:31 GMT
via: 1.1 google
content-type: application/json;charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-application-context: application:production,actuator
expires: 0

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 47ms
20ms Script
application/javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: bjc.culturenxt.com
URL: https://bjc.culturenxt.com/_nuxt/9f29d63.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d62ad0f23c60258f120e52cf68b2e1adff5c1bf5bde5ac8f8d6e5f4c4c64f34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 23 Sep 2023 02:53:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: h6ThlO7ea17v6JNPXbI1zQ==
age: 20788
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6822
x-ms-lease-status: unlocked
last-modified: Thu, 21 Sep 2023 18:23:17 GMT
server: cloudflare
etag: 0x8DBBACFD38A4097
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 3d42448e-901e-0002-79c4-ec873b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 80af7f735f3a380d-FRA

GET
H3 200 f48fd5a.js Show response
bjc.culturenxt.com/_nuxt/ 2 KB
930 B 122ms
121ms Script
application/javascript 34.107.177.173
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://bjc.culturenxt.com/_nuxt/f48fd5a.js

Requested by

Host: bjc.culturenxt.com
URL: https://bjc.culturenxt.com/_nuxt/75d269c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.107.177.173 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

173.177.107.34.bc.googleusercontent.com

Software

Resource Hash

733c9f89f3ee5513dcbda3d6a70caea3d944323c6ef593739134722f8d7a2f1a

Security Headers

Name

Value

Content-Security-Policy

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 02:53:32 GMT
content-encoding: gzip
via: 1.1 google
content-security-policy: default-src 'self' https://datastudio.google.com/ https://lookerstudio.google.com/ https://*.culturenxt.com https://assets4.lottiefiles.com https://c.bing.com 'unsafe-inline'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://tagmanager.google.com https://*.googletagmanager.com https://assets4.lottiefiles.com https://www.google-analytics.com https://cdn.cookielaw.org; font-src 'self' data: https://fonts.gstatic.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://tagmanager.google.com https://fonts.googleapis.com https://fonts.googleapis.com; img-src 'self' blob: data: https://cdn.cookielaw.org https://ssl.gstatic.com https://www.gstatic.com https://media.giphy.com https://*.google-analytics.com https://*.googletagmanager.com https://*.culturenxt.com https://play.google.com https://developer.apple.com; connect-src blob: https://privacyportal.onetrust.com https://geolocation.onetrust.com https://*.onetrust.com https://*.cookielaw.org https://*.culturenxt.com https://*.culturenxt.com https://assets4.lottiefiles.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://api.giphy.com; frame-ancestors 'self' https://lookerstudio.google.com/ https://datastudio.google.com teams.microsoft.com *.teams.microsoft.com *.skype.com
last-modified: Wed, 20 Sep 2023 01:00:54 GMT
referrer-policy: no-referrer
etag: W/"7d6-18ab01ab170"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 6db8bb67-832b-463d-8318-8dc15fd5e592.json Show response
cdn.cookielaw.org/consent/6db8bb67-832b-463d-8318-8dc15fd5e592/ 4 KB
2 KB 59ms
41ms XHR
application/x-javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/6db8bb67-832b-463d-8318-8dc15fd5e592/6db8bb67-832b-463d-8318-8dc15fd5e592.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a6a7a67c988257c9091038c6d6bc081cbbfab2156268b45fa044b9e94d479b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 23 Sep 2023 02:53:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-md5: AfLC4hX6t0vHbed46QBJPg==
content-length: 1672
x-ms-lease-status: unlocked
last-modified: Mon, 05 Jun 2023 18:40:21 GMT
server: cloudflare
etag: 0x8DB65F451834BFF
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 157f0901-a01e-008f-2864-e9b0e9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 80af7f73ab5e9165-FRA
expires: Sun, 24 Sep 2023 02:53:32 GMT

GET
H2 200 location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
304 B 137ms
26ms XHR
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 02:53:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 80af7f74a8229199-FRA
access-control-allow-headers: Content-Type

GET
H/1.1

200
OK

Primary Request saml2
login.microsoftonline.com/1984aac0-7e83-4a2b-925d-f834a5a9cbd4/
Redirect Chain

https://saml-api.salesnext.com/rest/saml/login/projects/bjc
https://login.microsoftonline.com/1984aac0-7e83-4a2b-925d-f834a5a9cbd4/saml2?SAMLRequest=hZJBb6MwEIX%2FCvLdQAw0YIVU2a2qrdTVRg3dw94GMySOwKYeE%2FXnLyWJ2l7ao%2FXevKeZz6vb174LTuhIW1OyRRizAI2yjTb7kj1X9z...

20 KB
0

197ms
104ms

Document
text/html

2603:1026:3000:148::10

General

Check archive.org

Show headers Download Go to

Full URL

https://login.microsoftonline.com/1984aac0-7e83-4a2b-925d-f834a5a9cbd4/saml2?SAMLRequest=hZJBb6MwEIX%2FCvLdQAw0YIVU2a2qrdTVRg3dw94GMySOwKYeE%2FXnLyWJ2l7ao%2FXevKeZz6vb174LTuhIW1OyRRizAI2yjTb7kj1X9zxnt%2BsVQd%2BJQW5GfzBP%2BDIi%2BWAaNCTPSslGZ6QF0iQN9EjSK7nb%2FH6UIozl4Ky3ynYs2BCh81PVT2to7NHt0J20wuenx5IdvB9IRtFbJIdBhwQdksFXHyrbR24qnbWIyEbQaaCoPioW3E2CNuDnDa4hnd1rE%2FZaOUu29dZ02uCcsyjyFEDFfIl5wlMQNS9E1vA2T1LIoFB1k849ggX31imcty5ZCx0hCx7uSga1QLFslqmAZdMWWbZo96rODkdID8d28tAWiPQJ36eIRnww5MH4kolYJDwuuEiqWMgskUkWFjf5PxZsL6f6oc0ZwVd3rc8mkr%2Bqasu3f3YVC%2F5eUU4GdgEn53b3kdjXwXDFxNbfQDnzGN5ArKKPZevL8%2FOnWf8H&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=TH7Bk7rue9Q922OenxaORUOdlWPtQqC%2B42raR0ZyJNLLxKXfFQwtkRcXd6VDC%2F4GM5Ty9OF7vB0qmt%2Bh5805p9ln8kzEV%2FpTjcIZNZj29bFesMAWy98rcSyt%2BOFJ%2BaWaGxNbIlQaSGwKBNXxVgchZEDZ7lPo%2F39qIRzyvGPewT2Z1Aa7BhhKiqZuA%2BPAPwlKj%2FTbY%2B2RB3TRkGLWjvE34R5TvbqwM4jNcV1DXxGSfbRIg0XvQtrb%2BVs%2F5TPGyxJLnfyMzVy35np0OyTJ5Ro%2B7e7CuaKtnZE0D5qnodwQYcskIrOhn0IL6PCYKu8fhEuXSn1CT4Q5j2RnT2PPo7%2BDYA%3D%3D

Requested by

Host: bjc.culturenxt.com
URL: https://bjc.culturenxt.com/_nuxt/f48fd5a.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2603:1026:3000:148::10 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache
Content-Encoding: gzip
Content-Length: 8862
Content-Type: text/html; charset=utf-8
Date: Sat, 23 Sep 2023 02:53:35 GMT
Expires: -1
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
x-ms-ests-server: 2.1.16314.5 - EUS ProdSlices
x-ms-request-id: 9aa73171-290f-4381-97c4-2291413d9500

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store
content-length: 0
date: Sat, 23 Sep 2023 02:53:35 GMT
location: https://login.microsoftonline.com/1984aac0-7e83-4a2b-925d-f834a5a9cbd4/saml2?SAMLRequest=hZJBb6MwEIX%2FCvLdQAw0YIVU2a2qrdTVRg3dw94GMySOwKYeE%2FXnLyWJ2l7ao%2FXevKeZz6vb174LTuhIW1OyRRizAI2yjTb7kj1X9zxnt%2BsVQd%2BJQW5GfzBP%2BDIi%2BWAaNCTPSslGZ6QF0iQN9EjSK7nb%2FH6UIozl4Ky3ynYs2BCh81PVT2to7NHt0J20wuenx5IdvB9IRtFbJIdBhwQdksFXHyrbR24qnbWIyEbQaaCoPioW3E2CNuDnDa4hnd1rE%2FZaOUu29dZ02uCcsyjyFEDFfIl5wlMQNS9E1vA2T1LIoFB1k849ggX31imcty5ZCx0hCx7uSga1QLFslqmAZdMWWbZo96rODkdID8d28tAWiPQJ36eIRnww5MH4kolYJDwuuEiqWMgskUkWFjf5PxZsL6f6oc0ZwVd3rc8mkr%2Bqasu3f3YVC%2F5eUU4GdgEn53b3kdjXwXDFxNbfQDnzGN5ArKKPZevL8%2FOnWf8H&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=TH7Bk7rue9Q922OenxaORUOdlWPtQqC%2B42raR0ZyJNLLxKXfFQwtkRcXd6VDC%2F4GM5Ty9OF7vB0qmt%2Bh5805p9ln8kzEV%2FpTjcIZNZj29bFesMAWy98rcSyt%2BOFJ%2BaWaGxNbIlQaSGwKBNXxVgchZEDZ7lPo%2F39qIRzyvGPewT2Z1Aa7BhhKiqZuA%2BPAPwlKj%2FTbY%2B2RB3TRkGLWjvE34R5TvbqwM4jNcV1DXxGSfbRIg0XvQtrb%2BVs%2F5TPGyxJLnfyMzVy35np0OyTJ5Ro%2B7e7CuaKtnZE0D5qnodwQYcskIrOhn0IL6PCYKu8fhEuXSn1CT4Q5j2RnT2PPo7%2BDYA%3D%3D
pragma: no-cache
via: 1.1 google

GET
H3 200 5ecc1fc.js
bjc.culturenxt.com/_nuxt/ 1 KB
705 B 184ms
183ms Script
application/javascript 34.107.177.173
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://bjc.culturenxt.com/_nuxt/5ecc1fc.js

Requested by

Host: bjc.culturenxt.com
URL: https://bjc.culturenxt.com/_nuxt/75d269c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.107.177.173 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

173.177.107.34.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name

Value

Content-Security-Policy

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 02:53:32 GMT
content-encoding: gzip
via: 1.1 google
content-security-policy: default-src 'self' https://datastudio.google.com/ https://lookerstudio.google.com/ https://*.culturenxt.com https://assets4.lottiefiles.com https://c.bing.com 'unsafe-inline'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://tagmanager.google.com https://*.googletagmanager.com https://assets4.lottiefiles.com https://www.google-analytics.com https://cdn.cookielaw.org; font-src 'self' data: https://fonts.gstatic.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://tagmanager.google.com https://fonts.googleapis.com https://fonts.googleapis.com; img-src 'self' blob: data: https://cdn.cookielaw.org https://ssl.gstatic.com https://www.gstatic.com https://media.giphy.com https://*.google-analytics.com https://*.googletagmanager.com https://*.culturenxt.com https://play.google.com https://developer.apple.com; connect-src blob: https://privacyportal.onetrust.com https://geolocation.onetrust.com https://*.onetrust.com https://*.cookielaw.org https://*.culturenxt.com https://*.culturenxt.com https://assets4.lottiefiles.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://api.giphy.com; frame-ancestors 'self' https://lookerstudio.google.com/ https://datastudio.google.com teams.microsoft.com *.teams.microsoft.com *.skype.com
last-modified: Wed, 20 Sep 2023 01:00:54 GMT
referrer-policy: no-referrer
etag: W/"4b5-18ab01ab170"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 css2
fonts.googleapis.com/ 8 KB
1012 B 96ms
17ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap

Requested by

Host: bjc.culturenxt.com
URL: https://bjc.culturenxt.com/_nuxt/8319ed7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 23 Sep 2023 02:53:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 23 Sep 2023 00:56:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 23 Sep 2023 02:53:32 GMT

GET
DATA 200
OK truncated
/ 15 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 null
bjc.culturenxt.com/en_US/redirect/ 4 KB
4 KB 181ms
181ms Image
text/html 34.107.177.173
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bjc.culturenxt.com/en_US/redirect/null

Protocol

Security

QUIC, , AES_128_GCM

Server

34.107.177.173 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

173.177.107.34.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name

Value

Content-Security-Policy

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bjc.culturenxt.com/en_US/redirect/sso
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Sat, 23 Sep 2023 02:53:32 GMT
content-encoding: gzip
via: 1.1 google
content-security-policy: default-src 'self' https://datastudio.google.com/ https://lookerstudio.google.com/ https://*.culturenxt.com https://assets4.lottiefiles.com https://c.bing.com 'unsafe-inline'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://tagmanager.google.com https://*.googletagmanager.com https://assets4.lottiefiles.com https://www.google-analytics.com https://cdn.cookielaw.org; font-src 'self' data: https://fonts.gstatic.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://tagmanager.google.com https://fonts.googleapis.com https://fonts.googleapis.com; img-src 'self' blob: data: https://cdn.cookielaw.org https://ssl.gstatic.com https://www.gstatic.com https://media.giphy.com https://*.google-analytics.com https://*.googletagmanager.com https://*.culturenxt.com https://play.google.com https://developer.apple.com; connect-src blob: https://privacyportal.onetrust.com https://geolocation.onetrust.com https://*.onetrust.com https://*.cookielaw.org https://*.culturenxt.com https://*.culturenxt.com https://assets4.lottiefiles.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://api.giphy.com; frame-ancestors 'self' https://lookerstudio.google.com/ https://datastudio.google.com teams.microsoft.com *.teams.microsoft.com *.skype.com
referrer-policy: no-referrer
etag: "f78-DDJeQRF4l0O4s2EYtkqSFcK506k"
vary: Accept-Encoding
content-type: text/html; charset=utf-8
accept-ranges: none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202305.1.0/ 403 KB
97 KB 23ms
21ms Script
application/javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202305.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 23 Sep 2023 02:53:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: fuN6EZWNAh2xn3yE+0HSRQ==
age: 19039
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 99428
x-ms-lease-status: unlocked
last-modified: Tue, 11 Jul 2023 02:35:48 GMT
server: cloudflare
etag: 0x8DB81B7897E828A
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 144c20d3-601e-002b-3b0c-b4ac5e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 80af7f74dfef380d-FRA

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
24 KB 32ms
8ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bjc.culturenxt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 03:38:46 GMT
x-content-type-options: nosniff
age: 170086
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Sep 2024 03:38:46 GMT

GET
H2 200 en.json
cdn.cookielaw.org/consent/6db8bb67-832b-463d-8318-8dc15fd5e592/d51261ef-7d72-43ec-bfd3-a89e5cbab085/ 27 KB
8 KB 52ms
46ms Fetch
application/x-javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/6db8bb67-832b-463d-8318-8dc15fd5e592/d51261ef-7d72-43ec-bfd3-a89e5cbab085/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202305.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 23 Sep 2023 02:53:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-md5: mSQ9JMCix29oYKAoo7RB7Q==
content-length: 7843
x-ms-lease-status: unlocked
last-modified: Mon, 05 Jun 2023 18:40:24 GMT
server: cloudflare
etag: 0x8DB65F4531E4AB4
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 079928f1-501e-009b-13c9-edf886000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 80af7f752bfd9165-FRA
expires: Sun, 24 Sep 2023 02:53:32 GMT

GET
H2 200 otFlat.json
cdn.cookielaw.org/scripttemplates/202305.1.0/assets/ 13 KB
3 KB 41ms
40ms Fetch
application/json 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202305.1.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202305.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 23 Sep 2023 02:53:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: iCAxFkQWfzfDHevR0IbBjg==
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3019
x-ms-lease-status: unlocked
last-modified: Tue, 11 Jul 2023 02:35:41 GMT
server: cloudflare
etag: 0x8DB81B78556557A
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: e6f3b892-501e-0032-6e95-eb39f4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 80af7f758c1b9165-FRA

GET
H2 200 otPcPanel.json
cdn.cookielaw.org/scripttemplates/202305.1.0/assets/v2/ 63 KB
13 KB 45ms
45ms Fetch
application/json 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202305.1.0/assets/v2/otPcPanel.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202305.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 23 Sep 2023 02:53:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: ur92uSUH27h9n7U5aSbsSw==
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 12707
x-ms-lease-status: unlocked
last-modified: Tue, 11 Jul 2023 02:35:44 GMT
server: cloudflare
etag: 0x8DB81B786B95D38
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 0d3fc371-701e-00a3-2e95-eb5c46000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 80af7f758c1c9165-FRA

GET
H2 200 otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202305.1.0/assets/ 21 KB
4 KB 38ms
38ms Fetch
text/css 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202305.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202305.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 23 Sep 2023 02:53:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: oWkBTLgDDXvrUsd93y/Zxg==
x-ms-lease-status: unlocked
last-modified: Tue, 11 Jul 2023 02:35:52 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 385f04cc-601e-005b-0195-eb00b8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 80af7f758c1d9165-FRA

GET
H2 200 ot_close.svg
cdn.cookielaw.org/logos/static/ 651 B
600 B 15ms
14ms Image
image/svg+xml 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_close.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bjc.culturenxt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 23 Sep 2023 02:53:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: pcXWFGpuVeSg/jVnYCseRg==
age: 29322
x-ms-lease-status: unlocked
last-modified: Thu, 21 Sep 2023 18:23:19 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: be8ae3ad-201e-0038-6f22-ed9d43000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 80af7f75e875380d-FRA

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bjc.culturenxt.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 16:54:52 GMT
x-content-type-options: nosniff
age: 122320
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Sep 2024 16:54:52 GMT

GET
H2 200 ot_guard_logo.svg
cdn.cookielaw.org/logos/static/ 497 B
488 B 35ms
34ms Fetch
image/svg+xml 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202305.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 23 Sep 2023 02:53:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
x-ms-lease-status: unlocked
last-modified: Thu, 21 Sep 2023 18:23:18 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 7e79e8a4-801e-0088-1cd6-ecdc8a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 80af7f760c509165-FRA

GET
H2 200 bjc.jpg
cdn.cookielaw.org/logos/0814cd3d-e95c-48cf-9285-e3d7f02acc93/6db8bb67-832b-463d-8318-8dc15fd5e592/c8b41c57-f04e-4dda-8892-6c722f8013f0/ 3 KB
3 KB 36ms
35ms Image
image/jpeg 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/0814cd3d-e95c-48cf-9285-e3d7f02acc93/6db8bb67-832b-463d-8318-8dc15fd5e592/c8b41c57-f04e-4dda-8892-6c722f8013f0/bjc.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 23 Sep 2023 02:53:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: E5gV1O9ocdpwNNPrx9KfTw==
content-length: 2717
x-ms-lease-status: unlocked
cf-bgj: h2pri
last-modified: Tue, 16 May 2023 15:47:49 GMT
server: cloudflare
etag: 0x8DB5624E6E2C73A
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 1faeef31-b01e-0015-01a2-eb2e30000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 80af7f762895380d-FRA

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 21ms
21ms Image
image/svg+xml 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 23 Sep 2023 02:53:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 23494
x-ms-lease-status: unlocked
last-modified: Thu, 21 Sep 2023 18:23:19 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: ba196362-801e-0031-777f-edd890000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 80af7f762897380d-FRA

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 19ms
18ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-6GERH5VF5R&gtm=45je39k0&_p=1336934839&cid=1066368024.1695437610&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1695437610&sct=1&seg=0&dl=https%3A%2F%2Fbjc.culturenxt.com%2F&dt=CultureNext%20-%20Employee%20Recognition&en=scroll&epn.percent_scrolled=90&_et=8
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6GERH5VF5R&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Sep 2023 02:53:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bjc.culturenxt.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST collect
region1.google-analytics.com/g/ 0
0

GET BssoInterrupt_Core_nun_Nob0yT2WjCUfgBCTog2.js
aadcdn.msftauth.net/shared/1.0/content/js/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: region1.google-analytics.com
URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-6GERH5VF5R&gtm=45je39k0&_p=1336934839&gdid=dYWJhMj&cid=1066368024.1695437610&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=3&dl=https%3A%2F%2Fbjc.culturenxt.com%2Fen_US%2Fredirect%2Fsso&dr=https%3A%2F%2Fbjc.culturenxt.com%2F&sid=1695437610&sct=1&seg=1&dt=CultureNext%20-%20Employee%20Recognition&en=page_view&_et=3101

Domain: region1.google-analytics.com
URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-6GERH5VF5R&gtm=45je39k0&_p=1336934839&gdid=dYWJhMj&cid=1066368024.1695437610&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=4&sid=1695437610&sct=1&seg=1&dl=https%3A%2F%2Fbjc.culturenxt.com%2Fen_US%2Fredirect%2Fsso&dr=https%3A%2F%2Fbjc.culturenxt.com%2F&dt=CultureNext%20-%20Employee%20Recognition&en=user_engagement&_et=3038

Domain: aadcdn.msftauth.net
URL: https://aadcdn.msftauth.net/shared/1.0/content/js/BssoInterrupt_Core_nun_Nob0yT2WjCUfgBCTog2.js

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.culturenxt.com/	1970-01-21 00:33:17	Name: _ga Value: GA1.2.1066368024.1695437610
.culturenxt.com/	1970-01-20 14:58:44	Name: _gid Value: GA1.2.773953441.1695437610
bjc.culturenxt.com/	1970-01-20 23:42:53	Name: i18n_redirected Value: en_US
bjc.culturenxt.com/	1969-12-31 23:59:59	Name: auth.strategy Value: local
.bjc.culturenxt.com/	1970-01-20 23:42:53	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Sat+Sep+23+2023+04%3A53%3A32+GMT%2B0200+(Central+European+Summer+Time)&version=202305.1.0&browserGpcFlag=0&isIABGlobal=false&landingPath=https%3A%2F%2Fbjc.culturenxt.com%2Fen_US%2Fredirect%2Fsso&groups=C0002%3A0%2CC0001%3A1&hosts=&genVendors=
.culturenxt.com/	1970-01-21 00:33:17	Name: _ga_6GERH5VF5R Value: GS1.1.1695437610.1.1.1695437613.0.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' https://datastudio.google.com/ https://lookerstudio.google.com/ https://.culturenxt.com https://assets4.lottiefiles.com https://c.bing.com 'unsafe-inline'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://tagmanager.google.com https://.googletagmanager.com https://assets4.lottiefiles.com https://www.google-analytics.com https://cdn.cookielaw.org; font-src 'self' data: https://fonts.gstatic.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://tagmanager.google.com https://fonts.googleapis.com https://fonts.googleapis.com; img-src 'self' blob: data: https://cdn.cookielaw.org https://ssl.gstatic.com https://www.gstatic.com https://media.giphy.com https://.google-analytics.com https://.googletagmanager.com https://.culturenxt.com https://play.google.com https://developer.apple.com; connect-src blob: https://privacyportal.onetrust.com https://geolocation.onetrust.com https://.onetrust.com https://.cookielaw.org https://.culturenxt.com https://.culturenxt.com https://assets4.lottiefiles.com https://.google-analytics.com https://.analytics.google.com https://.googletagmanager.com https://api.giphy.com; frame-ancestors 'self' https://lookerstudio.google.com/ https://datastudio.google.com teams.microsoft.com .teams.microsoft.com .skype.com

Header

Value

Content-Security-Policy

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msftauth.net
app-cdn.culturenxt.com
assets4.lottiefiles.com
bjc.culturenxt.com
cdn.cookielaw.org
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
login.microsoftonline.com
region1.google-analytics.com
saml-api.salesnext.com
u29468721.ct.sendgrid.net
www.google-analytics.com
www.googletagmanager.com
aadcdn.msftauth.net
region1.google-analytics.com
167.89.115.147
2001:4860:4802:32::36
2600:9000:2240:4e00:2:49a2:4500:93a1
2603:1026:3000:148::10
2606:4700:4400::ac40:9b77
2606:4700::6812:83ec
2a00:1450:4001:813::2003
2a00:1450:4001:813::200a
2a00:1450:4001:828::200e
2a00:1450:4001:829::2008
34.107.177.173
34.120.16.65
34.120.236.141
015576fe47f5680cadb3d820e7320190e9818daceb7fb34bdf14290c9b72f7d3
20225b2a828a6df564691f0894c186878d4633ab5ad6d4dfc821b8fc17a14da2
2a508bc979fbf6f20df6bb6be352b2e91bd49a633eb0f6ec070f6726107d3373
339b74559022d1d09a9866a036b9b855e5be240674b182f472c3b0d2e821cbf3
3a59e30f64dd88cc73c917beab13fae23f3abd245c558acf8db911e8ea28b4b1
3d62ad0f23c60258f120e52cf68b2e1adff5c1bf5bde5ac8f8d6e5f4c4c64f34
69fc87976a17e6312b47a024836622aac1213740047ac40d9e57d889d870f0b5
6a6a7a67c988257c9091038c6d6bc081cbbfab2156268b45fa044b9e94d479b2
733c9f89f3ee5513dcbda3d6a70caea3d944323c6ef593739134722f8d7a2f1a
82c5b648e7431eccb1e0d3b2162f015889e63ecaef8f9875aedd4a130574f165
a49287cc88741bc17a21d4ab7eca6e3578e81b2d1040f87d4b100e40c37c4ec0
a8e599e46621fd1d5f032f49c3c3841bfc446fe860464a0d33254fbd383817b3
c9bde738be22d42cfa2f7f00799cf3c1104f5337adf3a340e626db4994b9800d
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9e8f89bb6ef64abac5d21675abbad78fa8d4eddd329aa74ba41f775beb02b49
f640de038a2822e8a6500f5f6d96bf535254409660028438d537fabfac54b610
fbaef668a9eedf9701e961d31d64f7d1be17e67fe4bac7f61240bd9503e4a2fe

login.microsoftonline.com Open in urlscan Pro 2603:1026:3000:148::10 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

39 Requests

92 %HTTPS

69 %IPv6

12 Domains

14 Subdomains

12 IPs

2 Countries

1153 kBTransfer

4743 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

login.microsoftonline.com Open in urlscan Pro
2603:1026:3000:148::10 Public Scan

Screenshot
Live screenshot

Full Image

39
Requests

92 %
HTTPS

69 %
IPv6

12
Domains

14
Subdomains

12
IPs

2
Countries

1153 kB
Transfer

4743 kB
Size

6
Cookies

39 HTTP transactions
1 data transactions