urlscan.io logo urlscan.io
SecurityTrails logo

access.auth.nwea.org Open in urlscan Pro
54.81.120.244  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://access.auth.nwea.org/
Effective URL: https://access.auth.nwea.org/admin/login?client_id=admin&login_id=d46ef2f51f6d4f13b2c6115f2f19f67a&login_state=97e67056c68f41...
Submission: On August 11 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 7 domains to perform 25 HTTP transactions. The main IP is 54.81.120.244, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is access.auth.nwea.org.
TLS certificate: Issued by Amazon on August 11th 2022. Valid for: a year.
This is the only time access.auth.nwea.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 7 54.81.120.244 14618 (AMAZON-AES)
15 2600:9000:249... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
25 6
7    54.81.120.244 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-81-120-244.compute-1.amazonaws.com
access.auth.nwea.org
15    2600:9000:2490:c800:12:a3c9:2980:93a1 (United States)

ASN16509 (AMAZON-02, US)
assets.cdn.authz.cloudentity.io
1    2606:4700::6811:d6cc (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-scripts.com
1    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Apex Domain
Subdomains		 Transfer
15 cloudentity.io
assets.cdn.authz.cloudentity.io
2 MB
7 nwea.org
access.auth.nwea.org
13 KB
1 gstatic.com
www.gstatic.com
155 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 10
966 B
1 hs-scripts.com
js.hs-scripts.com — Cisco Umbrella Rank: 2160
886 B
0 hs-analytics.net Failed
js.hs-analytics.net Failed
0 hs-banner.com Failed
js.hs-banner.com Failed
25 7
Domain Requested by
15 assets.cdn.authz.cloudentity.io access.auth.nwea.org
assets.cdn.authz.cloudentity.io
7 access.auth.nwea.org 2 redirects assets.cdn.authz.cloudentity.io
access.auth.nwea.org
1 www.gstatic.com www.google.com
1 www.google.com access.auth.nwea.org
1 js.hs-scripts.com assets.cdn.authz.cloudentity.io
0 js.hs-analytics.net Failed js.hs-scripts.com
0 js.hs-banner.com Failed js.hs-scripts.com
25 7

This site contains links to these domains. Also see Links.

Domain
docs.authorization.cloudentity.com
Subject Issuer Validity Valid
access.auth.nwea.org
Amazon		 2022-08-11 -
2023-09-09		 a year crt.sh
assets.cdn.authz.cloudentity.io
Amazon		 2021-11-09 -
2022-12-08		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-03 -
2023-06-02		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://access.auth.nwea.org/admin/login?client_id=admin&login_id=d46ef2f51f6d4f13b2c6115f2f19f67a&login_state=97e67056c68f419f8d5336b8e37054c8&server_id=admin&tenant_id=nwea-prd
Frame ID: 7FA11C1442AB5D50A73EFBF2CB7CD404
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login

Page URL History Show full URLs

  1. https://access.auth.nwea.org/ HTTP 302
    https://access.auth.nwea.org/admin/app Page URL
  2. https://access.auth.nwea.org/admin/oauth2/authorize?response_type=code&client_id=admin&state=caa2b57d06f7... HTTP 302
    https://access.auth.nwea.org/admin/login?client_id=admin&login_id=d46ef2f51f6d4f13b2c6115f2f19f67a&login_... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

25
Requests

92 %
HTTPS

80 %
IPv6

7
Domains

7
Subdomains

6
IPs

2
Countries

2580 kB
Transfer

2817 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://access.auth.nwea.org/ HTTP 302
    https://access.auth.nwea.org/admin/app Page URL
  2. https://access.auth.nwea.org/admin/oauth2/authorize?response_type=code&client_id=admin&state=caa2b57d06f7b6201164b146910efa629ed7e00095feb6fcb71f2cb8&nonce=24c303806762a0631fbaf651efc9f1df31395ee6f89c0b84e9634bb5&scope=&redirect_uri=https%3A%2F%2Faccess.auth.nwea.org%2Fadmin%2Fapp%2Fcallback&code_challenge=A2jFGhIOO8iJQyHNYqgb2vH-wRm_MgEYHiqepoHy768&code_challenge_method=S256 HTTP 302
    https://access.auth.nwea.org/admin/login?client_id=admin&login_id=d46ef2f51f6d4f13b2c6115f2f19f67a&login_state=97e67056c68f419f8d5336b8e37054c8&server_id=admin&tenant_id=nwea-prd Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://access.auth.nwea.org/ HTTP 302
  • https://access.auth.nwea.org/admin/app

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
app
access.auth.nwea.org/admin/
Redirect Chain
  • https://access.auth.nwea.org/
  • https://access.auth.nwea.org/admin/app
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://access.auth.nwea.org/admin/app
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.81.120.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-81-120-244.compute-1.amazonaws.com
Software
/
Resource Hash
2334bf82c338c12de85012c35c67ff085a213c4ee254a3a6d3375102e9c8f33c
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' www.google.com www.gstatic.com data: blob: assets.cdn.authz.cloudentity.io fonts.googleapis.com fonts.gstatic.com cdn.jsdelivr.net authz.cloudentity.io wss: js.hs-scripts.com js.hscollectedforms.net js.hs-banner.com js.hs-analytics.net track.hubspot.com forms.hubspot.com forms.hsforms.com api.hsforms.com; img-src https:; font-src https:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache
content-encoding
gzip
content-length
1182
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' www.google.com www.gstatic.com data: blob: assets.cdn.authz.cloudentity.io fonts.googleapis.com fonts.gstatic.com cdn.jsdelivr.net authz.cloudentity.io wss: js.hs-scripts.com js.hscollectedforms.net js.hs-banner.com js.hs-analytics.net track.hubspot.com forms.hubspot.com forms.hsforms.com api.hsforms.com; img-src https:; font-src https:;
content-type
text/html; charset=utf-8
date
Thu, 11 Aug 2022 13:56:37 GMT
etag
f5d42c56ebed4e9d1e8a6f9f4b920498b59d0b4f7374c90030fbde8a7c0890475bf44a6e309bcfe28682da65426c92bb7185f871afde3e81ab875653f3d179cc
last-modified
Thu, 11 Aug 2022 13:09:38 GMT
referrer-policy
same-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-trace-id
b37080fb599a35186583edd69c0d5d9f
x-xss-protection
1; mode=block

Redirect headers

content-encoding
gzip
content-length
57
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' www.google.com www.gstatic.com data: blob: assets.cdn.authz.cloudentity.io fonts.googleapis.com fonts.gstatic.com cdn.jsdelivr.net authz.cloudentity.io wss: js.hs-scripts.com js.hscollectedforms.net js.hs-banner.com js.hs-analytics.net track.hubspot.com forms.hubspot.com forms.hsforms.com api.hsforms.com; img-src https:; font-src https:;
content-type
text/html; charset=utf-8
date
Thu, 11 Aug 2022 13:56:37 GMT
location
/admin/app
referrer-policy
same-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-trace-id
8c1f13d776b2b82a77ff82ffc5a686a1
x-xss-protection
1; mode=block
styles.css
assets.cdn.authz.cloudentity.io/142f7cb/ 		4 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.cdn.authz.cloudentity.io/142f7cb/styles.css
Requested by
Host: access.auth.nwea.org
URL: https://access.auth.nwea.org/admin/app
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:c800:12:a3c9:2980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
047047fd250ac332d5253ad4b3d9c255438196f10f0491d01f8c6a7762cba6a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 11:27:56 GMT
via
1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
age
8922
x-cache
Hit from cloudfront
content-length
4167
x-amz-expiration
expiry-date="Sat, 12 Aug 2023 00:00:00 GMT", rule-id="all"
last-modified
Thu, 11 Aug 2022 10:53:39 GMT
server
AmazonS3
etag
"f30a173ed5bded7df4d953cc930a848a"
vary
Origin
x-amz-version-id
null
cache-control
max-age=2592000
x-amz-cf-pop
FRA56-P6
accept-ranges
bytes
content-type
text/css
x-amz-cf-id
rUrnbCYJ1SMVwaez8ZNkg9QTRyKUPgY9BvJbYcq5u4sAn1gDaW7FKQ==
indexAdmin.css
assets.cdn.authz.cloudentity.io/142f7cb/ 		704 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.cdn.authz.cloudentity.io/142f7cb/indexAdmin.css
Requested by
Host: access.auth.nwea.org
URL: https://access.auth.nwea.org/admin/app
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:c800:12:a3c9:2980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e6a1ffef6577f471d4f67d543603c9844e1e3a810e48efe1c12fea9995f7ba27

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 11:27:56 GMT
via
1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
age
8922
x-cache
Hit from cloudfront
content-length
704
x-amz-expiration
expiry-date="Sat, 12 Aug 2023 00:00:00 GMT", rule-id="all"
last-modified
Thu, 11 Aug 2022 10:53:38 GMT
server
AmazonS3
etag
"3438789e3f75ac291dc8b86178923f80"
vary
Origin
x-amz-version-id
null
cache-control
max-age=2592000
x-amz-cf-pop
FRA56-P6
accept-ranges
bytes
content-type
text/css
x-amz-cf-id
VgJIvu_7XT0cBfR4kVkxYWLqnkN2r4S85Vr1FIjseZZPA0MGsFad5Q==
ga-track.js
assets.cdn.authz.cloudentity.io/142f7cb/assets/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.cdn.authz.cloudentity.io/142f7cb/assets/ga-track.js
Requested by
Host: access.auth.nwea.org
URL: https://access.auth.nwea.org/admin/app
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:c800:12:a3c9:2980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a642c2b85a3d4f385bb0d889bc46d192dcac6279d83e4e2c45d2184c93866aec

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 11:27:56 GMT
via
1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
age
8922
x-cache
Hit from cloudfront
content-length
1111
x-amz-expiration
expiry-date="Sat, 12 Aug 2023 00:00:00 GMT", rule-id="all"
last-modified
Thu, 11 Aug 2022 10:53:37 GMT
server
AmazonS3
etag
"7df847decb290993ea034654b4d32ea9"
vary
Origin
x-amz-version-id
null
cache-control
max-age=2592000
x-amz-cf-pop
FRA56-P6
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
6H1DnJoH_O3MkOADXTjMN7qDcxpCch6iV5B7TXoFHb_ZgBSTd3ZS0w==
indexAdmin.js
assets.cdn.authz.cloudentity.io/142f7cb/ 		2 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.cdn.authz.cloudentity.io/142f7cb/indexAdmin.js
Requested by
Host: access.auth.nwea.org
URL: https://access.auth.nwea.org/admin/app
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:c800:12:a3c9:2980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e8d6229a570ba5f63348933732ce52a6c6b025eda3d3f7fe9f7be5942c5d5cd

Request headers

Referer
Origin
https://access.auth.nwea.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 11:27:56 GMT
via
1.1 fb5610ec56d3f427bcbcfdd851770614.cloudfront.net (CloudFront)
age
8922
x-cache
Hit from cloudfront
content-length
1794881
x-amz-expiration
expiry-date="Sat, 12 Aug 2023 00:00:00 GMT", rule-id="all"
last-modified
Thu, 11 Aug 2022 10:53:38 GMT
server
AmazonS3
etag
"7657dd3ffcc81889122c956f85532a94"
x-amz-version-id
null
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
FRA56-P6
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
Fr3nkzZah5fHxmrPf2ZQ7eBdEYJQ8VvTGeKiKQAxvoZejFN6Y6ugZg==
hs-track.js
assets.cdn.authz.cloudentity.io/142f7cb/assets/ 		545 B
992 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.cdn.authz.cloudentity.io/142f7cb/assets/hs-track.js
Requested by
Host: access.auth.nwea.org
URL: https://access.auth.nwea.org/admin/app
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:c800:12:a3c9:2980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
37184c5271168d71d7addf02a51f6da6388bdea77b97499cd69135ac4758a792

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 11:27:56 GMT
via
1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
age
8922
x-cache
Hit from cloudfront
content-length
545
x-amz-expiration
expiry-date="Sat, 12 Aug 2023 00:00:00 GMT", rule-id="all"
last-modified
Thu, 11 Aug 2022 10:53:37 GMT
server
AmazonS3
etag
"1fc848f237b57c9e3cf872b7e6432462"
vary
Origin
x-amz-version-id
null
cache-control
max-age=2592000
x-amz-cf-pop
FRA56-P6
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
lomGpsVc5CAJqQZATfSD1oV9njoQ0KqpVPxY2bK0hVeXqWoU7IvXzw==
inter.css
assets.cdn.authz.cloudentity.io/142f7cb/fonts/inter/ 		2 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.cdn.authz.cloudentity.io/142f7cb/fonts/inter/inter.css
Requested by
Host: assets.cdn.authz.cloudentity.io
URL: https://assets.cdn.authz.cloudentity.io/142f7cb/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:c800:12:a3c9:2980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8a99036818f7aa97ed086266eec141fc014baa073981e047bacb969c6bac3435

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://assets.cdn.authz.cloudentity.io/142f7cb/styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 11:27:57 GMT
via
1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
age
8921
x-cache
Hit from cloudfront
content-length
2312
x-amz-expiration
expiry-date="Sat, 12 Aug 2023 00:00:00 GMT", rule-id="all"
last-modified
Thu, 11 Aug 2022 10:53:38 GMT
server
AmazonS3
etag
"357305061a5a914e9a75af1bfb642f4a"
vary
Origin
x-amz-version-id
null
cache-control
max-age=2592000
x-amz-cf-pop
FRA56-P6
accept-ranges
bytes
content-type
text/css
x-amz-cf-id
EmVW1mTl85AHx_Pp4M_SGHV_EvLKLHgHdDo2ZP1D33RtlL-tIAbHUg==
3824547.js
js.hs-scripts.com/ 		995 B
886 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/3824547.js
Requested by
Host: assets.cdn.authz.cloudentity.io
URL: https://assets.cdn.authz.cloudentity.io/142f7cb/assets/hs-track.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d6cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 13:56:38 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Thu, 11 Aug 2022 12:01:27 GMT
server
cloudflare
x-hubspot-correlation-id
495e4a71-be87-4e5a-9a36-1e49801d4fdc
x-trace
2B81D1CBB6EB43BBA528A79AFE10810B47E749A11B000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
access-control-max-age
3600
cache-control
public, max-age=60
access-control-allow-credentials
true
cf-ray
739179c8ecf38fe6-FRA
expires
Thu, 11 Aug 2022 13:57:38 GMT
Primary Request login
access.auth.nwea.org/admin/
Redirect Chain
  • https://access.auth.nwea.org/admin/oauth2/authorize?response_type=code&client_id=admin&state=caa2b57d06f7b6201164b146910efa629ed7e00095feb6fcb71f2cb8&nonce=24c303806762a0631fbaf651efc9f1df31395ee6f...
  • https://access.auth.nwea.org/admin/login?client_id=admin&login_id=d46ef2f51f6d4f13b2c6115f2f19f67a&login_state=97e67056c68f419f8d5336b8e37054c8&server_id=admin&tenant_id=nwea-prd
16 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://access.auth.nwea.org/admin/login?client_id=admin&login_id=d46ef2f51f6d4f13b2c6115f2f19f67a&login_state=97e67056c68f419f8d5336b8e37054c8&server_id=admin&tenant_id=nwea-prd
Requested by
Host: assets.cdn.authz.cloudentity.io
URL: https://assets.cdn.authz.cloudentity.io/142f7cb/indexAdmin.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.81.120.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-81-120-244.compute-1.amazonaws.com
Software
/
Resource Hash
9f6298f331a4e32e572c8bcbbfec7ac26aba576eaf991dffa592bc12464cc3f1
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' www.google.com www.gstatic.com data: blob: assets.cdn.authz.cloudentity.io fonts.googleapis.com fonts.gstatic.com cdn.jsdelivr.net authz.cloudentity.io wss: js.hs-scripts.com js.hscollectedforms.net js.hs-banner.com js.hs-analytics.net track.hubspot.com forms.hubspot.com forms.hsforms.com api.hsforms.com; img-src https:; font-src https:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://access.auth.nwea.org/admin/app
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' www.google.com www.gstatic.com data: blob: assets.cdn.authz.cloudentity.io fonts.googleapis.com fonts.gstatic.com cdn.jsdelivr.net authz.cloudentity.io wss: js.hs-scripts.com js.hscollectedforms.net js.hs-banner.com js.hs-analytics.net track.hubspot.com forms.hubspot.com forms.hsforms.com api.hsforms.com; img-src https:; font-src https:;
content-type
text/html
date
Thu, 11 Aug 2022 13:56:38 GMT
referrer-policy
same-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-ratelimit-limit
1000
x-ratelimit-remaining
998
x-ratelimit-reset
1
x-trace-id
7bfd85935a1b17538203753cbf711f06
x-xss-protection
1; mode=block

Redirect headers

content-encoding
gzip
content-length
186
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' www.google.com www.gstatic.com data: blob: assets.cdn.authz.cloudentity.io fonts.googleapis.com fonts.gstatic.com cdn.jsdelivr.net authz.cloudentity.io wss: js.hs-scripts.com js.hscollectedforms.net js.hs-banner.com js.hs-analytics.net track.hubspot.com forms.hubspot.com forms.hsforms.com api.hsforms.com; img-src https:; font-src https:;
content-type
text/html; charset=utf-8
date
Thu, 11 Aug 2022 13:56:38 GMT
location
https://access.auth.nwea.org/admin/login?client_id=admin&login_id=d46ef2f51f6d4f13b2c6115f2f19f67a&login_state=97e67056c68f419f8d5336b8e37054c8&server_id=admin&tenant_id=nwea-prd
referrer-policy
same-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-ratelimit-limit
500
x-ratelimit-remaining
498
x-ratelimit-reset
1
x-trace-id
0dff71293744879a363053024abdd61e
x-xss-protection
1; mode=block
3824547.js
js.hs-banner.com/ 		0
0
3824547.js
js.hs-analytics.net/analytics/1660226100000/ 		0
0
material-components-web.min.css
assets.cdn.authz.cloudentity.io/142f7cb/static/ 		268 KB
268 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.cdn.authz.cloudentity.io/142f7cb/static/material-components-web.min.css
Requested by
Host: access.auth.nwea.org
URL: https://access.auth.nwea.org/admin/login?client_id=admin&login_id=d46ef2f51f6d4f13b2c6115f2f19f67a&login_state=97e67056c68f419f8d5336b8e37054c8&server_id=admin&tenant_id=nwea-prd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:c800:12:a3c9:2980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7614c6a676a02cae69ef7e71150755a6aa84c72642b5dabfd1a8dca7e6b3e802

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 11:27:59 GMT
via
1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
age
8920
x-cache
Hit from cloudfront
content-length
274146
x-amz-expiration
expiry-date="Sat, 12 Aug 2023 00:00:00 GMT", rule-id="all"
last-modified
Thu, 11 Aug 2022 10:53:39 GMT
server
AmazonS3
etag
"f02e132096871b9fd33ecb01acdd8482"
vary
Origin
x-amz-version-id
null
cache-control
max-age=2592000
x-amz-cf-pop
FRA56-P6
accept-ranges
bytes
content-type
text/css
x-amz-cf-id
g2GStMArllYv_ms5-ayvMYnFOjaGHrj5QLFfJpOKn70gB7G_Qzp5cg==
material-components-web.min.js
assets.cdn.authz.cloudentity.io/142f7cb/static/ 		299 KB
300 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.cdn.authz.cloudentity.io/142f7cb/static/material-components-web.min.js
Requested by
Host: access.auth.nwea.org
URL: https://access.auth.nwea.org/admin/login?client_id=admin&login_id=d46ef2f51f6d4f13b2c6115f2f19f67a&login_state=97e67056c68f419f8d5336b8e37054c8&server_id=admin&tenant_id=nwea-prd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:c800:12:a3c9:2980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
10e82e5e40dd6850dca1efee311c3afe0633c9ba10ed0e0c1fc5758eba3a4916

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 11:27:59 GMT
via
1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
age
8920
x-cache
Hit from cloudfront
content-length
306602
x-amz-expiration
expiry-date="Sat, 12 Aug 2023 00:00:00 GMT", rule-id="all"
last-modified
Thu, 11 Aug 2022 10:53:39 GMT
server
AmazonS3
etag
"cbb9b623618b781c8f800e093f3bac3f"
vary
Origin
x-amz-version-id
null
cache-control
max-age=2592000
x-amz-cf-pop
FRA56-P6
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
O9Kd4xCKMBcMlGJeAlWLisRUhmmVDPOZVtNR6ilbPGI2_2l_ptkS6Q==
utils.js
assets.cdn.authz.cloudentity.io/142f7cb/static/ 		201 B
648 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.cdn.authz.cloudentity.io/142f7cb/static/utils.js
Requested by
Host: access.auth.nwea.org
URL: https://access.auth.nwea.org/admin/login?client_id=admin&login_id=d46ef2f51f6d4f13b2c6115f2f19f67a&login_state=97e67056c68f419f8d5336b8e37054c8&server_id=admin&tenant_id=nwea-prd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:c800:12:a3c9:2980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
708c7478efbd011a5765422c36e3cb837d9fd45990c2ea113e2a4bc6d75221fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 11:27:59 GMT
via
1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
age
8920
x-cache
Hit from cloudfront
content-length
201
x-amz-expiration
expiry-date="Sat, 12 Aug 2023 00:00:00 GMT", rule-id="all"
last-modified
Thu, 11 Aug 2022 10:53:39 GMT
server
AmazonS3
etag
"a5bd1cd66f437029a92625a99255f6a4"
vary
Origin
x-amz-version-id
null
cache-control
max-age=2592000
x-amz-cf-pop
FRA56-P6
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
iIYVQ6S0BK_T_X62iWv_DiL-T3YHr-rKCrrINin6Q5cCu9ZeCYQVOw==
fonts.css
assets.cdn.authz.cloudentity.io/142f7cb/static/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.cdn.authz.cloudentity.io/142f7cb/static/fonts.css
Requested by
Host: access.auth.nwea.org
URL: https://access.auth.nwea.org/admin/login?client_id=admin&login_id=d46ef2f51f6d4f13b2c6115f2f19f67a&login_state=97e67056c68f419f8d5336b8e37054c8&server_id=admin&tenant_id=nwea-prd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:c800:12:a3c9:2980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a7664a18c2379b373212cc394e641ca962824d74d68447412e22a71e533bdadf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 11:27:59 GMT
via
1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
age
8919
x-cache
Hit from cloudfront
content-length
2015
x-amz-expiration
expiry-date="Sat, 12 Aug 2023 00:00:00 GMT", rule-id="all"
last-modified
Thu, 11 Aug 2022 10:53:38 GMT
server
AmazonS3
etag
"565401b138aa4ed0bf4a41045826806f"
vary
Origin
x-amz-version-id
null
cache-control
max-age=2592000
x-amz-cf-pop
FRA56-P6
accept-ranges
bytes
content-type
text/css
x-amz-cf-id
XFm9Xs0uKW6UgHTwf4n4RpPKMny6gDqnqfwLsWQ722h6YB7Kn7BBpQ==
material-icons.css
assets.cdn.authz.cloudentity.io/142f7cb/static/ 		982 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.cdn.authz.cloudentity.io/142f7cb/static/material-icons.css
Requested by
Host: access.auth.nwea.org
URL: https://access.auth.nwea.org/admin/login?client_id=admin&login_id=d46ef2f51f6d4f13b2c6115f2f19f67a&login_state=97e67056c68f419f8d5336b8e37054c8&server_id=admin&tenant_id=nwea-prd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:c800:12:a3c9:2980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0d192c4cf0c985cb290022a3afad3f8a0b4685db1c8d821ea4a36ab9b30559cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 11:27:59 GMT
via
1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
age
8920
x-cache
Hit from cloudfront
content-length
982
x-amz-expiration
expiry-date="Sat, 12 Aug 2023 00:00:00 GMT", rule-id="all"
last-modified
Thu, 11 Aug 2022 10:53:39 GMT
server
AmazonS3
etag
"3c60ce9c952b3aa2b254008b754dc40d"
vary
Origin
x-amz-version-id
null
cache-control
max-age=2592000
x-amz-cf-pop
FRA56-P6
accept-ranges
bytes
content-type
text/css
x-amz-cf-id
KlbKJCPFp_BZKYSYlD_auX4im092TbjdhhKy7SE_JALD4wsSGL-zsg==
style.css
assets.cdn.authz.cloudentity.io/142f7cb/static/ 		21 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.cdn.authz.cloudentity.io/142f7cb/static/style.css
Requested by
Host: access.auth.nwea.org
URL: https://access.auth.nwea.org/admin/login?client_id=admin&login_id=d46ef2f51f6d4f13b2c6115f2f19f67a&login_state=97e67056c68f419f8d5336b8e37054c8&server_id=admin&tenant_id=nwea-prd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:c800:12:a3c9:2980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2fb25c5f13131ac5023270573e0df66b6ceedde30696ec01246e9e99ceb97e48

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 11:27:59 GMT
via
1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
age
8920
x-cache
Hit from cloudfront
content-length
21414
x-amz-expiration
expiry-date="Sat, 12 Aug 2023 00:00:00 GMT", rule-id="all"
last-modified
Thu, 11 Aug 2022 10:53:39 GMT
server
AmazonS3
etag
"45c8f8b5a6ec5d14887be8b3a42fcd39"
vary
Origin
x-amz-version-id
null
cache-control
max-age=2592000
x-amz-cf-pop
FRA56-P6
accept-ranges
bytes
content-type
text/css
x-amz-cf-id
MObfj_CChZHA28LbWAwgjI2foxXyfVnKT8tIydoe-I85THVeNg7IhQ==
api.js
www.google.com/recaptcha/ 		850 B
966 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: access.auth.nwea.org
URL: https://access.auth.nwea.org/admin/login?client_id=admin&login_id=d46ef2f51f6d4f13b2c6115f2f19f67a&login_state=97e67056c68f419f8d5336b8e37054c8&server_id=admin&tenant_id=nwea-prd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
33d533cede95a42fc46b7c65654e2cd019dd4ef3233357b326cc015a5aa0ea06
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 13:56:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
553
x-xss-protection
1; mode=block
expires
Thu, 11 Aug 2022 13:56:38 GMT
cloudentity-logo-wide-white.svg
access.auth.nwea.org/static/images/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://access.auth.nwea.org/static/images/cloudentity-logo-wide-white.svg
Requested by
Host: access.auth.nwea.org
URL: https://access.auth.nwea.org/admin/login?client_id=admin&login_id=d46ef2f51f6d4f13b2c6115f2f19f67a&login_state=97e67056c68f419f8d5336b8e37054c8&server_id=admin&tenant_id=nwea-prd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.81.120.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-81-120-244.compute-1.amazonaws.com
Software
/
Resource Hash
38022d6973c58015146138fbd7bdeeaf3acea7c8703cd9e6cbaef44557c952a3
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' www.google.com www.gstatic.com data: blob: assets.cdn.authz.cloudentity.io fonts.googleapis.com fonts.gstatic.com cdn.jsdelivr.net authz.cloudentity.io wss: js.hs-scripts.com js.hscollectedforms.net js.hs-banner.com js.hs-analytics.net track.hubspot.com forms.hubspot.com forms.hsforms.com api.hsforms.com; img-src https:; font-src https:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access.auth.nwea.org/admin/login?client_id=admin&login_id=d46ef2f51f6d4f13b2c6115f2f19f67a&login_state=97e67056c68f419f8d5336b8e37054c8&server_id=admin&tenant_id=nwea-prd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-trace-id
9d420ce4ba706938e133290b6bc0e796
date
Thu, 11 Aug 2022 13:56:38 GMT
content-encoding
gzip
referrer-policy
same-origin
last-modified
Thu, 11 Aug 2022 09:23:39 GMT
etag
f5d42c56ebed4e9d1e8a6f9f4b920498b59d0b4f7374c90030fbde8a7c0890475bf44a6e309bcfe28682da65426c92bb7185f871afde3e81ab875653f3d179cc
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
no-cache
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' www.google.com www.gstatic.com data: blob: assets.cdn.authz.cloudentity.io fonts.googleapis.com fonts.gstatic.com cdn.jsdelivr.net authz.cloudentity.io wss: js.hs-scripts.com js.hscollectedforms.net js.hs-banner.com js.hs-analytics.net track.hubspot.com forms.hubspot.com forms.hsforms.com api.hsforms.com; img-src https:; font-src https:;
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
vary
Accept-Encoding
x-xss-protection
1; mode=block
info-icon.svg
access.auth.nwea.org/static/images/ 		307 B
974 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://access.auth.nwea.org/static/images/info-icon.svg
Requested by
Host: access.auth.nwea.org
URL: https://access.auth.nwea.org/admin/login?client_id=admin&login_id=d46ef2f51f6d4f13b2c6115f2f19f67a&login_state=97e67056c68f419f8d5336b8e37054c8&server_id=admin&tenant_id=nwea-prd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.81.120.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-81-120-244.compute-1.amazonaws.com
Software
/
Resource Hash
7b3a8c15b1c6a42f8fb81b3e2c6c54b51104cb5c27a0a19f53d73d5138ad58e1
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' www.google.com www.gstatic.com data: blob: assets.cdn.authz.cloudentity.io fonts.googleapis.com fonts.gstatic.com cdn.jsdelivr.net authz.cloudentity.io wss: js.hs-scripts.com js.hscollectedforms.net js.hs-banner.com js.hs-analytics.net track.hubspot.com forms.hubspot.com forms.hsforms.com api.hsforms.com; img-src https:; font-src https:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access.auth.nwea.org/admin/login?client_id=admin&login_id=d46ef2f51f6d4f13b2c6115f2f19f67a&login_state=97e67056c68f419f8d5336b8e37054c8&server_id=admin&tenant_id=nwea-prd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 13:56:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
226
x-xss-protection
1; mode=block
x-trace-id
d556e037d6a20e643a6f0f9674f27829
referrer-policy
same-origin
last-modified
Thu, 11 Aug 2022 09:23:39 GMT
x-frame-options
SAMEORIGIN
etag
f5d42c56ebed4e9d1e8a6f9f4b920498b59d0b4f7374c90030fbde8a7c0890475bf44a6e309bcfe28682da65426c92bb7185f871afde3e81ab875653f3d179cc
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
no-cache
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' www.google.com www.gstatic.com data: blob: assets.cdn.authz.cloudentity.io fonts.googleapis.com fonts.gstatic.com cdn.jsdelivr.net authz.cloudentity.io wss: js.hs-scripts.com js.hscollectedforms.net js.hs-banner.com js.hs-analytics.net track.hubspot.com forms.hubspot.com forms.hsforms.com api.hsforms.com; img-src https:; font-src https:;
accept-ranges
bytes
background-circles-top-left.svg
assets.cdn.authz.cloudentity.io/142f7cb/static/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.cdn.authz.cloudentity.io/142f7cb/static/images/background-circles-top-left.svg
Requested by
Host: assets.cdn.authz.cloudentity.io
URL: https://assets.cdn.authz.cloudentity.io/142f7cb/static/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:c800:12:a3c9:2980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fa1e2c3642a63de2c3524bfc2c1796ba43611466f0eb7814c5d9a05d2cdfc4af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://assets.cdn.authz.cloudentity.io/142f7cb/static/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 11:28:00 GMT
via
1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
age
8919
x-cache
Hit from cloudfront
content-length
3239
x-amz-expiration
expiry-date="Sat, 12 Aug 2023 00:00:00 GMT", rule-id="all"
last-modified
Thu, 11 Aug 2022 10:53:39 GMT
server
AmazonS3
etag
"42d946c76ac99d1cbf45bc39d253b920"
vary
Origin
x-amz-version-id
null
cache-control
max-age=2592000
x-amz-cf-pop
FRA56-P6
accept-ranges
bytes
content-type
image/svg+xml
x-amz-cf-id
AuqLesvQkGbLT86WNs4MeXQrqpLHXmdGWT-9isEUh3Mvee6jTELKUg==
background-circles-bottom-right.svg
assets.cdn.authz.cloudentity.io/142f7cb/static/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.cdn.authz.cloudentity.io/142f7cb/static/images/background-circles-bottom-right.svg
Requested by
Host: assets.cdn.authz.cloudentity.io
URL: https://assets.cdn.authz.cloudentity.io/142f7cb/static/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:c800:12:a3c9:2980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
95267857d9fd0c77f82999beaf6156c23a76fa457946b9cfaaa9347c12c92b86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://assets.cdn.authz.cloudentity.io/142f7cb/static/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 11:28:00 GMT
via
1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
age
8919
x-cache
Hit from cloudfront
content-length
3072
x-amz-expiration
expiry-date="Sat, 12 Aug 2023 00:00:00 GMT", rule-id="all"
last-modified
Thu, 11 Aug 2022 10:53:39 GMT
server
AmazonS3
etag
"b8d3da922ea4b002790e57c250a35a57"
vary
Origin
x-amz-version-id
null
cache-control
max-age=2592000
x-amz-cf-pop
FRA56-P6
accept-ranges
bytes
content-type
image/svg+xml
x-amz-cf-id
Vx7g7np1J_aogKK1ABqGRCk9TV0Qyt0azO9qR95-q_NJlT92BQS5uQ==
custom-circle.svg
access.auth.nwea.org/static/images/idps/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://access.auth.nwea.org/static/images/idps/custom-circle.svg
Requested by
Host: access.auth.nwea.org
URL: https://access.auth.nwea.org/admin/login?client_id=admin&login_id=d46ef2f51f6d4f13b2c6115f2f19f67a&login_state=97e67056c68f419f8d5336b8e37054c8&server_id=admin&tenant_id=nwea-prd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.81.120.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-81-120-244.compute-1.amazonaws.com
Software
/
Resource Hash
79d76fcce152b4f559e429dadaa93b635897bae17719a3c93619664da09a8e16
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' www.google.com www.gstatic.com data: blob: assets.cdn.authz.cloudentity.io fonts.googleapis.com fonts.gstatic.com cdn.jsdelivr.net authz.cloudentity.io wss: js.hs-scripts.com js.hscollectedforms.net js.hs-banner.com js.hs-analytics.net track.hubspot.com forms.hubspot.com forms.hsforms.com api.hsforms.com; img-src https:; font-src https:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access.auth.nwea.org/admin/login?client_id=admin&login_id=d46ef2f51f6d4f13b2c6115f2f19f67a&login_state=97e67056c68f419f8d5336b8e37054c8&server_id=admin&tenant_id=nwea-prd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 13:56:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
604
x-xss-protection
1; mode=block
x-trace-id
1061509e2289610ee1050870aad23179
referrer-policy
same-origin
last-modified
Thu, 11 Aug 2022 09:23:39 GMT
x-frame-options
SAMEORIGIN
etag
f5d42c56ebed4e9d1e8a6f9f4b920498b59d0b4f7374c90030fbde8a7c0890475bf44a6e309bcfe28682da65426c92bb7185f871afde3e81ab875653f3d179cc
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
no-cache
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' www.google.com www.gstatic.com data: blob: assets.cdn.authz.cloudentity.io fonts.googleapis.com fonts.gstatic.com cdn.jsdelivr.net authz.cloudentity.io wss: js.hs-scripts.com js.hscollectedforms.net js.hs-banner.com js.hs-analytics.net track.hubspot.com forms.hubspot.com forms.hsforms.com api.hsforms.com; img-src https:; font-src https:;
accept-ranges
bytes
MaterialIcons-Regular.woff2
assets.cdn.authz.cloudentity.io/142f7cb/static/icons/ 		43 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.cdn.authz.cloudentity.io/142f7cb/static/icons/MaterialIcons-Regular.woff2
Requested by
Host: assets.cdn.authz.cloudentity.io
URL: https://assets.cdn.authz.cloudentity.io/142f7cb/static/material-icons.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:c800:12:a3c9:2980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a87d66c91b2e7dc5530aef76c03bd6a3d25ea5826110bf4803b561b811cc8726

Request headers

Referer
https://assets.cdn.authz.cloudentity.io/142f7cb/static/material-icons.css
Origin
https://access.auth.nwea.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 11:28:00 GMT
via
1.1 fb5610ec56d3f427bcbcfdd851770614.cloudfront.net (CloudFront)
age
8919
x-cache
Hit from cloudfront
content-length
44300
x-amz-expiration
expiry-date="Sat, 12 Aug 2023 00:00:00 GMT", rule-id="all"
last-modified
Thu, 11 Aug 2022 10:53:39 GMT
server
AmazonS3
etag
"570eb83859dc23dd0eec423a49e147fe"
x-amz-version-id
null
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
FRA56-P6
accept-ranges
bytes
content-type
font/woff2
x-amz-cf-id
JKhQu6YK5orQk8KfpwkrFbg5mpzkI2sshRFoX35J4RAmsn3R_Cak3A==
recaptcha__de.js
www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/ 		387 KB
155 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c2e37877957a84efc2e5604969599edfa9be30f963d56f8a8ea5352443f72892
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
https://access.auth.nwea.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 13:52:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
242
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
158422
x-xss-protection
0
last-modified
Mon, 01 Aug 2022 04:00:16 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 11 Aug 2023 13:52:36 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
js.hs-banner.com
URL
https://js.hs-banner.com/3824547.js
Domain
js.hs-analytics.net
URL
https://js.hs-analytics.net/analytics/1660226100000/3824547.js

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| mdc function| delegate boolean| isPasswordVisible boolean| enableIdpDiscovery function| togglePasswordVisibility function| changeTab function| goBackToIdps boolean| hasStaticWithoutDomains function| showPassword function| onInputChange object| domainsToIdpsMap object| idpsIdsWithDomains function| initIdpsDiscovery object| idpIcons object| idps function| renderIdps object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha

1 Cookies

Domain/Path Name / Value
access.auth.nwea.org/ Name: oauth2_login_nwea-prd_admin
Value: MTY2MDIyNjE5OHxEdi1CQkFFQ180SUFBUkFCRUFBQVB2LUNBQUVHYzNSeWFXNW5EQVlBQkdOemNtWUdjM1J5YVc1bkRDSUFJREZpWkRBMk5UTXlaRGc1TXpRMllXTTROalJsTlRJek9EWmxPV1V4TlRReHwmjLOGnT0Zng8NirJG3gVgS9Dqip5OrVRZjgw-riPK_A==

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' www.google.com www.gstatic.com data: blob: assets.cdn.authz.cloudentity.io fonts.googleapis.com fonts.gstatic.com cdn.jsdelivr.net authz.cloudentity.io wss: js.hs-scripts.com js.hscollectedforms.net js.hs-banner.com js.hs-analytics.net track.hubspot.com forms.hubspot.com forms.hsforms.com api.hsforms.com; img-src https:; font-src https:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

access.auth.nwea.org
assets.cdn.authz.cloudentity.io
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
www.google.com
www.gstatic.com
js.hs-analytics.net
js.hs-banner.com
2600:9000:2490:c800:12:a3c9:2980:93a1
2606:4700::6811:d6cc
2a00:1450:4001:827::2003
2a00:1450:4001:827::2004
54.81.120.244
047047fd250ac332d5253ad4b3d9c255438196f10f0491d01f8c6a7762cba6a8
0d192c4cf0c985cb290022a3afad3f8a0b4685db1c8d821ea4a36ab9b30559cd
10e82e5e40dd6850dca1efee311c3afe0633c9ba10ed0e0c1fc5758eba3a4916
2334bf82c338c12de85012c35c67ff085a213c4ee254a3a6d3375102e9c8f33c
2e8d6229a570ba5f63348933732ce52a6c6b025eda3d3f7fe9f7be5942c5d5cd
2fb25c5f13131ac5023270573e0df66b6ceedde30696ec01246e9e99ceb97e48
33d533cede95a42fc46b7c65654e2cd019dd4ef3233357b326cc015a5aa0ea06
37184c5271168d71d7addf02a51f6da6388bdea77b97499cd69135ac4758a792
38022d6973c58015146138fbd7bdeeaf3acea7c8703cd9e6cbaef44557c952a3
708c7478efbd011a5765422c36e3cb837d9fd45990c2ea113e2a4bc6d75221fc
7614c6a676a02cae69ef7e71150755a6aa84c72642b5dabfd1a8dca7e6b3e802
79d76fcce152b4f559e429dadaa93b635897bae17719a3c93619664da09a8e16
7b3a8c15b1c6a42f8fb81b3e2c6c54b51104cb5c27a0a19f53d73d5138ad58e1
8a99036818f7aa97ed086266eec141fc014baa073981e047bacb969c6bac3435
95267857d9fd0c77f82999beaf6156c23a76fa457946b9cfaaa9347c12c92b86
9f6298f331a4e32e572c8bcbbfec7ac26aba576eaf991dffa592bc12464cc3f1
a642c2b85a3d4f385bb0d889bc46d192dcac6279d83e4e2c45d2184c93866aec
a7664a18c2379b373212cc394e641ca962824d74d68447412e22a71e533bdadf
a87d66c91b2e7dc5530aef76c03bd6a3d25ea5826110bf4803b561b811cc8726
c2e37877957a84efc2e5604969599edfa9be30f963d56f8a8ea5352443f72892
e6a1ffef6577f471d4f67d543603c9844e1e3a810e48efe1c12fea9995f7ba27
fa1e2c3642a63de2c3524bfc2c1796ba43611466f0eb7814c5d9a05d2cdfc4af