urlscan.io logo urlscan.io
SecurityTrails logo

office365studentsverificationportal.netlify.app Open in urlscan Pro
2a03:b0c0:3:d0::d23:e001  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://cutt.ly/qPg09bk
Effective URL: https://office365studentsverificationportal.netlify.app/
Submission Tags: phishing
Submission: On February 16 via api from AU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 5 countries across 17 domains to perform 42 HTTP transactions. The main IP is 2a03:b0c0:3:d0::d23:e001, located in Frankfurt am Main, Germany and belongs to DIGITALOCEAN-ASN, US. The main domain is office365studentsverificationportal.netlify.app.
TLS certificate: Issued by DigiCert TLS Hybrid ECC SHA384 2020 CA1 on March 9th 2021. Valid for: a year.
This is the only time office365studentsverificationportal.netlify.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a03:b0c0:3:d... 14061 (DIGITALOC...)
6 2600:9000:223... 16509 (AMAZON-02)
5 2.18.232.232 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 5 34.246.16.33 16509 (AMAZON-02)
1 34.249.135.188 16509 (AMAZON-02)
1 13.36.218.177 16509 (AMAZON-02)
1 1 54.194.191.134 16509 (AMAZON-02)
1 63.35.137.213 16509 (AMAZON-02)
2 2 35.244.174.68 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 54.197.126.54 14618 (AMAZON-AES)
1 169.50.137.179 36351 (SOFTLAYER)
7 2606:4700::68... 13335 (CLOUDFLAR...)
1 18.66.112.6 16509 (AMAZON-02)
1 23.62.134.249 16625 (AKAMAI-AS)
3 6 151.101.194.49 54113 (FASTLY)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 34.199.75.236 14618 (AMAZON-AES)
1 1 74.120.224.135 17054 (AS17054)
1 52.222.236.128 16509 (AMAZON-02)
42 18
1    2606:4700:10::6816:1e8 (United States)

ASN13335 (CLOUDFLARENET, US)
cutt.ly
1    2a03:b0c0:3:d0::d23:e001 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
office365studentsverificationportal.netlify.app
6    2600:9000:223c:ae00:1a:a943:cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
my.phoenix.edu
5    2.18.232.232 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-232.deploy.static.akamaitechnologies.com
tags.tiqcdn.com
1    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
5    34.246.16.33 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-16-33.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    34.249.135.188 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-135-188.eu-west-1.compute.amazonaws.com
apollo.demdex.net
1    13.36.218.177 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
smetrics.phoenix.edu
1    54.194.191.134 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-191-134.eu-west-1.compute.amazonaws.com
cm.everesttech.net
1    63.35.137.213 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-137-213.eu-west-1.compute.amazonaws.com
apollogroupinc.tt.omtrdc.net
2    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    2606:4700::6812:a4f (United States)

ASN13335 (CLOUDFLARENET, US)
idpix.media6degrees.com
1    54.197.126.54 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-197-126-54.compute-1.amazonaws.com
aorta.clickagy.com
1    169.50.137.179 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b3.89.32a9.ip4.static.sl-reverse.com
tag.simpli.fi
7    2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
1    18.66.112.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-6.fra56.r.cloudfront.net
t.contentsquare.net
1    23.62.134.249 (Schiphol, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-62-134-249.deploy.static.akamaitechnologies.com
www.everestjs.net
6    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
2    34.199.75.236 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-75-236.compute-1.amazonaws.com
mid.rkdms.com
1    74.120.224.135 (Glendale, United States)

ASN17054 (AS17054, US)
PTR: fa.west.edu
phoenix.edu
1    52.222.236.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-128.fra56.r.cloudfront.net
www.phoenix.edu
Apex Domain
Subdomains		 Transfer
9 phoenix.edu
my.phoenix.edu — Cisco Umbrella Rank: 185177
smetrics.phoenix.edu — Cisco Umbrella Rank: 152928
phoenix.edu — Cisco Umbrella Rank: 79873
www.phoenix.edu — Cisco Umbrella Rank: 141440
266 KB
7 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 443
123 KB
7 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 881
sync-tm.everesttech.net — Cisco Umbrella Rank: 491 Failed
2 KB
6 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 187
apollo.demdex.net — Cisco Umbrella Rank: 157545
9 KB
5 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 904
108 KB
2 rkdms.com
mid.rkdms.com — Cisco Umbrella Rank: 942
71 B
2 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 283
801 B
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 709
457 B
1 everestjs.net
www.everestjs.net — Cisco Umbrella Rank: 5560
3 KB
1 contentsquare.net
t.contentsquare.net — Cisco Umbrella Rank: 3603
67 KB
1 simpli.fi
tag.simpli.fi — Cisco Umbrella Rank: 4570
790 B
1 clickagy.com
aorta.clickagy.com — Cisco Umbrella Rank: 2029
663 B
1 media6degrees.com
idpix.media6degrees.com — Cisco Umbrella Rank: 1758
278 B
1 omtrdc.net
apollogroupinc.tt.omtrdc.net — Cisco Umbrella Rank: 158661
634 B
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 250
30 KB
1 netlify.app
office365studentsverificationportal.netlify.app
6 KB
1 cutt.ly
cutt.ly — Cisco Umbrella Rank: 65940
459 B
42 17
Domain Requested by
7 cdn.cookielaw.org tags.tiqcdn.com
cdn.cookielaw.org
6 sync-tm.everesttech.net office365studentsverificationportal.netlify.app
6 my.phoenix.edu office365studentsverificationportal.netlify.app
5 dpm.demdex.net 1 redirects office365studentsverificationportal.netlify.app
5 tags.tiqcdn.com office365studentsverificationportal.netlify.app
tags.tiqcdn.com
2 mid.rkdms.com 1 redirects
2 idsync.rlcdn.com 2 redirects
1 www.phoenix.edu
1 phoenix.edu 1 redirects
1 geolocation.onetrust.com cdn.cookielaw.org
1 www.everestjs.net tags.tiqcdn.com
1 t.contentsquare.net tags.tiqcdn.com
1 tag.simpli.fi tags.tiqcdn.com
1 aorta.clickagy.com 1 redirects
1 idpix.media6degrees.com office365studentsverificationportal.netlify.app
1 apollogroupinc.tt.omtrdc.net tags.tiqcdn.com
1 cm.everesttech.net 1 redirects
1 smetrics.phoenix.edu tags.tiqcdn.com
1 apollo.demdex.net tags.tiqcdn.com
1 ajax.googleapis.com tags.tiqcdn.com
1 office365studentsverificationportal.netlify.app
1 cutt.ly 1 redirects
42 22

This site contains links to these domains. Also see Links.

Domain
ecampus.phoenix.edu
www.phoenix.edu
my.phoenix.edu
cookiepedia.co.uk
www.onetrust.com
Subject Issuer Validity Valid
*.netlify.app
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-03-09 -
2022-03-01		 a year crt.sh
my.phoenix.edu
Amazon		 2021-07-30 -
2022-08-28		 a year crt.sh
*.tiqcdn.com
DigiCert SHA2 Secure Server CA		 2021-04-19 -
2022-04-27		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
smetrics.phoenix.edu
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-14 -
2022-10-15		 a year crt.sh
*.tt.omtrdc.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-11 -
2022-10-12		 a year crt.sh
dstillery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-04-09 -
2022-05-10		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-27 -
2022-11-27		 a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2021-06-01 -
2022-05-31		 a year crt.sh
t.contentsquare.net
Amazon		 2021-11-13 -
2022-12-11		 a year crt.sh
www.everestjs.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-02 -
2022-09-02		 a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2022-01-12 -
2023-01-12		 a year crt.sh

This page contains 2 frames:

Primary Page: https://office365studentsverificationportal.netlify.app/
Frame ID: D811319D8B7192FD4DF8BDC80F96A8FC
Requests: 30 HTTP requests in this frame

Frame: https://apollo.demdex.net/dest5.html?d_nsid=0
Frame ID: C5E5D2D8CF709F103538E4E4B45C5837
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

University of Phoenix - LoginBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

  1. https://cutt.ly/qPg09bk HTTP 301
    https://office365studentsverificationportal.netlify.app/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /etc\.clientlibs/
Overall confidence: 100%
Detected patterns
  • ^https?://[^/]+\.netlify\.(?:com|app)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

42
Requests

67 %
HTTPS

32 %
IPv6

17
Domains

22
Subdomains

18
IPs

5
Countries

614 kB
Transfer

2072 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://cutt.ly/qPg09bk HTTP 301
    https://office365studentsverificationportal.netlify.app/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8DF667C25245B0070A490D4C%40AdobeOrg&d_nsid=0&ts=1645043593578 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8DF667C25245B0070A490D4C%40AdobeOrg&d_nsid=0&ts=1645043593578
Request Chain 12
  • https://cm.everesttech.net/cm/dd?d_uuid=63894736828950312472102307605184733080 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yg1fiQAAAEnB3QQD
Request Chain 14
  • https://idsync.rlcdn.com/365868.gif?partner_uid=63894736828950312472102307605184733080 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomNjM4OTQ3MzY4Mjg5NTAzMTI0NzIxMDIzMDc2MDUxODQ3MzMwODAQABoNCIm_tZAGEgUI6AcQAEIASgA HTTP 307
  • https://dpm.demdex.net/ibs:dpid=477&dpuuid=3dff270ec5ce9c2d99a7ee873079b3f62bca1666e31dcb3d3dd52a943a0165f6b0da87c991749652
Request Chain 16
  • https://aorta.clickagy.com/pixel.gif?ch=124&cm=63894736828950312472102307605184733080&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D79908%26dpuuid%3D%7Bvisitor_id%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=79908&dpuuid=c:1806be6aac378cc03a80f43a39a5e809
Request Chain 27
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Yg1figAGug9h9wBB
Request Chain 29
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D&_test=Yg1figAGucpkBwBB
Request Chain 35
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1&_test=Yg1figAGvl9PRQBH
Request Chain 40
  • https://mid.rkdms.com/bct?pid=8bc436aa-e0fc-4baa-9c9a-06fbeca87826&puid=63894736828950312472102307605184733080&_ct=img HTTP 302
  • https://mid.rkdms.com/restricted
Request Chain 41
  • https://phoenix.edu/content/dam/altcloud/img/close-btn-white.svg HTTP 301
  • https://www.phoenix.edu/content/dam/altcloud/img/close-btn-white.svg

42 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
office365studentsverificationportal.netlify.app/
Redirect Chain
  • https://cutt.ly/qPg09bk
  • https://office365studentsverificationportal.netlify.app/
11 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://office365studentsverificationportal.netlify.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:b0c0:3:d0::d23:e001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Netlify /
Resource Hash
8217f5af515c637eeef5bedf337c08b70e43cadd4f608204de59e3023946f8cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
phishfarmer
Accept-Language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=0, must-revalidate
content-type
text/html; charset=UTF-8
date
Wed, 16 Feb 2022 20:33:12 GMT
etag
"6cdb917c477811781ac790890f40b223-ssl-df"
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-nf-request-id
01FW23TB64G6JQ16QGP9A2E3AD
vary
Accept-Encoding
age
0
server
Netlify
content-encoding
br

Redirect headers

date
Wed, 16 Feb 2022 20:33:12 GMT
content-type
text/html; charset=UTF-8
location
https://office365studentsverificationportal.netlify.app/
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6de98cb29b1983a3-MXP
clientlib-base.css
my.phoenix.edu/etc.clientlibs/myphoenix/clientlibs/ 		126 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.phoenix.edu/etc.clientlibs/myphoenix/clientlibs/clientlib-base.css
Requested by
Host: office365studentsverificationportal.netlify.app
URL: https://office365studentsverificationportal.netlify.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:ae00:1a:a943:cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
c8a8042249bbac50bfe57d323a561395bee04b9acbcdca1aee9318170b6a2adc
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://office365studentsverificationportal.netlify.app/
User-Agent
phishfarmer

Response headers

x-dispatcher
dispatcher1uswest1
date
Wed, 16 Feb 2022 20:33:13 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-cf-pop
FRA56-P2
x-vhost
myphoenix
x-cache
Miss from cloudfront
content-length
7253
x-request-id
Yg1fiZr173mbdhGp4q@g-QAAANc
last-modified
Thu, 10 Feb 2022 23:09:23 GMT
server
Apache
etag
"1f74d-5d7b20a72cec0-gzip"
x-frame-options
SAMEORIGIN
content-type
text/css
via
1.1 e44e0b24e706487eaec6b9e01f2166dc.cloudfront.net (CloudFront)
cache-control
max-age=1800, no-cache="set-cookie"
accept-ranges
bytes
x-amz-cf-id
NjSSqqjBQ07EOzpX299pDwr3BYWRWVSSajFLE4QxkCkkzY-fMdvHew==
expires
Wed, 16 Feb 2022 21:03:13 GMT
clientlib-login.css
my.phoenix.edu/etc.clientlibs/myphoenix/clientlibs/ 		254 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.phoenix.edu/etc.clientlibs/myphoenix/clientlibs/clientlib-login.css
Requested by
Host: office365studentsverificationportal.netlify.app
URL: https://office365studentsverificationportal.netlify.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:ae00:1a:a943:cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
46bfa5538dad730a6c24bf24220229211d2d1c3449a35e138b4125ced5dabb24
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://office365studentsverificationportal.netlify.app/
User-Agent
phishfarmer

Response headers

x-dispatcher
dispatcher1uswest1
date
Wed, 16 Feb 2022 20:33:13 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-cf-pop
FRA56-P2
x-vhost
myphoenix
x-cache
Miss from cloudfront
content-length
33253
x-request-id
Yg1ficG09ANViQjmk-BrDwAAAY4
last-modified
Thu, 10 Feb 2022 23:08:58 GMT
server
Apache
etag
"3f880-5d7b208f55680-gzip"
x-frame-options
SAMEORIGIN
content-type
text/css
via
1.1 e44e0b24e706487eaec6b9e01f2166dc.cloudfront.net (CloudFront)
cache-control
max-age=1800, no-cache="set-cookie"
accept-ranges
bytes
x-amz-cf-id
8e3rIl0RmxbzRFJf8RVj-1EQn9Z5EMYD9bnEoTjofclae4_9lsWKzg==
expires
Wed, 16 Feb 2022 21:03:13 GMT
header-logo-icon.svg
my.phoenix.edu/content/dam/myphoenix/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.phoenix.edu/content/dam/myphoenix/header-logo-icon.svg
Requested by
Host: office365studentsverificationportal.netlify.app
URL: https://office365studentsverificationportal.netlify.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:ae00:1a:a943:cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
6ef96cd1ef52d4ab59ac0692656a6a966522f5e85eb4f06a8ba3cf60b8c63b49
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://office365studentsverificationportal.netlify.app/
User-Agent
phishfarmer

Response headers

x-dispatcher
dispatcher1uswest1
date
Wed, 16 Feb 2022 20:33:13 GMT
content-encoding
gzip
x-amz-cf-pop
FRA56-P2
x-vhost
myphoenix
x-cache
Miss from cloudfront
content-disposition
attachment; filename="header-logo-icon.svg"
content-length
2920
x-request-id
Yg1fiYIevqL9xoKjSYthtwAAAII
access-control-allow-origin
*
last-modified
Wed, 09 Feb 2022 22:22:47 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"1a2c-5d79d45f3dbc0-gzip"
vary
Accept-Encoding
content-type
image/svg+xml
via
1.1 e44e0b24e706487eaec6b9e01f2166dc.cloudfront.net (CloudFront)
cache-control
max-age=1800
accept-ranges
bytes
x-amz-cf-id
lEN91euwrxT1Xi9KkRy-_28q5PdB6A01i_vOAcCFLM8NePN0L_Cikw==
expires
Wed, 16 Feb 2022 21:03:13 GMT
clientlib-base.js
my.phoenix.edu/etc.clientlibs/myphoenix/clientlibs/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.phoenix.edu/etc.clientlibs/myphoenix/clientlibs/clientlib-base.js
Requested by
Host: office365studentsverificationportal.netlify.app
URL: https://office365studentsverificationportal.netlify.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:ae00:1a:a943:cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
ac4f411bae05a3b8c3adde39a2084b53c1727fd1b84286b648bc2c215f43b991
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://office365studentsverificationportal.netlify.app/
User-Agent
phishfarmer

Response headers

x-dispatcher
dispatcher1uswest1
date
Wed, 16 Feb 2022 20:33:13 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-cf-pop
FRA56-P2
x-vhost
myphoenix
x-cache
Miss from cloudfront
content-length
788
x-request-id
Yg1fiYIevqL9xoKjSYthsQAAAII
last-modified
Thu, 10 Feb 2022 23:08:58 GMT
server
Apache
etag
"69f-5d7b208f55680-gzip"
x-frame-options
SAMEORIGIN
content-type
application/javascript
via
1.1 e44e0b24e706487eaec6b9e01f2166dc.cloudfront.net (CloudFront)
cache-control
max-age=1800
accept-ranges
bytes
x-amz-cf-id
K8Q1S_z4byPYISDCn4h76WpiXq1LXd9LfbZqEl3_NHYXoyiQz-H74A==
expires
Wed, 16 Feb 2022 21:03:13 GMT
clientlib-login.js
my.phoenix.edu/etc.clientlibs/myphoenix/clientlibs/ 		246 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.phoenix.edu/etc.clientlibs/myphoenix/clientlibs/clientlib-login.js
Requested by
Host: office365studentsverificationportal.netlify.app
URL: https://office365studentsverificationportal.netlify.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:ae00:1a:a943:cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
ae0a2529ad108a4ff872f14e85e1a99da851cffdbcc3b24de09a0639b45ace03
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://office365studentsverificationportal.netlify.app/
User-Agent
phishfarmer

Response headers

x-dispatcher
dispatcher1uswest1
date
Wed, 16 Feb 2022 20:33:13 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-cf-pop
FRA56-P2
x-vhost
myphoenix
x-cache
Miss from cloudfront
x-request-id
Yg1fiYIevqL9xoKjSYthtgAAAI0
last-modified
Thu, 10 Feb 2022 23:09:23 GMT
server
Apache
etag
"3d68a-5d7b20a72cec0-gzip"
x-frame-options
SAMEORIGIN
content-type
application/javascript
via
1.1 e44e0b24e706487eaec6b9e01f2166dc.cloudfront.net (CloudFront)
cache-control
max-age=1800
accept-ranges
bytes
x-amz-cf-id
4uezef5-xZoJcWPXvwSDdmh64e9lxJ0W8d030Al-NAbdOPTFiEfYmw==
expires
Wed, 16 Feb 2022 21:03:13 GMT
utag.js
tags.tiqcdn.com/utag/uopx/myphoenix/prod/ 		216 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/uopx/myphoenix/prod/utag.js
Requested by
Host: office365studentsverificationportal.netlify.app
URL: https://office365studentsverificationportal.netlify.app/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-232.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
bc5b55a7147375a903c478b16b41c5d1df592c594fc787afbadb93082f727970

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://office365studentsverificationportal.netlify.app/
User-Agent
phishfarmer

Response headers

date
Wed, 16 Feb 2022 20:33:13 GMT
content-encoding
gzip
last-modified
Tue, 08 Feb 2022 16:53:51 GMT
server
AkamaiNetStorage
etag
"e352db39192f2d20da133b91c0c3a13f:1644339231.338018"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
expires
Wed, 16 Feb 2022 20:38:13 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f466ef4723b74f254870f9ed32c2d28fb4d30683c5136ba685c4b5398f2a65e2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
phishfarmer

Response headers

Content-Type
image/png
UOPXwings_2880_x_1620.jpg
my.phoenix.edu/content/dam/myphoenix/login/ 		154 KB
154 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.phoenix.edu/content/dam/myphoenix/login/UOPXwings_2880_x_1620.jpg
Requested by
Host: office365studentsverificationportal.netlify.app
URL: https://office365studentsverificationportal.netlify.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:ae00:1a:a943:cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
3083ffaaf060756110cdfda1c8e50d92f3b7801d63f56f84223e08d2ba824ab8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://office365studentsverificationportal.netlify.app/
User-Agent
phishfarmer

Response headers

x-dispatcher
dispatcher1uswest1
date
Wed, 16 Feb 2022 20:33:13 GMT
via
1.1 e44e0b24e706487eaec6b9e01f2166dc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-vhost
myphoenix
x-cache
Miss from cloudfront
content-disposition
attachment
content-length
157445
x-request-id
Yg1fiYIevqL9xoKjSYthuAAAAI0
last-modified
Wed, 09 Feb 2022 22:23:10 GMT
server
Apache
etag
"26705-5d79d4752cf80"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
x-amz-cf-id
-8vUqGq3Dj1mY-VNfyL2UotWvo32ZcEz5fQEIhkB9u7UJuYQ0iGuKw==
expires
Wed, 16 Feb 2022 21:03:13 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/uopx/myphoenix/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://office365studentsverificationportal.netlify.app/
User-Agent
phishfarmer

Response headers

date
Tue, 15 Feb 2022 14:50:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
106984
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30306
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 Feb 2023 14:50:09 GMT
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8DF667C25245B0070A490D4C%40AdobeOrg&d_nsid=0&ts=1645043593578
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8DF667C25245B0070A490D4C%40AdobeOrg&d_nsid=0&ts=1645043593578
3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8DF667C25245B0070A490D4C%40AdobeOrg&d_nsid=0&ts=1645043593578
Requested by
Host: office365studentsverificationportal.netlify.app
URL: https://office365studentsverificationportal.netlify.app/
Protocol
HTTP/1.1
Server
34.246.16.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-16-33.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e23e9c9e6e53545bf4107db275abd81c7235f96b9cf2935f3cf75e868969be45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://office365studentsverificationportal.netlify.app/
User-Agent
phishfarmer

Response headers

DCS
dcs-prod-irl1-2-v028-0d3310425.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
t9E/AeLYSJI=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://office365studentsverificationportal.netlify.app
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
1117
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v028-0b1513493.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Origin
https://office365studentsverificationportal.netlify.app
X-TID
bQtVst4qQW8=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8DF667C25245B0070A490D4C%40AdobeOrg&d_nsid=0&ts=1645043593578
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
dest5.html
apollo.demdex.net/ Frame C5E5 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://apollo.demdex.net/dest5.html?d_nsid=0
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/uopx/myphoenix/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.135.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-135-188.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
phishfarmer
Accept-Language
de-DE,de;q=0.9
Referer
https://office365studentsverificationportal.netlify.app/

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
Content-Type
text/html;charset=UTF-8
date
Wed, 16 Feb 2022 20:33:13 GMT
DCS
dcs-prod-irl1-1-v028-0063aaca1.edge-irl1.demdex.com UNKNOWN
Expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Mon, 14 Feb 2022 15:44:39 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
vary
accept-encoding
X-TID
fDsTsfhqRIw=
transfer-encoding
chunked
Connection
keep-alive
id
smetrics.phoenix.edu/ 		48 B
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://smetrics.phoenix.edu/id?d_visid_ver=5.0.1&d_fieldgroup=A&mcorgid=8DF667C25245B0070A490D4C%40AdobeOrg&mid=60281475976089069561598590520640365723&ts=1645043593773
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/uopx/myphoenix/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
52f73a8ce75436de42a07d988563b6106e2be6d2fc0b6466d297e50ced1058f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://office365studentsverificationportal.netlify.app/
Accept-Language
de-DE,de;q=0.9
User-Agent
phishfarmer
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 16 Feb 2022 20:33:13 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-cdfbd77b-vc657
vary
Origin
x-c
main-1585.I7afc85.M0-540
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://office365studentsverificationportal.netlify.app
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript;charset=utf-8
content-length
48
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=Yg1fiQAAAEnB3QQD
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=63894736828950312472102307605184733080
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yg1fiQAAAEnB3QQD
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yg1fiQAAAEnB3QQD
Requested by
Host: office365studentsverificationportal.netlify.app
URL: https://office365studentsverificationportal.netlify.app/
Protocol
HTTP/1.1
Server
34.246.16.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-16-33.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://office365studentsverificationportal.netlify.app/
User-Agent
phishfarmer

Response headers

DCS
dcs-prod-irl1-1-v028-04643fc02.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
S+7EHrAySus=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yg1fiQAAAEnB3QQD
Date
Wed, 16 Feb 2022 20:33:13 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
delivery
apollogroupinc.tt.omtrdc.net/rest/v1/ 		377 B
634 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apollogroupinc.tt.omtrdc.net/rest/v1/delivery?client=apollogroupinc&sessionId=ce5f778ea3654094ad41e9d093ef6fbb&version=2.2.0
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/uopx/myphoenix/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.35.137.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-35-137-213.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7c8cce9ca53f8fb0f0c6d7c38a2d1fcd63844308ad932b84600ed9655d1598d2

Request headers

Referer
https://office365studentsverificationportal.netlify.app/
Accept-Language
de-DE,de;q=0.9
User-Agent
phishfarmer
Content-Type
text/plain

Response headers

date
Wed, 16 Feb 2022 20:33:13 GMT
content-encoding
gzip
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://office365studentsverificationportal.netlify.app
access-control-allow-credentials
true
timing-allow-origin
*
x-request-id
279f9ce1d010a50e08689860def52e91
ibs:dpid=477&dpuuid=3dff270ec5ce9c2d99a7ee873079b3f62bca1666e31dcb3d3dd52a943a0165f6b0da87c991749652
dpm.demdex.net/ Frame C5E5
Redirect Chain
  • https://idsync.rlcdn.com/365868.gif?partner_uid=63894736828950312472102307605184733080
  • https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomNjM4OTQ3MzY4Mjg5NTAzMTI0NzIxMDIzMDc2MDUxODQ3MzMwODAQABoNCIm_tZAGEgUI6AcQAEIASgA
  • https://dpm.demdex.net/ibs:dpid=477&dpuuid=3dff270ec5ce9c2d99a7ee873079b3f62bca1666e31dcb3d3dd52a943a0165f6b0da87c991749652
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=477&dpuuid=3dff270ec5ce9c2d99a7ee873079b3f62bca1666e31dcb3d3dd52a943a0165f6b0da87c991749652
Requested by
Host: office365studentsverificationportal.netlify.app
URL: https://office365studentsverificationportal.netlify.app/
Protocol
HTTP/1.1
Server
34.246.16.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-16-33.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://apollo.demdex.net/
User-Agent
phishfarmer

Response headers

DCS
dcs-prod-irl1-2-v028-03c8e435b.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
bb9d6/bQR80=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date
Wed, 16 Feb 2022 20:33:13 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dpm.demdex.net/ibs:dpid=477&dpuuid=3dff270ec5ce9c2d99a7ee873079b3f62bca1666e31dcb3d3dd52a943a0165f6b0da87c991749652
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
clear
content-length
0
hbpix
idpix.media6degrees.com/orbserv/ Frame C5E5 		43 B
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idpix.media6degrees.com/orbserv/hbpix?pixId=16873&pcv=70&ptid=66&tpuv=01&tpu=63894736828950312472102307605184733080
Requested by
Host: office365studentsverificationportal.netlify.app
URL: https://office365studentsverificationportal.netlify.app/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6812:a4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4abdc5bae3773141e85e6bed6c09953d57aded7ef98b1d304c42807f2229474f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://apollo.demdex.net/
User-Agent
phishfarmer

Response headers

date
Wed, 16 Feb 2022 20:33:14 GMT
cf-cache-status
DYNAMIC
last-modified
Fri, 08 Sep 2017 18:54:28 GMT
server
cloudflare
etag
"59b2e764-2b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
accept-ranges
bytes
cf-ray
6de98cc04d5c599b-MXP
content-length
43
ibs:dpid=79908&dpuuid=c:1806be6aac378cc03a80f43a39a5e809
dpm.demdex.net/ Frame C5E5
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=124&cm=63894736828950312472102307605184733080&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D79908%26dpuuid%3D%7Bvisitor_id%7D
  • https://dpm.demdex.net/ibs:dpid=79908&dpuuid=c:1806be6aac378cc03a80f43a39a5e809
42 B
959 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=79908&dpuuid=c:1806be6aac378cc03a80f43a39a5e809
Protocol
HTTP/1.1
Server
34.246.16.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-16-33.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://apollo.demdex.net/
User-Agent
phishfarmer

Response headers

DCS
dcs-prod-irl1-1-v028-089c94ba8.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-Error
300
X-TID
Jd4yIpBMSus=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date
Wed, 16 Feb 2022 20:33:14 GMT
server
Aorta/20220128.132aca1
access-control-allow-origin
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
Location
https://dpm.demdex.net/ibs:dpid=79908&dpuuid=c:1806be6aac378cc03a80f43a39a5e809
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
X-Aorta-Region
us-east-1
Connection
keep-alive
X-Aorta-Host
ip-10-42-23-70.ec2.internal
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
Content-Length
0
5w3jqr4k
sync-tm.everesttech.net/upi/pid/ Frame C5E5 		0
0
btu4jd3a
sync-tm.everesttech.net/upi/pid/ Frame C5E5 		0
0
a3f7d450-6e54-0139-3f7c-06abc14c0bc6
tag.simpli.fi/sifitag/ 		0
790 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.simpli.fi/sifitag/a3f7d450-6e54-0139-3f7c-06abc14c0bc6
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/uopx/myphoenix/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.179 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b3.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://office365studentsverificationportal.netlify.app/
User-Agent
phishfarmer

Response headers

pragma
no-cache, no-cache
date
Wed, 16 Feb 2022 20:33:14 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
0
x-request-id
FtRebu1H3-WGNb7ERlgh
expires
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
utag.1.js
tags.tiqcdn.com/utag/uopx/myphoenix/prod/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/uopx/myphoenix/prod/utag.1.js?utv=ut4.46.202112092109
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/uopx/myphoenix/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-232.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
f550cc3718d014ef128e177de9a31e7f96c69563e7a09c039c1b8074a4a6d1e9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://office365studentsverificationportal.netlify.app/
User-Agent
phishfarmer

Response headers

date
Wed, 16 Feb 2022 20:33:14 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 21:09:31 GMT
server
AkamaiNetStorage
etag
"b2cc8860ab29b11e49cb1854255e08fb:1639084171.14052"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
1589
expires
Thu, 03 Mar 2022 20:33:14 GMT
utag.3.js
tags.tiqcdn.com/utag/uopx/myphoenix/prod/ 		114 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/uopx/myphoenix/prod/utag.3.js?utv=ut4.46.202202081653
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/uopx/myphoenix/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-232.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
91aaf7e74bda94a5704044bbff0b80c38426cc498cceaa912ef191192b387735

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://office365studentsverificationportal.netlify.app/
User-Agent
phishfarmer

Response headers

date
Wed, 16 Feb 2022 20:33:14 GMT
content-encoding
gzip
last-modified
Tue, 08 Feb 2022 16:53:51 GMT
server
AkamaiNetStorage
etag
"c4ffcb2f65bb062b517fddccc56c2568:1644339231.808162"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
38445
expires
Thu, 03 Mar 2022 20:33:14 GMT
utag.27.js
tags.tiqcdn.com/utag/uopx/myphoenix/prod/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/uopx/myphoenix/prod/utag.27.js?utv=ut4.46.202108031919
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/uopx/myphoenix/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-232.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
1f44a2a2af24240280a485d06b9cb9b7b8785cc7e4b825f98392afe61009b147

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://office365studentsverificationportal.netlify.app/
User-Agent
phishfarmer

Response headers

date
Wed, 16 Feb 2022 20:33:14 GMT
content-encoding
gzip
last-modified
Mon, 15 Mar 2021 18:06:08 GMT
server
AkamaiNetStorage
etag
"a252f4c356019099219e8591b328d93b:1615831568.962792"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
1250
expires
Thu, 03 Mar 2022 20:33:14 GMT
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/uopx/myphoenix/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
134482ec36c8980c2c7a3f2454c76546abcd612c9ae596d011251a7cd1d0fcbb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://office365studentsverificationportal.netlify.app/
User-Agent
phishfarmer

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 16 Feb 2022 20:33:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
zadN1tnUFXNBOXe6vsJdDg==
age
12903
vary
Accept-Encoding
content-length
6456
x-ms-lease-status
unlocked
last-modified
Wed, 16 Feb 2022 14:19:43 GMT
server
cloudflare
etag
0x8D9F15760A3EA92
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
7eb2dcda-e01e-003a-1056-239b45000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6de98cc139ae83b2-MXP
c5b90b9425581.js
t.contentsquare.net/uxa/ 		318 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.contentsquare.net/uxa/c5b90b9425581.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/uopx/myphoenix/prod/utag.27.js?utv=ut4.46.202108031919
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-6.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
51744b5928881782e98b90fdabd7ca29235923e0552c98bac04b6b4ed9f7ce4c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://office365studentsverificationportal.netlify.app/
User-Agent
phishfarmer

Response headers

x-amz-server-side-encryption
AES256
date
Tue, 15 Feb 2022 10:44:06 GMT
content-encoding
gzip
last-modified
Sat, 12 Feb 2022 10:36:21 GMT
server
AmazonS3
age
121749
etag
"cf07f26b811af7e71651c3f451489621"
x-cache
Hit from cloudfront
content-type
application/javascript;charset=utf-8
via
1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control
max-age=900
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-length
68361
x-amz-cf-id
ZiTqEtdFQ4wqG3baqUPshr0oxG00cak4-zVchLo1Her4EGnascMLJA==
last-event-tag-latest.min.js
www.everestjs.net/static/le/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.everestjs.net/static/le/last-event-tag-latest.min.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/uopx/myphoenix/prod/utag.3.js?utv=ut4.46.202202081653
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.62.134.249 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-134-249.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
abb45ae4b3a896ae99132c1786a9676218c119ea552d3fbb5ab6d40d9e05e43c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://office365studentsverificationportal.netlify.app/
User-Agent
phishfarmer

Response headers

x-amz-version-id
null
Content-Encoding
gzip
Last-Modified
Wed, 16 Jun 2021 15:18:41 GMT
Server
AmazonS3
x-amz-request-id
TZ1S6B6E4PXQHVCY
ETag
"d5991c18a0042eb33f92c6b5b44ffe8d"
Vary
Accept-Encoding
Content-Type
application/javascript
Date
Wed, 16 Feb 2022 20:33:14 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2663
x-amz-id-2
nCqMZB2F+5MJOGzdzn3r4pWscAQmTaEes1OUWpPqikINDzGxWRSzQJD3Ph3er28nGnD8T02RRFM=
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
202 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=uopx/myphoenix/202202081653&cb=1645043594425
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/uopx/myphoenix/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-232.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://office365studentsverificationportal.netlify.app/
User-Agent
phishfarmer

Response headers

date
Wed, 16 Feb 2022 20:33:14 GMT
last-modified
Thu, 14 Apr 2016 16:57:51 GMT
server
AkamaiNetStorage
etag
"7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type
application/x-javascript
cache-control
max-age=600
accept-ranges
bytes
content-length
2
expires
Wed, 16 Feb 2022 20:43:14 GMT
ZMAwryCI
sync-tm.everesttech.net/ct/upi/pid/ Frame C5E5
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Yg1figAGug9h9wBB
85 B
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Yg1figAGug9h9wBB
Protocol
H2
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://apollo.demdex.net/
User-Agent
phishfarmer

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:33:14 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
age
1552
x-served-by
cache-hhn4021-HHN
x-cache
HIT
content-type
image/png
cache-control
no-cache
accept-ranges
bytes
x-timer
S1645043595.617008,VS0,VE0
content-length
85
x-cache-hits
16956

Redirect headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:33:14 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1645043594.433162,VS0,VE177
x-served-by
cache-hhn4021-HHN
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Yg1figAGug9h9wBB
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
96eb7728-962d-4ff5-b176-6acf9c9b7d7f.json
cdn.cookielaw.org/consent/96eb7728-962d-4ff5-b176-6acf9c9b7d7f/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/96eb7728-962d-4ff5-b176-6acf9c9b7d7f/96eb7728-962d-4ff5-b176-6acf9c9b7d7f.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6399004907fb07a2e5eaf8e36a4ffdeef800fc3be772baa018a8001db8dbe600
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://office365studentsverificationportal.netlify.app/
User-Agent
phishfarmer

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 16 Feb 2022 20:33:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
content-md5
ZANm5OKAEEiUA47357anJg==
vary
Accept-Encoding
content-length
1443
x-ms-lease-status
unlocked
last-modified
Thu, 09 Dec 2021 17:41:53 GMT
server
cloudflare
etag
0x8D9BB3B306E0CC1
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
ceea2b07-101e-0146-2774-234025000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6de98cc1de7f0f4e-MXP
expires
Thu, 17 Feb 2022 00:33:14 GMT
UH6TUt9n
sync-tm.everesttech.net/ct/upi/pid/ Frame C5E5
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D&_test=Yg1figAGucpkBwBB
85 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D&_test=Yg1figAGucpkBwBB
Protocol
H2
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://apollo.demdex.net/
User-Agent
phishfarmer

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:33:14 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
age
1552
x-served-by
cache-hhn4021-HHN
x-cache
HIT
content-type
image/png
cache-control
no-cache
accept-ranges
bytes
x-timer
S1645043595.729785,VS0,VE0
content-length
85
x-cache-hits
16958

Redirect headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:33:14 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1645043595.536710,VS0,VE186
x-served-by
cache-hhn4021-HHN
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://sync-tm.everesttech.net/ct/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D&_test=Yg1figAGucpkBwBB
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		182 B
457 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd9308db31181fde13aca740757dcb439baf71d731011a87da483a28faae444f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://office365studentsverificationportal.netlify.app/
Accept-Language
de-DE,de;q=0.9
User-Agent
phishfarmer

Response headers

date
Wed, 16 Feb 2022 20:33:14 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6de98cc2db8a5030-WAW
access-control-allow-headers
Content-Type
ny75r2x0
sync-tm.everesttech.net/upi/pid/ Frame C5E5 		0
0
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.23.0/ 		312 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.23.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99ac0e388250281fe8851ef71799b3222bab0db5612c2c17deba3962626e0ec1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://office365studentsverificationportal.netlify.app/
User-Agent
phishfarmer

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 16 Feb 2022 20:33:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
joMckLq8BtEunD8NH/4XVA==
age
10441543
vary
Accept-Encoding
content-length
76366
x-ms-lease-status
unlocked
last-modified
Thu, 02 Sep 2021 03:11:58 GMT
server
cloudflare
etag
0x8D96DBF6CBEE741
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
00662b2e-d01e-0032-046c-c48036000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6de98cc31ed383b2-MXP
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame C5E5 		0
0
en.json
cdn.cookielaw.org/consent/96eb7728-962d-4ff5-b176-6acf9c9b7d7f/85843944-9e40-434a-95b1-a7b7f5eea21d/ 		98 KB
20 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/96eb7728-962d-4ff5-b176-6acf9c9b7d7f/85843944-9e40-434a-95b1-a7b7f5eea21d/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.23.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b51efd27eaad5360024419158359004ed2e0e9cdaed5afb2f4079400b8f40532
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://office365studentsverificationportal.netlify.app/
User-Agent
phishfarmer

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 16 Feb 2022 20:33:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
content-md5
YXs7Zd/VflERI6ZGaVBDRg==
vary
Accept-Encoding
content-length
20241
x-ms-lease-status
unlocked
last-modified
Thu, 09 Dec 2021 17:41:57 GMT
server
cloudflare
etag
0x8D9BB3B3280EB20
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
075b66f0-501e-0082-5974-2379b6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6de98cc3799b0f4e-MXP
expires
Thu, 17 Feb 2022 00:33:14 GMT
h0r58thg
sync-tm.everesttech.net/ct/upi/pid/ Frame C5E5
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
  • https://sync-tm.everesttech.net/ct/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1&_test=Yg1figAGvl9PRQBH
85 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1&_test=Yg1figAGvl9PRQBH
Protocol
H2
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://apollo.demdex.net/
User-Agent
phishfarmer

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:33:14 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
age
1552
x-served-by
cache-hhn4021-HHN
x-cache
HIT
content-type
image/png
cache-control
no-cache
accept-ranges
bytes
x-timer
S1645043595.939991,VS0,VE0
content-length
85
x-cache-hits
16964

Redirect headers

pragma
no-cache
date
Wed, 16 Feb 2022 20:33:14 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1645043595.839398,VS0,VE92
x-served-by
cache-hhn4021-HHN
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://sync-tm.everesttech.net/ct/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1&_test=Yg1figAGvl9PRQBH
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
r7ifn0SL
sync-tm.everesttech.net/upi/pid/ Frame C5E5 		0
0
otFlat.json
cdn.cookielaw.org/scripttemplates/6.23.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.23.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.23.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72562f00bd821b6edc0368065bf009468955ba01f8ead742d8bbc2470c4358c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://office365studentsverificationportal.netlify.app/
User-Agent
phishfarmer

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 16 Feb 2022 20:33:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
content-md5
r7t3xbAZ3QK/7lQuu5X7ww==
vary
Accept-Encoding
content-length
2950
x-ms-lease-status
unlocked
last-modified
Thu, 02 Sep 2021 03:11:51 GMT
server
cloudflare
etag
0x8D96DBF68EC8D5B
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
2987eeec-701e-0112-4f74-23aaaf000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6de98cc50c710f4e-MXP
otPcPanel.json
cdn.cookielaw.org/scripttemplates/6.23.0/assets/v2/ 		47 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.23.0/assets/v2/otPcPanel.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.23.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49f1fe168324ed0f76fbbab536b991c992296cd48da5ce9dd8bc8ea55e2ef946
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://office365studentsverificationportal.netlify.app/
User-Agent
phishfarmer

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 16 Feb 2022 20:33:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
content-md5
57AUyP21eMxOiwzpGGh99A==
vary
Accept-Encoding
content-length
11457
x-ms-lease-status
unlocked
last-modified
Thu, 02 Sep 2021 03:11:53 GMT
server
cloudflare
etag
0x8D96DBF6A0C163B
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
b66df628-801e-0003-0374-23dbe1000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6de98cc50c760f4e-MXP
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/6.23.0/assets/ 		20 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.23.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.23.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://office365studentsverificationportal.netlify.app/
User-Agent
phishfarmer

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 16 Feb 2022 20:33:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
content-md5
Ye6OeZcNyuFoWog7CYs00A==
vary
Accept-Encoding
x-ms-lease-status
unlocked
last-modified
Thu, 02 Sep 2021 03:12:05 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
18fd6ded-501e-0028-3874-23af59000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
6de98cc50c780f4e-MXP
restricted
mid.rkdms.com/ Frame C5E5
Redirect Chain
  • https://mid.rkdms.com/bct?pid=8bc436aa-e0fc-4baa-9c9a-06fbeca87826&puid=63894736828950312472102307605184733080&_ct=img
  • https://mid.rkdms.com/restricted
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mid.rkdms.com/restricted
Protocol
H2
Server
34.199.75.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-75-236.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://apollo.demdex.net/
User-Agent
phishfarmer

Response headers

Redirect headers

location
/restricted
date
Wed, 16 Feb 2022 20:33:15 GMT
server
nginx
content-length
0
close-btn-white.svg
www.phoenix.edu/content/dam/altcloud/img/
Redirect Chain
  • https://phoenix.edu/content/dam/altcloud/img/close-btn-white.svg
  • https://www.phoenix.edu/content/dam/altcloud/img/close-btn-white.svg
844 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.phoenix.edu/content/dam/altcloud/img/close-btn-white.svg
Protocol
H2
Server
52.222.236.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-128.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
feabaf59f69961d333c8d79b67257d9c55c269c1e1b5f1cc3604bf0dedd0dd46
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://office365studentsverificationportal.netlify.app/
User-Agent
phishfarmer

Response headers

x-dispatcher
dispatcher1uswest1
date
Wed, 16 Feb 2022 20:14:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1113
x-vhost
publish
x-cache
Hit from cloudfront
content-disposition
inline
vary
Accept-Encoding
content-length
483
access-control-allow-origin
*
last-modified
Tue, 30 Nov 2021 18:31:20 GMT
server
Apache
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubdomains;
content-type
image/svg+xml
via
1.1 2ba7b49ec4c4de4e67297e603c89a5e4.cloudfront.net (CloudFront)
cache-control
max-age=1800, no-cache="set-cookie"
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
x-amz-cf-id
skoNuoaGEz6bVG8bxPaork7mxKisPmr-1wOn3NpDebUT56liNJ5VGQ==
expires
Wed, 16 Feb 2022 20:44:43 GMT

Redirect headers

Location
https://www.phoenix.edu/content/dam/altcloud/img/close-btn-white.svg
Server
BigIP
Connection
Keep-Alive
Content-Length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| structuredClone string| clientIp function| setLoginAttribute object| utag_data boolean| utag_condload object| utag function| e function| AppMeasurement_Module_AudienceManagement boolean| __tealium_twc_switch object| adobe function| Visitor object| s_c_il number| s_c_in object| visitor object| __TEALIUM function| targetPageParamsAll function| targetPageParams function| $ function| jQuery object| targetGlobalSettings object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate function| closeLoginNotification function| $clamp object| regeneratorRuntime object| prepareCookie function| setCookie object| _uxa object| s function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq function| AppMeasurement_Module_Integrate number| s_objectID number| s_giq function| DIL function| getCookie object| results object| CS_CONF object| CS_INTEGRATIONS_CONF function| csDate object| csJSON function| csArray function| csString function| csURL function| csMutationObserver object| csScreen function| csNodechildNodes function| csNodeparentNode function| csNodenextSibling function| csNodefirstChild function| csElementshadowRoot function| csEventtarget object| CSPureWindow object| CSPathComputation object| OneTrustStub string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer function| AdCloudEvent number| d object| eo number| y string| f0 object| otStubData object| Optanon object| OneTrust

12 Cookies

Domain/Path Name / Value
cutt.ly/ Name: PHPSESSID
Value: rihurte6g92divgrm128cf2t2a
my.phoenix.edu/ Name: AWSELBCORS
Value: 05EBCB4B06C47F65426B982A25C783B42E619D3D5E4DC9998B4A33737EAAA11C592FC0E8D77D1AFCC3732B870372BAAB9F1D47B3A5AD527A5DE781F6EB1227F2711F9805D9
.demdex.net/ Name: demdex
Value: 63894736828950312472102307605184733080
.office365studentsverificationportal.netlify.app/ Name: AMCVS_8DF667C25245B0070A490D4C%40AdobeOrg
Value: 1
.office365studentsverificationportal.netlify.app/ Name: check
Value: true
.dpm.demdex.net/ Name: dpm
Value: 63894736828950312472102307605184733080
.office365studentsverificationportal.netlify.app/ Name: AMCV_8DF667C25245B0070A490D4C%40AdobeOrg
Value: 359503849%7CMCIDTS%7C19040%7CMCMID%7C60281475976089069561598590520640365723%7CMCAAMLH-1645648393%7C6%7CMCAAMB-1645648393%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1645050793s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19047%7CvVersion%7C5.0.1
.office365studentsverificationportal.netlify.app/ Name: mbox
Value: session#ce5f778ea3654094ad41e9d093ef6fbb#1645045454|PC#ce5f778ea3654094ad41e9d093ef6fbb.37_0#1708288394
.rlcdn.com/ Name: rlas3
Value: V/TpLAXlA3LroGgLDio2S7Wm7OQebc33XG1vA3lAzZ4=
.rlcdn.com/ Name: pxrc
Value: CIm/tZAGEgUI6AcQABIGCPHrARAA
.simpli.fi/ Name: suid
Value: 07475F6A94DA4317B0DBC39CB6894D49
.demdex.net/ Name: dextp
Value: 60-1-1645043593926|992-1-1645043594026|79908-1-1645043594127|144230-1-1645043594228|144231-1-1645043594329|144232-1-1645043594430|144233-1-1645043594533|144234-1-1645043594634|144235-1-1645043594735|144236-1-1645043594836|144237-1-1645043594937|129099-1-1645043595037

2 Console Messages

Source Level URL
Text
security warning URL: https://cdn.cookielaw.org/scripttemplates/6.23.0/otBannerSdk.js(Line 6)
Message:
Mixed Content: The page at 'https://office365studentsverificationportal.netlify.app/' was loaded over HTTPS, but requested an insecure element 'http://phoenix.edu/content/dam/altcloud/img/close-btn-white.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://cdn.cookielaw.org/scripttemplates/6.23.0/otBannerSdk.js(Line 6)
Message:
Mixed Content: The page at 'https://office365studentsverificationportal.netlify.app/' was loaded over HTTPS, but requested an insecure element 'http://phoenix.edu/content/dam/altcloud/img/close-btn-white.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
aorta.clickagy.com
apollo.demdex.net
apollogroupinc.tt.omtrdc.net
cdn.cookielaw.org
cm.everesttech.net
cutt.ly
dpm.demdex.net
geolocation.onetrust.com
idpix.media6degrees.com
idsync.rlcdn.com
mid.rkdms.com
my.phoenix.edu
office365studentsverificationportal.netlify.app
phoenix.edu
smetrics.phoenix.edu
sync-tm.everesttech.net
t.contentsquare.net
tag.simpli.fi
tags.tiqcdn.com
www.everestjs.net
www.phoenix.edu
sync-tm.everesttech.net
13.36.218.177
151.101.194.49
169.50.137.179
18.66.112.6
2.18.232.232
23.62.134.249
2600:9000:223c:ae00:1a:a943:cc0:93a1
2606:4700:10::6814:b844
2606:4700:10::6816:1e8
2606:4700::6810:9440
2606:4700::6812:a4f
2a00:1450:4001:809::200a
2a03:b0c0:3:d0::d23:e001
34.199.75.236
34.246.16.33
34.249.135.188
35.244.174.68
52.222.236.128
54.194.191.134
54.197.126.54
63.35.137.213
74.120.224.135
134482ec36c8980c2c7a3f2454c76546abcd612c9ae596d011251a7cd1d0fcbb
1f44a2a2af24240280a485d06b9cb9b7b8785cc7e4b825f98392afe61009b147
2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659
3083ffaaf060756110cdfda1c8e50d92f3b7801d63f56f84223e08d2ba824ab8
46bfa5538dad730a6c24bf24220229211d2d1c3449a35e138b4125ced5dabb24
49f1fe168324ed0f76fbbab536b991c992296cd48da5ce9dd8bc8ea55e2ef946
4abdc5bae3773141e85e6bed6c09953d57aded7ef98b1d304c42807f2229474f
51744b5928881782e98b90fdabd7ca29235923e0552c98bac04b6b4ed9f7ce4c
52f73a8ce75436de42a07d988563b6106e2be6d2fc0b6466d297e50ced1058f8
6399004907fb07a2e5eaf8e36a4ffdeef800fc3be772baa018a8001db8dbe600
6ef96cd1ef52d4ab59ac0692656a6a966522f5e85eb4f06a8ba3cf60b8c63b49
72562f00bd821b6edc0368065bf009468955ba01f8ead742d8bbc2470c4358c4
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c8cce9ca53f8fb0f0c6d7c38a2d1fcd63844308ad932b84600ed9655d1598d2
8217f5af515c637eeef5bedf337c08b70e43cadd4f608204de59e3023946f8cf
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
91aaf7e74bda94a5704044bbff0b80c38426cc498cceaa912ef191192b387735
99ac0e388250281fe8851ef71799b3222bab0db5612c2c17deba3962626e0ec1
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
abb45ae4b3a896ae99132c1786a9676218c119ea552d3fbb5ab6d40d9e05e43c
ac4f411bae05a3b8c3adde39a2084b53c1727fd1b84286b648bc2c215f43b991
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ae0a2529ad108a4ff872f14e85e1a99da851cffdbcc3b24de09a0639b45ace03
b51efd27eaad5360024419158359004ed2e0e9cdaed5afb2f4079400b8f40532
bc5b55a7147375a903c478b16b41c5d1df592c594fc787afbadb93082f727970
c8a8042249bbac50bfe57d323a561395bee04b9acbcdca1aee9318170b6a2adc
e23e9c9e6e53545bf4107db275abd81c7235f96b9cf2935f3cf75e868969be45
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f466ef4723b74f254870f9ed32c2d28fb4d30683c5136ba685c4b5398f2a65e2
f550cc3718d014ef128e177de9a31e7f96c69563e7a09c039c1b8074a4a6d1e9
fd9308db31181fde13aca740757dcb439baf71d731011a87da483a28faae444f
feabaf59f69961d333c8d79b67257d9c55c269c1e1b5f1cc3604bf0dedd0dd46