urlscan.io logo urlscan.io
SecurityTrails logo

account-page.tst.prtl.co Open in urlscan Pro
2600:9000:2251:1600:e:2d8c:4900:93a1  Public Scan

Go To Rescan Add Verdict Report
URL: https://account-page.tst.prtl.co/
Submission: On January 17 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 6 domains to perform 16 HTTP transactions. The main IP is 2600:9000:2251:1600:e:2d8c:4900:93a1, located in United States and belongs to AMAZON-02, US. The main domain is account-page.tst.prtl.co.
TLS certificate: Issued by Amazon on September 19th 2021. Valid for: a year.
This is the only time account-page.tst.prtl.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

3    2600:9000:2251:1600:e:2d8c:4900:93a1 (United States)

ASN16509 (AMAZON-02, US)
account-page.tst.prtl.co
1    54.193.7.186 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-193-7-186.us-west-1.compute.amazonaws.com
i.icomoon.io
5    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2600:9000:223e:ac00:15:30f0:7c00:93a1 (United States)

ASN16509 (AMAZON-02, US)
studentjs.tst.prtl.co
1    2600:9000:223d:b600:0:1b4e:2f00:93a1 (United States)

ASN16509 (AMAZON-02, US)
anonymous-student.tst.prtl.co
2    2a04:4e42:3::720 (United States)

ASN54113 (FASTLY, US)
monet-prtl-co.imgix.net
1    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
6 prtl.co
account-page.tst.prtl.co
studentjs.tst.prtl.co
anonymous-student.tst.prtl.co
63 KB
5 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 440
100 KB
2 imgix.net
monet-prtl-co.imgix.net — Cisco Umbrella Rank: 556677
5 KB
1 gstatic.com
fonts.gstatic.com
44 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47
1 KB
1 icomoon.io
i.icomoon.io — Cisco Umbrella Rank: 51587
2 KB
16 6
Domain Requested by
5 cdn.jsdelivr.net account-page.tst.prtl.co
3 account-page.tst.prtl.co account-page.tst.prtl.co
2 monet-prtl-co.imgix.net account-page.tst.prtl.co
2 studentjs.tst.prtl.co account-page.tst.prtl.co
studentjs.tst.prtl.co
1 fonts.gstatic.com fonts.googleapis.com
1 anonymous-student.tst.prtl.co account-page.tst.prtl.co
1 fonts.googleapis.com account-page.tst.prtl.co
1 i.icomoon.io account-page.tst.prtl.co
16 8

This site contains links to these domains. Also see Links.

Domain
www.scholarshipportal.com
scholarship.mastersportal.com
Subject Issuer Validity Valid
*.tst.prtl.co
Amazon		 2021-09-19 -
2022-10-18		 a year crt.sh
i.icomoon.io
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-31 -
2022-12-31		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-03 -
2022-07-02		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
*.imgix.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-05-10 -
2022-06-11		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://account-page.tst.prtl.co/
Frame ID: F8ABC74D1192D174E589C8B613B91C5C
Requests: 15 HTTP requests in this frame

Frame: https://studentjs.tst.prtl.co/storageHub.html
Frame ID: 2F379943AC03DD590551F49FDB1B500C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

AccountPage

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

16
Requests

100 %
HTTPS

88 %
IPv6

6
Domains

8
Subdomains

8
IPs

2
Countries

215 kB
Transfer

754 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
account-page.tst.prtl.co/ 		2 KB
935 B 		Document
General
Check archive.org
Download Go to
Full URL
https://account-page.tst.prtl.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:1600:e:2d8c:4900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
56498b5d74eb0927f6eb5e9478239e93fdb0938b5779d2e66560373c2e2ceeb4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html
date
Mon, 17 Jan 2022 15:35:54 GMT
last-modified
Fri, 12 Nov 2021 13:02:32 GMT
etag
W/"fe6eecbcd94cf86e3fafe41c2c96846a"
x-amz-server-side-encryption
AES256
cache-control
max-age=31536000,public
server
AmazonS3
content-encoding
br
vary
Accept-Encoding
x-cache
Miss from cloudfront
via
1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
fX0fMfX7P00bLpm9dYquoQNV9fs95qeUbjMGRwcawZynlWJVFkLfhw==
style.css
i.icomoon.io/public/d33d268649/Studyportalslineariconset/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://i.icomoon.io/public/d33d268649/Studyportalslineariconset/style.css
Requested by
Host: account-page.tst.prtl.co
URL: https://account-page.tst.prtl.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.193.7.186 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-193-7-186.us-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
88e854186472d201a5f22760203ecec74ca6024bd96e934c0caf4da019d59ff3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://account-page.tst.prtl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 15:35:53 GMT
content-encoding
gzip
last-modified
Thu, 19 Aug 2021 12:38:52 GMT
server
nginx
etag
W/"611e50dc-2478"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
no-cache
content_switcher.css
cdn.jsdelivr.net/npm/@studyportals/content-switcher-dll@0.0.8/dist/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@studyportals/content-switcher-dll@0.0.8/dist/content_switcher.css
Requested by
Host: account-page.tst.prtl.co
URL: https://account-page.tst.prtl.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85c436d655ef7f9fee74df0b274a55694af04334cb38009e0edf1f668e128b4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://account-page.tst.prtl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 15:35:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
89527
x-jsd-version
0.0.8
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19124-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"14f7-QL6HHy7DJTnw9rtjqgAttxShW90"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6cf0a7ed9d594df4-FRA
modal.css
cdn.jsdelivr.net/npm/@studyportals/modal-dll@1.1.8/dist/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@studyportals/modal-dll@1.1.8/dist/modal.css
Requested by
Host: account-page.tst.prtl.co
URL: https://account-page.tst.prtl.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65bb3c2483579db6f97915cbd5b2fb61d0702db8510e99009e5308260db7aba2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://account-page.tst.prtl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 15:35:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
294126
x-jsd-version
1.1.8
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19151-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"128e-sdABf/w6yjIAA+1d9+eL8nOQdGk"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6cf0a7ed9d5e4df4-FRA
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700&display=swap
Requested by
Host: account-page.tst.prtl.co
URL: https://account-page.tst.prtl.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
62bd7091eeb23e4141a0eb78186579f42b66d1ed8508e0e65bfe3675fc27fce6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://account-page.tst.prtl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 17 Jan 2022 15:15:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 17 Jan 2022 15:35:53 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 17 Jan 2022 15:35:53 GMT
style.c7c3f0d21cad2317ad4e.css
account-page.tst.prtl.co/dist/ 		39 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://account-page.tst.prtl.co/dist/style.c7c3f0d21cad2317ad4e.css?c7c3f0d21cad2317ad4e
Requested by
Host: account-page.tst.prtl.co
URL: https://account-page.tst.prtl.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:1600:e:2d8c:4900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1c28f14fe27b7de0de5ca5c79f0b8c443522a2fe4abb6b7ec683e40c7afe08df

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://account-page.tst.prtl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 15 Nov 2021 08:04:38 GMT
content-encoding
br
last-modified
Fri, 12 Nov 2021 13:02:32 GMT
server
AmazonS3
age
5470276
etag
W/"813d6aeb53f00d62fad9e659547ef4db"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
cache-control
max-age=31536000,public
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
NxCvcbaqePuBL-AAS61L5DYoSTyYSx9ayiJUmnZFlYOX78PJ3rDVBA==
bundle.js
studentjs.tst.prtl.co/ 		131 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://studentjs.tst.prtl.co/bundle.js
Requested by
Host: account-page.tst.prtl.co
URL: https://account-page.tst.prtl.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:ac00:15:30f0:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f0f711a36d26b4c850f726d789efa24e49ce32bea81673243504976849608a79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://account-page.tst.prtl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 17 Jan 2022 15:35:54 GMT
content-encoding
br
last-modified
Tue, 26 Oct 2021 14:05:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
etag
W/"9f2a4ea2d38e0bcc018f4728cfeab04c"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 94328d2509009edc0657f5c786a93e42.cloudfront.net (CloudFront)
cache-control
max-age=31536000,public
x-amz-cf-id
dwLdQ7U85d-lBg8O-Mc1p-m4asrGi-6gU8hZeqKlcUqaL6C2uLkMng==
bundle.js
anonymous-student.tst.prtl.co/dist/ 		31 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://anonymous-student.tst.prtl.co/dist/bundle.js
Requested by
Host: account-page.tst.prtl.co
URL: https://account-page.tst.prtl.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:b600:0:1b4e:2f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
17b3b814ace4f09e62b4118811195a8de5d18ec45dd647c10594263613b5891c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://account-page.tst.prtl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 17 Jan 2022 15:35:54 GMT
content-encoding
br
last-modified
Mon, 23 Nov 2020 10:28:51 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
etag
W/"0046f56d8279a25bd6366add2eea8a0f"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront)
cache-control
max-age=31536000,public
x-amz-cf-id
Dpn9-XrAaOR0GtWgD9MLt_vdQCMqrjDb7Y1VohA8ecTXrW7ANI_l5g==
library.js
cdn.jsdelivr.net/npm/@studyportals/vue-config@3.0.0/dist/ 		334 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@studyportals/vue-config@3.0.0/dist/library.js
Requested by
Host: account-page.tst.prtl.co
URL: https://account-page.tst.prtl.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f2b647d23c34092ebca24bf4e3c591474572a9d12234ddf8c46b0474b9c0ce5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://account-page.tst.prtl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 15:35:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
x-jsd-version
3.0.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19125-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"539ef-8oDZxLU4DdDDpttCx9mZsMwBTKo"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6cf0a7ed9d604df4-FRA
content_switcher.js
cdn.jsdelivr.net/npm/@studyportals/content-switcher-dll@0.0.8/dist/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@studyportals/content-switcher-dll@0.0.8/dist/content_switcher.js
Requested by
Host: account-page.tst.prtl.co
URL: https://account-page.tst.prtl.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
010fbdfa6e2d8b476b426d9432a7e20a68d9938181b193b042fbf98fcaa662d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://account-page.tst.prtl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 15:35:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
89527
x-jsd-version
0.0.8
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19146-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"2fb2-Tb01NZUCconQEobJGmAsug1ELC4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6cf0a7ed9d614df4-FRA
modal.js
cdn.jsdelivr.net/npm/@studyportals/modal-dll@1.1.8/dist/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@studyportals/modal-dll@1.1.8/dist/modal.js
Requested by
Host: account-page.tst.prtl.co
URL: https://account-page.tst.prtl.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b35005bf9e326eb49330fc5543971514e2a999325465177871df7197040153e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://account-page.tst.prtl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 15:35:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
89561
x-jsd-version
1.1.8
x-cache
MISS
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19167-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"2c9f-Uo19/oPKwPlZ2KCmk9tzHRcUOj8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6cf0a7ed9d654df4-FRA
bundle.c7c3f0d21cad2317ad4e.js
account-page.tst.prtl.co/dist/ 		106 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://account-page.tst.prtl.co/dist/bundle.c7c3f0d21cad2317ad4e.js?c7c3f0d21cad2317ad4e
Requested by
Host: account-page.tst.prtl.co
URL: https://account-page.tst.prtl.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:1600:e:2d8c:4900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
801d6e4e91c5717b9bfbf56e3f7e1d6eef75169f1c72a9cceeaad5c27ddb84fe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://account-page.tst.prtl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 17 Jan 2022 15:35:54 GMT
content-encoding
br
last-modified
Fri, 12 Nov 2021 13:02:32 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
etag
W/"55fd50b3e9134d389ca8d2d2e830c3da"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
cache-control
max-age=31536000,public
x-amz-cf-id
MxkzprosGMNS7jztVtEfLXDH0KyvlJ1BLPeDfn3-A6i6mUhrnAOyWw==
storageHub.html
studentjs.tst.prtl.co/ Frame 2F37 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://studentjs.tst.prtl.co/storageHub.html
Requested by
Host: studentjs.tst.prtl.co
URL: https://studentjs.tst.prtl.co/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:ac00:15:30f0:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a0f76c4777df69b799d0d1c5249d8d505c4b7f75b03f3c2cfa27a186d79ad3f1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://account-page.tst.prtl.co/

Response headers

content-type
text/html
date
Mon, 17 Jan 2022 15:35:54 GMT
last-modified
Tue, 26 Oct 2021 14:05:00 GMT
etag
W/"8956771156e730599d5a516c692cf697"
x-amz-server-side-encryption
AES256
cache-control
max-age=31536000,public
server
AmazonS3
content-encoding
br
vary
Accept-Encoding
x-cache
Miss from cloudfront
via
1.1 94328d2509009edc0657f5c786a93e42.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
LxG-Mjs_t0D4pCLLdffjKSUsWpx9eu0DOCTHF8al6J1qPR_Q2o_3rQ==
gender_n.svg
monet-prtl-co.imgix.net/Shared/AccountPage/ 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://monet-prtl-co.imgix.net/Shared/AccountPage/gender_n.svg
Requested by
Host: account-page.tst.prtl.co
URL: https://account-page.tst.prtl.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
3b4460b8c5e3f57217351fac73f90e43e9cbd4a4ba5d67ec513ceac8e506a850
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://account-page.tst.prtl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 15:35:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
fastly-restarts
1
age
3402107
x-cache
MISS, HIT, HIT
x-imgix-id
1226c7bc1cfaf45b022f3a422b09a7aaa6a42f48
content-length
2434
x-served-by
cache-sjc10020-SJC, cache-sjc10062-SJC, cache-fra19150-FRA
last-modified
Fri, 05 Mar 2021 08:53:30 GMT
server
imgix
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-resource-policy
cross-origin
personalised.svg
monet-prtl-co.imgix.net/Shared/AccountPage/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://monet-prtl-co.imgix.net/Shared/AccountPage/personalised.svg
Requested by
Host: account-page.tst.prtl.co
URL: https://account-page.tst.prtl.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
44355f3696e141d87a618fa7f838499407509faaf0982e1f5674981cc2a71b6f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://account-page.tst.prtl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 15:35:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1378967
x-cache
HIT, HIT
x-imgix-id
39affc74dc298a8584d279af32f6bc4c141b9f22
content-length
1780
x-served-by
cache-sjc10078-SJC, cache-fra19150-FRA
last-modified
Thu, 30 Sep 2021 09:15:13 GMT
server
imgix
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-resource-policy
cross-origin
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://account-page.tst.prtl.co
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 13:52:02 GMT
x-content-type-options
nosniff
age
265431
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 14 Jan 2023 13:52:02 GMT

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| PortalMap object| AuthController object| EventAggregationService object| SessionService object| SessionFactory object| Student object| AnonymousStudent function| library function| content_switcher function| modal object| account_page function| setImmediate function| clearImmediate object| wishlistService

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

account-page.tst.prtl.co
anonymous-student.tst.prtl.co
cdn.jsdelivr.net
fonts.googleapis.com
fonts.gstatic.com
i.icomoon.io
monet-prtl-co.imgix.net
studentjs.tst.prtl.co
2600:9000:223d:b600:0:1b4e:2f00:93a1
2600:9000:223e:ac00:15:30f0:7c00:93a1
2600:9000:2251:1600:e:2d8c:4900:93a1
2606:4700::6810:5514
2a00:1450:4001:802::2003
2a00:1450:4001:811::200a
2a04:4e42:3::720
54.193.7.186
010fbdfa6e2d8b476b426d9432a7e20a68d9938181b193b042fbf98fcaa662d4
17b3b814ace4f09e62b4118811195a8de5d18ec45dd647c10594263613b5891c
1c28f14fe27b7de0de5ca5c79f0b8c443522a2fe4abb6b7ec683e40c7afe08df
2f2b647d23c34092ebca24bf4e3c591474572a9d12234ddf8c46b0474b9c0ce5
3b4460b8c5e3f57217351fac73f90e43e9cbd4a4ba5d67ec513ceac8e506a850
44355f3696e141d87a618fa7f838499407509faaf0982e1f5674981cc2a71b6f
4b35005bf9e326eb49330fc5543971514e2a999325465177871df7197040153e
56498b5d74eb0927f6eb5e9478239e93fdb0938b5779d2e66560373c2e2ceeb4
62bd7091eeb23e4141a0eb78186579f42b66d1ed8508e0e65bfe3675fc27fce6
65bb3c2483579db6f97915cbd5b2fb61d0702db8510e99009e5308260db7aba2
801d6e4e91c5717b9bfbf56e3f7e1d6eef75169f1c72a9cceeaad5c27ddb84fe
85c436d655ef7f9fee74df0b274a55694af04334cb38009e0edf1f668e128b4d
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
88e854186472d201a5f22760203ecec74ca6024bd96e934c0caf4da019d59ff3
a0f76c4777df69b799d0d1c5249d8d505c4b7f75b03f3c2cfa27a186d79ad3f1
f0f711a36d26b4c850f726d789efa24e49ce32bea81673243504976849608a79