urlscan.io logo urlscan.io
SecurityTrails logo

www.unkochmycampus.org Open in urlscan Pro
198.185.159.135  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://securedoclink.io/h/QK3C
Effective URL: https://www.unkochmycampus.org/academic-fraud-alert?x=1
Submission: On December 14 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 42 IPs in 5 countries across 44 domains to perform 82 HTTP transactions. The main IP is 198.185.159.135, located in United States and belongs to SQUARESPACE, US. The main domain is www.unkochmycampus.org.
TLS certificate: Issued by R3 on November 6th 2021. Valid for: 3 months.
This is the only time www.unkochmycampus.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 146.148.110.80 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 151.101.1.49 54113 (FASTLY)
1 104.244.42.1 13414 (TWITTER)
3 2a03:2880:f12... 32934 (FACEBOOK)
4 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 52.158.121.3 8075 (MICROSOFT...)
1 40.126.31.137 8075 (MICROSOFT...)
1 2 2600:1901:1:c... 15169 (GOOGLE)
1 2 151.101.193.140 54113 (FASTLY)
1 192.0.77.40 2635 (AUTOMATTIC)
1 2 104.111.215.55 16625 (AKAMAI-AS)
1 2620:100:6022... 19679 (DROPBOX)
1 104.75.90.57 16625 (AKAMAI-AS)
1 2 2.21.141.169 16625 (AKAMAI-AS)
1 151.101.194.132 54113 (FASTLY)
1 2 37.244.28.102 57976 (BLIZZARD)
1 2.18.232.134 16625 (AKAMAI-AS)
1 52.222.236.49 16509 (AMAZON-02)
1 140.82.121.4 36459 (GITHUB)
1 2606:4700:7::... 13335 (CLOUDFLAR...)
1 209.216.230.240 21581 (M5HOSTING)
1 2600:9000:218... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 18.159.197.225 16509 (AMAZON-02)
1 151.101.129.42 54113 (FASTLY)
1 151.101.129.21 54113 (FASTLY)
1 13.35.253.38 16509 (AMAZON-02)
1 2 95.100.153.115 20940 (AKAMAI-ASN1)
1 151.101.64.134 54113 (FASTLY)
1 2 151.101.66.217 54113 (FASTLY)
1 2406:da00:ff0... 14618 (AMAZON-AES)
1 169.47.19.137 36351 (SOFTLAYER)
1 87.240.139.194 47541 (VKONTAKTE...)
4 198.185.159.135 53831 (SQUARESPACE)
17 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
7 151.101.128.237 54113 (FASTLY)
7 151.101.192.238 54113 (FASTLY)
3 2a03:2880:f02... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
82 42
2    146.148.110.80 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: securedoclink.io
securedoclink.io
1    2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
1    2606:4700:10::6814:3d7a (United States)

ASN13335 (CLOUDFLARENET, US)
api.ipgeolocation.io
1    151.101.1.49 (United States)

ASN54113 (FASTLY, US)
squareup.com
1    104.244.42.1 (United States)

ASN13414 (TWITTER, US)
twitter.com
3    2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
4    2a00:1450:4001:80f::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
1    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
plus.google.com
1    52.158.121.3 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.skype.com
1    40.126.31.137 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.live.com
2    2600:1901:1:c36:: (United States)

ASN15169 (GOOGLE, US)
www.spotify.com
2    151.101.193.140 (United States)

ASN54113 (FASTLY, US)
www.reddit.com
1    192.0.77.40 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: assets.tumblr.com
www.tumblr.com
2    104.111.215.55 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-55.deploy.static.akamaitechnologies.com
www.expedia.de
1    2620:100:6022:18::a27d:4212 (United States)

ASN19679 (DROPBOX, US)
www.dropbox.com
1    104.75.90.57 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-90-57.deploy.static.akamaitechnologies.com
www.amazon.com
2    2.21.141.169 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-169.deploy.static.akamaitechnologies.com
www.pinterest.com
www.pinterest.de
1    151.101.194.132 (United States)

ASN54113 (FASTLY, US)
de.foursquare.com
2    37.244.28.102 (United States)

ASN57976 (BLIZZARD, US)
eu.battle.net
1    2.18.232.134 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-134.deploy.static.akamaitechnologies.com
store.steampowered.com
1    52.222.236.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-49.fra56.r.cloudfront.net
www.academia.edu
1    140.82.121.4 (United States)

ASN36459 (GITHUB, US)
PTR: lb-140-82-121-4-fra.github.com
github.com
1    2606:4700:7::a29f:9804 (United States)

ASN13335 (CLOUDFLARENET, US)
medium.com
1    209.216.230.240 (United States)

ASN21581 (M5HOSTING, US)
PTR: news.ycombinator.com
news.ycombinator.com
1    2600:9000:2182:7a00:5:d344:2380:93a1 (United States)

ASN16509 (AMAZON-02, US)
carbonmade.com
1    2606:4700::6810:b154 (United States)

ASN13335 (CLOUDFLARENET, US)
courses.edx.org
1    18.159.197.225 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-197-225.eu-central-1.compute.amazonaws.com
slack.com
1    151.101.129.42 (United States)

ASN54113 (FASTLY, US)
www.khanacademy.org
1    151.101.129.21 (United States)

ASN54113 (FASTLY, US)
www.paypal.com
1    13.35.253.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-38.fra6.r.cloudfront.net
500px.com
2    95.100.153.115 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-100-153-115.deploy.static.akamaitechnologies.com
www.airbnb.com
www.airbnb.de
1    151.101.64.134 (United States)

ASN54113 (FASTLY, US)
disqus.com
2    151.101.66.217 (United States)

ASN54113 (FASTLY, US)
secure.meetup.com
www.meetup.com
1    2406:da00:ff00::22cd:e0db (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
bitbucket.org
1    169.47.19.137 (Ashburn, United States)

ASN36351 (SOFTLAYER, US)
PTR: 89.13.2fa9.ip4.static.sl-reverse.com
secure.indeed.com
1    87.240.139.194 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv194-139-240-87.vk.com
vk.com
4    198.185.159.135 (United States)

ASN53831 (SQUARESPACE, US)
www.unkochmycampus.org
17    2a02:26f0:6c00::210:ba2a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
1    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
7    151.101.128.237 (United States)

ASN54113 (FASTLY, US)
assets.squarespace.com
7    151.101.192.238 (United States)

ASN54113 (FASTLY, US)
static1.squarespace.com
images.squarespace-cdn.com
3    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a02:26f0:6c00:2ae::19fd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
Apex Domain
Subdomains		 Transfer
18 typekit.net
use.typekit.net
p.typekit.net
350 KB
9 squarespace.com
assets.squarespace.com
static1.squarespace.com
606 KB
5 squarespace-cdn.com
images.squarespace-cdn.com
1 MB
5 google.com
accounts.google.com
plus.google.com
1 KB
4 unkochmycampus.org
www.unkochmycampus.org
28 KB
3 facebook.net
connect.facebook.net
133 KB
3 facebook.com
www.facebook.com
179 B
2 google-analytics.com
www.google-analytics.com
20 KB
2 meetup.com
secure.meetup.com
www.meetup.com
602 B
2 battle.net
eu.battle.net
431 B
2 expedia.de
www.expedia.de
2 KB
2 reddit.com
www.reddit.com
480 B
2 spotify.com
www.spotify.com
337 B
2 securedoclink.io
securedoclink.io
3 KB
1 googleapis.com
fonts.googleapis.com
888 B
1 vk.com
vk.com
1 indeed.com
secure.indeed.com
1 bitbucket.org
bitbucket.org
82 B
1 disqus.com
disqus.com
1 airbnb.de
www.airbnb.de
1 airbnb.com
www.airbnb.com
4 KB
1 500px.com
500px.com
1 paypal.com
www.paypal.com
1 khanacademy.org
www.khanacademy.org
437 B
1 slack.com
slack.com
1 edx.org
courses.edx.org
1 carbonmade.com
carbonmade.com
1 ycombinator.com
news.ycombinator.com
1 medium.com
medium.com
1 github.com
github.com
1 academia.edu
www.academia.edu
1 steampowered.com
store.steampowered.com
1 foursquare.com
de.foursquare.com
1 pinterest.de
www.pinterest.de
1 pinterest.com
www.pinterest.com
575 B
1 amazon.com
www.amazon.com
1 dropbox.com
www.dropbox.com
1 tumblr.com
www.tumblr.com
1 live.com
login.live.com
1 skype.com
login.skype.com
865 B
1 twitter.com
twitter.com
1 squareup.com
squareup.com
1 ipgeolocation.io
api.ipgeolocation.io
818 B
1 jquery.com
code.jquery.com
82 KB
82 44
Domain Requested by
17 use.typekit.net www.unkochmycampus.org
7 assets.squarespace.com www.unkochmycampus.org
5 images.squarespace-cdn.com www.unkochmycampus.org
4 www.unkochmycampus.org securedoclink.io
www.unkochmycampus.org
assets.squarespace.com
4 accounts.google.com
3 connect.facebook.net www.unkochmycampus.org
connect.facebook.net
3 www.facebook.com www.unkochmycampus.org
2 www.google-analytics.com www.unkochmycampus.org
www.google-analytics.com
2 static1.squarespace.com www.unkochmycampus.org
2 eu.battle.net 1 redirects
2 www.expedia.de 1 redirects
2 www.reddit.com 1 redirects
2 www.spotify.com 1 redirects
2 securedoclink.io code.jquery.com
1 p.typekit.net www.unkochmycampus.org
1 fonts.googleapis.com www.unkochmycampus.org
1 vk.com
1 secure.indeed.com
1 bitbucket.org
1 www.meetup.com
1 secure.meetup.com 1 redirects
1 disqus.com
1 www.airbnb.de
1 www.airbnb.com 1 redirects
1 500px.com
1 www.paypal.com
1 www.khanacademy.org
1 slack.com
1 courses.edx.org
1 carbonmade.com
1 news.ycombinator.com
1 medium.com
1 github.com
1 www.academia.edu
1 store.steampowered.com
1 de.foursquare.com
1 www.pinterest.de
1 www.pinterest.com 1 redirects
1 www.amazon.com
1 www.dropbox.com
1 www.tumblr.com
1 login.live.com
1 login.skype.com 1 redirects
1 plus.google.com 1 redirects
1 twitter.com
1 squareup.com
1 api.ipgeolocation.io code.jquery.com
1 code.jquery.com securedoclink.io
82 48
Subject Issuer Validity Valid
securedoclink.io
R3		 2021-11-24 -
2022-02-22		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-28 -
2022-06-27		 a year crt.sh
squareup.com
Entrust Certification Authority - L1K		 2021-05-03 -
2022-05-02		 a year crt.sh
twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-09-23 -
2021-12-22		 3 months crt.sh
accounts.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
tumblr.com
DigiCert SHA2 Extended Validation Server CA		 2020-07-09 -
2022-04-14		 2 years crt.sh
*.dropbox.com
DigiCert SHA2 High Assurance Server CA		 2021-10-20 -
2022-10-20		 a year crt.sh
www.amazon.com
DigiCert Global CA G2		 2021-10-12 -
2022-10-11		 a year crt.sh
*.foursquare.com
R3		 2021-11-12 -
2022-02-10		 3 months crt.sh
store.steampowered.com
DigiCert SHA2 Extended Validation Server CA		 2021-01-05 -
2022-01-03		 a year crt.sh
*.academia.edu
Sectigo RSA Domain Validation Secure Server CA		 2021-08-28 -
2022-08-28		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
github.com
DigiCert High Assurance TLS Hybrid ECC SHA256 2020 CA1		 2021-03-25 -
2022-03-30		 a year crt.sh
medium.com
Cloudflare Inc ECC CA-3		 2021-10-30 -
2022-01-27		 3 months crt.sh
news.ycombinator.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-07 -
2022-10-08		 a year crt.sh
carbonmade.com
Amazon		 2021-09-30 -
2022-10-28		 a year crt.sh
slack.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-13 -
2022-04-18		 a year crt.sh
*.ar.khanacademy.org
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-19 -
2022-05-21		 a year crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2021-11-02 -
2022-03-15		 4 months crt.sh
j79-prod.500px.net
Amazon		 2021-03-25 -
2022-04-23		 a year crt.sh
*.disqus.com
DigiCert SHA2 Secure Server CA		 2020-04-20 -
2022-05-09		 2 years crt.sh
bitbucket.org
DigiCert SHA2 Extended Validation Server CA		 2020-03-27 -
2022-05-23		 2 years crt.sh
*.indeed.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-18 -
2022-11-17		 a year crt.sh
*.vk.com
GlobalSign Organization Validation CA - SHA256 - G2		 2020-06-09 -
2022-06-10		 2 years crt.sh
www.unkochmycampus.org
R3		 2021-11-06 -
2022-02-04		 3 months crt.sh
use.typekit.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-08-16 -
2022-08-16		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
*.squarespace.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-15 -
2022-03-23		 a year crt.sh
*.squarespace-cdn.com
R3		 2021-12-12 -
2022-03-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
*.typekit.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-12-05 -
2022-12-06		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.unkochmycampus.org/academic-fraud-alert?x=1
Frame ID: F68BDE7649E32D65F721EA4CD263E8D9
Requests: 82 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Academic Fraud Alert — UnKoch My Campus

Page URL History Show full URLs

  1. https://securedoclink.io/h/QK3C Page URL
  2. https://www.unkochmycampus.org/academic-fraud-alert?x=1 Page URL

Page Statistics

82
Requests

89 %
HTTPS

36 %
IPv6

44
Domains

48
Subdomains

42
IPs

5
Countries

2266 kB
Transfer

5490 kB
Size

55
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://securedoclink.io/h/QK3C Page URL
  2. https://www.unkochmycampus.org/academic-fraud-alert?x=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://plus.google.com/up/accounts/upgrade/?continue=https://plus.google.com/favicon.ico HTTP 302
  • https://accounts.google.com/ServiceLogin?passive=1209600&osid=1&continue=https://plus.google.com/up/accounts/upgrade/?continue%3Dhttps://plus.google.com/favicon.ico&followup=https://plus.google.com/up/accounts/upgrade/?continue%3Dhttps://plus.google.com/favicon.ico
Request Chain 9
  • https://login.skype.com/login?message=signin_continue&redirect_uri=https%3A%2F%2Fsecure.skype.com%2Ffavicon.ico HTTP 302
  • https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1639520114&rver=7.1.6819.0&wp=MBI_SSL&wreply=https%3A%2F%2Flw.skype.com%2Flogin%2Foauth%2Fproxy%3Fredirect_uri%3Dhttps%253A%252F%252Fsecure.skype.com%252Ffavicon.ico&lc=1033&id=293290&mkt=de-DE&psi=skype&lw=1&cobrandid=2befc4b5-19e3-46e8-8347-77317a16a5a5&client_flight=ReservedFlight33%2CReservedFlight67
Request Chain 10
  • https://www.spotify.com/en/login/?forward_url=https%3A%2F%2Fwww.spotify.com%2Ffavicon.ico HTTP 302
  • https://www.spotify.com/uk/en/login/?forward_url=https%3A%2F%2Fwww.spotify.com%2Ffavicon.ico
Request Chain 11
  • https://www.reddit.com/login?dest=https%3A%2F%2Fwww.reddit.com%2Ffavicon.ico HTTP 301
  • https://www.reddit.com/login/?dest=https%3A%2F%2Fwww.reddit.com%2Ffavicon.ico
Request Chain 13
  • https://www.expedia.de/user/login?ckoflag=0&selc=0&uurl=qscr%3Dreds%26rurl%3D%252Ffavicon.ico HTTP 301
  • https://www.expedia.de/login?ckoflag=0&uurl=qscr%3Dreds%26rurl%3D%252Ffavicon.ico&selc=0
Request Chain 16
  • https://www.pinterest.com/login/?next=https%3A%2F%2Fwww.pinterest.com%2Ffavicon.ico HTTP 302
  • https://www.pinterest.de/login/?next=https%3A%2F%2Fwww.pinterest.com%2Ffavicon.ico
Request Chain 18
  • https://eu.battle.net/login/de/index?ref=http://eu.battle.net/favicon.ico HTTP 302
  • https://eu.battle.net/login/de/?ref=http://eu.battle.net/favicon.ico
Request Chain 31
  • https://www.airbnb.com/login?redirect_params[action]=favicon.ico&redirect_params[controller]=home HTTP 307
  • https://www.airbnb.de/login?redirect_params%5Baction%5D=favicon.ico&redirect_params%5Bcontroller%5D=home&_set_bev_on_new_domain=1639520115_OTk1YmQ4ZTEyMGNj
Request Chain 33
  • https://secure.meetup.com/login/?returnUri=https%3A%2F%2Fwww.meetup.com%2Fimg%2Fajax_loader_trans.gif HTTP 301
  • https://www.meetup.com/login/?returnUri=https%3A%2F%2Fwww.meetup.com%2Fimg%2Fajax_loader_trans.gif

82 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
QK3C
securedoclink.io/h/ 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://securedoclink.io/h/QK3C
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
146.148.110.80 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
securedoclink.io
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
a9105982c3db5d0de5ad9a32d795c0be72d720a27df56a60849e54602934743e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Tue, 14 Dec 2021 22:15:13 GMT
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding
Content-Encoding
gzip
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
jquery-latest.js
code.jquery.com/ 		276 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-latest.js
Requested by
Host: securedoclink.io
URL: https://securedoclink.io/h/QK3C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
3029834a820c79c154c377f52e2719fc3ff2a27600a07ae089ea7fde9087f6bc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://securedoclink.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 22:15:14 GMT
content-encoding
gzip
last-modified
Fri, 24 Oct 2014 00:16:08 GMT
server
nginx
etag
"54499a48-4508e"
vary
Accept-Encoding
x-hw
1639520114.dop206.ml1.t,1639520114.cds012.ml1.hn,1639520114.cds215.ml1.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
83875
ipgeo
api.ipgeolocation.io/ 		797 B
818 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.ipgeolocation.io/ipgeo?apiKey=2d679d56102d4e178f5cb7e5e96d7a22
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:3d7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ada0b165d59f8edda5359f854ae8621ac12c839be0acbb2f80ef932eec28a083
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://securedoclink.io/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 22:15:14 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
application/json;charset=utf-8
access-control-allow-origin
https://securedoclink.io
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6bdaca2a2b427028-FRA
x-application-context
application:production:8002
login
squareup.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://squareup.com/login?return_to=%2Ffavicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
login
twitter.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twitter.com/login?redirect_after_login=%2f..%2ffavicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.1 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
login.php
www.facebook.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
ServiceLogin
accounts.google.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
ServiceLogin
accounts.google.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
ServiceLogin
accounts.google.com/
Redirect Chain
  • https://plus.google.com/up/accounts/upgrade/?continue=https://plus.google.com/favicon.ico
  • https://accounts.google.com/ServiceLogin?passive=1209600&osid=1&continue=https://plus.google.com/up/accounts/upgrade/?continue%3Dhttps://plus.google.com/favicon.ico&followup=https://plus.google.com...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/ServiceLogin?passive=1209600&osid=1&continue=https://plus.google.com/up/accounts/upgrade/?continue%3Dhttps://plus.google.com/favicon.ico&followup=https://plus.google.com/up/accounts/upgrade/?continue%3Dhttps://plus.google.com/favicon.ico
Protocol
H2
Server
2a00:1450:4001:80f::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
unsafe-none
date
Tue, 14 Dec 2021 22:15:14 GMT
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
location
https://accounts.google.com/ServiceLogin?passive=1209600&osid=1&continue=https://plus.google.com/up/accounts/upgrade/?continue%3Dhttps://plus.google.com/favicon.ico&followup=https://plus.google.com/up/accounts/upgrade/?continue%3Dhttps://plus.google.com/favicon.ico
x-robots-tag
noindex
content-security-policy
require-trusted-types-for 'script';report-uri /_/PlusAppUi/cspreport, script-src 'report-sample' 'nonce-zveiuBF9oAlPpMqZIykagQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/PlusAppUi/cspreport;worker-src 'self', script-src 'nonce-zveiuBF9oAlPpMqZIykagQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://s.ytimg.com https://www.googleapis.com https://support.google.com https://youtube.com https://youtube.googleapis.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/PlusAppUi/cspreport
content-type
application/binary
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
login.srf
login.live.com/
Redirect Chain
  • https://login.skype.com/login?message=signin_continue&redirect_uri=https%3A%2F%2Fsecure.skype.com%2Ffavicon.ico
  • https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1639520114&rver=7.1.6819.0&wp=MBI_SSL&wreply=https%3A%2F%2Flw.skype.com%2Flogin%2Foauth%2Fproxy%3Fredirect_uri%3Dhttps%253A%252F%252Fsecur...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1639520114&rver=7.1.6819.0&wp=MBI_SSL&wreply=https%3A%2F%2Flw.skype.com%2Flogin%2Foauth%2Fproxy%3Fredirect_uri%3Dhttps%253A%252F%252Fsecure.skype.com%252Ffavicon.ico&lc=1033&id=293290&mkt=de-DE&psi=skype&lw=1&cobrandid=2befc4b5-19e3-46e8-8347-77317a16a5a5&client_flight=ReservedFlight33%2CReservedFlight67
Protocol
HTTP/1.1
Server
40.126.31.137 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Tue, 14 Dec 2021 22:15:14 GMT
X-Content-Type-Options
nosniff
X-Stratus-Processing-Time
0.0063
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Skype-Request-Id
63a2cb42
Content-Type
text/html; charset=UTF-8
Location
https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1639520114&rver=7.1.6819.0&wp=MBI_SSL&wreply=https%3A%2F%2Flw.skype.com%2Flogin%2Foauth%2Fproxy%3Fredirect_uri%3Dhttps%253A%252F%252Fsecure.skype.com%252Ffavicon.ico&lc=1033&id=293290&mkt=de-DE&psi=skype&lw=1&cobrandid=2befc4b5-19e3-46e8-8347-77317a16a5a5&client_flight=ReservedFlight33%2CReservedFlight67
X-Processing-Time
0.007
Cache-Control
no-store, no-cache, must-revalidate
X-Stratus-Request-Id
63a2cb42
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 +0000
/
www.spotify.com/uk/en/login/
Redirect Chain
  • https://www.spotify.com/en/login/?forward_url=https%3A%2F%2Fwww.spotify.com%2Ffavicon.ico
  • https://www.spotify.com/uk/en/login/?forward_url=https%3A%2F%2Fwww.spotify.com%2Ffavicon.ico
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.spotify.com/uk/en/login/?forward_url=https%3A%2F%2Fwww.spotify.com%2Ffavicon.ico
Protocol
H2
Server
2600:1901:1:c36:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

sp-trace-id
4b84307d37c3908e
date
Tue, 14 Dec 2021 22:15:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
envoy
vary
Accept-Encoding
content-type
text/html
location
https://www.spotify.com/uk/en/login/?forward_url=https%3A%2F%2Fwww.spotify.com%2Ffavicon.ico
strict-transport-security
max-age=31536000
alt-svc
clear
via
HTTP/2 edgeproxy, 1.1 google
/
www.reddit.com/login/
Redirect Chain
  • https://www.reddit.com/login?dest=https%3A%2F%2Fwww.reddit.com%2Ffavicon.ico
  • https://www.reddit.com/login/?dest=https%3A%2F%2Fwww.reddit.com%2Ffavicon.ico
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.reddit.com/login/?dest=https%3A%2F%2Fwww.reddit.com%2Ffavicon.ico
Protocol
H2
Server
151.101.193.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

content-security-policy
frame-ancestors 'self' https://*.reddit.com
via
1.1 varnish
x-content-type-options
nosniff
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
x-clacks-overhead
GNU Terry Pratchett
server
snooserv
x-frame-options
SAMEORIGIN
date
Tue, 14 Dec 2021 22:15:14 GMT
strict-transport-security
max-age=31536000; includeSubdomains
content-type
text/html; charset=UTF-8
location
https://www.reddit.com/login/?dest=https%3A%2F%2Fwww.reddit.com%2Ffavicon.ico
cache-control
no-store, max-age=0
accept-ranges
bytes
expires
0
login
www.tumblr.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tumblr.com/login?redirect_to=%2Ffavicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.40 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
assets.tumblr.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
login
www.expedia.de/
Redirect Chain
  • https://www.expedia.de/user/login?ckoflag=0&selc=0&uurl=qscr%3Dreds%26rurl%3D%252Ffavicon.ico
  • https://www.expedia.de/login?ckoflag=0&uurl=qscr%3Dreds%26rurl%3D%252Ffavicon.ico&selc=0
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.expedia.de/login?ckoflag=0&uurl=qscr%3Dreds%26rurl%3D%252Ffavicon.ico&selc=0
Protocol
H2
Server
104.111.215.55 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-55.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

content-security-policy
frame-ancestors about: 'self'
x-content-type-options
nosniff
x-b3-traceid
e45e3ea20d1d4d9a8b8f0eda1b438176
date
Tue, 14 Dec 2021 22:15:14 GMT
x-frame-options
SAMEORIGIN
location
/login?ckoflag=0&uurl=qscr%3Dreds%26rurl%3D%252Ffavicon.ico&selc=0
x-edgeconnect-cache-status
0
x-cgp-info
noJvmRouteSet;4fe30ef2-5d2b-11ec-8db3-02423bb4c0c8
strict-transport-security
max-age=2592000; includeSubDomains;
trace-id
e45e3ea2-0d1d-4d9a-8b8f-0eda1b438176
content-length
0
x-xss-protection
1
login
www.dropbox.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dropbox.com/login?cont=https%3A%2F%2Fwww.dropbox.com%2Fstatic%2Fimages%2Fabout%2Fdropbox_logo_glyph_2015.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:100:6022:18::a27d:4212 , United States, ASN19679 (DROPBOX, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
178-4417027-1316064
www.amazon.com/ap/signin/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.amazon.com/ap/signin/178-4417027-1316064?_encoding=UTF8&openid.assoc_handle=usflex&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.mode=checkid_setup&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.ns.pape=http%3A%2F%2Fspecs.openid.net%2Fextensions%2Fpape%2F1.0&openid.pape.max_auth_age=10000000&openid.return_to=https%3A%2F%2Fwww.amazon.com%2Ffavicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.75.90.57 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-90-57.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
/
www.pinterest.de/login/
Redirect Chain
  • https://www.pinterest.com/login/?next=https%3A%2F%2Fwww.pinterest.com%2Ffavicon.ico
  • https://www.pinterest.de/login/?next=https%3A%2F%2Fwww.pinterest.com%2Ffavicon.ico
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pinterest.de/login/?next=https%3A%2F%2Fwww.pinterest.com%2Ffavicon.ico
Protocol
H2
Server
2.21.141.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-169.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

date
Tue, 14 Dec 2021 22:15:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cdn
akamai
akamai-grn
0.5699645f.1639520114.be6d045
x-envoy-upstream-service-time
98
vary
User-Agent, Accept-Encoding
x-pinterest-rid
1252306683257981
trailer
x-pinterest-sli-streamed-response-type
x-ua-compatible
IE=edge
pinterest-version
56a8a1f
referrer-policy
origin
expect-ct
max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
location
https://www.pinterest.de/login/?next=https%3A%2F%2Fwww.pinterest.com%2Ffavicon.ico
x-xss-protection
1; mode=block
pinterest-generated-by
coreapp-webapp-prod-0a038743
login
de.foursquare.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de.foursquare.com/login?continue=%2Ffavicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
/
eu.battle.net/login/de/
Redirect Chain
  • https://eu.battle.net/login/de/index?ref=http://eu.battle.net/favicon.ico
  • https://eu.battle.net/login/de/?ref=http://eu.battle.net/favicon.ico
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu.battle.net/login/de/?ref=http://eu.battle.net/favicon.ico
Protocol
HTTP/1.1
Server
37.244.28.102 , United States, ASN57976 (BLIZZARD, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Tue, 14 Dec 2021 22:15:14 GMT
X-Content-Type-Options
nosniff
Server
Apache
X-Frame-Options
DENY
Location
https://eu.battle.net/login/de/?ref=http://eu.battle.net/favicon.ico
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=4000
Content-Length
0
X-XSS-Protection
1; mode=block
Retry-After
600
Expires
0
/
store.steampowered.com/login/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://store.steampowered.com/login/?redir=favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.134 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-134.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
login
www.academia.edu/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.academia.edu/login?cp=/favicon.ico&cs=www
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-49.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
ServiceLogin
accounts.google.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/ServiceLogin?service=blogger&hl=de&passive=1209600&continue=https://www.blogger.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
login
github.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://github.com/login?return_to=https%3A%2F%2Fgithub.com%2Ffavicon.ico%3Fid%3D1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
140.82.121.4 , United States, ASN36459 (GITHUB, US),
Reverse DNS
lb-140-82-121-4-fra.github.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
signin
medium.com/m/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medium.com/m/signin?redirect=https%3A%2F%2Fmedium.com%2Ffavicon.ico&loginType=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
login
news.ycombinator.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.ycombinator.com/login?goto=y18.gif%23
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.216.230.240 , United States, ASN21581 (M5HOSTING, US),
Reverse DNS
news.ycombinator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
signin
carbonmade.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://carbonmade.com/signin?returnTo=favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:7a00:5:d344:2380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
login
courses.edx.org/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://courses.edx.org/login?next=/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:b154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
checkcookie
slack.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://slack.com/checkcookie?redir=https%3A%2F%2Fslack.com%2Ffavicon.ico%23
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.159.197.225 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-197-225.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
login
www.khanacademy.org/ 		437 B
437 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.khanacademy.org/login?continue=https%3A//www.khanacademy.org/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
151.101.129.42 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6767e0f6a5af1c1bd41c38394d66eab162cf896bf5b6b425d28dce2f9ff6ba0b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 22:15:15 GMT
accept-ranges
bytes
content-length
437
strict-transport-security
max-age=31536000; includeSubDomains; preload
retry-after
0
content-type
text/html; charset=utf-8
signin
www.paypal.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypal.com/signin?returnUri=https://t.paypal.com/ts?v=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
login
500px.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://500px.com/login?r=%2Ffavicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-38.fra6.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
login
www.airbnb.de/
Redirect Chain
  • https://www.airbnb.com/login?redirect_params[action]=favicon.ico&redirect_params[controller]=home
  • https://www.airbnb.de/login?redirect_params%5Baction%5D=favicon.ico&redirect_params%5Bcontroller%5D=home&_set_bev_on_new_domain=1639520115_OTk1YmQ4ZTEyMGNj
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.airbnb.de/login?redirect_params%5Baction%5D=favicon.ico&redirect_params%5Bcontroller%5D=home&_set_bev_on_new_domain=1639520115_OTk1YmQ4ZTEyMGNj
Protocol
H2
Server
95.100.153.115 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-153-115.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

x-edgeconnect-origin-mex-latency
91
content-security-policy
child-src blob:; connect-src 'self' https: wss://ws.airbnb.com https://netverify.com https://*.netverify.com wss: *.amap.com https://*.mapbox.com; default-src 'self' https: blob:; font-src 'self' data: https://*.muscache.com fonts.gstatic.com https://use.typekit.net; frame-src * https://*.cardinalcommerce.com; img-src 'self' https: data: https://*.mapbox.com blob:; media-src 'self' https: blob:; script-src 'self' 'unsafe-eval' https://a0.muscache.com https://cdn.siftscience.com https://ss.musthird.com https://t1.musthird.com https://bat.bing.com https://connect.facebook.net https://www.google-analytics.com https://www.googleadservices.com https://tpc.googlesyndication.com https://www.googletagmanager.com https://maps.googleapis.com https://ajax.googleapis.com https://*.g.doubleclick.net https://www.google.com https://www.gstatic.com https://smartlock.google.com https://accounts.google.com https://app.link https://cdn.branch.io https://api.branch.io https://bam.nr-data.net https://js-agent.newrelic.com https://ethn.io https://s.yimg.jp https://api.geetest.com https://cdn.ampproject.org https://storage.googleapis.com/workbox-cdn/ https://tagmanager.google.com https://pay.google.com https://songbird.cardinalcommerce.com/ https://www.recaptcha.net https://www.gstatic.cn https://client-api.arkoselabs.com https://h.online-metrix.net 'sha256-rAm9O8JPZLtQmd84zMDzhsG5q35JscESxxcaFL7+DDc=' 'sha256-+DMqUACVS8B0N29g0M3MeqqvH2pF88VHSCl59PH+Z0Q=' 'sha256-ZYbvQDm+/uEZNXc+DKgP4M43y5ry9kGSdIPWCxAPuQ8=' 'sha256-3ss3Pdz060SMHESdgB6b/4MCtQw6UChP6t+0NloA4gQ=' https://netverify.com https://*.netverify.com https://icm.aexp-static.com https://qicm.americanexpress.com https://qwww435.americanexpress.com https://checkout.americanexpress.com https://www.paypalobjects.com https://c.paypal.com https://www.paypal.com blob: https://vdata.amap.com https://webapi.amap.com https://restapi.amap.com https://*.mapbox.com https://songbird.cardinalcommerce.com https://songbirdstag.cardinalcommerce.com https://includes.ccdc02.com https://includestest.ccdc02.com 'nonce-ug8Jk9ffE+PNLay1XEt5ng=='; style-src 'self' https: 'unsafe-inline' https://*.mapbox.com; worker-src 'self' blob:; report-uri /tracking/csp?controller=core-guest-loop&action=%2Flogin&req_uuid=f195b2d2-c511-455f-8ab7-8a41b9231618&version=sha%3D7202f04e10b&report_only=false; report-to /tracking/csp?controller=core-guest-loop&action=%2Flogin&req_uuid=f195b2d2-c511-455f-8ab7-8a41b9231618&version=sha%3D7202f04e10b&report_only=false
x-erf-bev-bev-is-generated
1
x-content-type-options
nosniff
x-server-name
www.airbnb.com
x-edgeconnect-midmile-rtt
121
x-browser-type
unknown
status
307 Temporary Redirect
x-kraken-loop-name
core-guest-loop
x-envoy-upstream-service-time
80
server-timing
cdn-cache; desc=NO-STORE, edge; dur=115, origin; dur=91
content-length
190
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge,chrome=1
server
nginx
x-frame-options
SAMEORIGIN
date
Tue, 14 Dec 2021 22:15:15 GMT
strict-transport-security
max-age=10886400; includeSubdomains
accept-ch-lifetime
31536000
content-type
text/plain;charset=utf-8
location
https://www.airbnb.de/login?redirect_params%5Baction%5D=favicon.ico&redirect_params%5Bcontroller%5D=home&_set_bev_on_new_domain=1639520115_OTk1YmQ4ZTEyMGNj
cache-control
no-store, max-age=0, private, must-revalidate
origin-trial
AkOekvxwprBLSP7I2nhyRn5yZGt9lTJN6UIYziFKVYg5OhlzmlNDciWbBWkEQ5TYPz+aqsuIUT2pPEjPUD5dFAsAAABneyJvcmlnaW4iOiJodHRwczovL2FpcmJuYi5jb206NDQzIiwiZmVhdHVyZSI6IlByaW9yaXR5SGludHNBUEkiLCJleHBpcnkiOjE2NDc5OTM1OTksImlzU3ViZG9tYWluIjp0cnVlfQ==, AotFSarOLASWR8gu5UiYxjqvqBnJaH7pQ6yFURg38rocnqWb08y/JB4XLjkmy/vrCzCxVFGsazHLLI28/9A73QkAAABteyJvcmlnaW4iOiJodHRwczovL3d3dy5haXJibmIuY29tOjQ0MyIsImZlYXR1cmUiOiJEb2N1bWVudFRyYW5zaXRpb24iLCJleHBpcnkiOjE2NDEzNDA3OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-instrumentation
airbnb
accept-ch
Device-Memory, DPR, ECT, Viewport-Width
x-server-lifecycle-phase
running
x-erf-bev-bev
1639520115_OTk1YmQ4ZTEyMGNj
/
disqus.com/profile/login/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://disqus.com/profile/login/?next=https%3A%2F%2Fdisqus.com%2Ffavicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.64.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
/
www.meetup.com/login/
Redirect Chain
  • https://secure.meetup.com/login/?returnUri=https%3A%2F%2Fwww.meetup.com%2Fimg%2Fajax_loader_trans.gif
  • https://www.meetup.com/login/?returnUri=https%3A%2F%2Fwww.meetup.com%2Fimg%2Fajax_loader_trans.gif
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.meetup.com/login/?returnUri=https%3A%2F%2Fwww.meetup.com%2Fimg%2Fajax_loader_trans.gif
Protocol
H2
Server
151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

date
Tue, 14 Dec 2021 22:15:15 GMT
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
location
https://www.meetup.com/login/?returnUri=https%3A%2F%2Fwww.meetup.com%2Fimg%2Fajax_loader_trans.gif
cache-control
cache-control: public, max-age=0, must-revalidate
content-security-policy
base-uri 'self'; connect-src * blob: data: ; default-src 'self' *.meetup.com *.dev.meetup.com:8001; font-src * data:; frame-ancestors 'self'; frame-src *; img-src * data: blob: ;script-src * 'unsafe-eval' 'unsafe-inline'; style-src * 'unsafe-inline'; object-src 'none'
strict-transport-security
max-age=7776000
accept-ranges
bytes
content-length
0
x-xss-protection
1; mode=block
retry-after
0
/
bitbucket.org/account/signin/ 		13 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bitbucket.org/account/signin/?next=/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:da00:ff00::22cd:e0db Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
58404bdf6dc25c24fedd979469e69bfb8dc9ebca64a469929a858a12b12b9c30

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 22:15:14 GMT
content-length
13
content-type
text/html
login
secure.indeed.com/account/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.indeed.com/account/login?continue=%2ffavicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
169.47.19.137 Ashburn, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
89.13.2fa9.ip4.static.sl-reverse.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
login
vk.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vk.com/login?u=2&to=ZmF2aWNvbi5pY28-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.139.194 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv194-139-240-87.vk.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
1M0Rp1Ey
securedoclink.io/cp/ 		0
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securedoclink.io/cp/1M0Rp1Ey
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-latest.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
146.148.110.80 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
securedoclink.io
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash

Request headers

Accept
*/*
Referer
https://securedoclink.io/h/QK3C
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Tue, 14 Dec 2021 22:15:15 GMT
Content-Encoding
gzip
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Primary Request academic-fraud-alert
www.unkochmycampus.org/ 		83 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.unkochmycampus.org/academic-fraud-alert?x=1
Requested by
Host: securedoclink.io
URL: https://securedoclink.io/h/QK3C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.185.159.135 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software
Squarespace /
Resource Hash
29e3ce0eccb532b881227cda0840ca4548813bf159c189f519fac6c827c842fd
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://securedoclink.io/

Response headers

accept-ranges
bytes
age
0
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Tue, 14 Dec 2021 22:15:16 GMT
etag
W/"6b8e887da0ddb88749b73cdb95912d34--gzip"
expires
Thu, 01 Jan 1970 00:00:00 GMT
server
Squarespace
strict-transport-security
max-age=0
vary
Accept-Encoding
x-content-type-options
nosniff
x-contextid
j8wc9DhL/DinE8IP7
S6FzsIwIs1LEpnvreZHQwDoxbgdNC3URMwClpdqPB4GfeGvBfFHN4UJLFRbh52jhWD9Xw2gqjQjoZQsKweFKwAZqF2iR5QMaFU7wMkG0jAFu-WsoShFGZAsude80ZkoRdhXCHKoyjamTiY8Djhy8ZYmC-Ao1Oco8if37OcBDOcu8OfG0SaBujW48SagyjhmDjhy8Z...
use.typekit.net/ik/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/ik/S6FzsIwIs1LEpnvreZHQwDoxbgdNC3URMwClpdqPB4GfeGvBfFHN4UJLFRbh52jhWD9Xw2gqjQjoZQsKweFKwAZqF2iR5QMaFU7wMkG0jAFu-WsoShFGZAsude80ZkoRdhXCHKoyjamTiY8Djhy8ZYmC-Ao1Oco8if37OcBDOcu8OfG0SaBujW48SagyjhmDjhy8ZYmC-Ao1OcFzdP37O1m0-hNR-euojhBlSYmDO1FUiABkZWF3jAF8OcFzdPUyjamTiY8Djhy8ZYmC-Ao1OcFzdPUyjamTiY8Djhy8ZYmC-Ao1Oco8ifUySkolZPUCdhFydeyzSabCSaBujW48SagyjhmDjhy8ZYmC-Ao1OcFzdPUudclzjhylpAFydWguSkozScSCiAondhFGdW8RjAu3iWw0SaBujW48Sagyjh90jhNlOYiaikoyjamTiY8Djhy8ZYmC-Ao1OcFzdPUaiaS0jAFu-WsoShFGZAsude80Zko0ZWbCiaiaOcBDOcu8OYiaikoDSWmyScmDSeBRZWFR-emqiAUTdcS0jhNlOYiaikoudclzjhylpAFydWguSkozScSCiaiaO1m0-hNR-euojhBlSYmDO1FUiABkZWF3jAF8OcFzdPJwSY4zpe8ljPu0daZyJ68DdhZTjPu3Scv7fbRKHyMMeMw6MKG4fHvgIMMjgfMfH6GJCwbgIMMjgPMfH6qJK3IbMg6YJMJ7fbRRHyMMeMX6MKG4fJ3gIMMjIPMfH6GJhnvgIMIjIkMfH6GJa_vgIMIjMkMfH6GJt_vgIMIjgfMfH6GJtdvgIMIjgPMfH6GJodvgIMIjgKMfH6GJh_vgIMIjgkMfH6GJoOvgIMIj2KMfH6GJhdvgIMIjfPMfH6GJEOvgIMIjIfMfH6GJaOvgIMIjIPMfqMYx7LaXgb.js
Requested by
Host: www.unkochmycampus.org
URL: https://www.unkochmycampus.org/academic-fraud-alert?x=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
70316ab31b3830714f1426af6679a8d37f1be8f885745318d40774912a05b80a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.unkochmycampus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Tue, 14 Dec 2021 22:15:17 GMT
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
7222
css2
fonts.googleapis.com/ 		901 B
888 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Alice:wght@400
Requested by
Host: www.unkochmycampus.org
URL: https://www.unkochmycampus.org/academic-fraud-alert?x=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
54f2c3f432fb9ef6312cb866b29d64b379e4ffa594f8a6a41e8be39e2c20891d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.unkochmycampus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 14 Dec 2021 22:02:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 14 Dec 2021 22:15:17 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 Dec 2021 22:15:17 GMT
modern.js
assets.squarespace.com/@sqs/polyfiller/1.2.2/ 		80 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.squarespace.com/@sqs/polyfiller/1.2.2/modern.js
Requested by
Host: www.unkochmycampus.org
URL: https://www.unkochmycampus.org/academic-fraud-alert?x=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
6a801f781b109838b64c593ffbabaeb97e553d349540a9636cb63e23a8479423

Request headers

Referer
https://www.unkochmycampus.org/
Origin
https://www.unkochmycampus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 22:15:17 GMT
via
1.1 varnish, 1.1 varnish
age
8303922
x-cache
HIT, HIT
x-cache-hits
1, 231327
content-encoding
gzip
content-length
29224
x-served-by
cache-bwi5183-BWI, cache-fra19171-FRA
last-modified
Wed, 08 Sep 2021 20:21:24 GMT
server
UploadServer
x-timer
S1639520117.106399,VS0,VE0
etag
"03e5ef7c77d113abf6178fce61ec6344"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 09 Sep 2022 19:36:46 GMT
moment-js-vendor-18941e586c18c97f61a5f-min.en-US.js
assets.squarespace.com/universal/scripts-compressed/ 		467 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.squarespace.com/universal/scripts-compressed/moment-js-vendor-18941e586c18c97f61a5f-min.en-US.js
Requested by
Host: www.unkochmycampus.org
URL: https://www.unkochmycampus.org/academic-fraud-alert?x=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
7e9d8d87cffec9d332aff60919996e82dbc6ead0077324056486be483e33d86f

Request headers

Referer
https://www.unkochmycampus.org/
Origin
https://www.unkochmycampus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 22:15:17 GMT
via
1.1 varnish, 1.1 varnish
age
1075582
x-cache
HIT, HIT
x-cache-hits
1, 115096
content-encoding
br
content-length
77808
x-served-by
cache-bwi5181-BWI, cache-fra19171-FRA
last-modified
Thu, 02 Dec 2021 10:40:40 GMT
server
UploadServer
x-timer
S1639520117.106461,VS0,VE0
etag
"7f0b1fbac16e10f36afd8a9d01829dac"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 02 Dec 2022 11:28:55 GMT
cldr-resource-pack-62887b877f02fb5c82bdf-min.en-US.js
assets.squarespace.com/universal/scripts-compressed/ 		118 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.squarespace.com/universal/scripts-compressed/cldr-resource-pack-62887b877f02fb5c82bdf-min.en-US.js
Requested by
Host: www.unkochmycampus.org
URL: https://www.unkochmycampus.org/academic-fraud-alert?x=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
e5a5fef4f5f02f2bba8aff3a79be4a69dd38fc413795304218d3d9cf29a5170c

Request headers

Referer
https://www.unkochmycampus.org/
Origin
https://www.unkochmycampus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 22:15:17 GMT
via
1.1 varnish, 1.1 varnish
age
1075582
x-cache
HIT, HIT
x-cache-hits
1, 98890
content-encoding
br
content-length
18269
x-served-by
cache-bwi5180-BWI, cache-fra19171-FRA
last-modified
Thu, 02 Dec 2021 10:40:34 GMT
server
UploadServer
x-timer
S1639520117.106515,VS0,VE0
etag
"541c1dcf1afa2c98ae31a77adeb9af13"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 02 Dec 2022 11:28:55 GMT
common-vendors-stable-8507dcdb4110c3643ca02-min.en-US.js
assets.squarespace.com/universal/scripts-compressed/ 		237 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.squarespace.com/universal/scripts-compressed/common-vendors-stable-8507dcdb4110c3643ca02-min.en-US.js
Requested by
Host: www.unkochmycampus.org
URL: https://www.unkochmycampus.org/academic-fraud-alert?x=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
fd86030e64033fcb3bcf8fa033ffe71d8ff22fde01453b9f32080b233420c675

Request headers

Referer
https://www.unkochmycampus.org/
Origin
https://www.unkochmycampus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 22:15:17 GMT
via
1.1 varnish, 1.1 varnish
age
1075582
x-cache
HIT, HIT
x-cache-hits
1, 113851
content-encoding
br
content-length
66988
x-served-by
cache-bwi5145-BWI, cache-fra19171-FRA
last-modified
Thu, 02 Dec 2021 10:41:22 GMT
server
UploadServer
x-timer
S1639520117.106574,VS0,VE0
etag
"8f2318876c1b8e0c8d261aff3792000f"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 02 Dec 2022 11:28:55 GMT
common-vendors-102908805774869b146ff-min.en-US.js
assets.squarespace.com/universal/scripts-compressed/ 		568 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.squarespace.com/universal/scripts-compressed/common-vendors-102908805774869b146ff-min.en-US.js
Requested by
Host: www.unkochmycampus.org
URL: https://www.unkochmycampus.org/academic-fraud-alert?x=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
c31bd610bae346653157ad64b8798dfb2c2d346bef2e70c3f5f8e85902c784a4

Request headers

Referer
https://www.unkochmycampus.org/
Origin
https://www.unkochmycampus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 22:15:17 GMT
via
1.1 varnish, 1.1 varnish
age
20699
x-cache
HIT, HIT
x-cache-hits
1, 200
content-encoding
br
content-length
136659
x-served-by
cache-iad-kjyo7100051-IAD, cache-fra19171-FRA
last-modified
Tue, 14 Dec 2021 14:10:47 GMT
server
UploadServer
x-timer
S1639520117.106619,VS0,VE0
etag
"5b4fb33e3fb94d47ab2b84decb3df830"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 14 Dec 2022 16:30:17 GMT
common-7370009bbb1d0cdd382af-min.en-US.js
assets.squarespace.com/universal/scripts-compressed/ 		658 KB
149 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.squarespace.com/universal/scripts-compressed/common-7370009bbb1d0cdd382af-min.en-US.js
Requested by
Host: www.unkochmycampus.org
URL: https://www.unkochmycampus.org/academic-fraud-alert?x=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
82951b3b7241dcb1f03e9b881e15feeae54e92d7b172b0d2e6266c0fe17d53c1

Request headers

Referer
https://www.unkochmycampus.org/
Origin
https://www.unkochmycampus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 22:15:17 GMT
via
1.1 varnish, 1.1 varnish
age
345889
x-cache
HIT, HIT
x-cache-hits
1, 545
content-encoding
br
content-length
152168
x-served-by
cache-bwi5175-BWI, cache-fra19171-FRA
last-modified
Fri, 10 Dec 2021 21:33:05 GMT
server
UploadServer
x-timer
S1639520117.106699,VS0,VE0
etag
"ccb4ee92231c77f5e0f7a47ea152250b"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 10 Dec 2022 22:10:29 GMT
performance-ce8f8694be3151bc5b849-min.en-US.js
assets.squarespace.com/universal/scripts-compressed/ 		46 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.squarespace.com/universal/scripts-compressed/performance-ce8f8694be3151bc5b849-min.en-US.js
Requested by
Host: www.unkochmycampus.org
URL: https://www.unkochmycampus.org/academic-fraud-alert?x=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
dd8a0d0f2b62baa6cdfe6e480a4e9811fa9598c3dd7b31661d47b70d2c34ec54

Request headers

Referer
https://www.unkochmycampus.org/
Origin
https://www.unkochmycampus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 22:15:17 GMT
via
1.1 varnish, 1.1 varnish
age
451318
x-cache
HIT, HIT
x-cache-hits
1, 29658
content-encoding
br
content-length
12525
x-served-by
cache-bwi5130-BWI, cache-fra19171-FRA
last-modified
Thu, 09 Dec 2021 16:14:20 GMT
server
UploadServer
x-timer
S1639520117.175144,VS0,VE0
etag
"bf5d5ee234bf35b230f0c49800dc593b"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 09 Dec 2022 16:53:19 GMT
site.css
static1.squarespace.com/static/sitecss/5400da69e4b0cb1fd47c9077/50/55f0aac0e4b0f0a5b7e0b22e/5bb4d5f10852290ffa4fd462/345-05142015/1638477980241/ 		888 KB
80 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static1.squarespace.com/static/sitecss/5400da69e4b0cb1fd47c9077/50/55f0aac0e4b0f0a5b7e0b22e/5bb4d5f10852290ffa4fd462/345-05142015/1638477980241/site.css
Requested by
Host: www.unkochmycampus.org
URL: https://www.unkochmycampus.org/academic-fraud-alert?x=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.238 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Squarespace /
Resource Hash
656b1130f574f244de82cb20c340f4f76fd9c5cf3cb86f22955f67470e7f9977
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.unkochmycampus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 22:15:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
515062
x-cache
HIT, HIT
x-contextid
sGzIgJ96/9gEgaVoq
x-cache-hits
1, 1
content-length
81463
x-served-by
cache-dfw18668-DFW, cache-fra19181-FRA
pragma
cache
server
Squarespace
x-timer
S1639520117.131614,VS0,VE1
etag
W/"fb4b1607ea7eb8caa5298b20accbb32f--gzip"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=94608000
accept-ranges
bytes
timing-allow-origin
*
tracepoint
Fastly
UnKoch+Logo+Transparent+White+copy.png
images.squarespace-cdn.com/content/v1/5400da69e4b0cb1fd47c9077/1587491185358-NCSHZCB1AFZ7EXEH7IR0/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.squarespace-cdn.com/content/v1/5400da69e4b0cb1fd47c9077/1587491185358-NCSHZCB1AFZ7EXEH7IR0/UnKoch+Logo+Transparent+White+copy.png?format=1500w
Requested by
Host: www.unkochmycampus.org
URL: https://www.unkochmycampus.org/academic-fraud-alert?x=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.238 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1456d23f1dd6e283ded6bf555f55265e2b88920120fb566e6b733e2cf57495fa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.unkochmycampus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 22:15:17 GMT
via
1.1 google, 1.1 varnish, 1.1 varnish
age
555649
x-cache
HIT, HIT
content-length
40584
x-served-by
cache-bwi5140-BWI, cache-fra19170-FRA
x-timer
S1639520117.199435,VS0,VE1
tracepoint
Fastly
etag
CIvC5KiNp+sCEAE=
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Timing-Allow-Origin
cache-control
max-age=604800
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1, 1
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.unkochmycampus.org
URL: https://www.unkochmycampus.org/academic-fraud-alert?x=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.unkochmycampus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
25965
x-xss-protection
0
pragma
public
x-fb-debug
9+jiJFECVWjXCcKMDYdHABYVsdR4Tlg1m/tIMvI1j3qFZ+U376yMxINTO5C4Ima4voSlFjKE3zMrm7yjRpga8g==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Tue, 14 Dec 2021 22:15:17 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.unkochmycampus.org
URL: https://www.unkochmycampus.org/academic-fraud-alert?x=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.unkochmycampus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
4451
date
Tue, 14 Dec 2021 21:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 14 Dec 2021 23:01:06 GMT
ui-icons.svg
www.unkochmycampus.org/assets/ 		8 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.unkochmycampus.org/assets/ui-icons.svg
Requested by
Host: www.unkochmycampus.org
URL: https://www.unkochmycampus.org/academic-fraud-alert?x=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.185.159.135 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software
Squarespace /
Resource Hash
ded1e2af9a5d3937cc8d26fbb6d0212702f611ca62607c4eb3e7b4dc3b196d9f
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.unkochmycampus.org/academic-fraud-alert?x=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
cache
date
Sat, 04 Dec 2021 16:53:14 GMT
x-content-type-options
nosniff
server
Squarespace
cache-control
public, max-age=94608000
age
883323
etag
W/"8e156e0f2cc5525d94f0b9e8640f99f7"
strict-transport-security
max-age=0
content-type
image/svg+xml
access-control-allow-origin
*
x-contextid
j8wc9DhL/X80jbkpw
accept-ranges
bytes
content-length
8459
expires
Thu, 01 Jan 1970 00:00:00 GMT
site-bundle.js
static1.squarespace.com/static/ta/55f0a9b0e4b0f3eb70352f6d/345/scripts/ 		132 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.squarespace.com/static/ta/55f0a9b0e4b0f3eb70352f6d/345/scripts/site-bundle.js
Requested by
Host: www.unkochmycampus.org
URL: https://www.unkochmycampus.org/academic-fraud-alert?x=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.238 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Squarespace /
Resource Hash
f8ff1c73338af58be4402362af926083074688ad502d0792707fb75358a7f0f6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.unkochmycampus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 22:15:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
570800
x-cache
HIT, HIT
x-contextid
B8r6poLW/64VD8eRm
x-cache-hits
3178, 19160
content-length
42702
x-served-by
cache-dfw18681-DFW, cache-fra19181-FRA
pragma
cache
server
Squarespace
x-timer
S1639520117.330906,VS0,VE0
etag
W/"34fe62d0435823b52b1beb9620c18a94--gzip"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=94608000
accept-ranges
bytes
timing-allow-origin
*
tracepoint
Fastly
l
use.typekit.net/af/5e6988/00000000000000007735a163/30/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/5e6988/00000000000000007735a163/30/l?subset_id=2&fvd=n4&v=3
Requested by
Host: www.unkochmycampus.org
URL: https://www.unkochmycampus.org/academic-fraud-alert?x=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
92e80834b5272dd605d379b7306d572771e97f47e99642b144dd21db487dcb4d

Request headers

Referer
https://www.unkochmycampus.org/
Origin
https://www.unkochmycampus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 22:15:17 GMT
server
nginx
etag
"904f01f1339e5a65d5f412d9061c4bb58a0056b7"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
23584
l
use.typekit.net/af/5236f2/00000000000000007735a148/30/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/5236f2/00000000000000007735a148/30/l?subset_id=2&fvd=n9&v=3
Requested by
Host: www.unkochmycampus.org
URL: https://www.unkochmycampus.org/academic-fraud-alert?x=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
775cf1c6aa09975ceb9c040318dae242c74912985f8834a7da0ef12900c6612c

Request headers

Referer
https://www.unkochmycampus.org/
Origin
https://www.unkochmycampus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 22:15:17 GMT
server
nginx
etag
"81fa6056f52c0e953c0c71ba4e892cc50bdbce89"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
24236
l
use.typekit.net/af/09d302/00000000000000007735a14e/30/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/09d302/00000000000000007735a14e/30/l?subset_id=2&fvd=n7&v=3
Requested by
Host: www.unkochmycampus.org
URL: https://www.unkochmycampus.org/academic-fraud-alert?x=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
7bd25bad86b5f7b234536c1c867bf2aeeadc0c35108acd1b121516a1e96535f8

Request headers

Referer
https://www.unkochmycampus.org/
Origin
https://www.unkochmycampus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 22:15:17 GMT
server
nginx
etag
"a8675432de6daa5a45e782c9d47f12b1baafc065"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
24536
identity.js
connect.facebook.net/signals/plugins/ 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.48
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.unkochmycampus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
20661
x-xss-protection
0
pragma
public
x-fb-debug
zTCaZD3IcpvqEXCEvQL4vmCs0dPSAfIQoT1ijuTg9Ym2S3jIGAgjZV7kwGYart8yqc7HowmTmEYXN6GPGv1Wtg==
x-frame-options
DENY
date
Tue, 14 Dec 2021 22:15:17 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
249032039056881
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/249032039056881?v=2.9.48&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
eff3ab981319a83b1700d8f205ed6fbd9e37e817bf5e55035bf94e0abf871694
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.unkochmycampus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
QIdqxZXYIOztuT2Qrufr7MHZNd6dfJnrYyOdM5kCv3w8QwLsyLydJ/SFmz/rJpyRx7pZ5UlQT7+t45e6oi7kwQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 14 Dec 2021 22:15:17 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
Screen+Shot+2021-12-02+at+10.09.46+AM.png
images.squarespace-cdn.com/content/v1/5400da69e4b0cb1fd47c9077/70a5a952-a1c5-40e0-8d66-49043f7c0213/ 		150 KB
150 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.squarespace-cdn.com/content/v1/5400da69e4b0cb1fd47c9077/70a5a952-a1c5-40e0-8d66-49043f7c0213/Screen+Shot+2021-12-02+at+10.09.46+AM.png?format=1000w
Requested by
Host: www.unkochmycampus.org
URL: https://www.unkochmycampus.org/academic-fraud-alert?x=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.238 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e9d6c0a17f443588ecf3d7b9d53b1adae42f46998c978bd2dcca1c3d5ba0849a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.unkochmycampus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 22:15:17 GMT
via
1.1 google, 1.1 varnish, 1.1 varnish
age
0
x-cache
MISS, MISS
content-length
153449
x-served-by
cache-iad-kiad7000028-IAD, cache-fra19170-FRA
x-timer
S1639520117.385685,VS0,VE366
tracepoint
Fastly
etag
CJXc3f2yxfQCEAE=
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Timing-Allow-Origin
cache-control
max-age=604800
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
0, 0
Screen+Shot+2021-12-02+at+10.16.09+AM.png
images.squarespace-cdn.com/content/v1/5400da69e4b0cb1fd47c9077/8bc9db2c-bc91-4047-8897-02d9a5e2cbc5/ 		99 KB
99 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.squarespace-cdn.com/content/v1/5400da69e4b0cb1fd47c9077/8bc9db2c-bc91-4047-8897-02d9a5e2cbc5/Screen+Shot+2021-12-02+at+10.16.09+AM.png?format=1000w
Requested by
Host: www.unkochmycampus.org
URL: https://www.unkochmycampus.org/academic-fraud-alert?x=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.238 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ef4abef830e5b85a79c368cd0398b90660c3796623e4f57049d5ca3342d96497

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.unkochmycampus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 22:15:17 GMT
via
1.1 google, 1.1 varnish, 1.1 varnish
age
0
x-cache
MISS, MISS
content-length
101309
x-served-by
cache-iad-kcgs7200074-IAD, cache-fra19170-FRA
x-timer
S1639520117.385951,VS0,VE323
tracepoint
Fastly
etag
CMPXpLK0xfQCEAE=
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Timing-Allow-Origin
cache-control
max-age=604800
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
0, 0
Screen+Shot+2021-12-02+at+10.19.06+AM.png
images.squarespace-cdn.com/content/v1/5400da69e4b0cb1fd47c9077/bf7c3312-991b-4c1d-a45c-bb06dc3ba55e/ 		105 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.squarespace-cdn.com/content/v1/5400da69e4b0cb1fd47c9077/bf7c3312-991b-4c1d-a45c-bb06dc3ba55e/Screen+Shot+2021-12-02+at+10.19.06+AM.png?format=1000w
Requested by
Host: www.unkochmycampus.org
URL: https://www.unkochmycampus.org/academic-fraud-alert?x=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.238 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
395e15c669160e897f178753bdda891da63d15883b93f75a3628ece40a3dd534

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.unkochmycampus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 22:15:17 GMT
via
1.1 google, 1.1 varnish, 1.1 varnish
age
0
x-cache
MISS, MISS
content-length
107380
x-served-by
cache-iad-kiad7000151-IAD, cache-fra19170-FRA
x-timer
S1639520117.386036,VS0,VE292
tracepoint
Fastly
etag
CKr0+Ia1xfQCEAE=
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Timing-Allow-Origin
cache-control
max-age=604800
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
0, 0
Screen+Shot+2021-12-02+at+10.22.55+AM.png
images.squarespace-cdn.com/content/v1/5400da69e4b0cb1fd47c9077/3664d81c-1603-45a5-a522-26338f3d5e27/ 		647 KB
647 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.squarespace-cdn.com/content/v1/5400da69e4b0cb1fd47c9077/3664d81c-1603-45a5-a522-26338f3d5e27/Screen+Shot+2021-12-02+at+10.22.55+AM.png?format=1000w
Requested by
Host: www.unkochmycampus.org
URL: https://www.unkochmycampus.org/academic-fraud-alert?x=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.238 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
64465e99e58722255bcb1b4179b9a25720c80a450695315fa152038c23d0d05c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.unkochmycampus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 22:15:17 GMT
via
1.1 google, 1.1 varnish, 1.1 varnish
age
0
x-cache
MISS, MISS
content-length
662473
x-served-by
cache-iad-kjyo7100135-IAD, cache-fra19170-FRA
x-timer
S1639520117.386163,VS0,VE342
tracepoint
Fastly
etag
COjR+fS1xfQCEAE=
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Timing-Allow-Origin
cache-control
max-age=604800
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
0, 0
RecordHit
www.unkochmycampus.org/api/census/ 		17 B
111 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.unkochmycampus.org/api/census/RecordHit
Requested by
Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-102908805774869b146ff-min.en-US.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.185.159.135 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software
Squarespace /
Resource Hash
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.unkochmycampus.org/academic-fraud-alert?x=1
X-CSRF-Token
BaJ2c7cG16A5MDkyNjliNGI1ZDgyNGE2ZDc2M2YwMjU5OTJhNjQ4
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 14 Dec 2021 22:15:17 GMT
x-content-type-options
nosniff
server
Squarespace
cache-control
no-cache, no-store, must-revalidate
strict-transport-security
max-age=0
content-type
application/json;charset=utf-8
x-contextid
j8wc9DhL/64UZ0Kmm
content-length
17
settings
www.unkochmycampus.org/api/1/performance/ 		3 KB
535 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.unkochmycampus.org/api/1/performance/settings
Requested by
Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/performance-ce8f8694be3151bc5b849-min.en-US.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.185.159.135 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software
Squarespace /
Resource Hash
c7dcbf321864d54f4bdef202904adfa8e0e19de7e75c7afc39bab499f4e6743a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.unkochmycampus.org/academic-fraud-alert?x=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 22:15:17 GMT
content-encoding
gzip
server
Squarespace
x-contextid
j8wc9DhL/OlgWz2je
content-length
433
vary
Accept-Encoding, User-Agent
content-type
application/json
l
use.typekit.net/af/1be3c2/00000000000000007735e606/30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/1be3c2/00000000000000007735e606/30/l?subset_id=2&fvd=n3&v=3
Requested by
Host: www.unkochmycampus.org
URL: https://www.unkochmycampus.org/academic-fraud-alert?x=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
f58b9127d4cb491ce21d1a185ea87ce2dbfff718b79a438f587f7a248423f397

Request headers

Referer
https://www.unkochmycampus.org/
Origin
https://www.unkochmycampus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 22:15:17 GMT
server
nginx
etag
"a17c0961becf60ba50f5bf6f83483b71ca33505e"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
16496
l
use.typekit.net/af/efe4a5/00000000000000007735e609/30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/efe4a5/00000000000000007735e609/30/l?subset_id=2&fvd=n4&v=3
Requested by
Host: www.unkochmycampus.org
URL: https://www.unkochmycampus.org/academic-fraud-alert?x=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
6134c69a4499afd5f1c8aa273268c18604922248782917819d91e9cdfdf22995

Request headers

Referer
https://www.unkochmycampus.org/
Origin
https://www.unkochmycampus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 22:15:17 GMT
server
nginx
etag
"e7ff55a2dbd9793a0025734c0419ed962aadab55"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
16564
l
use.typekit.net/af/23e139/00000000000000007735e605/30/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/23e139/00000000000000007735e605/30/l?subset_id=2&fvd=n5&v=3
Requested by
Host: www.unkochmycampus.org
URL: https://www.unkochmycampus.org/academic-fraud-alert?x=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
5624c3c9a4b63492f85c73c2d5717a93c371ea128bada60cce6e3a18fa24c0d5

Request headers

Referer
https://www.unkochmycampus.org/
Origin
https://www.unkochmycampus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 22:15:17 GMT
server
nginx
etag
"e14b3e1c538ef57e7a1dbd33c45600ad6ff14122"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
16720
l
use.typekit.net/af/2555e1/00000000000000007735e603/30/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/2555e1/00000000000000007735e603/30/l?subset_id=2&fvd=n7&v=3
Requested by
Host: www.unkochmycampus.org
URL: https://www.unkochmycampus.org/academic-fraud-alert?x=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
cb2f89e554453cd1e53c403748945f0fc04314a5395c72160f06367d49cb9d26

Request headers

Referer
https://www.unkochmycampus.org/
Origin
https://www.unkochmycampus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 22:15:17 GMT
server
nginx
etag
"d6bfc4d27afeb61a1128d9c149ee5ed369aa27c3"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
16832
l
use.typekit.net/af/40d372/00000000000000007735e607/30/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/40d372/00000000000000007735e607/30/l?subset_id=2&fvd=i3&v=3
Requested by
Host: www.unkochmycampus.org
URL: https://www.unkochmycampus.org/academic-fraud-alert?x=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
f21dddd009b70ce364c64630dd607558260f64615f11446e00a291d94e33fbca

Request headers

Referer
https://www.unkochmycampus.org/
Origin
https://www.unkochmycampus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 22:15:17 GMT
server
nginx
etag
"6ef0d08855713d86077ceb4099e5542a326ee5e8"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
16984
l
use.typekit.net/af/4de20a/00000000000000007735e604/30/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/4de20a/00000000000000007735e604/30/l?subset_id=2&fvd=i7&v=3
Requested by
Host: www.unkochmycampus.org
URL: https://www.unkochmycampus.org/academic-fraud-alert?x=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
10ce36ce7f54ac02a9f483ee8dc93961b7b3b75b97d1713f428edc140f2060e0

Request headers

Referer
https://www.unkochmycampus.org/
Origin
https://www.unkochmycampus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 22:15:17 GMT
server
nginx
etag
"a7173d64afba2671b7fdf3dc01ded3412e73bdc3"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
17284
l
use.typekit.net/af/7b947d/00000000000000007735a14b/30/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/7b947d/00000000000000007735a14b/30/l?subset_id=2&fvd=i9&v=3
Requested by
Host: www.unkochmycampus.org
URL: https://www.unkochmycampus.org/academic-fraud-alert?x=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
38c2707dafbe5cb62636e19f53312a6d543917883a3c2980fdaf8f365de3d4a0

Request headers

Referer
https://www.unkochmycampus.org/
Origin
https://www.unkochmycampus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 22:15:17 GMT
server
nginx
etag
"440a9f32f1513a124f8dc65a86faf3d92440aae9"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
25692
l
use.typekit.net/af/1416a9/00000000000000007735a15a/30/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/1416a9/00000000000000007735a15a/30/l?subset_id=2&fvd=n3&v=3
Requested by
Host: www.unkochmycampus.org
URL: https://www.unkochmycampus.org/academic-fraud-alert?x=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
670341ad8e76448b4257c6f587d64697dc14fb24e0a97371619121205b0c960a

Request headers

Referer
https://www.unkochmycampus.org/
Origin
https://www.unkochmycampus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 22:15:17 GMT
server
nginx
etag
"92653bf9dfb73423e3934fb5cc275761c3a469ce"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
23328
l
use.typekit.net/af/4abf65/00000000000000007735a15d/30/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/4abf65/00000000000000007735a15d/30/l?subset_id=2&fvd=n5&v=3
Requested by
Host: www.unkochmycampus.org
URL: https://www.unkochmycampus.org/academic-fraud-alert?x=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
46f518fad8b17054ff839231e4a4992bb485bdc4a15c1cac3ef5d7672e7872ac

Request headers

Referer
https://www.unkochmycampus.org/
Origin
https://www.unkochmycampus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 22:15:17 GMT
server
nginx
etag
"527dfec3bddcaa06ce67c1f6fa797f2643f09ad1"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
23600
l
use.typekit.net/af/61b4ba/00000000000000007735a167/30/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/61b4ba/00000000000000007735a167/30/l?subset_id=2&fvd=n6&v=3
Requested by
Host: www.unkochmycampus.org
URL: https://www.unkochmycampus.org/academic-fraud-alert?x=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
a1469f38538cb1ee1ecbf6206830668a0dc002e2165b3bf1d2898bf42b0523cb

Request headers

Referer
https://www.unkochmycampus.org/
Origin
https://www.unkochmycampus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 22:15:17 GMT
server
nginx
etag
"558f2f28c886e1605d71793312b23e190e0da7f4"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
24512
l
use.typekit.net/af/37de2f/00000000000000007735a165/30/ 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/37de2f/00000000000000007735a165/30/l?subset_id=2&fvd=i4&v=3
Requested by
Host: www.unkochmycampus.org
URL: https://www.unkochmycampus.org/academic-fraud-alert?x=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
0dc545c288196a8c5a2a63702e405f9c2cec21432876684d487bab9c2af8de79

Request headers

Referer
https://www.unkochmycampus.org/
Origin
https://www.unkochmycampus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 22:15:17 GMT
server
nginx
etag
"f03b9bb00c85cada8e4ac68c00b6a3d92321b062"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
24988
l
use.typekit.net/af/4b1947/00000000000000007735a16d/30/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/4b1947/00000000000000007735a16d/30/l?subset_id=2&fvd=i6&v=3
Requested by
Host: www.unkochmycampus.org
URL: https://www.unkochmycampus.org/academic-fraud-alert?x=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
0face7c83e6fc8b566d652fa36d43696f240cf6ef90b6750dc10aaee87ddf34a

Request headers

Referer
https://www.unkochmycampus.org/
Origin
https://www.unkochmycampus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 22:15:17 GMT
server
nginx
etag
"51a467a38718f167807a14577ff7791fe0e0f9d6"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
25700
l
use.typekit.net/af/e30e66/00000000000000007735a151/30/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/e30e66/00000000000000007735a151/30/l?subset_id=2&fvd=i7&v=3
Requested by
Host: www.unkochmycampus.org
URL: https://www.unkochmycampus.org/academic-fraud-alert?x=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
f2ecdd15e3545b71799eb89e4638adebbcdc42cde35ed27cf3c0a5b9ea512788

Request headers

Referer
https://www.unkochmycampus.org/
Origin
https://www.unkochmycampus.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 22:15:17 GMT
server
nginx
etag
"ded90ee4765f0a014418fe73726fe4d5d976c3f7"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
25520
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2116238504&t=pageview&_s=1&dl=https%3A%2F%2Fwww.unkochmycampus.org%2Facademic-fraud-alert%3Fx%3D1&dr=https%3A%2F%2Fsecuredoclink.io%2F&ul=en-us&de=UTF-8&dt=Academic%20Fraud%20Alert%20%E2%80%94%20UnKoch%20My%20Campus&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=459280187&gjid=1474207589&cid=1481676384.1639520117&tid=UA-55101833-1&_gid=1926768395.1639520117&_r=1&_slc=1&z=922266899
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.unkochmycampus.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Dec 2021 22:15:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.unkochmycampus.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
p.gif
p.typekit.net/ 		35 B
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.typekit.net/p.gif?s=2&k=646866_5400da69e4b0cb1fd47c9077&ht=tk&h=www.unkochmycampus.org&f=5474.175.25136.139.5475.140.24538.24543.24547.24545.24549.24539.24548.24537.24552.24540&a=646866&js=1.20.0&app=typekit&e=js&_=1639520117476
Requested by
Host: www.unkochmycampus.org
URL: https://www.unkochmycampus.org/academic-fraud-alert?x=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2ae::19fd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.unkochmycampus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 22:15:17 GMT
last-modified
Wed, 02 Sep 2020 03:58:21 GMT
server
nginx
etag
"5f4f185d-23"
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
35
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=249032039056881&ev=PageView&dl=https%3A%2F%2Fwww.unkochmycampus.org%2Facademic-fraud-alert%3Fx%3D1&rl=https%3A%2F%2Fsecuredoclink.io%2F&if=false&ts=1639520117545&sw=1600&sh=1200&v=2.9.48&r=stable&a=plsquarespace&ec=0&o=30&fbp=fb.1.1639520117544.2097755082&it=1639520117355&coo=false&rqm=GET
Requested by
Host: www.unkochmycampus.org
URL: https://www.unkochmycampus.org/academic-fraud-alert?x=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.unkochmycampus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 22:15:17 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Tue, 14 Dec 2021 22:15:17 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=249032039056881&ev=Microdata&dl=https%3A%2F%2Fwww.unkochmycampus.org%2Facademic-fraud-alert%3Fx%3D1&rl=https%3A%2F%2Fsecuredoclink.io%2F&if=false&ts=1639520118048&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Academic%20Fraud%20Alert%20%E2%80%94%20UnKoch%20My%20Campus%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22UnKoch%20My%20Campus%22%2C%22og%3Atitle%22%3A%22Academic%20Fraud%20Alert%20%E2%80%94%20UnKoch%20My%20Campus%22%2C%22og%3Aurl%22%3A%22http%3A%2F%2Fwww.unkochmycampus.org%2Facademic-fraud-alert%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aimage%22%3A%22http%3A%2F%2Fstatic1.squarespace.com%2Fstatic%2F5400da69e4b0cb1fd47c9077%2Ft%2F5bb4d521f9619a6ba2014034%2F1538577699802%2FUnKoch%2BLogo%2BTransparent%2BBlack.png%3Fformat%3D1500w%22%2C%22og%3Aimage%3Awidth%22%3A%22700%22%2C%22og%3Aimage%3Aheight%22%3A%22200%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22url%22%3A%22http%3A%2F%2Fwww.unkochmycampus.org%22%2C%22name%22%3A%22UnKoch%20My%20Campus%22%2C%22description%22%3A%22%22%2C%22image%22%3A%22%2F%2Fimages.squarespace-cdn.com%2Fcontent%2Fv1%2F5400da69e4b0cb1fd47c9077%2F1587491185358-NCSHZCB1AFZ7EXEH7IR0%2FUnKoch%2BLogo%2BTransparent%2BWhite%2Bcopy.png%22%2C%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebSite%22%7D%2C%7B%22address%22%3A%22%22%2C%22image%22%3A%22https%3A%2F%2Fstatic1.squarespace.com%2Fstatic%2F5400da69e4b0cb1fd47c9077%2Ft%2F5e9f31710c0e4c69752d513c%2F1638477980269%2F%22%2C%22openingHours%22%3A%22%2C%20%2C%20%2C%20%2C%20%2C%20%2C%20%22%2C%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22LocalBusiness%22%7D%5D&sw=1600&sh=1200&v=2.9.48&r=stable&a=plsquarespace&ec=1&o=30&fbp=fb.1.1639520117544.2097755082&it=1639520117355&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.unkochmycampus.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 22:15:18 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Tue, 14 Dec 2021 22:15:18 GMT

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| Typekit object| webpackChunkpolyfiller object| polyfiller object| SQUARESPACE_ROLLUPS object| webpackChunksquarespace object| SQUARESPACE_I18N object| YUI_CONFIG function| YUI function| __extends function| __assign function| __rest function| __decorate function| __param function| __metadata function| __awaiter function| __generator function| __exportStar function| __createBinding function| __values function| __read function| __spread function| __spreadArrays function| __spreadArray function| __await function| __asyncGenerator function| __asyncDelegator function| __asyncValues function| __makeTemplateObject function| __importStar function| __importDefault function| __classPrivateFieldGet function| __classPrivateFieldSet object| regeneratorRuntime function| Common boolean| COMMON_ALREADY_RAN object| Static function| noop object| Singleton object| Class object| Squarespace object| SquarespaceFonts object| Y object| YUIStats string| _YUI_HISTORY_HASH_ENVIRONMENT_ID string| _yuid object| ESC_MANAGER object| Modernizr object| ImageLoader object| JSTween function| fbq function| _fbq string| GoogleAnalyticsObject function| ga string| id object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| __tti

55 Cookies

Domain/Path Name / Value
eu.battle.net/login/ Name: JSESSIONID
Value: e35d7606-f18e-49ab-9149-237e50cb6453.blade25_eu_a_login
.google.com/ Name: NID
Value: 511=ZUnGNiM17ESp-q4SvVrA_6B8Cfn_MH3GbkryOWYsk2byrf0PZRUPEQOFLjqLMADZXqLLMKJErVzxZpcMjLK6LeMi23zI4dc8lbXn-1EsKqDGVhHh4g9h1HdCGPHqNqiMegsWoa8Al20IVhxLPnVLfiDSN5vJjri97BxOHKrVffU
.reddit.com/ Name: csv
Value: 2
.twitter.com/ Name: guest_id_marketing
Value: v1%3A163952011459438826
.twitter.com/ Name: guest_id_ads
Value: v1%3A163952011459438826
.twitter.com/ Name: personalization_id
Value: "v1_ALj0pMmXEPeuhqLzv9P8tQ=="
.twitter.com/ Name: guest_id
Value: v1%3A163952011459438826
.expedia.de/ Name: HMS
Value: 0cfbc4a3-58f7-4e86-95ce-7f6ebec976fa
.expedia.de/ Name: MC1
Value: GUID=f0e0849c8ed14a60b1ffd1898fe9015e
.expedia.de/ Name: DUAID
Value: f0e0849c-8ed1-4a60-b1ff-d1898fe9015e
.expedia.de/ Name: OIP
Value: gdpr|-1
www.dropbox.com/ Name: gvc
Value: NjI3NTMyODY1MTE5MjcxNDcwODg2NDgyMTA1Nzc4OTc4ODM0NzA%3D
.dropbox.com/ Name: t
Value: _TZHPQecQO9-OsCOpG_rv2JP
www.dropbox.com/ Name: __Host-js_csrf
Value: _TZHPQecQO9-OsCOpG_rv2JP
.dropbox.com/ Name: locale
Value: de
.battle.net/ Name: web.id
Value: EU-c752da95-076d-4dd8-8c2d-3267928bd1c7
store.steampowered.com/ Name: steamCountry
Value: DE%7C488d91eac8b76ad4f167e1c010b08985
store.steampowered.com/ Name: sessionid
Value: 08509e2ba245700ef4773a75
courses.edx.org/ Name: AWSELBCORS
Value: D1EF6B6510E347E5B895826CD53CF4FD55E0CFA9A92AE5DB628AA42965D3B1F6484B289FA80CEB190F2B0F6C842662EF4A2505BE4D583EAE591F65FD084E6693F1009EDC31
.slack.com/ Name: b
Value: 10f3030d54cd9ca8e89cb63ab9672717
.slack.com/ Name: x
Value: 10f3030d54cd9ca8e89cb63ab9672717.1639520115
.meetup.com/ Name: MEETUP_BROWSER_ID
Value: id=c6bc7b14-9537-46f9-aadf-8b427a061efe
www.pinterest.de/ Name: _pinterest_sess
Value: TWc9PSY4RkdVWFBqbU9LSkQxQ1BlUHA1SjNmTlI4MU55azJLcE5ycUlIOWZadzhYRHMwSytSV0k1M0JiN3ZzRkZneFU2UEZGeDBycWgvQzNjUDRBekFXTUlQK1dEM0h3cWlkN2p6d1pUdUZOK21JTFcrN0l5eVVaOXBNWGVyQ2wxUWMzUSZsSnkvcnVHYUZKU3NBejlLaUxZd3FQWHJWZUk9
.disqus.com/ Name: csrftoken
Value: P1UMTBvQGilsh4RnZKiAtEBuBLrfP9QT
.paypal.com/ Name: enforce_policy
Value: gdpr_v2.1
.paypal.com/ Name: cookie_check
Value: yes
.paypal.com/ Name: d_id
Value: a1586469572b466e8e21f99b17bc3df01639520115177
.paypal.com/ Name: LANG
Value: de_DE%3BDE
.paypal.com/ Name: tsrce
Value: unifiedloginnodeweb
.paypal.com/ Name: x-pp-s
Value: eyJ0IjoiMTYzOTUyMDExNTIwNCIsImwiOiIwIiwibSI6IjAifQ
www.paypal.com/ Name: nsid
Value: s%3A8FLwM8zYPruI6CnG9L6IHh0QGjZA9MvW.S0mR2nrYIBLKkgRfIP254hucHKsAS5Oe5IAvxbicagI
.paypal.com/ Name: l7_az
Value: dcg15.slc
.paypal.com/ Name: ts
Value: vreXpYrS%3D1734214515%26vteXpYrS%3D1639521915%26vr%3Dbb0399ac17d0a276cefbfcf2f6d97d69%26vt%3Dbb0399ac17d0a276cefbfcf2f6d97d68%26vtyp%3Dnew
.paypal.com/ Name: ts_c
Value: vr%3Dbb0399ac17d0a276cefbfcf2f6d97d69%26vt%3Dbb0399ac17d0a276cefbfcf2f6d97d68
.login.live.com/ Name: uaid
Value: 76c353dd7d304cccb50ac230a049b8f5
.login.live.com/ Name: cltm
Value: cf:ReservedFlight33$2cReservedFligh
.login.live.com/ Name: MSPRequ
Value: id=293290&lt=1639520115&co=1
.login.live.com/ Name: MSCC
Value: 91.199.118.79-DE
.login.live.com/ Name: OParams
Value: 11O.DUkIoAIqip8bSA9DHggWdVY!lO0fPRIyoE4CNXuuz8k7NpZ5VCrGYiedR!19bECExaX4qjpkV6ZoN9WHKVpq64ezzuHPKptOM0FMwgeNYbuV26F0SAVCn4EQGLSirxk0gfTQx2MiDXSeWYnBvB9Gxbqc1oi6qiaHl4hv*i1h!i0g4SdthwZ9sLS5Brd07TvB9IVmrxd1dv0Q7UaPij6Hbe2DlY0uoO6DSORI43DfZF55caNCn0zHJJBTpYr8EbHyjQ*gmk2WirRccPebDohQXl4c9s9xM8zxF06y5StlIR!ZgYhH1EiBvpSZ4!v1*J*bEGhDnpt2kAQoVNmDt9FBcBnfvtWy16MscASlLokHYCrr!p9BqFSVqYzWBWo7Y82M9Onr9FmaeBXgbIz5ab4FVKkVWUjcDnGZwpgGEMz8L8LM3r2eEM*krpg52nTHD!YpLxuMsbjMl!qvAi0CACKyIjfwV52tIzbXbcSBSutB28rDvfeoWaRLvZSQveoSVFBmsw$$
.login.live.com/ Name: MSPOK
Value: $uuid-b2f9cbc3-fa8a-4efa-b245-f481bebfaadc
.vk.com/ Name: remixlang
Value: 6
.vk.com/ Name: remixstid
Value: 0_3mnZmDXyiM7vdVeERZugIbPfi1fl0DrWyvyhuS7zZXH
.vk.com/ Name: remixlgck
Value: 51778b12929b4a87b2
.medium.com/ Name: uid
Value: lo_4d8740e35137
.medium.com/ Name: sid
Value: 1%3AU5Gjr4ECr%2Ben2DqTWS683TsB6MC4Xo2ZO5hyDkHGPQkwfXaOigXwnxw2zs%2BRDp8w
.medium.com/ Name: optimizelyEndUserId
Value: lo_4d8740e35137
.medium.com/ Name: __cfruid
Value: 37322980b9f83204d858e7772ce81fc940bbf6bd-1639520115
.indeed.com/ Name: CTK
Value: 1fmtg76ntt4kh800
www.unkochmycampus.org/ Name: crumb
Value: BaJ2c7cG16A5MDkyNjliNGI1ZDgyNGE2ZDc2M2YwMjU5OTJhNjQ4
www.unkochmycampus.org/ Name: ss_cvr
Value: 11f3501f-befb-4944-8a70-2a1d54fc989c|1639520117370|1639520117370|1639520117370|1
www.unkochmycampus.org/ Name: ss_cvt
Value: 1639520117370
.unkochmycampus.org/ Name: _ga
Value: GA1.2.1481676384.1639520117
.unkochmycampus.org/ Name: _gid
Value: GA1.2.1926768395.1639520117
.unkochmycampus.org/ Name: _gat
Value: 1
.unkochmycampus.org/ Name: _fbp
Value: fb.1.1639520117544.2097755082

7 Console Messages

Source Level URL
Text
network error URL: https://www.spotify.com/uk/en/login/?forward_url=https%3A%2F%2Fwww.spotify.com%2Ffavicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://carbonmade.com/signin?returnTo=favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://www.khanacademy.org/login?continue=https%3A//www.khanacademy.org/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://courses.edx.org/login?next=/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://news.ycombinator.com/login?goto=y18.gif%23
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://bitbucket.org/account/signin/?next=/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://secure.indeed.com/account/login?continue=%2ffavicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

500px.com
accounts.google.com
api.ipgeolocation.io
assets.squarespace.com
bitbucket.org
carbonmade.com
code.jquery.com
connect.facebook.net
courses.edx.org
de.foursquare.com
disqus.com
eu.battle.net
fonts.googleapis.com
github.com
images.squarespace-cdn.com
login.live.com
login.skype.com
medium.com
news.ycombinator.com
p.typekit.net
plus.google.com
secure.indeed.com
secure.meetup.com
securedoclink.io
slack.com
squareup.com
static1.squarespace.com
store.steampowered.com
twitter.com
use.typekit.net
vk.com
www.academia.edu
www.airbnb.com
www.airbnb.de
www.amazon.com
www.dropbox.com
www.expedia.de
www.facebook.com
www.google-analytics.com
www.khanacademy.org
www.meetup.com
www.paypal.com
www.pinterest.com
www.pinterest.de
www.reddit.com
www.spotify.com
www.tumblr.com
www.unkochmycampus.org
104.111.215.55
104.244.42.1
104.75.90.57
13.35.253.38
140.82.121.4
146.148.110.80
151.101.1.49
151.101.128.237
151.101.129.21
151.101.129.42
151.101.192.238
151.101.193.140
151.101.194.132
151.101.64.134
151.101.66.217
169.47.19.137
18.159.197.225
192.0.77.40
198.185.159.135
2.18.232.134
2.21.141.169
2001:4de0:ac18::1:a:3a
209.216.230.240
2406:da00:ff00::22cd:e0db
2600:1901:1:c36::
2600:9000:2182:7a00:5:d344:2380:93a1
2606:4700:10::6814:3d7a
2606:4700:7::a29f:9804
2606:4700::6810:b154
2620:100:6022:18::a27d:4212
2a00:1450:4001:808::200a
2a00:1450:4001:80f::200d
2a00:1450:4001:80f::200e
2a00:1450:4001:82b::200e
2a02:26f0:6c00:2ae::19fd
2a02:26f0:6c00::210:ba2a
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
37.244.28.102
40.126.31.137
52.158.121.3
52.222.236.49
87.240.139.194
95.100.153.115
0dc545c288196a8c5a2a63702e405f9c2cec21432876684d487bab9c2af8de79
0face7c83e6fc8b566d652fa36d43696f240cf6ef90b6750dc10aaee87ddf34a
10ce36ce7f54ac02a9f483ee8dc93961b7b3b75b97d1713f428edc140f2060e0
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1456d23f1dd6e283ded6bf555f55265e2b88920120fb566e6b733e2cf57495fa
29e3ce0eccb532b881227cda0840ca4548813bf159c189f519fac6c827c842fd
3029834a820c79c154c377f52e2719fc3ff2a27600a07ae089ea7fde9087f6bc
38c2707dafbe5cb62636e19f53312a6d543917883a3c2980fdaf8f365de3d4a0
395e15c669160e897f178753bdda891da63d15883b93f75a3628ece40a3dd534
46f518fad8b17054ff839231e4a4992bb485bdc4a15c1cac3ef5d7672e7872ac
54f2c3f432fb9ef6312cb866b29d64b379e4ffa594f8a6a41e8be39e2c20891d
5624c3c9a4b63492f85c73c2d5717a93c371ea128bada60cce6e3a18fa24c0d5
58404bdf6dc25c24fedd979469e69bfb8dc9ebca64a469929a858a12b12b9c30
6134c69a4499afd5f1c8aa273268c18604922248782917819d91e9cdfdf22995
64465e99e58722255bcb1b4179b9a25720c80a450695315fa152038c23d0d05c
656b1130f574f244de82cb20c340f4f76fd9c5cf3cb86f22955f67470e7f9977
670341ad8e76448b4257c6f587d64697dc14fb24e0a97371619121205b0c960a
6767e0f6a5af1c1bd41c38394d66eab162cf896bf5b6b425d28dce2f9ff6ba0b
6a801f781b109838b64c593ffbabaeb97e553d349540a9636cb63e23a8479423
70316ab31b3830714f1426af6679a8d37f1be8f885745318d40774912a05b80a
775cf1c6aa09975ceb9c040318dae242c74912985f8834a7da0ef12900c6612c
7bd25bad86b5f7b234536c1c867bf2aeeadc0c35108acd1b121516a1e96535f8
7e9d8d87cffec9d332aff60919996e82dbc6ead0077324056486be483e33d86f
82951b3b7241dcb1f03e9b881e15feeae54e92d7b172b0d2e6266c0fe17d53c1
92e80834b5272dd605d379b7306d572771e97f47e99642b144dd21db487dcb4d
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1469f38538cb1ee1ecbf6206830668a0dc002e2165b3bf1d2898bf42b0523cb
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a9105982c3db5d0de5ad9a32d795c0be72d720a27df56a60849e54602934743e
ada0b165d59f8edda5359f854ae8621ac12c839be0acbb2f80ef932eec28a083
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
c31bd610bae346653157ad64b8798dfb2c2d346bef2e70c3f5f8e85902c784a4
c7dcbf321864d54f4bdef202904adfa8e0e19de7e75c7afc39bab499f4e6743a
cb2f89e554453cd1e53c403748945f0fc04314a5395c72160f06367d49cb9d26
dd8a0d0f2b62baa6cdfe6e480a4e9811fa9598c3dd7b31661d47b70d2c34ec54
ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1
ded1e2af9a5d3937cc8d26fbb6d0212702f611ca62607c4eb3e7b4dc3b196d9f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5a5fef4f5f02f2bba8aff3a79be4a69dd38fc413795304218d3d9cf29a5170c
e9d6c0a17f443588ecf3d7b9d53b1adae42f46998c978bd2dcca1c3d5ba0849a
ef4abef830e5b85a79c368cd0398b90660c3796623e4f57049d5ca3342d96497
eff3ab981319a83b1700d8f205ed6fbd9e37e817bf5e55035bf94e0abf871694
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
f21dddd009b70ce364c64630dd607558260f64615f11446e00a291d94e33fbca
f2ecdd15e3545b71799eb89e4638adebbcdc42cde35ed27cf3c0a5b9ea512788
f58b9127d4cb491ce21d1a185ea87ce2dbfff718b79a438f587f7a248423f397
f8ff1c73338af58be4402362af926083074688ad502d0792707fb75358a7f0f6
fd86030e64033fcb3bcf8fa033ffe71d8ff22fde01453b9f32080b233420c675