forms.universalservice.org Open in urlscan Pro
198.22.178.65 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ecfportal.usac.org/
Effective URL:
https://forms.universalservice.org/portal?fromURI=https%3A%2F%2Fusac.okta.com%2Fapp%2Fusac_appianecfexternalproduction_1%2Fexk85sh5...
Submission: On November 01 via manual (November 1st 2023, 8:54:57 pm UTC) from US — Scanned from DE

Summary HTTP 21 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 21 HTTP transactions. The main IP is 198.22.178.65, located in Washington, United States and belongs to USAC-1, US. The main domain is forms.universalservice.org. The Cisco Umbrella rank of the primary domain is 659390.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on August 7th 2023. Valid for: a year.

This is the only time forms.universalservice.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	3.31.162.204 3.31.162.204	8987 (AMAZON EX...) (AMAZON EXPANSION)
1 2	52.61.88.17 52.61.88.17	8987 (AMAZON EX...) (AMAZON EXPANSION)
1 5	34.223.206.6 34.223.206.6	16509 (AMAZON-02) (AMAZON-02)
7	198.22.178.65 198.22.178.65	55284 (USAC-1) (USAC-1)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
21	8

1 3.31.162.204 (Boardman, United States) 1 redirects

ASN8987 (AMAZON EXPANSION, IE)
PTR: ec2-3-31-162-204.us-gov-west-1.compute.amazonaws.com

ecfportal.usac.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.61.88.17 (Boardman, United States) 1 redirects

ASN8987 (AMAZON EXPANSION, IE)
PTR: ec2-52-61-88-17.us-gov-west-1.compute.amazonaws.com

ecfportal.usac.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.223.206.6 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-223-206-6.us-west-2.compute.amazonaws.com

usac.okta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 198.22.178.65 (Washington, United States)

ASN55284 (USAC-1, US)

forms.universalservice.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	universalservice.org forms.universalservice.org — Cisco Umbrella Rank: 659390	357 KB
5	okta.com 1 redirects usac.okta.com — Cisco Umbrella Rank: 519911	7 KB
3	gstatic.com fonts.gstatic.com	44 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2462	21 KB
3	usac.org 2 redirects ecfportal.usac.org	3 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	160 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	1 KB
21	7

	Domain	Requested by
7	forms.universalservice.org	forms.universalservice.org
5	usac.okta.com	1 redirects forms.universalservice.org
3	fonts.gstatic.com	fonts.googleapis.com
3	ecfportal.usac.org	2 redirects
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	forms.universalservice.org www.googletagmanager.com
1	region1.google-analytics.com	www.googletagmanager.com
1	fonts.googleapis.com	forms.universalservice.org
21	8

This site contains links to these domains. Also see Links.

Domain
www.usac.org
player.vimeo.com

Subject Issuer	Validity	Valid
ecfportal.usac.org DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-29` - `2024-03-28`	a year	crt.sh
forms.universalservice.org DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-07` - `2024-08-06`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.okta.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-22` - `2024-04-12`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://forms.universalservice.org/portal?fromURI=https%3A%2F%2Fusac.okta.com%2Fapp%2Fusac_appianecfexternalproduction_1%2Fexk85sh5r6vcqbhi7297%2Fsso%2Fsaml
Frame ID: 08154B60E343450A24F0A52FED7E0D7E
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Universal Service Administrative Company

Page URL History Show full URLs

http://ecfportal.usac.org/ HTTP 302
https://ecfportal.usac.org/ HTTP 301
https://ecfportal.usac.org/suite/ Page URL
https://usac.okta.com/app/usac_appianecfexternalproduction_1/exk85sh5r6vcqbhi7297/sso/saml HTTP 302
https://forms.universalservice.org/portal?fromURI=https%3A%2F%2Fusac.okta.com%2Fapp%2Fusac_appianecfexternalpro... Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

21
Requests

100 %
HTTPS

56 %
IPv6

7
Domains

8
Subdomains

8
IPs

2
Countries

592 kB
Transfer

1793 kB
Size

6
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.usac.org/service-providers/resources/multi-factor-authentication/
Title: USAC's website

Search URL Search Domain Scan URL

URL: https://player.vimeo.com/video/372673005
Title: this video

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ecfportal.usac.org/ HTTP 302
https://ecfportal.usac.org/ HTTP 301
https://ecfportal.usac.org/suite/ Page URL
https://usac.okta.com/app/usac_appianecfexternalproduction_1/exk85sh5r6vcqbhi7297/sso/saml HTTP 302
https://forms.universalservice.org/portal?fromURI=https%3A%2F%2Fusac.okta.com%2Fapp%2Fusac_appianecfexternalproduction_1%2Fexk85sh5r6vcqbhi7297%2Fsso%2Fsaml Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://ecfportal.usac.org/ HTTP 302
https://ecfportal.usac.org/ HTTP 301
https://ecfportal.usac.org/suite/

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/
ecfportal.usac.org/suite/
Redirect Chain

http://ecfportal.usac.org/
https://ecfportal.usac.org/
https://ecfportal.usac.org/suite/

4 KB
3 KB

2984ms
2984ms

Document
text/html

52.61.88.17
AMAZON EXPANSION

General

Check archive.org

Show headers Download Go to

Full URL

https://ecfportal.usac.org/suite/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.61.88.17 Boardman, United States, ASN8987 (AMAZON EXPANSION, IE),

Reverse DNS

ec2-52-61-88-17.us-gov-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'sha256-Oka5wP4QXPM7f07v/49Vt8X8rAp9O614XQ4IdgCsllE=' 'unsafe-inline' http: https:; object-src 'none'; base-uri 'none';
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store
content-encoding: gzip
content-security-policy: script-src 'sha256-Oka5wP4QXPM7f07v/49Vt8X8rAp9O614XQ4IdgCsllE=' 'unsafe-inline' http: https:; object-src 'none'; base-uri 'none';
content-type: text/html;charset=UTF-8
date: Wed, 01 Nov 2023 20:54:52 GMT
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
vary: X-Remote-Client-IP,Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-robots-tag: none
x-xss-protection: 1; mode=block

Redirect headers

content-length: 241
content-type: text/html; charset=iso-8859-1
date: Wed, 01 Nov 2023 20:54:49 GMT
location: https://ecfportal.usac.org/suite/
server: Apache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: SAMEORIGIN

GET
H/1.1

200
OK

Primary Request portal Show response
forms.universalservice.org/
Redirect Chain

https://usac.okta.com/app/usac_appianecfexternalproduction_1/exk85sh5r6vcqbhi7297/sso/saml
https://forms.universalservice.org/portal?fromURI=https%3A%2F%2Fusac.okta.com%2Fapp%2Fusac_appianecfexternalproduction_1%2Fexk85sh5r6vcqbhi7297%2Fsso%2Fsaml

2 KB
1 KB

538ms
134ms

Document
text/html

198.22.178.65
USAC-1

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.universalservice.org/portal?fromURI=https%3A%2F%2Fusac.okta.com%2Fapp%2Fusac_appianecfexternalproduction_1%2Fexk85sh5r6vcqbhi7297%2Fsso%2Fsaml

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.22.178.65 Washington, United States, ASN55284 (USAC-1, US),

Reverse DNS

Software

Kestrel / ASP.NET

Resource Hash

601a508af8f2cf66c76688057dca850b6820f09d3834c86f093a1210867fb48f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://ecfportal.usac.org
Referer: https://ecfportal.usac.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 807
Content-Type: text/html
Date: Wed, 01 Nov 2023 20:54:51 GMT
ETag: "1d9994d5911a50c"
Keep-Alive: timeout=15, max=100
Last-Modified: Wed, 07 Jun 2023 14:35:47 GMT
Server: Kestrel
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Vary: Accept-Encoding
Via: 1.1 forms.universalservice.org
X-Frame-Options: SAMEORIGIN
X-Powered-By: ASP.NET

Redirect headers

content-language: en
content-length: 0
content-security-policy: default-src 'self' usac.okta.com *.oktacdn.com; connect-src 'self' usac.okta.com usac-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com *.mtls.okta.com usac.kerberos.okta.com https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' usac.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' usac.okta.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' usac.okta.com usac-admin.okta.com login.okta.com; img-src 'self' usac.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' usac.okta.com data: *.oktacdn.com fonts.gstatic.com
content-security-policy-report-only: default-src 'self' usac.okta.com *.oktacdn.com; connect-src 'self' usac.okta.com usac-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com *.mtls.okta.com usac.kerberos.okta.com https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' usac.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' usac.okta.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' usac.okta.com usac-admin.okta.com login.okta.com; img-src 'self' usac.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' usac.okta.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
date: Wed, 01 Nov 2023 20:54:53 GMT
location: https://forms.universalservice.org/portal?fromURI=https%3A%2F%2Fusac.okta.com%2Fapp%2Fusac_appianecfexternalproduction_1%2Fexk85sh5r6vcqbhi7297%2Fsso%2Fsaml
p3p: CP="HONK"
public-key-pins-report-only: pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
server: nginx
strict-transport-security: max-age=315360000; includeSubDomains
x-okta-request-id: ZUK7HClW2QVncYc-Vo2rFAAACrU
x-robots-tag: noindex,nofollow
x-xss-protection: 0

GET
H/1.1 200
OK indi.css
forms.universalservice.org/Indigo/v1.2.0/styles/ 62 KB
11 KB 128ms
126ms Stylesheet
text/css 198.22.178.65
USAC-1

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.universalservice.org/Indigo/v1.2.0/styles/indi.css

Requested by

Host: forms.universalservice.org
URL: https://forms.universalservice.org/portal?fromURI=https%3A%2F%2Fusac.okta.com%2Fapp%2Fusac_appianecfexternalproduction_1%2Fexk85sh5r6vcqbhi7297%2Fsso%2Fsaml

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.22.178.65 Washington, United States, ASN55284 (USAC-1, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

94cad9af7a02b9b4ef2d0cf78d9ba14994035e1802d31fb68ab6e3715670b508

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forms.universalservice.org/portal?fromURI=https%3A%2F%2Fusac.okta.com%2Fapp%2Fusac_appianecfexternalproduction_1%2Fexk85sh5r6vcqbhi7297%2Fsso%2Fsaml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 20:54:51 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Via: 1.1 forms.universalservice.org
Last-Modified: Tue, 01 Sep 2020 16:09:08 GMT
Server: Microsoft-IIS/10.0
Content-Encoding: gzip
ETag: "0aab8387a80d61:0"
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99

GET
H/1.1 200
OK doc_indi.css
forms.universalservice.org/Indigo/v1.2.0/styles/ 7 KB
2 KB 261ms
127ms Stylesheet
text/css 198.22.178.65
USAC-1

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.universalservice.org/Indigo/v1.2.0/styles/doc_indi.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.22.178.65 Washington, United States, ASN55284 (USAC-1, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

d739238502d98bb2564a714462e67f269770e500c72d1ac09ef4bd6c0881357a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forms.universalservice.org/portal?fromURI=https%3A%2F%2Fusac.okta.com%2Fapp%2Fusac_appianecfexternalproduction_1%2Fexk85sh5r6vcqbhi7297%2Fsso%2Fsaml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 20:54:51 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Via: 1.1 forms.universalservice.org
Last-Modified: Tue, 01 Sep 2020 16:09:08 GMT
Server: Microsoft-IIS/10.0
Content-Encoding: gzip
ETag: "0aab8387a80d61:0"
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=98

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 140ms
50ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

83d6a46448afb87cedc4b6d5204b05ea79df73d5c8b911fff76dee3219ee9281

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forms.universalservice.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 01 Nov 2023 20:54:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 20:28:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 01 Nov 2023 20:54:53 GMT

GET
H/1.1 200
OK main.67c08262.css
forms.universalservice.org/portal/static/css/ 169 KB
27 KB 372ms
128ms Stylesheet
text/css 198.22.178.65
USAC-1

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.universalservice.org/portal/static/css/main.67c08262.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.22.178.65 Washington, United States, ASN55284 (USAC-1, US),

Reverse DNS

Software

Kestrel / ASP.NET

Resource Hash

2796884f5aeaf2624a085046ffd97c8f740452cb57977bf9f66f68f7226540dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forms.universalservice.org/portal?fromURI=https%3A%2F%2Fusac.okta.com%2Fapp%2Fusac_appianecfexternalproduction_1%2Fexk85sh5r6vcqbhi7297%2Fsso%2Fsaml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 20:54:51 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Via: 1.1 forms.universalservice.org
Last-Modified: Wed, 07 Jun 2023 14:35:47 GMT
Server: Kestrel
Content-Encoding: gzip
ETag: "1d9994d59130747"
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100

GET
H/1.1 200
OK main.3556ef9f.js Show response
forms.universalservice.org/portal/static/js/ 944 KB
277 KB 377ms
130ms Script
application/javascript 198.22.178.65
USAC-1

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.universalservice.org/portal/static/js/main.3556ef9f.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.22.178.65 Washington, United States, ASN55284 (USAC-1, US),

Reverse DNS

Software

Kestrel / ASP.NET

Resource Hash

66badf67fff75631de596451e6ce60ebfa36c420324dbe5cde99656418bddfe8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forms.universalservice.org/portal?fromURI=https%3A%2F%2Fusac.okta.com%2Fapp%2Fusac_appianecfexternalproduction_1%2Fexk85sh5r6vcqbhi7297%2Fsso%2Fsaml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 20:54:51 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Via: 1.1 forms.universalservice.org
Last-Modified: Wed, 07 Jun 2023 14:35:47 GMT
Server: Kestrel
Content-Encoding: gzip
ETag: "1d9994d591f63d9"
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 198 KB
71 KB 145ms
53ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KLQHK7H

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d5dffcffd1b902b1fc1d8ee96f446e9daf2929a09542b3cbb64784e057246b1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forms.universalservice.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 20:54:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72207
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 20:11:44 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 01 Nov 2023 20:54:53 GMT

GET
H/1.1 200
OK indi_print.css
forms.universalservice.org/Indigo/v1.2.0/styles/ 146 B
683 B 357ms
127ms Stylesheet
text/css 198.22.178.65
USAC-1

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.universalservice.org/Indigo/v1.2.0/styles/indi_print.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.22.178.65 Washington, United States, ASN55284 (USAC-1, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

62c0ab9e8021fb8ddd66cd45035aba8ba57b7fa4971cd9892b330148d3c6b463

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forms.universalservice.org/portal?fromURI=https%3A%2F%2Fusac.okta.com%2Fapp%2Fusac_appianecfexternalproduction_1%2Fexk85sh5r6vcqbhi7297%2Fsso%2Fsaml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 20:54:51 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Via: 1.1 forms.universalservice.org
Last-Modified: Tue, 01 Sep 2020 16:09:06 GMT
Server: Microsoft-IIS/10.0
Content-Encoding: gzip
ETag: "07d87377a80d61:0"
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 135

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 267 KB
89 KB 67ms
66ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LTHVJW7C3X&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KLQHK7H

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3dadf7496ccbc1cea30309fd6a9d8a4663970e23ea0b4e565c319399226477dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forms.universalservice.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 20:54:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91249
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 01 Nov 2023 20:54:53 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 134ms
39ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KLQHK7H

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forms.universalservice.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 01 Nov 2023 19:49:42 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3912
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 01 Nov 2023 21:49:42 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
252 B 139ms
48ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LTHVJW7C3X&gtm=45je3au1v9100600069z8847296459&_p=143874317&gcd=11l1l1l1l1&cid=1950035560.1698872094&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1698872094&sct=1&seg=0&dl=https%3A%2F%2Fforms.universalservice.org%2Fportal%3FfromURI%3Dhttps%253A%252F%252Fusac.okta.com%252Fapp%252Fusac_appianecfexternalproduction_1%252Fexk85sh5r6vcqbhi7297%252Fsso%252Fsaml&dr=https%3A%2F%2Fecfportal.usac.org%2F&dt=Universal%20Service%20Administrative%20Company&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LTHVJW7C3X&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forms.universalservice.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 20:54:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://forms.universalservice.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
215 B 47ms
46ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=143874317&t=pageview&_s=1&dl=https%3A%2F%2Fforms.universalservice.org%2Fportal%3FfromURI%3Dhttps%253A%252F%252Fusac.okta.com%252Fapp%252Fusac_appianecfexternalproduction_1%252Fexk85sh5r6vcqbhi7297%252Fsso%252Fsaml&dr=https%3A%2F%2Fecfportal.usac.org%2F&ul=en-us&de=UTF-8&dt=Universal%20Service%20Administrative%20Company&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1909914666&gjid=181046318&cid=1950035560.1698872094&tid=UA-50043899-32&_gid=1825905706.1698872094&_r=1&_slc=1&gtm=45He3au1n81KLQHK7Hv847296459&gcd=11l1l1l1l1&z=1997233833

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://forms.universalservice.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 20:54:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://forms.universalservice.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 me
usac.okta.com/api/v1/sessions/ 0
0 642ms
229ms Preflight 34.223.206.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://usac.okta.com/api/v1/sessions/me

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.223.206.6 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-223-206-6.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' usac.okta.com .oktacdn.com; connect-src 'self' usac.okta.com usac-admin.okta.com .oktacdn.com .mixpanel.com .mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com .mtls.okta.com usac.kerberos.okta.com https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' usac.okta.com .oktacdn.com; style-src 'unsafe-inline' 'self' usac.okta.com .oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' usac.okta.com usac-admin.okta.com login.okta.com; img-src 'self' usac.okta.com .oktacdn.com .tiles.mapbox.com .mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' usac.okta.com data: *.oktacdn.com fonts.gstatic.com
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-okta-user-agent-extended
Access-Control-Request-Method: GET
Origin: https://forms.universalservice.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-okta-user-agent-extended,Content-Type
access-control-allow-methods: DELETE, GET, OPTIONS
access-control-allow-origin: https://forms.universalservice.org
access-control-max-age: 3600
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
cache-control: no-cache, no-store
content-length: 0
content-security-policy: default-src 'self' usac.okta.com *.oktacdn.com; connect-src 'self' usac.okta.com usac-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com *.mtls.okta.com usac.kerberos.okta.com https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' usac.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' usac.okta.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' usac.okta.com usac-admin.okta.com login.okta.com; img-src 'self' usac.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' usac.okta.com data: *.oktacdn.com fonts.gstatic.com
content-security-policy-report-only: default-src 'self' usac.okta.com *.oktacdn.com; connect-src 'self' usac.okta.com usac-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com *.mtls.okta.com usac.kerberos.okta.com https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' usac.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' usac.okta.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' usac.okta.com usac-admin.okta.com login.okta.com; img-src 'self' usac.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' usac.okta.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
date: Wed, 01 Nov 2023 20:54:55 GMT
expires: 0
p3p: CP="HONK"
pragma: no-cache
public-key-pins-report-only: pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
server: nginx
strict-transport-security: max-age=315360000; includeSubDomains
vary: Origin
x-okta-request-id: ZUK7H0hvz2Xe334tnV4SygAACaQ
x-rate-limit-limit: 10000
x-rate-limit-remaining: 9949
x-rate-limit-reset: 1698872105
x-xss-protection: 0

GET
H2 404 me Show response
usac.okta.com/api/v1/sessions/ 168 B
3 KB 228ms
227ms XHR
application/json 34.223.206.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://usac.okta.com/api/v1/sessions/me

Requested by

Host: forms.universalservice.org
URL: https://forms.universalservice.org/portal/static/js/main.3556ef9f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.223.206.6 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-223-206-6.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

8cc959ff9ee88471cce3889e1b4270c36fe883e8a0fd583a9a70295289b4c320

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' usac.okta.com .oktacdn.com; connect-src 'self' usac.okta.com usac-admin.okta.com .oktacdn.com .mixpanel.com .mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com .mtls.okta.com usac.kerberos.okta.com https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' usac.okta.com .oktacdn.com; style-src 'unsafe-inline' 'self' usac.okta.com .oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' usac.okta.com usac-admin.okta.com login.okta.com; img-src 'self' usac.okta.com .oktacdn.com .tiles.mapbox.com .mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' usac.okta.com data: *.oktacdn.com fonts.gstatic.com
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept: application/json
Referer: https://forms.universalservice.org/
x-okta-user-agent-extended: @okta/okta-react/1.4.1 okta-auth-js-2.13.2
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
content-type: application/json

Response headers

x-okta-request-id: ZUK7H2INLTUxrMMYA9E6eQAACz0
date: Wed, 01 Nov 2023 20:54:55 GMT
content-security-policy: default-src 'self' usac.okta.com *.oktacdn.com; connect-src 'self' usac.okta.com usac-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com *.mtls.okta.com usac.kerberos.okta.com https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' usac.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' usac.okta.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' usac.okta.com usac-admin.okta.com login.okta.com; img-src 'self' usac.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' usac.okta.com data: *.oktacdn.com fonts.gstatic.com
x-rate-limit-limit: 1000
x-content-type-options: nosniff
content-encoding: gzip
x-rate-limit-remaining: 900
strict-transport-security: max-age=315360000; includeSubDomains
content-security-policy-report-only: default-src 'self' usac.okta.com *.oktacdn.com; connect-src 'self' usac.okta.com usac-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com *.mtls.okta.com usac.kerberos.okta.com https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' usac.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' usac.okta.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' usac.okta.com usac-admin.okta.com login.okta.com; img-src 'self' usac.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' usac.okta.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'; report-uri https://oktacsp.report-uri.com/r/t/csp/reportOnly; report-to csp
p3p: CP="HONK"
x-xss-protection: 0
pragma: no-cache
server: nginx
vary: Accept-Encoding,Origin
report-to: {"group":"csp","max_age":31536000,"endpoints":[{"url":"https://oktacsp.report-uri.com/a/t/g"}],"include_subdomains":true}
content-type: application/json
public-key-pins-report-only: pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
access-control-allow-origin: https://forms.universalservice.org
x-rate-limit-reset: 1698872146
access-control-allow-credentials: true
cache-control: no-cache, no-store
access-control-allow-headers: Content-Type
expires: 0

GET
H2 404 me Show response
usac.okta.com/api/v1/sessions/ 168 B
2 KB 237ms
236ms XHR
application/json 34.223.206.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://usac.okta.com/api/v1/sessions/me

Requested by

Host: forms.universalservice.org
URL: https://forms.universalservice.org/portal/static/js/main.3556ef9f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.223.206.6 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-223-206-6.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

c25003cd05f0c45c2469c332898970fc804b46ceeffb1dae3a44b1345fda95c1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' usac.okta.com .oktacdn.com; connect-src 'self' usac.okta.com usac-admin.okta.com .oktacdn.com .mixpanel.com .mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com .mtls.okta.com usac.kerberos.okta.com https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' usac.okta.com .oktacdn.com; style-src 'unsafe-inline' 'self' usac.okta.com .oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' usac.okta.com usac-admin.okta.com login.okta.com; img-src 'self' usac.okta.com .oktacdn.com .tiles.mapbox.com .mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' usac.okta.com data: *.oktacdn.com fonts.gstatic.com
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept: application/json
Referer: https://forms.universalservice.org/
x-okta-user-agent-extended: @okta/okta-react/1.4.1 okta-auth-js-2.13.2
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
content-type: application/json

Response headers

x-okta-request-id: ZUK7H_YojW0QvB87KTOjGAAACgs
date: Wed, 01 Nov 2023 20:54:55 GMT
content-security-policy: default-src 'self' usac.okta.com *.oktacdn.com; connect-src 'self' usac.okta.com usac-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com *.mtls.okta.com usac.kerberos.okta.com https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' usac.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' usac.okta.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' usac.okta.com usac-admin.okta.com login.okta.com; img-src 'self' usac.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' usac.okta.com data: *.oktacdn.com fonts.gstatic.com
x-rate-limit-limit: 1000
x-content-type-options: nosniff
content-encoding: gzip
x-rate-limit-remaining: 895
strict-transport-security: max-age=315360000; includeSubDomains
content-security-policy-report-only: default-src 'self' usac.okta.com *.oktacdn.com; connect-src 'self' usac.okta.com usac-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com *.mtls.okta.com usac.kerberos.okta.com https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' usac.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' usac.okta.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' usac.okta.com usac-admin.okta.com login.okta.com; img-src 'self' usac.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' usac.okta.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
p3p: CP="HONK"
x-xss-protection: 0
pragma: no-cache
server: nginx
vary: Accept-Encoding,Origin
content-type: application/json
access-control-allow-origin: https://forms.universalservice.org
public-key-pins-report-only: pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
x-rate-limit-reset: 1698872146
access-control-allow-credentials: true
cache-control: no-cache, no-store
access-control-allow-headers: Content-Type
expires: 0

GET
H/1.1 200
OK usac-logo.png
forms.universalservice.org/Indigo/v1.2.0/images/ 37 KB
38 KB 128ms
127ms Image
image/png 198.22.178.65
USAC-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.universalservice.org/Indigo/v1.2.0/images/usac-logo.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.22.178.65 Washington, United States, ASN55284 (USAC-1, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

179a603f79ff2fcbc71f5a08bfdf6f3a7902927f4890c890add3aeb3a808034e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://forms.universalservice.org/portal/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 20:54:53 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Via: 1.1 forms.universalservice.org
Last-Modified: Tue, 01 Sep 2020 16:07:54 GMT
Server: Microsoft-IIS/10.0
ETag: "0299dc7a80d61:0"
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=98
Content-Length: 38328

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
15 KB 167ms
49ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://forms.universalservice.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 16:23:45 GMT
x-content-type-options: nosniff
age: 534670
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Oct 2024 16:23:45 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
15 KB 156ms
39ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3de27b2cbd6deda629c9b442700cf54c0dda74e494b1c75a57d822068a047f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://forms.universalservice.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 06:41:54 GMT
x-content-type-options: nosniff
age: 396781
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14780
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Oct 2024 06:41:54 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 15 KB
15 KB 199ms
83ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://forms.universalservice.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 09:02:57 GMT
x-content-type-options: nosniff
age: 474718
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Oct 2024 09:02:57 GMT

OPTIONS
H2 200 me
usac.okta.com/api/v1/sessions/ 0
0 228ms
228ms Preflight 34.223.206.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://usac.okta.com/api/v1/sessions/me

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.223.206.6 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-223-206-6.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' usac.okta.com .oktacdn.com; connect-src 'self' usac.okta.com usac-admin.okta.com .oktacdn.com .mixpanel.com .mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com .mtls.okta.com usac.kerberos.okta.com https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' usac.okta.com .oktacdn.com; style-src 'unsafe-inline' 'self' usac.okta.com .oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' usac.okta.com usac-admin.okta.com login.okta.com; img-src 'self' usac.okta.com .oktacdn.com .tiles.mapbox.com .mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' usac.okta.com data: *.oktacdn.com fonts.gstatic.com
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-okta-user-agent-extended
Access-Control-Request-Method: GET
Origin: https://forms.universalservice.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-okta-user-agent-extended,Content-Type
access-control-allow-methods: DELETE, GET, OPTIONS
access-control-allow-origin: https://forms.universalservice.org
access-control-max-age: 3600
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
cache-control: no-cache, no-store
content-length: 0
content-security-policy: default-src 'self' usac.okta.com *.oktacdn.com; connect-src 'self' usac.okta.com usac-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com *.mtls.okta.com usac.kerberos.okta.com https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' usac.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' usac.okta.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' usac.okta.com usac-admin.okta.com login.okta.com; img-src 'self' usac.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' usac.okta.com data: *.oktacdn.com fonts.gstatic.com
content-security-policy-report-only: default-src 'self' usac.okta.com *.oktacdn.com; connect-src 'self' usac.okta.com usac-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com *.mtls.okta.com usac.kerberos.okta.com https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' usac.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' usac.okta.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' usac.okta.com usac-admin.okta.com login.okta.com; img-src 'self' usac.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' usac.okta.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
date: Wed, 01 Nov 2023 20:54:55 GMT
expires: 0
p3p: CP="HONK"
pragma: no-cache
public-key-pins-report-only: pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
server: nginx
strict-transport-security: max-age=315360000; includeSubDomains
vary: Origin
x-okta-request-id: ZUK7H12MbDNAs2VArnO1xQAADLo
x-rate-limit-limit: 10000
x-rate-limit-remaining: 9948
x-rate-limit-reset: 1698872105
x-xss-protection: 0

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ecfportal.usac.org/suite	1969-12-31 23:59:59	Name: JSESSIONID Value: AB5B7471DCAE2EA5A01229B2FD27A4BA.node61840
forms.universalservice.org/	1969-12-31 23:59:59	Name: BALANCEID Value: fm-production-lb.node_8009
.universalservice.org/	1970-01-21 01:30:32	Name: _ga Value: GA1.2.1950035560.1698872094
.universalservice.org/	1970-01-20 15:55:58	Name: _gid Value: GA1.2.1825905706.1698872094
.universalservice.org/	1970-01-20 15:54:32	Name: _gat_UA-50043899-32 Value: 1
.universalservice.org/	1970-01-21 01:30:32	Name: _ga_LTHVJW7C3X Value: GS1.1.1698872094.1.1.1698872095.0.0.0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://usac.okta.com/api/v1/sessions/me Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://usac.okta.com/api/v1/sessions/me Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	script-src 'sha256-Oka5wP4QXPM7f07v/49Vt8X8rAp9O614XQ4IdgCsllE=' 'unsafe-inline' http: https:; object-src 'none'; base-uri 'none';
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ecfportal.usac.org
fonts.googleapis.com
fonts.gstatic.com
forms.universalservice.org
region1.google-analytics.com
usac.okta.com
www.google-analytics.com
www.googletagmanager.com
198.22.178.65
2001:4860:4802:34::36
2a00:1450:4001:802::200e
2a00:1450:4001:80b::2008
2a00:1450:4001:810::200a
2a00:1450:4001:82b::2003
3.31.162.204
34.223.206.6
52.61.88.17
179a603f79ff2fcbc71f5a08bfdf6f3a7902927f4890c890add3aeb3a808034e
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2796884f5aeaf2624a085046ffd97c8f740452cb57977bf9f66f68f7226540dc
3dadf7496ccbc1cea30309fd6a9d8a4663970e23ea0b4e565c319399226477dc
601a508af8f2cf66c76688057dca850b6820f09d3834c86f093a1210867fb48f
62c0ab9e8021fb8ddd66cd45035aba8ba57b7fa4971cd9892b330148d3c6b463
66badf67fff75631de596451e6ce60ebfa36c420324dbe5cde99656418bddfe8
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
83d6a46448afb87cedc4b6d5204b05ea79df73d5c8b911fff76dee3219ee9281
8cc959ff9ee88471cce3889e1b4270c36fe883e8a0fd583a9a70295289b4c320
94cad9af7a02b9b4ef2d0cf78d9ba14994035e1802d31fb68ab6e3715670b508
c25003cd05f0c45c2469c332898970fc804b46ceeffb1dae3a44b1345fda95c1
c3de27b2cbd6deda629c9b442700cf54c0dda74e494b1c75a57d822068a047f8
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
d5dffcffd1b902b1fc1d8ee96f446e9daf2929a09542b3cbb64784e057246b1a
d739238502d98bb2564a714462e67f269770e500c72d1ac09ef4bd6c0881357a
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

forms.universalservice.org Open in urlscan Pro 198.22.178.65 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

21 Requests

100 %HTTPS

56 %IPv6

7 Domains

8 Subdomains

8 IPs

2 Countries

592 kBTransfer

1793 kBSize

6 Cookies

2 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

6 Cookies

2 Console Messages

Security Headers

Indicators

forms.universalservice.org Open in urlscan Pro
198.22.178.65 Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

100 %
HTTPS

56 %
IPv6

7
Domains

8
Subdomains

8
IPs

2
Countries

592 kB
Transfer

1793 kB
Size

6
Cookies

21 HTTP transactions
0 data transactions