urlscan.io logo urlscan.io
SecurityTrails logo

www.sso.nysba.org Open in urlscan Pro
54.189.255.224  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://portal.nysba.org/s/
Effective URL: https://www.sso.nysba.org/
Submission: On June 11 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 4 countries across 11 domains to perform 30 HTTP transactions. The main IP is 54.189.255.224, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is www.sso.nysba.org.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 2nd 2020. Valid for: 6 months.
This is the only time www.sso.nysba.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 10 172.67.69.15 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 54.189.255.224 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 172.217.18.162 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
9 143.204.89.59 16509 (AMAZON-02)
1 143.204.247.85 16509 (AMAZON-02)
30 13
10    172.67.69.15 (United States)

ASN13335 (CLOUDFLARENET, US)
portal.nysba.org
1    2606:4700::6810:5f41 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    2001:4de0:ac19::1:b:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
1    2a00:1450:4001:824::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    54.189.255.224 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ok7-crtrs.okta.com
www.sso.nysba.org
3    2a00:1450:4001:81b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    172.217.18.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s29-in-f2.1e100.net
www.googleadservices.com
1    2a00:1450:4001:81b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:815::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
9    143.204.89.59 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-59.fra50.r.cloudfront.net
ok7static.oktacdn.com
1    143.204.247.85 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-247-85.cph50.r.cloudfront.net
login.okta.com
Domain Requested by
10 portal.nysba.org 2 redirects portal.nysba.org
9 ok7static.oktacdn.com www.sso.nysba.org
ok7static.oktacdn.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.sso.nysba.org 1 redirects portal.nysba.org
1 login.okta.com ok7static.oktacdn.com
1 www.google.com
1 stats.g.doubleclick.net
1 googleads.g.doubleclick.net www.googleadservices.com
1 www.googleadservices.com www.googletagmanager.com
1 www.googletagmanager.com portal.nysba.org
1 code.jquery.com portal.nysba.org
1 static.cloudflareinsights.com portal.nysba.org
0 www.google.de Failed
30 13

This site contains links to these domains. Also see Links.

Domain
portal.nysba.org
Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-10-04 -
2020-10-03		 a year crt.sh
jquery.org
COMODO RSA Domain Validation Secure Server CA		 2018-10-17 -
2020-10-16		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-05-26 -
2020-08-18		 3 months crt.sh
sso.nysba.org
Sectigo RSA Domain Validation Secure Server CA		 2020-06-02 -
2020-12-09		 6 months crt.sh
www.googleadservices.com
GTS CA 1O1		 2020-05-26 -
2020-08-18		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-05-26 -
2020-08-18		 3 months crt.sh
www.google.com
GTS CA 1O1		 2020-05-20 -
2020-08-12		 3 months crt.sh
*.oktacdn.com
DigiCert SHA2 High Assurance Server CA		 2017-11-01 -
2021-01-06		 3 years crt.sh
accounts.okta.com
DigiCert SHA2 High Assurance Server CA		 2019-07-29 -
2021-07-29		 2 years crt.sh

This page contains 2 frames:

Primary Page: https://www.sso.nysba.org/
Frame ID: F07F317E4DA15443BBD7D9AC5D258AF6
Requests: 29 HTTP requests in this frame

Frame: https://login.okta.com/discovery/iframe.html
Frame ID: 572940ABC0FFA5B1DB2B31EAD384ECBA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://portal.nysba.org/s/ HTTP 301
    https://portal.nysba.org/s/ Page URL
  2. https://portal.nysba.org/s/login?ec=302&startURL=%2Fs%2F HTTP 302
    https://portal.nysba.org/s/login/?ec=302&startURL=%2Fs%2F Page URL
  3. http://www.sso.nysba.org/ HTTP 302
    https://www.sso.nysba.org/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

30
Requests

97 %
HTTPS

58 %
IPv6

11
Domains

13
Subdomains

13
IPs

4
Countries

1956 kB
Transfer

5822 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://portal.nysba.org/s/ HTTP 301
    https://portal.nysba.org/s/ Page URL
  2. https://portal.nysba.org/s/login?ec=302&startURL=%2Fs%2F HTTP 302
    https://portal.nysba.org/s/login/?ec=302&startURL=%2Fs%2F Page URL
  3. http://www.sso.nysba.org/ HTTP 302
    https://www.sso.nysba.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://portal.nysba.org/s/ HTTP 301
  • https://portal.nysba.org/s/
Request Chain 1
  • https://portal.nysba.org/s/login?ec=302&startURL=%2Fs%2F HTTP 302
  • https://portal.nysba.org/s/login/?ec=302&startURL=%2Fs%2F

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
portal.nysba.org/s/
Redirect Chain
  • http://portal.nysba.org/s/
  • https://portal.nysba.org/s/
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://portal.nysba.org/s/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a21511f0fe08aa022d80d63d80ad493eecabb9fbbb38b2d9397f3fdbceeed8a4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
portal.nysba.org
:scheme
https
:path
/s/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Thu, 11 Jun 2020 14:50:46 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d9a9887cba4cde550b7fffb7daf1107121591887045; expires=Sat, 11-Jul-20 14:50:45 GMT; path=/; domain=.nysba.org; HttpOnly; SameSite=Lax; Secure
x-b3-traceid
c009b8236d9c4f1c
x-b3-spanid
c009b8236d9c4f1c
x-b3-sampled
0
cache-control
no-cache,must-revalidate,max-age=0,no-store,private
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-security-policy
upgrade-insecure-requests
referrer-policy
origin-when-cross-origin
vary
Accept-Encoding
cf-cache-status
DYNAMIC
cf-request-id
034575ba2000009c0f26a63200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5a1c2570389f9c0f-AMS
content-encoding
br

Redirect headers

Date
Thu, 11 Jun 2020 14:50:45 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Thu, 11 Jun 2020 15:50:45 GMT
Location
https://portal.nysba.org/s/
cf-request-id
034575b9bf0000d4a40f203200000001
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
5a1c256f9879d4a4-BRU
/
portal.nysba.org/s/login/
Redirect Chain
  • https://portal.nysba.org/s/login?ec=302&startURL=%2Fs%2F
  • https://portal.nysba.org/s/login/?ec=302&startURL=%2Fs%2F
149 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://portal.nysba.org/s/login/?ec=302&startURL=%2Fs%2F
Requested by
Host: portal.nysba.org
URL: https://portal.nysba.org/s/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a16e5232c66c2daffe0c972693405738900a93b97d00c297228d10dd98248647
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
portal.nysba.org
:scheme
https
:path
/s/login/?ec=302&startURL=%2Fs%2F
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://portal.nysba.org/s/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=d9a9887cba4cde550b7fffb7daf1107121591887045
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://portal.nysba.org/s/

Response headers

status
200
date
Thu, 11 Jun 2020 14:50:47 GMT
content-type
text/html;charset=UTF-8
x-b3-traceid
f2858283498a3fe9
x-b3-spanid
f2858283498a3fe9
x-b3-sampled
0
cache-control
no-cache,must-revalidate,max-age=0,no-store,private
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-security-policy
upgrade-insecure-requests frame-ancestors 'self'
referrer-policy
origin-when-cross-origin
set-cookie
renderCtx=%7B%22pageId%22%3A%22c9cb54ef-7181-4e5e-a537-839b0d3d0e50%22%2C%22schema%22%3A%22Published%22%2C%22viewType%22%3A%22Published%22%2C%22brandingSetId%22%3A%22944c67b2-f049-4e98-bb8c-5a18c53f7510%22%2C%22audienceIds%22%3A%22%22%7D; domain=portal.nysba.org; path=/s; secure; SameSite=None
x-frame-options
SAMEORIGIN
expires
Mon, 27 Apr 2020 14:50:46 GMT
last-modified
Mon, 27 Apr 2020 14:50:46 GMT
link
</s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AloginApp2%22%3A%22QIjIXSLGqcgAH-oBcEbh6g%22%7D%2C%22styleContext%22%3A%7B%22c%22%3A%22webkit%22%2C%22x%22%3A%5B%22isDesktop%22%5D%2C%22tokens%22%3A%5B%22markup%3A%2F%2Fforce%3AsldsTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AnapiliAuraTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AneutralTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AserializedTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AcommunityTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AauraDynamicTokens%22%5D%2C%22tuid%22%3A%22QFYK9ASjKbJREX3aNNDaaQ%22%2C%22cuid%22%3A827773934%7D%2C%22pathPrefix%22%3A%22%22%7D/app.css>;rel=preload;as=style;nopush,</s/sfsites/auraFW/javascript/ozbOZt5SYUotl8he3imvcA/aura_prod.js>;rel=preload;as=script;nopush,</s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22serializationVersion%22%3A%221-1.1.13-224.8-b%22%2C%22split%22%3A%22f%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AloginApp2%22%3A%22QIjIXSLGqcgAH-oBcEbh6g%22%7D%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%7D/app.js>;rel=preload;as=script;nopush
vary
Accept-Encoding
cf-cache-status
DYNAMIC
cf-request-id
034575bf8200009c0f26a86200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5a1c2578dd959c0f-AMS
content-encoding
br

Redirect headers

status
302
date
Thu, 11 Jun 2020 14:50:46 GMT
x-b3-traceid
2dadde12bff887c4
x-b3-spanid
2dadde12bff887c4
x-b3-sampled
0
cache-control
no-cache,must-revalidate,max-age=0,no-store,private
expires
Thu, 01 Jan 1970 00:00:00 GMT
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-security-policy
upgrade-insecure-requests
referrer-policy
origin-when-cross-origin
location
https://portal.nysba.org/s/login/?ec=302&startURL=%2Fs%2F
cf-cache-status
DYNAMIC
cf-request-id
034575bdb000009c0f26a73200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5a1c2575ebd29c0f-AMS
beacon.min.js
static.cloudflareinsights.com/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: portal.nysba.org
URL: https://portal.nysba.org/s/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://portal.nysba.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 14:50:46 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
status
200
cf-ray
5a1c25760f0e974e-FRA
cf-request-id
034575bdc90000974e32807200000001
app.css
portal.nysba.org/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AloginApp2%22%3A%22QIjIXSLGqcgAH-oBc... 		629 KB
81 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.nysba.org/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AloginApp2%22%3A%22QIjIXSLGqcgAH-oBcEbh6g%22%7D%2C%22styleContext%22%3A%7B%22c%22%3A%22webkit%22%2C%22x%22%3A%5B%22isDesktop%22%5D%2C%22tokens%22%3A%5B%22markup%3A%2F%2Fforce%3AsldsTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AnapiliAuraTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AneutralTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AserializedTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AcommunityTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AauraDynamicTokens%22%5D%2C%22tuid%22%3A%22QFYK9ASjKbJREX3aNNDaaQ%22%2C%22cuid%22%3A827773934%7D%2C%22pathPrefix%22%3A%22%22%7D/app.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://portal.nysba.org/s/login/?ec=302&startURL=%2Fs%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 14:50:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
BYPASS
x-b3-traceid
f71dfa6554a6f0b6
status
200
cf-request-id
034575c1da00009c0f26aa0200000001
referrer-policy
origin-when-cross-origin
last-modified
Wed, 10 Jun 2020 14:50:47 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
x-xss-protection
1; mode=block
cache-control
max-age=3888000,public,immutable
x-b3-spanid
f71dfa6554a6f0b6
x-b3-sampled
0
cf-ray
5a1c257c98099c0f-AMS
expires
Sun, 26 Jul 2020 14:50:47 GMT
aura_prod.js
portal.nysba.org/s/sfsites/auraFW/javascript/ozbOZt5SYUotl8he3imvcA/ 		651 KB
196 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.nysba.org/s/sfsites/auraFW/javascript/ozbOZt5SYUotl8he3imvcA/aura_prod.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://portal.nysba.org/s/login/?ec=302&startURL=%2Fs%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 14:50:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
x-b3-traceid
9ac6b468354fea7e
status
200
cf-request-id
034575c1df00009c0f26aa1200000001
last-modified
Wed, 10 Jun 2020 14:42:11 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
x-xss-protection
1; mode=block
cache-control
public, max-age=3888000, immutable
x-b3-spanid
9ac6b468354fea7e
x-b3-sampled
0
cf-ray
5a1c257c980b9c0f-AMS
expires
Sun, 26 Jul 2020 14:42:11 GMT
app.js
portal.nysba.org/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22serializationVersion%22%3A%221-1.1.13-224.8-b%22%2C%22split%22%3A%22f%22%2C%22loaded%22%3A%7B%... 		1 MB
301 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.nysba.org/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22serializationVersion%22%3A%221-1.1.13-224.8-b%22%2C%22split%22%3A%22f%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AloginApp2%22%3A%22QIjIXSLGqcgAH-oBcEbh6g%22%7D%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%7D/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://portal.nysba.org/s/login/?ec=302&startURL=%2Fs%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 14:50:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
BYPASS
x-b3-traceid
ba0b2489176b3de7
status
200
cf-request-id
034575c1df00009c0f26aa2200000001
referrer-policy
origin-when-cross-origin
last-modified
Wed, 10 Jun 2020 14:50:47 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
x-xss-protection
1; mode=block
cache-control
max-age=3888000,public,immutable
x-b3-spanid
ba0b2489176b3de7
x-b3-sampled
0
cf-ray
5a1c257c980c9c0f-AMS
expires
Sun, 26 Jul 2020 14:50:47 GMT
jquery-2.1.4.min.js
code.jquery.com/ 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.1.4.min.js
Requested by
Host: portal.nysba.org
URL: https://portal.nysba.org/s/login/?ec=302&startURL=%2Fs%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c

Request headers

Referer
https://portal.nysba.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 11 Jun 2020 14:50:47 GMT
Content-Encoding
gzip
Last-Modified
Tue, 28 Apr 2015 16:17:08 GMT
Server
nginx
ETag
W/"553fb284-14979"
Vary
Accept-Encoding
X-HW
1591887047.dop131.fr8.shc,1591887047.dop131.fr8.t,1591887047.cds137.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
29519
gtm.js
www.googletagmanager.com/ 		93 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5ZTBPV
Requested by
Host: portal.nysba.org
URL: https://portal.nysba.org/s/login/?ec=302&startURL=%2Fs%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://portal.nysba.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 14:50:48 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33117
x-xss-protection
0
last-modified
Thu, 11 Jun 2020 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 11 Jun 2020 14:50:48 GMT
fonts.css
portal.nysba.org/s/sfsites/runtimedownload/ 		279 KB
193 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.nysba.org/s/sfsites/runtimedownload/fonts.css?lastMod=1558690220000&brandSet=944c67b2-f049-4e98-bb8c-5a18c53f7510
Requested by
Host: portal.nysba.org
URL: https://portal.nysba.org/s/login/?ec=302&startURL=%2Fs%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://portal.nysba.org/s/login/?ec=302&startURL=%2Fs%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 14:50:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
x-b3-traceid
3a4eed8f65ccafcc
status
200
cf-request-id
034575c22300009c0f26aa6200000001
referrer-policy
origin-when-cross-origin
last-modified
Fri, 24 May 2019 09:30:20 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
x-xss-protection
1; mode=block
cache-control
public, max-age=31536000
x-b3-spanid
3a4eed8f65ccafcc
x-b3-sampled
0
cf-ray
5a1c257d08489c0f-AMS
expires
Fri, 11 Jun 2021 14:50:47 GMT
resources.js
portal.nysba.org/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22fwuid%22%3A%22ozbOZt5SYUotl8he3imvcA%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsi... 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.nysba.org/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22fwuid%22%3A%22ozbOZt5SYUotl8he3imvcA%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AloginApp2%22%3A%22QIjIXSLGqcgAH-oBcEbh6g%22%7D%2C%22apce%22%3A1%2C%22apck%22%3A%22B9rsJ4QkPjzmqw3p_kePoQ%22%2C%22mlr%22%3A1%2C%22pathPrefix%22%3A%22%22%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%7D/resources.js?pv=1591813294000&rv=1586455604000
Requested by
Host: portal.nysba.org
URL: https://portal.nysba.org/s/login/?ec=302&startURL=%2Fs%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://portal.nysba.org/s/login/?ec=302&startURL=%2Fs%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 14:50:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
x-b3-traceid
28946b368a24cd6d
status
200
cf-request-id
034575c22a00009c0f26aa7200000001
referrer-policy
origin-when-cross-origin
last-modified
Wed, 10 Jun 2020 14:50:47 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
x-xss-protection
1; mode=block
cache-control
private, max-age=3888000, immutable
x-b3-spanid
28946b368a24cd6d
x-b3-sampled
0
cf-ray
5a1c257d184c9c0f-AMS
expires
Sun, 26 Jul 2020 14:50:47 GMT
bootstrap.js
portal.nysba.org/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22fwuid%22%3A%22ozbOZt5SYUotl8he3imvcA%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsi... 		300 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.nysba.org/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22fwuid%22%3A%22ozbOZt5SYUotl8he3imvcA%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AloginApp2%22%3A%22QIjIXSLGqcgAH-oBcEbh6g%22%7D%2C%22apce%22%3A1%2C%22apck%22%3A%22B9rsJ4QkPjzmqw3p_kePoQ%22%2C%22mlr%22%3A1%2C%22pathPrefix%22%3A%22%22%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%7D/bootstrap.js?aura.attributes=%7B%22schema%22%3A%22Published%22%2C%22brandingSetId%22%3A%22944c67b2-f049-4e98-bb8c-5a18c53f7510%22%2C%22authenticated%22%3A%22false%22%2C%22ac%22%3A%22%22%2C%22formFactor%22%3A%22LARGE%22%2C%22publishedChangelistNum%22%3A%22202%22%2C%22viewType%22%3A%22Published%22%2C%22themeLayoutType%22%3A%22Login%22%2C%22language%22%3A%22en_US%22%2C%22isHybrid%22%3A%22false%22%2C%22pageId%22%3A%22c9cb54ef-7181-4e5e-a537-839b0d3d0e50%22%7D
Requested by
Host: portal.nysba.org
URL: https://portal.nysba.org/s/login/?ec=302&startURL=%2Fs%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://portal.nysba.org/s/login/?ec=302&startURL=%2Fs%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 14:50:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
x-b3-traceid
ff357fbf7c2123a4
status
200
cf-request-id
034575c22b00009c0f26aa8200000001
referrer-policy
origin-when-cross-origin
last-modified
Mon, 27 Apr 2020 14:50:47 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
x-xss-protection
1; mode=block
cache-control
private, max-age=14400, must-revalidate
x-b3-spanid
ff357fbf7c2123a4
x-b3-sampled
0
cf-ray
5a1c257d184d9c0f-AMS
expires
Mon, 27 Apr 2020 14:50:47 GMT
Primary Request Cookie set /
www.sso.nysba.org/
Redirect Chain
  • http://www.sso.nysba.org/
  • https://www.sso.nysba.org/
9 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.sso.nysba.org/
Requested by
Host: portal.nysba.org
URL: https://portal.nysba.org/s/login/?ec=302&startURL=%2Fs%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.189.255.224 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ok7-crtrs.okta.com
Software
nginx /
Resource Hash
076f79a38acde985063d61c0de06f57c0c959b36eaf94e87c5afea736448698a
Security Headers
Name Value
Strict-Transport-Security max-age=315360000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://okta.report-uri.com/r/d/xss/enforce

Request headers

Host
www.sso.nysba.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://portal.nysba.org/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
__cfduid=d9a9887cba4cde550b7fffb7daf1107121591887045
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://portal.nysba.org/s/login/?ec=302&startURL=%2Fs%2F

Response headers

Date
Thu, 11 Jun 2020 14:50:49 GMT
Server
nginx
Content-Type
text/html;charset=utf-8
Vary
Accept-Encoding
X-Okta-Request-Id
XuJEydnLI9OrzCPtlKdKnQAABMI
X-XSS-Protection
1; mode=block; report=https://okta.report-uri.com/r/d/xss/enforce
P3P
CP="HONK"
X-Rate-Limit-Limit
300
X-Rate-Limit-Remaining
292
X-Rate-Limit-Reset
1591887074
Cache-Control
no-cache, no-store
Pragma
no-cache
Expires
0
X-Frame-Options
SAMEORIGIN
X-Content-Type-Options
nosniff
X-UA-Compatible
IE=edge
Content-Language
en
Strict-Transport-Security
max-age=315360000
X-Robots-Tag
none
Content-Encoding
gzip
Set-Cookie
sid=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ JSESSIONID=9DB866166818BEF6E25D7C7B411D22EF; Path=/; Secure; HttpOnly t=spring; Path=/ DT=DI0vu-dC8c6QRqbGbd6MgV2Uw;Version=1;Path=/;Max-Age=63072000;Secure;Expires=Sat, 11 Jun 2022 14:50:49 GMT;SameSite=None sid=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked

Redirect headers

Date
Thu, 11 Jun 2020 14:50:47 GMT
Server
Apache
Location
https://www.sso.nysba.org/
Content-Length
210
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5ZTBPV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://portal.nysba.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 30 Apr 2020 21:54:13 GMT
server
Golfe2
age
6869
date
Thu, 11 Jun 2020 12:56:19 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18433
expires
Thu, 11 Jun 2020 14:56:19 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5ZTBPV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s29-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portal.nysba.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 14:50:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
10884
x-xss-protection
0
server
cafe
etag
10406653800972162523
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 11 Jun 2020 14:50:48 GMT
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portal.nysba.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 14:19:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
1859
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1306
x-xss-protection
0
expires
Thu, 11 Jun 2020 15:19:49 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/991731287/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/991731287/?random=1591887048444&cv=9&fst=1591887048444&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg640&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fportal.nysba.org%2Fs%2Flogin%2F%3Fec%3D302%26startURL%3D%252Fs%252F&ref=https%3A%2F%2Fportal.nysba.org%2Fs%2F&tiba=Login%20Template%20Title&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portal.nysba.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jun 2020 14:50:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1031
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j82&aip=1&a=1384389674&t=pageview&_s=1&dl=https%3A%2F%2Fportal.nysba.org%2Fs%2Flogin%2F%3Fec%3D302%26startURL%3D%252Fs%252F&ul=en-us&de=UTF-8&dt=Login%20Template%20Title&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEAL~&jid=452939197&gjid=2014576780&cid=913139461.1591887048&tid=UA-43941549-1&_gid=1909969763.1591887048&gtm=2wg6405ZTBPV&z=1948035564
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://portal.nysba.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 May 2020 05:18:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
2194354
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/r/ 		35 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j82&tid=UA-43941549-1&cid=913139461.1591887048&jid=452939197&gjid=2014576780&_gid=1909969763.1591887048&_u=aGBAgEAL~&z=1704457998
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://portal.nysba.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 11 Jun 2020 14:50:48 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/991731287/ 		42 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/991731287/?random=1591887048444&cv=9&fst=1591884000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg640&sendb=1&frm=0&url=https%3A%2F%2Fportal.nysba.org%2Fs%2Flogin%2F%3Fec%3D302%26startURL%3D%252Fs%252F&ref=https%3A%2F%2Fportal.nysba.org%2Fs%2F&tiba=Login%20Template%20Title&async=1&fmt=3&is_vtc=1&random=3441349151&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portal.nysba.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Jun 2020 14:50:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/991731287/ 		0
0
okta-sign-in.min.js
ok7static.oktacdn.com/assets/js/sdk/okta-signin-widget/3.9.2/js/ 		1 MB
349 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ok7static.oktacdn.com/assets/js/sdk/okta-signin-widget/3.9.2/js/okta-sign-in.min.js
Requested by
Host: www.sso.nysba.org
URL: https://www.sso.nysba.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.89.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-59.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
f27daa844f6b3c459fdf04a0bccd7a7d1eb2e22a5211c725ddd21f6f859d7f57
Security Headers
Name Value
Strict-Transport-Security max-age=315360000

Request headers

Referer
https://www.sso.nysba.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=315360000
content-encoding
gzip
etag
"24226971e0903c7d7f0fb8443f68c6c1"
age
1247159
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
*
last-modified
Thu, 07 May 2020 03:48:33 GMT
server
nginx
date
Thu, 28 May 2020 04:24:51 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
9HZvaamTU6nxhGj-uolYOFZCX6h0jPqQPfIZwsTOduKm6mEO8yIOPg==
expires
Fri, 28 May 2021 04:24:51 GMT
okta-sign-in.min.css
ok7static.oktacdn.com/assets/js/sdk/okta-signin-widget/3.9.2/css/ 		181 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ok7static.oktacdn.com/assets/js/sdk/okta-signin-widget/3.9.2/css/okta-sign-in.min.css
Requested by
Host: www.sso.nysba.org
URL: https://www.sso.nysba.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.89.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-59.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
ea529b703d4233c8502c032419c0b5238ec604bf77f3f9425db9ae0a8bc17aea
Security Headers
Name Value
Strict-Transport-Security max-age=315360000

Request headers

Referer
https://www.sso.nysba.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=315360000
content-encoding
gzip
etag
"ec3aabb09a523e499e64ec432f326976"
age
1247158
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
*
last-modified
Thu, 07 May 2020 03:48:26 GMT
server
nginx
date
Thu, 28 May 2020 04:24:51 GMT
vary
Accept-Encoding
content-type
text/css
via
1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
OFSsVFQj945Ay7mtRVoaGvlF0kyUGxw3mlVLoUH73mHR_a3a4LmLgw==
expires
Fri, 28 May 2021 04:24:51 GMT
custom-signin.css
ok7static.oktacdn.com/assets/loginpage/css/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ok7static.oktacdn.com/assets/loginpage/css/custom-signin.css
Requested by
Host: www.sso.nysba.org
URL: https://www.sso.nysba.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.89.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-59.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
6ad0ad11086d50749bb41cf96cf712c1e61f458b4f6844f36f4ba21960417250
Security Headers
Name Value
Strict-Transport-Security max-age=315360000

Request headers

Referer
https://www.sso.nysba.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=315360000
content-encoding
gzip
etag
"bb8f4ce4363dd17160adb27f2ab5f478"
age
1777783
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
*
last-modified
Wed, 19 Feb 2020 23:31:39 GMT
server
nginx
date
Fri, 22 May 2020 01:01:04 GMT
vary
Accept-Encoding
content-type
text/css
via
1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
7vLZRvza61LzRdTzPwtqudIueq8IMgCeYT6q3t_Wnd_O-G3T4OQzKg==
expires
Sat, 22 May 2021 01:01:04 GMT
initLoginPage.pack.19095aac1c3312de0bfd68482488b3d9.js
ok7static.oktacdn.com/assets/js/mvc/loginpage/ 		301 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ok7static.oktacdn.com/assets/js/mvc/loginpage/initLoginPage.pack.19095aac1c3312de0bfd68482488b3d9.js
Requested by
Host:
URL: OktaUtil.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.89.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-59.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
712d2e7c7541f42c1a651da932fda970be6273e7bcd81c396455f19239537839
Security Headers
Name Value
Strict-Transport-Security max-age=315360000

Request headers

Referer
https://www.sso.nysba.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 10 Jun 2020 00:07:23 GMT
content-encoding
gzip
vary
Accept-Encoding
age
139406
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
*
last-modified
Tue, 09 Jun 2020 23:49:42 GMT
server
nginx
etag
W/"19095aac1c3312de0bfd68482488b3d9"
strict-transport-security
max-age=315360000
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
via
1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-pop
FRA50-C1
content-type
application/javascript
x-amz-cf-id
L-rMJansS4enYjj7sIHqnYeFNiY-CKYrRHfbDTCQ7iuXoTynTUWlVw==
expires
Thu, 10 Jun 2021 00:07:23 GMT
fs03ktg0cdMO7w0jg357
ok7static.oktacdn.com/fs/bco/7/ 		495 KB
497 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ok7static.oktacdn.com/fs/bco/7/fs03ktg0cdMO7w0jg357
Requested by
Host: ok7static.oktacdn.com
URL: https://ok7static.oktacdn.com/assets/js/sdk/okta-signin-widget/3.9.2/js/okta-sign-in.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.89.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-59.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
5ca778b515d38660c2454b890cbd5dd55b80fdf6819be27473f86727910f4955
Security Headers
Name Value
Strict-Transport-Security max-age=315360000

Request headers

Referer
https://www.sso.nysba.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 29 May 2020 02:08:44 GMT
via
1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
age
1168924
x-cache
Hit from cloudfront
status
200
content-length
507289
last-modified
Thu, 16 Apr 2020 10:54:37 GMT
server
nginx
etag
"a614ca0a0ec90133059484c619162bf6"
strict-transport-security
max-age=315360000
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/jpeg
x-amz-cf-id
eZUr1Wex6I8A05hpbBXPy27C1yFJufOOxGtUtgfcP_x7_PkRPIA_FQ==
expires
Sat, 29 May 2021 02:08:44 GMT
fs02udta4qBOKU7zQ357
ok7static.oktacdn.com/fs/bco/1/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ok7static.oktacdn.com/fs/bco/1/fs02udta4qBOKU7zQ357
Requested by
Host: www.sso.nysba.org
URL: https://www.sso.nysba.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.89.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-59.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
da637feff30ca2b22c860e1ff350b278e00b84c196267fb8f44a8b034fc131a5
Security Headers
Name Value
Strict-Transport-Security max-age=315360000

Request headers

Referer
https://www.sso.nysba.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 30 May 2020 16:44:16 GMT
via
1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
age
1029993
x-cache
Hit from cloudfront
status
200
content-length
7934
last-modified
Thu, 13 Feb 2020 22:16:51 GMT
server
nginx
etag
"849e9234ccf3e7f056949e4eac215638"
strict-transport-security
max-age=315360000
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
1u_JqpdTzxbVh8IOlgMfv3YrgJpfR-WyVXjWhOzc5YQ-kyb3VMbrNg==
expires
Sun, 30 May 2021 16:44:16 GMT
checkbox-sign-in-widget.png
ok7static.oktacdn.com/assets/js/sdk/okta-signin-widget/3.9.2/img/ui/forms/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ok7static.oktacdn.com/assets/js/sdk/okta-signin-widget/3.9.2/img/ui/forms/checkbox-sign-in-widget.png
Requested by
Host: www.sso.nysba.org
URL: https://www.sso.nysba.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.89.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-59.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
40810b0318131f9ba52c83a17e633a0ac476ade66ea8a914d6c4980571397665
Security Headers
Name Value
Strict-Transport-Security max-age=315360000

Request headers

Referer
https://ok7static.oktacdn.com/assets/js/sdk/okta-signin-widget/3.9.2/css/okta-sign-in.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 30 May 2020 01:22:34 GMT
via
1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
age
1085295
x-cache
Hit from cloudfront
status
200
content-length
3141
last-modified
Thu, 07 May 2020 03:48:31 GMT
server
nginx
etag
"7846b2f8c6d0a7ca69fdd3d3c294e92d"
strict-transport-security
max-age=315360000
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
XgdbZpIZe6Tt9MwtPy2plAuznS3EePCbWLJhtSYRCRegp6HBK7VV5w==
expires
Sun, 30 May 2021 01:22:34 GMT
montserrat-light-webfont.woff
ok7static.oktacdn.com/assets/js/sdk/okta-signin-widget/3.9.2/font/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ok7static.oktacdn.com/assets/js/sdk/okta-signin-widget/3.9.2/font/montserrat-light-webfont.woff
Requested by
Host: www.sso.nysba.org
URL: https://www.sso.nysba.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.89.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-59.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
feb177fb563f478cb8ecade71caea5df5ad318ca161c71875114e504ce304ace
Security Headers
Name Value
Strict-Transport-Security max-age=315360000

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ok7static.oktacdn.com/assets/js/sdk/okta-signin-widget/3.9.2/css/okta-sign-in.min.css
Origin
https://www.sso.nysba.org

Response headers

date
Thu, 28 May 2020 05:00:22 GMT
via
1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
age
1245026
x-cache
Hit from cloudfront
status
200
content-length
22112
last-modified
Thu, 07 May 2020 03:48:26 GMT
server
nginx
etag
"6225f3ca44b83090833064727a09cc95"
strict-transport-security
max-age=315360000
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/font-woff
x-amz-cf-id
kgSAdKt4ruOn_1dE8K0xYMZh9AjTzvvjUltUPr8xWLfgKZaynyw4-g==
expires
Fri, 28 May 2021 05:00:22 GMT
montserrat-regular-webfont.woff
ok7static.oktacdn.com/assets/js/sdk/okta-signin-widget/3.9.2/font/ 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ok7static.oktacdn.com/assets/js/sdk/okta-signin-widget/3.9.2/font/montserrat-regular-webfont.woff
Requested by
Host: www.sso.nysba.org
URL: https://www.sso.nysba.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.89.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-59.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
1d5325892ecf2dc3abd0caf2a1ef4eabf2477e2937c9a372760fd2acae8fddf3
Security Headers
Name Value
Strict-Transport-Security max-age=315360000

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ok7static.oktacdn.com/assets/js/sdk/okta-signin-widget/3.9.2/css/okta-sign-in.min.css
Origin
https://www.sso.nysba.org

Response headers

date
Thu, 28 May 2020 05:53:36 GMT
via
1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
age
1241834
x-cache
Hit from cloudfront
status
200
content-length
21980
last-modified
Thu, 07 May 2020 03:48:26 GMT
server
nginx
etag
"8f2822b73b5f9c106c6f2e0db820bcbb"
strict-transport-security
max-age=315360000
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/font-woff
x-amz-cf-id
rhEPwS-IUdXOdeZrefR8rMQcQLpLpDaYuIy0M1250n2bXbHL4XYs6g==
expires
Fri, 28 May 2021 05:53:36 GMT
iframe.html
login.okta.com/discovery/ Frame 5729 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://login.okta.com/discovery/iframe.html
Requested by
Host: ok7static.oktacdn.com
URL: https://ok7static.oktacdn.com/assets/js/mvc/loginpage/initLoginPage.pack.19095aac1c3312de0bfd68482488b3d9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.247.85 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-247-85.cph50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Host
login.okta.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.sso.nysba.org/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.sso.nysba.org/

Response headers

Content-Type
text/html
Content-Length
546
Connection
keep-alive
Last-Modified
Wed, 03 Jun 2020 21:56:28 GMT
Server
AmazonS3
Date
Wed, 10 Jun 2020 22:06:26 GMT
ETag
"ba966ef1e20f80a6bc3f7ca5b8a9e168"
X-Cache
Hit from cloudfront
Via
1.1 6ca0922c4cb330aecc1b691bf382d465.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
CPH50-C1
X-Amz-Cf-Id
oRT_6nBz-oOjp9cg8QI8f0VqLupSrMLArRiANj6jXZC5J-CRvpZrsg==
Age
60838

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google.de
URL
https://www.google.de/pagead/1p-user-list/991731287/?random=1591887048444&cv=9&fst=1591884000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg640&sendb=1&frm=0&url=https%3A%2F%2Fportal.nysba.org%2Fs%2Flogin%2F%3Fec%3D302%26startURL%3D%252Fs%252F&ref=https%3A%2F%2Fportal.nysba.org%2Fs%2F&tiba=Login%20Template%20Title&async=1&fmt=3&is_vtc=1&random=3441349151&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| Backbone function| jQueryCourage function| OktaSignIn function| signInSuccessCallBackFunction object| oktaData function| runLoginPage object| OktaUtil object| config object| oktaSignIn object| OktaLogin object| jQBrowser

7 Cookies

Domain/Path Name / Value
www.sso.nysba.org/ Name: DT
Value: DI0vu-dC8c6QRqbGbd6MgV2Uw
www.sso.nysba.org/ Name: t
Value: spring
.nysba.org/ Name: _gid
Value: GA1.2.1909969763.1591887048
.nysba.org/ Name: _dc_gtm_UA-43941549-1
Value: 1
.nysba.org/ Name: _ga
Value: GA1.2.913139461.1591887048
www.sso.nysba.org/ Name: JSESSIONID
Value: 9DB866166818BEF6E25D7C7B411D22EF
.nysba.org/ Name: _gcl_au
Value: 1.1.1648398599.1591887048

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
googleads.g.doubleclick.net
login.okta.com
ok7static.oktacdn.com
portal.nysba.org
static.cloudflareinsights.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.sso.nysba.org
www.google.de
143.204.247.85
143.204.89.59
172.217.18.162
172.67.69.15
2001:4de0:ac19::1:b:2a
2606:4700::6810:5f41
2a00:1450:4001:815::2004
2a00:1450:4001:81b::2002
2a00:1450:4001:81b::200e
2a00:1450:4001:824::2008
2a00:1450:400c:c00::9d
54.189.255.224
076f79a38acde985063d61c0de06f57c0c959b36eaf94e87c5afea736448698a
1d5325892ecf2dc3abd0caf2a1ef4eabf2477e2937c9a372760fd2acae8fddf3
40810b0318131f9ba52c83a17e633a0ac476ade66ea8a914d6c4980571397665
5ca778b515d38660c2454b890cbd5dd55b80fdf6819be27473f86727910f4955
6ad0ad11086d50749bb41cf96cf712c1e61f458b4f6844f36f4ba21960417250
712d2e7c7541f42c1a651da932fda970be6273e7bcd81c396455f19239537839
a16e5232c66c2daffe0c972693405738900a93b97d00c297228d10dd98248647
a21511f0fe08aa022d80d63d80ad493eecabb9fbbb38b2d9397f3fdbceeed8a4
da637feff30ca2b22c860e1ff350b278e00b84c196267fb8f44a8b034fc131a5
ea529b703d4233c8502c032419c0b5238ec604bf77f3f9425db9ae0a8bc17aea
f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c
f27daa844f6b3c459fdf04a0bccd7a7d1eb2e22a5211c725ddd21f6f859d7f57
feb177fb563f478cb8ecade71caea5df5ad318ca161c71875114e504ce304ace