Submitted URL: https://managedservices.ctl.io/msp/support/tickets/view/INC000003875344
Effective URL: https://sso.ctl.io/oxauth/login
Submission: On October 06 via manual from US

Summary

This website contacted 11 IPs in 4 countries across 7 domains to perform 47 HTTP transactions. The main IP is 64.15.184.150, located in United States and belongs to CENTURYLINK-LEGACY-SAVVIS, US. The main domain is sso.ctl.io.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on September 18th 2019. Valid for: 2 years.
This is the only time sso.ctl.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 206.152.34.220 3561 (CENTURYLI...)
1 2a00:1450:400... 15169 (GOOGLE)
8 2600:9000:214... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 136.144.56.255 54825 (PACKET)
3 2a00:1450:400... 15169 (GOOGLE)
2 12 64.15.184.150 3561 (CENTURYLI...)
1 2a00:1450:400... 15169 (GOOGLE)
6 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a04:4e42:1b:... 54113 (FASTLY)
47 11
Domain Requested by
12 sso.ctl.io 2 redirects sso.ctl.io
12 managedservices.ctl.io managedservices.ctl.io
8 assets.ctl.io managedservices.ctl.io
assets.ctl.io
sso.ctl.io
6 cdnjs.cloudflare.com sso.ctl.io
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
sso.ctl.io
2 ipv4.icanhazip.com
1 cdn.jsdelivr.net sso.ctl.io
1 fonts.googleapis.com sso.ctl.io
1 www.googletagmanager.com managedservices.ctl.io
1 managedsupport.ctl.io managedservices.ctl.io
47 10
Subject Issuer Validity Valid
managedservices.ctl.io
Let's Encrypt Authority X3
2020-08-11 -
2020-11-09
3 months crt.sh
managedsupport.ctl.io
Let's Encrypt Authority X3
2020-08-11 -
2020-11-09
3 months crt.sh
*.google-analytics.com
GTS CA 1O1
2020-09-22 -
2020-12-15
3 months crt.sh
assets.ctl.io
DigiCert SHA2 Secure Server CA
2020-06-02 -
2022-08-04
2 years crt.sh
icanhazip.com
Let's Encrypt Authority X3
2020-08-31 -
2020-11-29
3 months crt.sh
sso.ctl.io
DigiCert SHA2 Secure Server CA
2019-09-18 -
2021-09-22
2 years crt.sh
upload.video.google.com
GTS CA 1O1
2020-09-22 -
2020-12-15
3 months crt.sh
cdnjs.cloudflare.com
DigiCert ECC Secure Server CA
2020-08-12 -
2022-08-17
2 years crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2020-10-05 -
2021-04-17
6 months crt.sh

This page contains 1 frames:

Primary Page: https://sso.ctl.io/oxauth/login
Frame ID: F1B75F23DD3E7ADC632EC26D1B5C1660
Requests: 48 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://managedservices.ctl.io/msp/support/tickets/view/INC000003875344 Page URL
  2. https://sso.ctl.io/oxauth/restv1/authorize?client_id=%40!AF68.4445.CF47.B698!0001!5E04.A6B1!000... HTTP 302
    https://sso.ctl.io/oxauth/authorize.htm?scope=openid+ctl_scope+ctl_dynamic_scope&response_type=... HTTP 302
    https://sso.ctl.io/oxauth/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

47
Requests

100 %
HTTPS

70 %
IPv6

7
Domains

10
Subdomains

11
IPs

4
Countries

2304 kB
Transfer

8825 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://managedservices.ctl.io/msp/support/tickets/view/INC000003875344 Page URL
  2. https://sso.ctl.io/oxauth/restv1/authorize?client_id=%40!AF68.4445.CF47.B698!0001!5E04.A6B1!0008!BCB2.D336.BEFA.4EFE&scope=openid%20ctl_scope%20ctl_dynamic_scope&response_type=token&redirect_uri=https%3A%2F%2Fmanagedsupport.ctl.io%2Fmsp%2Foauth%2Fcallback&nonce=2f003e679676fde6430243b4d96003f0c660678517db490c0a625713df10edbf&state=eyJwYXRobmFtZSI6Ii9tc3Avc3VwcG9ydC90aWNrZXRzL3ZpZXcvSU5DMDAwMDAzODc1MzQ0Iiwic3RhdGUiOiIxNjUxMjY5YmJiZGFhNGZjMjUyZDRkMGMwNWRjNjJjMDQ1YTMyOWEzMGRiZDFkOTc5ZTlhMzdmNGVjMWE3NTZlIn0%3D HTTP 302
    https://sso.ctl.io/oxauth/authorize.htm?scope=openid+ctl_scope+ctl_dynamic_scope&response_type=token&redirect_uri=https%3A%2F%2Fmanagedsupport.ctl.io%2Fmsp%2Foauth%2Fcallback&state=eyJwYXRobmFtZSI6Ii9tc3Avc3VwcG9ydC90aWNrZXRzL3ZpZXcvSU5DMDAwMDAzODc1MzQ0Iiwic3RhdGUiOiIxNjUxMjY5YmJiZGFhNGZjMjUyZDRkMGMwNWRjNjJjMDQ1YTMyOWEzMGRiZDFkOTc5ZTlhMzdmNGVjMWE3NTZlIn0%3D&nonce=2f003e679676fde6430243b4d96003f0c660678517db490c0a625713df10edbf&client_id=%40%21AF68.4445.CF47.B698%210001%215E04.A6B1%210008%21BCB2.D336.BEFA.4EFE HTTP 302
    https://sso.ctl.io/oxauth/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

47 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
INC000003875344
managedservices.ctl.io/msp/support/tickets/view/
97 KB
39 KB
Document
General
Full URL
https://managedservices.ctl.io/msp/support/tickets/view/INC000003875344
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.152.34.220 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
mail.wopr.ctl.io
Software
nginx/1.13.8 /
Resource Hash
5b535665ed44dffdc8309eea0204556725719cf3b17e33e1ed65714f5276c646
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://sso.ctl.io
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
managedservices.ctl.io
:scheme
https
:path
/msp/support/tickets/view/INC000003875344
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
server
nginx/1.13.8
date
Tue, 06 Oct 2020 12:30:01 GMT
content-type
text/html; charset=utf-8
x-dns-prefetch-control
off
x-frame-options
ALLOW-FROM https://sso.ctl.io
strict-transport-security
max-age=15724800; includeSubDomains;
x-download-options
noopen
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-encoding
gzip
mp_linkcode.js
managedsupport.ctl.io/
2 KB
1 KB
Script
General
Full URL
https://managedsupport.ctl.io/mp_linkcode.js
Requested by
Host: managedservices.ctl.io
URL: https://managedservices.ctl.io/msp/support/tickets/view/INC000003875344
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.152.34.220 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
mail.wopr.ctl.io
Software
nginx/1.13.8 /
Resource Hash
eff4ee788ac41261b9cd9ab8ca715d9ca75b303cce767ce7f2acd29022eebb6f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://sso.ctl.io
X-Xss-Protection 1; mode=block

Request headers

Referer
https://managedservices.ctl.io/msp/support/tickets/view/INC000003875344
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 12:30:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 25 Aug 2020 13:37:00 GMT
server
nginx/1.13.8
x-frame-options
ALLOW-FROM https://sso.ctl.io
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=0
strict-transport-security
max-age=15724800; includeSubDomains;
x-dns-prefetch-control
off
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/
90 KB
36 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-78659637-1
Requested by
Host: managedservices.ctl.io
URL: https://managedservices.ctl.io/msp/support/tickets/view/INC000003875344
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
894865fe8b9683099d00d1a991d9aa6f845ce488468f0a39f13b4909b072e37c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://managedservices.ctl.io/msp/support/tickets/view/INC000003875344
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 12:30:01 GMT
content-encoding
br
vary
Accept-Encoding
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36666
x-xss-protection
0
last-modified
Tue, 06 Oct 2020 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 06 Oct 2020 12:30:01 GMT
cyclops.min.css
assets.ctl.io/cyclops/2.0.0/css/
218 KB
28 KB
Stylesheet
General
Full URL
https://assets.ctl.io/cyclops/2.0.0/css/cyclops.min.css
Requested by
Host: managedservices.ctl.io
URL: https://managedservices.ctl.io/msp/support/tickets/view/INC000003875344
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:0:14:469:86c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a685aaefb8e1fd4ca6a0897a072f8b85d8e54f8477e86f093a1414bb78f58e57

Request headers

Referer
https://managedservices.ctl.io/msp/support/tickets/view/INC000003875344
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 12:30:02 GMT
content-encoding
gzip
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
status
200
access-control-allow-origin
*
last-modified
Mon, 14 Sep 2020 18:05:13 GMT
server
AmazonS3
etag
W/"69619eb1b49a9faf927faf669f542837"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/css
via
1.1 48391c4ed2c51e95dcabcb70cf613127.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-id
eutYALOvVvW283_oj7d3F_lfZd_Cf2l6yqUfESI8VEnkkzKogkA1LQ==
msp-override.css
assets.ctl.io/msp/
5 KB
2 KB
Stylesheet
General
Full URL
https://assets.ctl.io/msp/msp-override.css
Requested by
Host: managedservices.ctl.io
URL: https://managedservices.ctl.io/msp/support/tickets/view/INC000003875344
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:0:14:469:86c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
35f47f80d1f41359799340494eff801bb3cfda729c0243cd37388467fb5daab1

Request headers

Referer
https://managedservices.ctl.io/msp/support/tickets/view/INC000003875344
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 12:30:02 GMT
content-encoding
gzip
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
status
200
access-control-allow-origin
*
last-modified
Mon, 14 Sep 2020 18:06:20 GMT
server
AmazonS3
etag
W/"fcb14f2b6d9561a3b0a1c64fbc3ae2ae"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/css
via
1.1 48391c4ed2c51e95dcabcb70cf613127.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-id
chb-Vv_LQlXIQfFtIWXeFP8GeK2lmWnqsC38P0JNum2VbQF4a5jUPw==
app.css
managedservices.ctl.io/
450 KB
284 KB
Stylesheet
General
Full URL
https://managedservices.ctl.io/app.css
Requested by
Host: managedservices.ctl.io
URL: https://managedservices.ctl.io/msp/support/tickets/view/INC000003875344
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.152.34.220 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
mail.wopr.ctl.io
Software
nginx/1.13.8 /
Resource Hash
509545dca18b936b9f79154d3d8b2753483184da8c3cfe4d21894d22ac642ada
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://sso.ctl.io
X-Xss-Protection 1; mode=block

Request headers

Referer
https://managedservices.ctl.io/msp/support/tickets/view/INC000003875344
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 12:30:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Sep 2020 21:42:52 GMT
server
nginx/1.13.8
x-frame-options
ALLOW-FROM https://sso.ctl.io
x-download-options
noopen
vary
Accept-Encoding
content-type
text/css; charset=utf-8
status
200
cache-control
max-age=0
strict-transport-security
max-age=15724800; includeSubDomains;
x-dns-prefetch-control
off
x-xss-protection
1; mode=block
app.js
managedservices.ctl.io/
5 MB
1 MB
Script
General
Full URL
https://managedservices.ctl.io/app.js
Requested by
Host: managedservices.ctl.io
URL: https://managedservices.ctl.io/msp/support/tickets/view/INC000003875344
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.152.34.220 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
mail.wopr.ctl.io
Software
nginx/1.13.8 /
Resource Hash
a100120710fc56a91c9ad46fd3b8c68b14947282ae2c407cf689723e87dab639
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://sso.ctl.io
X-Xss-Protection 1; mode=block

Request headers

Referer
https://managedservices.ctl.io/msp/support/tickets/view/INC000003875344
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 12:30:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Sep 2020 21:42:52 GMT
server
nginx/1.13.8
x-frame-options
ALLOW-FROM https://sso.ctl.io
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=0
strict-transport-security
max-age=15724800; includeSubDomains;
x-dns-prefetch-control
off
x-xss-protection
1; mode=block
24.js
managedservices.ctl.io/
207 KB
34 KB
Script
General
Full URL
https://managedservices.ctl.io/24.js
Requested by
Host: managedservices.ctl.io
URL: https://managedservices.ctl.io/msp/support/tickets/view/INC000003875344
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.152.34.220 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
mail.wopr.ctl.io
Software
nginx/1.13.8 /
Resource Hash
887406a2fc63794a738dc05c9960011eee8e63fe8bcce296b0b6180ba9a8d36c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://sso.ctl.io
X-Xss-Protection 1; mode=block

Request headers

Referer
https://managedservices.ctl.io/msp/support/tickets/view/INC000003875344
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 12:30:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Sep 2020 21:42:52 GMT
server
nginx/1.13.8
x-frame-options
ALLOW-FROM https://sso.ctl.io
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=0
strict-transport-security
max-age=15724800; includeSubDomains;
x-dns-prefetch-control
off
x-xss-protection
1; mode=block
global-menus.js
assets.ctl.io/dt-GlobalNavigationMenu/3.0.0/
244 KB
64 KB
Script
General
Full URL
https://assets.ctl.io/dt-GlobalNavigationMenu/3.0.0/global-menus.js?time=1601987401091
Requested by
Host: managedservices.ctl.io
URL: https://managedservices.ctl.io/msp/support/tickets/view/INC000003875344
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:0:14:469:86c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e6dd0513552953ba3f9af6dae298008d7da53ac6fe88919feb60584456620b36

Request headers

Referer
https://managedservices.ctl.io/msp/support/tickets/view/INC000003875344
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 12:30:02 GMT
content-encoding
gzip
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
status
200
access-control-allow-origin
*
last-modified
Mon, 14 Sep 2020 18:05:36 GMT
server
AmazonS3
etag
W/"d20d01099f52f0c041515ca9082810e8"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 48391c4ed2c51e95dcabcb70cf613127.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-id
OSLNdFeyhbI7WeF0KXPyVsAmY5Hqyxy68_RcKnKB2GDyGPH_hUifIg==
0.js
managedservices.ctl.io/
114 KB
27 KB
Script
General
Full URL
https://managedservices.ctl.io/0.js
Requested by
Host: managedservices.ctl.io
URL: https://managedservices.ctl.io/app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.152.34.220 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
mail.wopr.ctl.io
Software
nginx/1.13.8 /
Resource Hash
4841e5aea32bf4b1a28f0c635e7cb743f3a4408a125b8194deaa19b24ec878f7
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://sso.ctl.io
X-Xss-Protection 1; mode=block

Request headers

Referer
https://managedservices.ctl.io/msp/support/tickets/view/INC000003875344
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 12:30:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Sep 2020 21:42:52 GMT
server
nginx/1.13.8
x-frame-options
ALLOW-FROM https://sso.ctl.io
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=0
strict-transport-security
max-age=15724800; includeSubDomains;
x-dns-prefetch-control
off
x-xss-protection
1; mode=block
1.js
managedservices.ctl.io/
99 KB
20 KB
Script
General
Full URL
https://managedservices.ctl.io/1.js
Requested by
Host: managedservices.ctl.io
URL: https://managedservices.ctl.io/app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.152.34.220 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
mail.wopr.ctl.io
Software
nginx/1.13.8 /
Resource Hash
aead6326640e7ce4724ff5463c8c9a3ab7f793557bd3994dc97695626ec12025
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://sso.ctl.io
X-Xss-Protection 1; mode=block

Request headers

Referer
https://managedservices.ctl.io/msp/support/tickets/view/INC000003875344
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 12:30:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Sep 2020 21:42:52 GMT
server
nginx/1.13.8
x-frame-options
ALLOW-FROM https://sso.ctl.io
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=0
strict-transport-security
max-age=15724800; includeSubDomains;
x-dns-prefetch-control
off
x-xss-protection
1; mode=block
2.js
managedservices.ctl.io/
270 KB
50 KB
Script
General
Full URL
https://managedservices.ctl.io/2.js
Requested by
Host: managedservices.ctl.io
URL: https://managedservices.ctl.io/app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.152.34.220 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
mail.wopr.ctl.io
Software
nginx/1.13.8 /
Resource Hash
1f33a8247a156ce06ae9bb2ccb7a55b71de0e6027bd82dc076f7d4433da7356a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://sso.ctl.io
X-Xss-Protection 1; mode=block

Request headers

Referer
https://managedservices.ctl.io/msp/support/tickets/view/INC000003875344
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 12:30:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Sep 2020 21:42:52 GMT
server
nginx/1.13.8
x-frame-options
ALLOW-FROM https://sso.ctl.io
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=0
strict-transport-security
max-age=15724800; includeSubDomains;
x-dns-prefetch-control
off
x-xss-protection
1; mode=block
19.js
managedservices.ctl.io/
42 KB
12 KB
Script
General
Full URL
https://managedservices.ctl.io/19.js
Requested by
Host: managedservices.ctl.io
URL: https://managedservices.ctl.io/app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.152.34.220 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
mail.wopr.ctl.io
Software
nginx/1.13.8 /
Resource Hash
849940e565cd1ecb1961fcce0b6eb3a32c4fa173d8afa3146fbf53c4dba3a99e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://sso.ctl.io
X-Xss-Protection 1; mode=block

Request headers

Referer
https://managedservices.ctl.io/msp/support/tickets/view/INC000003875344
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 12:30:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Sep 2020 21:42:52 GMT
server
nginx/1.13.8
x-frame-options
ALLOW-FROM https://sso.ctl.io
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=0
strict-transport-security
max-age=15724800; includeSubDomains;
x-dns-prefetch-control
off
x-xss-protection
1; mode=block
services.json
assets.ctl.io/globalnavigation/
20 KB
5 KB
Fetch
General
Full URL
https://assets.ctl.io/globalnavigation/services.json?1601987402022
Requested by
Host: assets.ctl.io
URL: https://assets.ctl.io/dt-GlobalNavigationMenu/3.0.0/global-menus.js?time=1601987401091
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:0:14:469:86c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4547d8a0aef41e2de38e89b537f9a9004871d1a84985caef86e78158c8782239

Request headers

Referer
https://managedservices.ctl.io/msp/support/tickets/view/INC000003875344
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 12:30:03 GMT
content-encoding
gzip
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
status
200
access-control-allow-origin
*
last-modified
Mon, 14 Sep 2020 18:06:16 GMT
server
AmazonS3
etag
W/"0d28ab98c9e1fadafddde57d836a100d"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json
via
1.1 a3c2566f9e36ad3cdf79fc6307fcf567.cloudfront.net (CloudFront)
cache-control
no-store
x-amz-cf-id
92gCLEApvgu82buOIJzM0yuPwB-BgLO4DVYzRmflrayQR9BiITahrw==
analytics.js
www.google-analytics.com/
45 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-78659637-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://managedservices.ctl.io/msp/support/tickets/view/INC000003875344
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Sep 2020 01:50:37 GMT
server
Golfe2
age
4463
date
Tue, 06 Oct 2020 11:15:39 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18650
expires
Tue, 06 Oct 2020 13:15:39 GMT
/
ipv4.icanhazip.com/
15 B
311 B
XHR
General
Full URL
https://ipv4.icanhazip.com/
Requested by
Host:
URL: webpack:///./node_modules/axios/lib/adapters/xhr.js?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.144.56.255 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
icanhazip-iad-1
Software
nginx /
Resource Hash
ed70b33aa556c8962c1289458f477476f9777df5e20ba4ba6dc97928816cb3bc

Request headers

Accept
application/json, text/plain, */*
Referer
https://managedservices.ctl.io/msp/support/tickets/view/INC000003875344
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 12:30:02 GMT
server
nginx
x-rtfm
Learn about this site at http://bit.ly/icanhazip-faq and do not abuse the service.
status
200
access-control-allow-methods
GET
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
x-donation
This site is expensive to run. You can donate BTC to 3LSp89k9qnMJBpV7AUNF3M2Eo1vatpkYpm
content-length
15
x-duck
🦆
x-node
icanhazip-iad-1
globalstate
managedservices.ctl.io/api/
53 B
383 B
XHR
General
Full URL
https://managedservices.ctl.io/api/globalstate
Requested by
Host:
URL: webpack:///./node_modules/axios/lib/adapters/xhr.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.152.34.220 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
mail.wopr.ctl.io
Software
nginx/1.13.8 /
Resource Hash
b50f4e5baabe8c16cf4bbabbd17eef8ac4e48463d7bb3518241d3c9bc1d20762
Security Headers
Name Value
Content-Security-Policy frame-src https://sso.ctl.io
Strict-Transport-Security max-age=15724800; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://sso.ctl.io
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://managedservices.ctl.io/msp/support/tickets/view/INC000003875344
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Oct 2020 12:30:02 GMT
x-content-type-options
nosniff
server
nginx/1.13.8
x-frame-options
ALLOW-FROM https://sso.ctl.io
content-type
application/json;charset=UTF-8
status
200
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-security-policy
frame-src https://sso.ctl.io
strict-transport-security
max-age=15724800; includeSubDomains;
content-length
53
x-xss-protection
1; mode=block
expires
0
/
ipv4.icanhazip.com/
15 B
310 B
XHR
General
Full URL
https://ipv4.icanhazip.com/
Requested by
Host:
URL: webpack:///./node_modules/axios/lib/adapters/xhr.js?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.144.56.255 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
icanhazip-iad-1
Software
nginx /
Resource Hash
ed70b33aa556c8962c1289458f477476f9777df5e20ba4ba6dc97928816cb3bc

Request headers

Accept
application/json, text/plain, */*
Referer
https://managedservices.ctl.io/msp/support/tickets/view/INC000003875344
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 12:30:02 GMT
server
nginx
x-rtfm
Learn about this site at http://bit.ly/icanhazip-faq and do not abuse the service.
status
200
access-control-allow-methods
GET
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
x-donation
This site is expensive to run. You can donate BTC to 3LSp89k9qnMJBpV7AUNF3M2Eo1vatpkYpm
content-length
15
x-duck
🦆
x-node
icanhazip-iad-1
collect
www.google-analytics.com/j/
1 B
70 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j86&a=2041688700&t=pageview&_s=1&dl=https%3A%2F%2Fmanagedservices.ctl.io%2Fmsp%2Fsupport%2Ftickets%2Fview%2FINC000003875344&ul=en-us&de=UTF-8&dt=Managed%20Support%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1325716389&gjid=119527523&cid=771357599.1601987402&tid=UA-78659637-1&_gid=1781267939.1601987402&_r=1&gtm=2ou9n1&z=331067825
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://managedservices.ctl.io/msp/support/tickets/view/INC000003875344
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Oct 2020 12:30:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
https://managedservices.ctl.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
user
managedservices.ctl.io/api/
105 B
451 B
XHR
General
Full URL
https://managedservices.ctl.io/api/user?ipAddress=185.212.171.67%0A
Requested by
Host:
URL: webpack:///./node_modules/axios/lib/adapters/xhr.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.152.34.220 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
mail.wopr.ctl.io
Software
nginx/1.13.8 /
Resource Hash
56c4c5d85b08019509743ceec6adec6788105830c8ac04bc276a770b09779a97
Security Headers
Name Value
Content-Security-Policy frame-src https://sso.ctl.io
Strict-Transport-Security max-age=15724800; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://sso.ctl.io
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://managedservices.ctl.io/msp/support/tickets/view/INC000003875344
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Oct 2020 12:30:02 GMT
www-authenticate
FormBased
server
nginx/1.13.8
x-frame-options
ALLOW-FROM https://sso.ctl.io
content-type
application/json
status
401
x-xss-protection
1; mode=block
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-security-policy
frame-src https://sso.ctl.io
strict-transport-security
max-age=15724800; includeSubDomains;
content-length
105
x-content-type-options
nosniff
expires
0
health
managedservices.ctl.io/msp/oauth/
5 B
270 B
XHR
General
Full URL
https://managedservices.ctl.io/msp/oauth/health
Requested by
Host:
URL: webpack:///./node_modules/axios/lib/adapters/xhr.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.152.34.220 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
mail.wopr.ctl.io
Software
nginx/1.13.8 /
Resource Hash
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://sso.ctl.io
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://managedservices.ctl.io/msp/support/tickets/view/INC000003875344
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 12:30:03 GMT
x-content-type-options
nosniff
server
nginx/1.13.8
x-download-options
noopen
x-frame-options
ALLOW-FROM https://sso.ctl.io
content-type
application/json; charset=utf-8
status
200
strict-transport-security
max-age=15724800; includeSubDomains;
x-dns-prefetch-control
off
content-length
5
x-xss-protection
1; mode=block
login
managedservices.ctl.io/msp/openid/
783 B
755 B
XHR
General
Full URL
https://managedservices.ctl.io/msp/openid/login
Requested by
Host:
URL: webpack:///./node_modules/axios/lib/adapters/xhr.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.152.34.220 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
mail.wopr.ctl.io
Software
nginx/1.13.8 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://sso.ctl.io
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://managedservices.ctl.io/msp/support/tickets/view/INC000003875344
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Tue, 06 Oct 2020 12:30:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.13.8
x-frame-options
ALLOW-FROM https://sso.ctl.io
x-download-options
noopen
vary
Accept-Encoding
content-type
application/json; charset=utf-8
status
200
strict-transport-security
max-age=15724800; includeSubDomains;
x-dns-prefetch-control
off
x-xss-protection
1; mode=block
Primary Request Cookie set login
sso.ctl.io/oxauth/
Redirect Chain
  • https://sso.ctl.io/oxauth/restv1/authorize?client_id=%40!AF68.4445.CF47.B698!0001!5E04.A6B1!0008!BCB2.D336.BEFA.4EFE&scope=openid%20ctl_scope%20ctl_dynamic_scope&response_type=token&redirect_uri=ht...
  • https://sso.ctl.io/oxauth/authorize.htm?scope=openid+ctl_scope+ctl_dynamic_scope&response_type=token&redirect_uri=https%3A%2F%2Fmanagedsupport.ctl.io%2Fmsp%2Foauth%2Fcallback&state=eyJwYXRobmFtZSI6...
  • https://sso.ctl.io/oxauth/login
16 KB
18 KB
Document
General
Full URL
https://sso.ctl.io/oxauth/login
Requested by
Host:
URL: webpack:///./actions/login.js?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.15.184.150 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
/
Resource Hash
91cf940f35f8521b0f2fda7ddd08d34935638ea316d773b40d4fc162b028c983
Security Headers
Name Value
Content-Security-Policy default-src https://*.ctl.io; script-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://www.google-analytics.com https://ipinfo.io 'unsafe-eval' 'unsafe-inline'; style-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://fonts.googleapis.com 'unsafe-inline'; img-src https://*.ctl.io https://www.google-analytics.com data:; font-src https://*.ctl.io https://fonts.gstatic.com; connect-src https://*.ctl.io https://www.google-analytics.com; frame-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77; child-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy default-src https://*.ctl.io; script-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://www.google-analytics.com https://ipinfo.io 'unsafe-eval' 'unsafe-inline'; style-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://fonts.googleapis.com 'unsafe-inline'; img-src https://*.ctl.io https://www.google-analytics.com data:; font-src https://*.ctl.io https://fonts.gstatic.com; connect-src https://*.ctl.io https://www.google-analytics.com; frame-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77; child-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
sso.ctl.io
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
rp_origin_id=https://managedsupport.ctl.io/msp/oauth/callback; _ga=GA1.2.771357599.1601987402; _gid=GA1.2.1781267939.1601987402; _gat_gtag_UA_78659637_1=1; org.gluu.i18n.Locale=en; session_id=b44b2824-f7f6-4015-b53c-2cd24516098f; session_state=dc48917549e11a5a05de862eda6909a57b7947d9b1270f1f680774eb27524326.78b15225-8f4a-4428-bfa3-980b25ba5c52; opbs=344651f5-4c40-423b-b47f-440404146d58
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://managedservices.ctl.io/msp/support/tickets/view/INC000003875344

Response headers

Date
Tue, 06 Oct 2020 12:30:04 GMT
Content-Type
text/html;charset=utf-8
Content-Length
16420
Connection
keep-alive
X-Xss-Protection
1; mode=block
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubdomains
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie
JSESSIONID=node01h2rlb3ozjwtb7pcg1ajvw7wh238370.node0;Path=/oxauth;Secure;HttpOnly org.gluu.i18n.Locale=en;Path=/;Expires=Wed, 06-Oct-2021 12:30:04 GMT;Max-Age=31536000;HttpOnly
Content-Security-Policy
default-src https://*.ctl.io; script-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://www.google-analytics.com https://ipinfo.io 'unsafe-eval' 'unsafe-inline'; style-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://fonts.googleapis.com 'unsafe-inline'; img-src https://*.ctl.io https://www.google-analytics.com data:; font-src https://*.ctl.io https://fonts.gstatic.com; connect-src https://*.ctl.io https://www.google-analytics.com; frame-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77; child-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77;
X-Content-Security-Policy
default-src https://*.ctl.io; script-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://www.google-analytics.com https://ipinfo.io 'unsafe-eval' 'unsafe-inline'; style-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://fonts.googleapis.com 'unsafe-inline'; img-src https://*.ctl.io https://www.google-analytics.com data:; font-src https://*.ctl.io https://fonts.gstatic.com; connect-src https://*.ctl.io https://www.google-analytics.com; frame-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77; child-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77;
X-Frame-Options
SAMEORIGIN
Referrer-Policy
no-referrer
X-Permitted-Cross-Domain-Policies
none
Cache-Control
no-store
Pragma
no-cache

Redirect headers

Date
Tue, 06 Oct 2020 12:30:04 GMT
Content-Type
text/html
Content-Length
0
Connection
keep-alive
X-Xss-Protection
1; mode=block
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubdomains
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://sso.ctl.io/oxauth/login
Set-Cookie
org.gluu.i18n.Locale=en;Path=/;Expires=Wed, 06-Oct-2021 12:30:04 GMT;Max-Age=31536000;HttpOnly session_id=b44b2824-f7f6-4015-b53c-2cd24516098f; Path=/; Secure; HttpOnly; Expires=Wed, 07 Oct 2020 12:30:04 +0000;;HttpOnly session_state=dc48917549e11a5a05de862eda6909a57b7947d9b1270f1f680774eb27524326.78b15225-8f4a-4428-bfa3-980b25ba5c52; Path=/; Secure; Expires=Wed, 07 Oct 2020 12:30:04 +0000; opbs=344651f5-4c40-423b-b47f-440404146d58; Path=/; Secure; Expires=Wed, 07 Oct 2020 12:30:04 +0000;;HttpOnly rp_origin_id=https://managedsupport.ctl.io/msp/oauth/callback; Path=/oxauth; Secure; HttpOnly; Expires=Wed, 07 Oct 2020 12:30:04 +0000;;HttpOnly
Content-Security-Policy
default-src https://*.ctl.io; script-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://www.google-analytics.com https://ipinfo.io 'unsafe-eval' 'unsafe-inline'; style-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://fonts.googleapis.com 'unsafe-inline'; img-src https://*.ctl.io https://www.google-analytics.com data:; font-src https://*.ctl.io https://fonts.gstatic.com; connect-src https://*.ctl.io https://www.google-analytics.com; frame-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77; child-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77;
X-Content-Security-Policy
default-src https://*.ctl.io; script-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://www.google-analytics.com https://ipinfo.io 'unsafe-eval' 'unsafe-inline'; style-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://fonts.googleapis.com 'unsafe-inline'; img-src https://*.ctl.io https://www.google-analytics.com data:; font-src https://*.ctl.io https://fonts.gstatic.com; connect-src https://*.ctl.io https://www.google-analytics.com; frame-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77; child-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77;
X-Frame-Options
SAMEORIGIN
Referrer-Policy
no-referrer
X-Permitted-Cross-Domain-Policies
none
Cache-Control
no-store
Pragma
no-cache
css
fonts.googleapis.com/
11 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Inconsolata|Open+Sans:300,400,600.700,800
Requested by
Host: sso.ctl.io
URL: https://sso.ctl.io/oxauth/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d8842cc18aee5793e6cc5fd9f4b96530f4635936331197a748d91e13356a416d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 06 Oct 2020 12:30:04 GMT
server
ESF
date
Tue, 06 Oct 2020 12:30:04 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 06 Oct 2020 12:30:04 GMT
mp_linkcode-3.1.1.0.js
sso.ctl.io/oxauth/ext/resources/scripts/
2 KB
4 KB
Script
General
Full URL
https://sso.ctl.io/oxauth/ext/resources/scripts/mp_linkcode-3.1.1.0.js
Requested by
Host: sso.ctl.io
URL: https://sso.ctl.io/oxauth/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.15.184.150 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
/
Resource Hash
9636da880cc34878cd5ba085418fd5ac4fb56f5ca4cfe24071815315bdd53172
Security Headers
Name Value
Content-Security-Policy default-src https://*.ctl.io; script-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://www.google-analytics.com https://ipinfo.io 'unsafe-eval' 'unsafe-inline'; style-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://fonts.googleapis.com 'unsafe-inline'; img-src https://*.ctl.io https://www.google-analytics.com data:; font-src https://*.ctl.io https://fonts.gstatic.com; connect-src https://*.ctl.io https://www.google-analytics.com; frame-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77; child-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy default-src https://*.ctl.io; script-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://www.google-analytics.com https://ipinfo.io 'unsafe-eval' 'unsafe-inline'; style-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://fonts.googleapis.com 'unsafe-inline'; img-src https://*.ctl.io https://www.google-analytics.com data:; font-src https://*.ctl.io https://fonts.gstatic.com; connect-src https://*.ctl.io https://www.google-analytics.com; frame-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77; child-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 06 Oct 2020 12:30:04 GMT
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Content-Length
1851
X-Xss-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
no-referrer
Last-Modified
Sat, 15 Aug 2020 15:03:03 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubdomains
Content-Type
application/javascript
Cache-Control
no-store
Content-Security-Policy
default-src https://*.ctl.io; script-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://www.google-analytics.com https://ipinfo.io 'unsafe-eval' 'unsafe-inline'; style-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://fonts.googleapis.com 'unsafe-inline'; img-src https://*.ctl.io https://www.google-analytics.com data:; font-src https://*.ctl.io https://fonts.gstatic.com; connect-src https://*.ctl.io https://www.google-analytics.com; frame-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77; child-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77;
Accept-Ranges
bytes
X-Content-Security-Policy
default-src https://*.ctl.io; script-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://www.google-analytics.com https://ipinfo.io 'unsafe-eval' 'unsafe-inline'; style-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://fonts.googleapis.com 'unsafe-inline'; img-src https://*.ctl.io https://www.google-analytics.com data:; font-src https://*.ctl.io https://fonts.gstatic.com; connect-src https://*.ctl.io https://www.google-analytics.com; frame-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77; child-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77;
jsf.js.htm
sso.ctl.io/oxauth/javax.faces.resource/
43 KB
45 KB
Script
General
Full URL
https://sso.ctl.io/oxauth/javax.faces.resource/jsf.js.htm?ln=javax.faces
Requested by
Host: sso.ctl.io
URL: https://sso.ctl.io/oxauth/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.15.184.150 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
/
Resource Hash
9c0b78d07ff3e9f94ea536fbba52625bcc4a2824d50f2df155251af1cb4bcd2b
Security Headers
Name Value
Content-Security-Policy default-src https://*.ctl.io; script-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://www.google-analytics.com https://ipinfo.io 'unsafe-eval' 'unsafe-inline'; style-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://fonts.googleapis.com 'unsafe-inline'; img-src https://*.ctl.io https://www.google-analytics.com data:; font-src https://*.ctl.io https://fonts.gstatic.com; connect-src https://*.ctl.io https://www.google-analytics.com; frame-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77; child-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy default-src https://*.ctl.io; script-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://www.google-analytics.com https://ipinfo.io 'unsafe-eval' 'unsafe-inline'; style-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://fonts.googleapis.com 'unsafe-inline'; img-src https://*.ctl.io https://www.google-analytics.com data:; font-src https://*.ctl.io https://fonts.gstatic.com; connect-src https://*.ctl.io https://www.google-analytics.com; frame-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77; child-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 06 Oct 2020 12:30:04 GMT
X-Content-Type-Options
nosniff
X-Content-Security-Policy
default-src https://*.ctl.io; script-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://www.google-analytics.com https://ipinfo.io 'unsafe-eval' 'unsafe-inline'; style-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://fonts.googleapis.com 'unsafe-inline'; img-src https://*.ctl.io https://www.google-analytics.com data:; font-src https://*.ctl.io https://fonts.gstatic.com; connect-src https://*.ctl.io https://www.google-analytics.com; frame-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77; child-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77;
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-Xss-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
no-referrer
Last-Modified
Thu, 09 Aug 2018 14:39:16 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubdomains
Content-Type
application/javascript
Cache-Control
no-store
Content-Security-Policy
default-src https://*.ctl.io; script-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://www.google-analytics.com https://ipinfo.io 'unsafe-eval' 'unsafe-inline'; style-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://fonts.googleapis.com 'unsafe-inline'; img-src https://*.ctl.io https://www.google-analytics.com data:; font-src https://*.ctl.io https://fonts.gstatic.com; connect-src https://*.ctl.io https://www.google-analytics.com; frame-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77; child-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77;
Expires
Tue, 13 Oct 2020 12:30:04 GMT
logo.svg
sso.ctl.io/oxauth/ext/resources/images/
4 KB
6 KB
Image
General
Full URL
https://sso.ctl.io/oxauth/ext/resources/images/logo.svg
Requested by
Host: sso.ctl.io
URL: https://sso.ctl.io/oxauth/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.15.184.150 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
/
Resource Hash
4814ba7a037f904e5a0a2c9a431499799640f558d1294b1aec41f63dab46b756
Security Headers
Name Value
Content-Security-Policy default-src https://*.ctl.io; script-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://www.google-analytics.com https://ipinfo.io 'unsafe-eval' 'unsafe-inline'; style-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://fonts.googleapis.com 'unsafe-inline'; img-src https://*.ctl.io https://www.google-analytics.com data:; font-src https://*.ctl.io https://fonts.gstatic.com; connect-src https://*.ctl.io https://www.google-analytics.com; frame-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77; child-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy default-src https://*.ctl.io; script-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://www.google-analytics.com https://ipinfo.io 'unsafe-eval' 'unsafe-inline'; style-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://fonts.googleapis.com 'unsafe-inline'; img-src https://*.ctl.io https://www.google-analytics.com data:; font-src https://*.ctl.io https://fonts.gstatic.com; connect-src https://*.ctl.io https://www.google-analytics.com; frame-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77; child-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 06 Oct 2020 12:30:04 GMT
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Content-Length
3650
X-Xss-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
no-referrer
Last-Modified
Mon, 14 Sep 2020 01:39:07 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubdomains
Content-Type
image/svg+xml
Cache-Control
no-store
Content-Security-Policy
default-src https://*.ctl.io; script-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://www.google-analytics.com https://ipinfo.io 'unsafe-eval' 'unsafe-inline'; style-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://fonts.googleapis.com 'unsafe-inline'; img-src https://*.ctl.io https://www.google-analytics.com data:; font-src https://*.ctl.io https://fonts.gstatic.com; connect-src https://*.ctl.io https://www.google-analytics.com; frame-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77; child-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77;
Accept-Ranges
bytes
X-Content-Security-Policy
default-src https://*.ctl.io; script-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://www.google-analytics.com https://ipinfo.io 'unsafe-eval' 'unsafe-inline'; style-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://fonts.googleapis.com 'unsafe-inline'; img-src https://*.ctl.io https://www.google-analytics.com data:; font-src https://*.ctl.io https://fonts.gstatic.com; connect-src https://*.ctl.io https://www.google-analytics.com; frame-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77; child-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77;
fallback-2.0.0.custom.min.js
sso.ctl.io/oxauth/ext/resources/scripts/
16 KB
18 KB
Script
General
Full URL
https://sso.ctl.io/oxauth/ext/resources/scripts/fallback-2.0.0.custom.min.js
Requested by
Host: sso.ctl.io
URL: https://sso.ctl.io/oxauth/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.15.184.150 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
/
Resource Hash
0d600b8ec393d95915f9301726205e5080a603bfaab2b4c40732a367baec32ea
Security Headers
Name Value
Content-Security-Policy default-src https://*.ctl.io; script-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://www.google-analytics.com https://ipinfo.io 'unsafe-eval' 'unsafe-inline'; style-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://fonts.googleapis.com 'unsafe-inline'; img-src https://*.ctl.io https://www.google-analytics.com data:; font-src https://*.ctl.io https://fonts.gstatic.com; connect-src https://*.ctl.io https://www.google-analytics.com; frame-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77; child-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy default-src https://*.ctl.io; script-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://www.google-analytics.com https://ipinfo.io 'unsafe-eval' 'unsafe-inline'; style-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://fonts.googleapis.com 'unsafe-inline'; img-src https://*.ctl.io https://www.google-analytics.com data:; font-src https://*.ctl.io https://fonts.gstatic.com; connect-src https://*.ctl.io https://www.google-analytics.com; frame-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77; child-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 06 Oct 2020 12:30:05 GMT
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Content-Length
16137
X-Xss-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
no-referrer
Last-Modified
Sat, 15 Aug 2020 15:03:03 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubdomains
Content-Type
application/javascript
Cache-Control
no-store
Content-Security-Policy
default-src https://*.ctl.io; script-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://www.google-analytics.com https://ipinfo.io 'unsafe-eval' 'unsafe-inline'; style-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://fonts.googleapis.com 'unsafe-inline'; img-src https://*.ctl.io https://www.google-analytics.com data:; font-src https://*.ctl.io https://fonts.gstatic.com; connect-src https://*.ctl.io https://www.google-analytics.com; frame-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77; child-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77;
Accept-Ranges
bytes
X-Content-Security-Policy
default-src https://*.ctl.io; script-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://www.google-analytics.com https://ipinfo.io 'unsafe-eval' 'unsafe-inline'; style-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://fonts.googleapis.com 'unsafe-inline'; img-src https://*.ctl.io https://www.google-analytics.com data:; font-src https://*.ctl.io https://fonts.gstatic.com; connect-src https://*.ctl.io https://www.google-analytics.com; frame-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77; child-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77;
main.js
sso.ctl.io/oxauth/scripts/282859/
6 KB
8 KB
Script
General
Full URL
https://sso.ctl.io/oxauth/scripts/282859/main.js
Requested by
Host: sso.ctl.io
URL: https://sso.ctl.io/oxauth/ext/resources/scripts/fallback-2.0.0.custom.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.15.184.150 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
/
Resource Hash
2d3be39bea93cce41be21862d42a1dc156b02178697bf9042fa1cf47253b8177
Security Headers
Name Value
Content-Security-Policy default-src https://*.ctl.io; script-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://www.google-analytics.com https://ipinfo.io 'unsafe-eval' 'unsafe-inline'; style-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://fonts.googleapis.com 'unsafe-inline'; img-src https://*.ctl.io https://www.google-analytics.com data:; font-src https://*.ctl.io https://fonts.gstatic.com; connect-src https://*.ctl.io https://www.google-analytics.com; frame-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77; child-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy default-src https://*.ctl.io; script-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://www.google-analytics.com https://ipinfo.io 'unsafe-eval' 'unsafe-inline'; style-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://fonts.googleapis.com 'unsafe-inline'; img-src https://*.ctl.io https://www.google-analytics.com data:; font-src https://*.ctl.io https://fonts.gstatic.com; connect-src https://*.ctl.io https://www.google-analytics.com; frame-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77; child-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Oct 2020 12:30:05 GMT
Referrer-Policy
no-referrer
X-Permitted-Cross-Domain-Policies
none
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
Content-Type
application/javascript;charset=utf-8
X-Xss-Protection
1; mode=block
Cache-Control
no-store
Content-Security-Policy
default-src https://*.ctl.io; script-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://www.google-analytics.com https://ipinfo.io 'unsafe-eval' 'unsafe-inline'; style-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://fonts.googleapis.com 'unsafe-inline'; img-src https://*.ctl.io https://www.google-analytics.com data:; font-src https://*.ctl.io https://fonts.gstatic.com; connect-src https://*.ctl.io https://www.google-analytics.com; frame-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77; child-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77;
Strict-Transport-Security
max-age=31536000; includeSubdomains
Content-Length
6075
X-Content-Type-Options
nosniff
X-Content-Security-Policy
default-src https://*.ctl.io; script-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://www.google-analytics.com https://ipinfo.io 'unsafe-eval' 'unsafe-inline'; style-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://fonts.googleapis.com 'unsafe-inline'; img-src https://*.ctl.io https://www.google-analytics.com data:; font-src https://*.ctl.io https://fonts.gstatic.com; connect-src https://*.ctl.io https://www.google-analytics.com; frame-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77; child-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77;
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/2.2.3/
84 KB
27 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.3/jquery.min.js
Requested by
Host: sso.ctl.io
URL: https://sso.ctl.io/oxauth/ext/resources/scripts/fallback-2.0.0.custom.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b6de0d4db7876d1183a3edb47ebd3bbbf93f153f5de1ba6645049348628109a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 12:30:05 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
484454
x-via
cfworker/kv
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
26964
cf-request-id
059f7cfe920000d6cd6807f200000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
etag
"5eb03ec4-14e9b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601987405"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5ddf64441ff7d6cd-FRA
expires
Sun, 26 Sep 2021 12:30:05 GMT
knockout-min.js
cdnjs.cloudflare.com/ajax/libs/knockout/3.4.0/
58 KB
19 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/knockout/3.4.0/knockout-min.js
Requested by
Host: sso.ctl.io
URL: https://sso.ctl.io/oxauth/ext/resources/scripts/fallback-2.0.0.custom.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
972f13893b7056c0567637a44ea4c994b1b3dd1b20e185ebf3478ae9086d74cb
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 12:30:05 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2359254
x-via
cfworker/kv
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19618
cf-request-id
059f7cfe930000d6cd68080200000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:59 GMT
server
cloudflare
etag
"5eb03ecf-e9ae"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601987405"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5ddf64441ffed6cd-FRA
expires
Sun, 26 Sep 2021 12:30:05 GMT
cyclops.min.css
assets.ctl.io/cyclops/2.0.0/css/
218 KB
28 KB
Stylesheet
General
Full URL
https://assets.ctl.io/cyclops/2.0.0/css/cyclops.min.css
Requested by
Host: sso.ctl.io
URL: https://sso.ctl.io/oxauth/ext/resources/scripts/fallback-2.0.0.custom.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:0:14:469:86c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a685aaefb8e1fd4ca6a0897a072f8b85d8e54f8477e86f093a1414bb78f58e57

Request headers

Origin
https://sso.ctl.io
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 12:30:02 GMT
content-encoding
gzip
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age
4
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
*
last-modified
Mon, 14 Sep 2020 18:05:13 GMT
server
AmazonS3
etag
W/"69619eb1b49a9faf927faf669f542837"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/css
via
1.1 a3c2566f9e36ad3cdf79fc6307fcf567.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
wLIJqRvDTq5kr_awgVNdLT-cL-z_wpBRdkduBysBH088ntTI8KA05w==
global-menus-module.js
assets.ctl.io/dt-GlobalNavigationMenu/3.0.0/
244 KB
64 KB
Script
General
Full URL
https://assets.ctl.io/dt-GlobalNavigationMenu/3.0.0/global-menus-module.js
Requested by
Host: sso.ctl.io
URL: https://sso.ctl.io/oxauth/ext/resources/scripts/fallback-2.0.0.custom.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:0:14:469:86c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e48802c62e1e3b50b7d71136288e7ddc0036e6dc73bdbc958e78446e4f70aa93

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 12:30:06 GMT
content-encoding
gzip
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
status
200
access-control-allow-origin
*
last-modified
Mon, 14 Sep 2020 18:05:36 GMT
server
AmazonS3
etag
W/"4d0c991ca0df3f86e05e14c160e55734"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 48391c4ed2c51e95dcabcb70cf613127.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-id
kVieqYnqA2fNsQlh03D9-l2pXaRyTyCxyfitsWfG9HohQI1nQnfBOQ==
jquery-ui.min.js
cdnjs.cloudflare.com/ajax/libs/jqueryui/1.11.4/
235 KB
53 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jqueryui/1.11.4/jquery-ui.min.js
Requested by
Host: sso.ctl.io
URL: https://sso.ctl.io/oxauth/ext/resources/scripts/fallback-2.0.0.custom.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 12:30:05 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
487309
x-via
cfworker/kv
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54095
cf-request-id
059f7cfeb90000d6cd68089200000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
etag
"5eb03ec4-3ab2b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601987406"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5ddf64445888d6cd-FRA
expires
Sun, 26 Sep 2021 12:30:05 GMT
knockout.validation.min.js
cdn.jsdelivr.net/knockout.validation/2.0.3/
17 KB
6 KB
Script
General
Full URL
https://cdn.jsdelivr.net/knockout.validation/2.0.3/knockout.validation.min.js
Requested by
Host: sso.ctl.io
URL: https://sso.ctl.io/oxauth/ext/resources/scripts/fallback-2.0.0.custom.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0ae1873a7d99f91a3a1686d9bca1cde701f9f705225fab6986308d806ade1c61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
5950610
x-cache
HIT, HIT
status
200
content-length
5725
etag
W/"45b9-9moiMCQ7BwoFjBXL1soxPAr0hac"
x-served-by
cache-fra19144-FRA, cache-hhn4060-HHN
date
Tue, 06 Oct 2020 12:30:05 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
intlTelInput.css
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/13.0.4/css/
27 KB
3 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/13.0.4/css/intlTelInput.css
Requested by
Host: sso.ctl.io
URL: https://sso.ctl.io/oxauth/ext/resources/scripts/fallback-2.0.0.custom.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69a66b494a68825bdcb613ba2f288f0d579cf75865c2c1c704940d1ade96948f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Origin
https://sso.ctl.io
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 12:30:05 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3686940
x-via
cfworker/kv
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2196
cf-request-id
059f7cfecc0000c2feccba6200000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:18 GMT
server
cloudflare
etag
"5eb03ea6-6ba9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601987406"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5ddf64447c46c2fe-FRA
expires
Sun, 26 Sep 2021 12:30:05 GMT
cyclops.min.js
assets.ctl.io/cyclops/2.0.0/scripts/
169 KB
53 KB
Script
General
Full URL
https://assets.ctl.io/cyclops/2.0.0/scripts/cyclops.min.js
Requested by
Host: sso.ctl.io
URL: https://sso.ctl.io/oxauth/ext/resources/scripts/fallback-2.0.0.custom.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:0:14:469:86c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aa15dfd7fabe17a3ced379ca3b6aba94fe03e80d786e03b0cac035e52c24ae59

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 12:30:07 GMT
content-encoding
gzip
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
status
200
access-control-allow-origin
*
last-modified
Mon, 14 Sep 2020 18:05:13 GMT
server
AmazonS3
etag
W/"45ac2d949f9e2673878fb13ba0889b21"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 48391c4ed2c51e95dcabcb70cf613127.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-id
5-rBUIJPC6k-obhnMA4rSG2s5KiSlcdzmXY6zvKMuzyg2BYmDPPc5w==
intlTelInput.min.js
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/13.0.4/js/
24 KB
8 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/13.0.4/js/intlTelInput.min.js
Requested by
Host: sso.ctl.io
URL: https://sso.ctl.io/oxauth/ext/resources/scripts/fallback-2.0.0.custom.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db9d9d7b997e35ba795a88c95bf85732b5e34935769ac74caaee0ed4b82bc0e0
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 12:30:06 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
485430
x-via
cfworker/kv
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8057
cf-request-id
059f7d014d0000d6cd68127200000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:18 GMT
server
cloudflare
etag
"5eb03ea6-5eaf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601987406"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5ddf64487a1ed6cd-FRA
expires
Sun, 26 Sep 2021 12:30:06 GMT
sso.css
sso.ctl.io/oxauth/styles/282859/
11 KB
13 KB
Stylesheet
General
Full URL
https://sso.ctl.io/oxauth/styles/282859/sso.css
Requested by
Host: sso.ctl.io
URL: https://sso.ctl.io/oxauth/ext/resources/scripts/fallback-2.0.0.custom.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.15.184.150 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
/
Resource Hash
34854654b0ee2be6b1f3c18901578baac8261ed5ed3b6c6750cf065b46de52e2
Security Headers
Name Value
Content-Security-Policy default-src https://*.ctl.io; script-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://www.google-analytics.com https://ipinfo.io 'unsafe-eval' 'unsafe-inline'; style-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://fonts.googleapis.com 'unsafe-inline'; img-src https://*.ctl.io https://www.google-analytics.com data:; font-src https://*.ctl.io https://fonts.gstatic.com; connect-src https://*.ctl.io https://www.google-analytics.com; frame-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77; child-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy default-src https://*.ctl.io; script-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://www.google-analytics.com https://ipinfo.io 'unsafe-eval' 'unsafe-inline'; style-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://fonts.googleapis.com 'unsafe-inline'; img-src https://*.ctl.io https://www.google-analytics.com data:; font-src https://*.ctl.io https://fonts.gstatic.com; connect-src https://*.ctl.io https://www.google-analytics.com; frame-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77; child-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Origin
https://sso.ctl.io
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Oct 2020 12:30:06 GMT
Referrer-Policy
no-referrer
X-Permitted-Cross-Domain-Policies
none
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
Content-Type
text/css;charset=utf-8
X-Xss-Protection
1; mode=block
Cache-Control
no-store
Content-Security-Policy
default-src https://*.ctl.io; script-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://www.google-analytics.com https://ipinfo.io 'unsafe-eval' 'unsafe-inline'; style-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://fonts.googleapis.com 'unsafe-inline'; img-src https://*.ctl.io https://www.google-analytics.com data:; font-src https://*.ctl.io https://fonts.gstatic.com; connect-src https://*.ctl.io https://www.google-analytics.com; frame-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77; child-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77;
Strict-Transport-Security
max-age=31536000; includeSubdomains
Content-Length
11003
X-Content-Type-Options
nosniff
X-Content-Security-Policy
default-src https://*.ctl.io; script-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://www.google-analytics.com https://ipinfo.io 'unsafe-eval' 'unsafe-inline'; style-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://fonts.googleapis.com 'unsafe-inline'; img-src https://*.ctl.io https://www.google-analytics.com data:; font-src https://*.ctl.io https://fonts.gstatic.com; connect-src https://*.ctl.io https://www.google-analytics.com; frame-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77; child-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77;
sammy.min.js
cdnjs.cloudflare.com/ajax/libs/sammy.js/0.7.6/
27 KB
7 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/sammy.js/0.7.6/sammy.min.js
Requested by
Host: sso.ctl.io
URL: https://sso.ctl.io/oxauth/ext/resources/scripts/fallback-2.0.0.custom.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4e6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c980aea017dcf2365979e243e8f4291cc745719ceaeb1411bb4d328da46b7a3
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 12:30:06 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3514929
x-via
cfworker/kv
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6780
cf-request-id
059f7d01640000d6cd6812a200000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:16:06 GMT
server
cloudflare
etag
"5eb03fc6-6a46"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601987406"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5ddf6448aa6ad6cd-FRA
expires
Sun, 26 Sep 2021 12:30:06 GMT
sso.js
sso.ctl.io/oxauth/scripts/282859/
101 KB
103 KB
Script
General
Full URL
https://sso.ctl.io/oxauth/scripts/282859/sso.js
Requested by
Host: sso.ctl.io
URL: https://sso.ctl.io/oxauth/ext/resources/scripts/fallback-2.0.0.custom.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.15.184.150 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
/
Resource Hash
e4c5b894b4189408e7ca7e1249cc0b144f54e8e547f1d53708b7944e7499eeaa
Security Headers
Name Value
Content-Security-Policy default-src https://*.ctl.io; script-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://www.google-analytics.com https://ipinfo.io 'unsafe-eval' 'unsafe-inline'; style-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://fonts.googleapis.com 'unsafe-inline'; img-src https://*.ctl.io https://www.google-analytics.com data:; font-src https://*.ctl.io https://fonts.gstatic.com; connect-src https://*.ctl.io https://www.google-analytics.com; frame-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77; child-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy default-src https://*.ctl.io; script-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://www.google-analytics.com https://ipinfo.io 'unsafe-eval' 'unsafe-inline'; style-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://fonts.googleapis.com 'unsafe-inline'; img-src https://*.ctl.io https://www.google-analytics.com data:; font-src https://*.ctl.io https://fonts.gstatic.com; connect-src https://*.ctl.io https://www.google-analytics.com; frame-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77; child-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 06 Oct 2020 12:30:06 GMT
Referrer-Policy
no-referrer
X-Permitted-Cross-Domain-Policies
none
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
Content-Type
application/javascript;charset=utf-8
X-Xss-Protection
1; mode=block
Cache-Control
no-store
Transfer-Encoding
chunked
Content-Security-Policy
default-src https://*.ctl.io; script-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://www.google-analytics.com https://ipinfo.io 'unsafe-eval' 'unsafe-inline'; style-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://fonts.googleapis.com 'unsafe-inline'; img-src https://*.ctl.io https://www.google-analytics.com data:; font-src https://*.ctl.io https://fonts.gstatic.com; connect-src https://*.ctl.io https://www.google-analytics.com; frame-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77; child-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77;
Strict-Transport-Security
max-age=31536000; includeSubdomains
X-Content-Type-Options
nosniff
X-Content-Security-Policy
default-src https://*.ctl.io; script-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://www.google-analytics.com https://ipinfo.io 'unsafe-eval' 'unsafe-inline'; style-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://fonts.googleapis.com 'unsafe-inline'; img-src https://*.ctl.io https://www.google-analytics.com data:; font-src https://*.ctl.io https://fonts.gstatic.com; connect-src https://*.ctl.io https://www.google-analytics.com; frame-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77; child-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77;
sammy.title-0.7.6.min.js
sso.ctl.io/oxauth/ext/resources/scripts/
715 B
3 KB
Script
General
Full URL
https://sso.ctl.io/oxauth/ext/resources/scripts/sammy.title-0.7.6.min.js
Requested by
Host: sso.ctl.io
URL: https://sso.ctl.io/oxauth/ext/resources/scripts/fallback-2.0.0.custom.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.15.184.150 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
/
Resource Hash
d55e43c6715c5f386e8041e92c2e290243534a785ddb87f07c457a14d3693c36
Security Headers
Name Value
Content-Security-Policy default-src https://*.ctl.io; script-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://www.google-analytics.com https://ipinfo.io 'unsafe-eval' 'unsafe-inline'; style-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://fonts.googleapis.com 'unsafe-inline'; img-src https://*.ctl.io https://www.google-analytics.com data:; font-src https://*.ctl.io https://fonts.gstatic.com; connect-src https://*.ctl.io https://www.google-analytics.com; frame-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77; child-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy default-src https://*.ctl.io; script-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://www.google-analytics.com https://ipinfo.io 'unsafe-eval' 'unsafe-inline'; style-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://fonts.googleapis.com 'unsafe-inline'; img-src https://*.ctl.io https://www.google-analytics.com data:; font-src https://*.ctl.io https://fonts.gstatic.com; connect-src https://*.ctl.io https://www.google-analytics.com; frame-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77; child-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 06 Oct 2020 12:30:06 GMT
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Content-Length
715
X-Xss-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
no-referrer
Last-Modified
Sat, 15 Aug 2020 15:03:03 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubdomains
Content-Type
application/javascript
Cache-Control
no-store
Content-Security-Policy
default-src https://*.ctl.io; script-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://www.google-analytics.com https://ipinfo.io 'unsafe-eval' 'unsafe-inline'; style-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://fonts.googleapis.com 'unsafe-inline'; img-src https://*.ctl.io https://www.google-analytics.com data:; font-src https://*.ctl.io https://fonts.gstatic.com; connect-src https://*.ctl.io https://www.google-analytics.com; frame-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77; child-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77;
Accept-Ranges
bytes
X-Content-Security-Policy
default-src https://*.ctl.io; script-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://www.google-analytics.com https://ipinfo.io 'unsafe-eval' 'unsafe-inline'; style-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://fonts.googleapis.com 'unsafe-inline'; img-src https://*.ctl.io https://www.google-analytics.com data:; font-src https://*.ctl.io https://fonts.gstatic.com; connect-src https://*.ctl.io https://www.google-analytics.com; frame-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77; child-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77;
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bd10bc9c7b34e92bc0f9e7b3a4fe152400541b209f15c37b80cfbf21adfa8e29

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
services.json
assets.ctl.io/globalnavigation/
20 KB
5 KB
Fetch
General
Full URL
https://assets.ctl.io/globalnavigation/services.json?1601987406149
Requested by
Host: assets.ctl.io
URL: https://assets.ctl.io/dt-GlobalNavigationMenu/3.0.0/global-menus-module.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:0:14:469:86c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4547d8a0aef41e2de38e89b537f9a9004871d1a84985caef86e78158c8782239

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 12:30:07 GMT
content-encoding
gzip
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
status
200
access-control-allow-origin
*
last-modified
Mon, 14 Sep 2020 18:06:16 GMT
server
AmazonS3
etag
W/"0d28ab98c9e1fadafddde57d836a100d"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json
via
1.1 a3c2566f9e36ad3cdf79fc6307fcf567.cloudfront.net (CloudFront)
cache-control
no-store
x-amz-cf-id
lloI7uHNkE0eREOA3DACQ7SG18NpRXsMMUvSmRu76Q8fiMViqhMb2Q==
analytics.js
www.google-analytics.com/
45 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: sso.ctl.io
URL: https://sso.ctl.io/oxauth/ext/resources/scripts/fallback-2.0.0.custom.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Sep 2020 01:50:37 GMT
server
Golfe2
age
4468
date
Tue, 06 Oct 2020 11:15:39 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18650
expires
Tue, 06 Oct 2020 13:15:39 GMT
autotrack-2.3.2.js
sso.ctl.io/oxauth/ext/resources/scripts/
23 KB
25 KB
Script
General
Full URL
https://sso.ctl.io/oxauth/ext/resources/scripts/autotrack-2.3.2.js
Requested by
Host: sso.ctl.io
URL: https://sso.ctl.io/oxauth/ext/resources/scripts/fallback-2.0.0.custom.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.15.184.150 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
/
Resource Hash
9768c8abce3ad320ad63874c666955b64e71fcf74d97a0c8923a64bcf8ca1838
Security Headers
Name Value
Content-Security-Policy default-src https://*.ctl.io; script-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://www.google-analytics.com https://ipinfo.io 'unsafe-eval' 'unsafe-inline'; style-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://fonts.googleapis.com 'unsafe-inline'; img-src https://*.ctl.io https://www.google-analytics.com data:; font-src https://*.ctl.io https://fonts.gstatic.com; connect-src https://*.ctl.io https://www.google-analytics.com; frame-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77; child-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy default-src https://*.ctl.io; script-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://www.google-analytics.com https://ipinfo.io 'unsafe-eval' 'unsafe-inline'; style-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://fonts.googleapis.com 'unsafe-inline'; img-src https://*.ctl.io https://www.google-analytics.com data:; font-src https://*.ctl.io https://fonts.gstatic.com; connect-src https://*.ctl.io https://www.google-analytics.com; frame-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77; child-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 06 Oct 2020 12:30:07 GMT
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Content-Length
23837
X-Xss-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
no-referrer
Last-Modified
Sat, 15 Aug 2020 15:03:03 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubdomains
Content-Type
application/javascript
Cache-Control
no-store
Content-Security-Policy
default-src https://*.ctl.io; script-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://www.google-analytics.com https://ipinfo.io 'unsafe-eval' 'unsafe-inline'; style-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://fonts.googleapis.com 'unsafe-inline'; img-src https://*.ctl.io https://www.google-analytics.com data:; font-src https://*.ctl.io https://fonts.gstatic.com; connect-src https://*.ctl.io https://www.google-analytics.com; frame-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77; child-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77;
Accept-Ranges
bytes
X-Content-Security-Policy
default-src https://*.ctl.io; script-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://www.google-analytics.com https://ipinfo.io 'unsafe-eval' 'unsafe-inline'; style-src https://*.ctl.io https://cdnjs.cloudflare.com https://ajax.aspnetcdn.com https://cdn.jsdelivr.net https://fonts.googleapis.com 'unsafe-inline'; img-src https://*.ctl.io https://www.google-analytics.com data:; font-src https://*.ctl.io https://fonts.gstatic.com; connect-src https://*.ctl.io https://www.google-analytics.com; frame-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77; child-src https://*.ctl.io https://*.savvis.net https://*.savvis.com https://204.70.133.77;
collect
www.google-analytics.com/j/
2 B
61 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j86&a=1294248712&t=pageview&_s=1&dl=https%3A%2F%2Fsso.ctl.io%2Foxauth%2Flogin&dp=%2Foxauth%2Flogin&ul=en-us&de=UTF-8&dt=Lumen%20%3A%20Sign%20In&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEADAAAAAC~&jid=406270046&gjid=1805085039&cid=2102149314.1601987407&tid=UA-107271597-3&_gid=877377517.1601987407&_r=1&_slc=1&_av=2.3.2&_au=4a&cd1=lg&cd2=External&cd3=Normal&did=i5iSjo&z=341133319
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Oct 2020 12:30:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
https://sso.ctl.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
121 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j86&a=1294248712&t=timing&_s=2&dl=https%3A%2F%2Fsso.ctl.io%2Foxauth%2Flogin&dp=%2Foxauth%2Flogin&ul=en-us&de=UTF-8&dt=Lumen%20%3A%20Sign%20In&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=Dependencies&utv=load&utt=3713&_u=aGBAAEADAAAAAC~&jid=&gjid=&cid=2102149314.1601987407&tid=UA-107271597-3&_gid=877377517.1601987407&_av=2.3.2&_au=4a&cd1=lg&cd2=External&cd3=Normal&did=i5iSjo&z=343975540
Requested by
Host: sso.ctl.io
URL: https://sso.ctl.io/oxauth/login
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Oct 2020 09:31:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
10713
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes object| MP object| jsf object| mojarra function| cfg function| conf function| config function| def function| define object| fallback object| fbk function| req function| require function| $ function| jQuery object| ko object| GlobalMenus object| default function| Sammy object| div function| Polyfill object| sso function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| gaDevIds

3 Cookies

Domain/Path Name / Value
.ctl.io/ Name: _gid
Value: GA1.2.877377517.1601987407
.ctl.io/ Name: _gat
Value: 1
.ctl.io/ Name: _ga
Value: GA1.2.2102149314.1601987407

9 Console Messages

Source Level URL
Text
console-api log URL: https://managedsupport.ctl.io/mp_linkcode.js(Line 12)
Message:
translation init
console-api log URL: https://managedservices.ctl.io/msp/support/tickets/view/INC000003875344(Line 17)
Message:
window.main() function
console-api log URL: webpack:///./components/App.js?(Line 311)
Message:
chrome 83.0.4103 Mac OS
console-api log URL: webpack:///./components/App.js?(Line 258)
Message:
[object Object]
console-api log URL: webpack:///./components/App.js?(Line 311)
Message:
chrome 83.0.4103 Mac OS
console-api log URL: webpack:///./components/App.js?(Line 311)
Message:
chrome 83.0.4103 Mac OS
console-api log URL: webpack:///./actions/login.js?(Line 212)
Message:
/msp/support/tickets/view/INC000003875344
console-api log URL: https://assets.ctl.io/cyclops/2.0.0/scripts/cyclops.min.js(Line 1)
Message:
momentjs is not referenced or is referenced after cyclops some parts of cyclops may not be avalible.
console-api log URL: https://assets.ctl.io/cyclops/2.0.0/scripts/cyclops.min.js(Line 1)
Message:
chartist is not referenced or is referenced after cyclops some parts of cyclops may not be avalible.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://sso.ctl.io
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.ctl.io
cdn.jsdelivr.net
cdnjs.cloudflare.com
fonts.googleapis.com
ipv4.icanhazip.com
managedservices.ctl.io
managedsupport.ctl.io
sso.ctl.io
www.google-analytics.com
www.googletagmanager.com
136.144.56.255
206.152.34.220
2600:9000:214f:0:14:469:86c0:93a1
2606:4700::6811:4e6b
2a00:1450:4001:816::2008
2a00:1450:4001:81b::200a
2a00:1450:4001:81e::200e
2a00:1450:4001:81f::200e
2a04:4e42:1b::621
64.15.184.150
0ae1873a7d99f91a3a1686d9bca1cde701f9f705225fab6986308d806ade1c61
0d600b8ec393d95915f9301726205e5080a603bfaab2b4c40732a367baec32ea
1f33a8247a156ce06ae9bb2ccb7a55b71de0e6027bd82dc076f7d4433da7356a
2d3be39bea93cce41be21862d42a1dc156b02178697bf9042fa1cf47253b8177
34854654b0ee2be6b1f3c18901578baac8261ed5ed3b6c6750cf065b46de52e2
35f47f80d1f41359799340494eff801bb3cfda729c0243cd37388467fb5daab1
4547d8a0aef41e2de38e89b537f9a9004871d1a84985caef86e78158c8782239
4814ba7a037f904e5a0a2c9a431499799640f558d1294b1aec41f63dab46b756
4841e5aea32bf4b1a28f0c635e7cb743f3a4408a125b8194deaa19b24ec878f7
509545dca18b936b9f79154d3d8b2753483184da8c3cfe4d21894d22ac642ada
56c4c5d85b08019509743ceec6adec6788105830c8ac04bc276a770b09779a97
5b535665ed44dffdc8309eea0204556725719cf3b17e33e1ed65714f5276c646
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
69a66b494a68825bdcb613ba2f288f0d579cf75865c2c1c704940d1ade96948f
6b6de0d4db7876d1183a3edb47ebd3bbbf93f153f5de1ba6645049348628109a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7c980aea017dcf2365979e243e8f4291cc745719ceaeb1411bb4d328da46b7a3
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
849940e565cd1ecb1961fcce0b6eb3a32c4fa173d8afa3146fbf53c4dba3a99e
887406a2fc63794a738dc05c9960011eee8e63fe8bcce296b0b6180ba9a8d36c
894865fe8b9683099d00d1a991d9aa6f845ce488468f0a39f13b4909b072e37c
91cf940f35f8521b0f2fda7ddd08d34935638ea316d773b40d4fc162b028c983
9636da880cc34878cd5ba085418fd5ac4fb56f5ca4cfe24071815315bdd53172
972f13893b7056c0567637a44ea4c994b1b3dd1b20e185ebf3478ae9086d74cb
9768c8abce3ad320ad63874c666955b64e71fcf74d97a0c8923a64bcf8ca1838
9c0b78d07ff3e9f94ea536fbba52625bcc4a2824d50f2df155251af1cb4bcd2b
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a100120710fc56a91c9ad46fd3b8c68b14947282ae2c407cf689723e87dab639
a685aaefb8e1fd4ca6a0897a072f8b85d8e54f8477e86f093a1414bb78f58e57
aa15dfd7fabe17a3ced379ca3b6aba94fe03e80d786e03b0cac035e52c24ae59
aead6326640e7ce4724ff5463c8c9a3ab7f793557bd3994dc97695626ec12025
b50f4e5baabe8c16cf4bbabbd17eef8ac4e48463d7bb3518241d3c9bc1d20762
bd10bc9c7b34e92bc0f9e7b3a4fe152400541b209f15c37b80cfbf21adfa8e29
c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c
d55e43c6715c5f386e8041e92c2e290243534a785ddb87f07c457a14d3693c36
d8842cc18aee5793e6cc5fd9f4b96530f4635936331197a748d91e13356a416d
db9d9d7b997e35ba795a88c95bf85732b5e34935769ac74caaee0ed4b82bc0e0
e48802c62e1e3b50b7d71136288e7ddc0036e6dc73bdbc958e78446e4f70aa93
e4c5b894b4189408e7ca7e1249cc0b144f54e8e547f1d53708b7944e7499eeaa
e6dd0513552953ba3f9af6dae298008d7da53ac6fe88919feb60584456620b36
ed70b33aa556c8962c1289458f477476f9777df5e20ba4ba6dc97928816cb3bc
eff4ee788ac41261b9cd9ab8ca715d9ca75b303cce767ce7f2acd29022eebb6f
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa