urlscan.io logo urlscan.io
SecurityTrails logo

fed.nyp.org Open in urlscan Pro
143.104.237.46  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://fed.nyp.org/idp/eyJ2c2lkIjoiaHR0cDpcL1wvbnlwLm9yZ1wvUGluZ0ZlZGVyYXRlIn0/prp.wsf?login_hint=hss9004%40nyp.org...
Submission: On October 15 via api from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 19 HTTP transactions. The main IP is 143.104.237.46, located in New York, United States and belongs to NYP-INTERNET, US. The main domain is fed.nyp.org.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on April 19th 2024. Valid for: a year.
This is the only time fed.nyp.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Office 365 (Online)

Domain & IP information

IP Address AS Autonomous System
19 143.104.237.46 395139 (NYP-INTERNET)
19 1
Apex Domain
Subdomains		 Transfer
19 nyp.org
fed.nyp.org
1 MB
19 1
Domain Requested by
19 fed.nyp.org fed.nyp.org
19 1

This site contains links to these domains. Also see Links.

Domain
password.nyp.org
Subject Issuer Validity Valid
fed.nyp.org
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-04-19 -
2025-04-18		 a year crt.sh

This page contains 1 frames:

Primary Page: https://fed.nyp.org/idp/eyJ2c2lkIjoiaHR0cDpcL1wvbnlwLm9yZ1wvUGluZ0ZlZGVyYXRlIn0/prp.wsf?login_hint=hss9004%40nyp.org&client-request-id=21782c61-fa32-8c2c-e419-ae11bbbeb17a&username=hss9004%40nyp.org&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAAjZE7bNNgFIXzx6n74NHQCQaEsJiqOrEdJ44jIeGkqZKQKAmp42KEIue3nVftP43tJnWVnYGhQmLpCCx04NEB0SAh5k5l7VQJhCoGQEwRLDhCSGxwhu-e4d4z3LOI0SE6cY36LYackKR0nSahNnF_qbcwF1SWBleZH0v3P156duHN25fuLpg2t7oh1GvsgStN2-5aiXAYOfY6Qp0Q0vUW1EIQGWHUV8KvATgC4BSAB_75pmXxFMXe-HPs52KReIxlWS7uDSoajUToEM8pdZ2JMiQb5RUPKiQVb4HkKI2hVZWPsix97J8vCo7dZCZAvZarfffP6qhn1LrIsnexfZC_bdeXUaGxkq4MImW7FhNEJ9skO2vicoRaSfUVlK8oOZLjmEil7Rqrq0VZbOfTvCxq3UYhaW1wlpSW6EwSyigv2WaflDbayRxaS6U6N4Ws2sxWtS25AstyueoomrGZzrlSySnLHB-vm1U5ycdqNqm23Sq3ZaalwpqXoqe4rt3PlGS5JcXdhq26vGP0SwJL1-JCYw_7rz72Mdx7rYHMQwxHXc1sqUcBcBIAnwN-amYcAI-mvMIuHn46eCo-zz9sXP756kPSdzgVjsbEokrVLZXqtDsSFDKccQtmDSqlbKK4Vi6JhUITDQToFOF1PkHv4GAHx0f47AwW9BFYqkSf4uAbDu5N-0az_-r86Aw4PsvO4XBdaRnWwuI20VJrNupoJpHYJgaGVYNw4jaVdUeziMQdwssn7g6Hw3fnfOPzB4-_Pnk_Hn3JvAj6ToK-Xw2
Frame ID: B56543B72D9AE9675F567EC01E530AE7
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

O365 Login

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

1312 kB
Transfer

1297 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request prp.wsf
fed.nyp.org/idp/eyJ2c2lkIjoiaHR0cDpcL1wvbnlwLm9yZ1wvUGluZ0ZlZGVyYXRlIn0/ 		26 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fed.nyp.org/idp/eyJ2c2lkIjoiaHR0cDpcL1wvbnlwLm9yZ1wvUGluZ0ZlZGVyYXRlIn0/prp.wsf?login_hint=hss9004%40nyp.org&client-request-id=21782c61-fa32-8c2c-e419-ae11bbbeb17a&username=hss9004%40nyp.org&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAAjZE7bNNgFIXzx6n74NHQCQaEsJiqOrEdJ44jIeGkqZKQKAmp42KEIue3nVftP43tJnWVnYGhQmLpCCx04NEB0SAh5k5l7VQJhCoGQEwRLDhCSGxwhu-e4d4z3LOI0SE6cY36LYackKR0nSahNnF_qbcwF1SWBleZH0v3P156duHN25fuLpg2t7oh1GvsgStN2-5aiXAYOfY6Qp0Q0vUW1EIQGWHUV8KvATgC4BSAB_75pmXxFMXe-HPs52KReIxlWS7uDSoajUToEM8pdZ2JMiQb5RUPKiQVb4HkKI2hVZWPsix97J8vCo7dZCZAvZarfffP6qhn1LrIsnexfZC_bdeXUaGxkq4MImW7FhNEJ9skO2vicoRaSfUVlK8oOZLjmEil7Rqrq0VZbOfTvCxq3UYhaW1wlpSW6EwSyigv2WaflDbayRxaS6U6N4Ws2sxWtS25AstyueoomrGZzrlSySnLHB-vm1U5ycdqNqm23Sq3ZaalwpqXoqe4rt3PlGS5JcXdhq26vGP0SwJL1-JCYw_7rz72Mdx7rYHMQwxHXc1sqUcBcBIAnwN-amYcAI-mvMIuHn46eCo-zz9sXP756kPSdzgVjsbEokrVLZXqtDsSFDKccQtmDSqlbKK4Vi6JhUITDQToFOF1PkHv4GAHx0f47AwW9BFYqkSf4uAbDu5N-0az_-r86Aw4PsvO4XBdaRnWwuI20VJrNupoJpHYJgaGVYNw4jaVdUeziMQdwssn7g6Hw3fnfOPzB4-_Pnk_Hn3JvAj6ToK-Xw2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
143.104.237.46 New York, United States, ASN395139 (NYP-INTERNET, US),
Reverse DNS
Software
/
Resource Hash
b55564267763da6c4824aa8d0c1fb4ab3e92ace05a76ca58d58acc3a4ade314c
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.pingone.com ; img-src 'self' *.nyp.org *.pingone.com *.duosecurity.com *.duo.com data: ; connect-src 'self' http://127.0.0.1:27367 *.twosense.ai *.pingone.com *.mixpanel.com; font-src 'self' fonts.gstatic.com ; style-src 'self' 'unsafe-inline' *.nyp.org *.pingone.com *.googleapis.com ; worker-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.pingone.com *.nyp.org data: ; object-src 'none' ; frame-ancestors 'self' *.nyp.org *.pingone.com *.infor.com *.service-now.com *.sabacloud.com ; child-src 'self' data: *.duosecurity.com
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Cache-Control
no-cache, no-store
Content-Length
27118
Content-Security-Policy
default-src 'self' *.pingone.com ; img-src 'self' *.nyp.org *.pingone.com *.duosecurity.com *.duo.com data: ; connect-src 'self' http://127.0.0.1:27367 *.twosense.ai *.pingone.com *.mixpanel.com; font-src 'self' fonts.gstatic.com ; style-src 'self' 'unsafe-inline' *.nyp.org *.pingone.com *.googleapis.com ; worker-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.pingone.com *.nyp.org data: ; object-src 'none' ; frame-ancestors 'self' *.nyp.org *.pingone.com *.infor.com *.service-now.com *.sabacloud.com ; child-src 'self' data: *.duosecurity.com
Content-Type
text/html;charset=utf-8
Date
Tue, 15 Oct 2024 09:37:10 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Referrer-Policy
origin
Strict-Transport-Security
max-age=16070400; includeSubDomains
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-XSS-Protection
1; mode=block
nyp1.css
fed.nyp.org/assets/css/ 		9 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fed.nyp.org/assets/css/nyp1.css
Requested by
Host: fed.nyp.org
URL: https://fed.nyp.org/idp/eyJ2c2lkIjoiaHR0cDpcL1wvbnlwLm9yZ1wvUGluZ0ZlZGVyYXRlIn0/prp.wsf?login_hint=hss9004%40nyp.org&client-request-id=21782c61-fa32-8c2c-e419-ae11bbbeb17a&username=hss9004%40nyp.org&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAAjZE7bNNgFIXzx6n74NHQCQaEsJiqOrEdJ44jIeGkqZKQKAmp42KEIue3nVftP43tJnWVnYGhQmLpCCx04NEB0SAh5k5l7VQJhCoGQEwRLDhCSGxwhu-e4d4z3LOI0SE6cY36LYackKR0nSahNnF_qbcwF1SWBleZH0v3P156duHN25fuLpg2t7oh1GvsgStN2-5aiXAYOfY6Qp0Q0vUW1EIQGWHUV8KvATgC4BSAB_75pmXxFMXe-HPs52KReIxlWS7uDSoajUToEM8pdZ2JMiQb5RUPKiQVb4HkKI2hVZWPsix97J8vCo7dZCZAvZarfffP6qhn1LrIsnexfZC_bdeXUaGxkq4MImW7FhNEJ9skO2vicoRaSfUVlK8oOZLjmEil7Rqrq0VZbOfTvCxq3UYhaW1wlpSW6EwSyigv2WaflDbayRxaS6U6N4Ws2sxWtS25AstyueoomrGZzrlSySnLHB-vm1U5ycdqNqm23Sq3ZaalwpqXoqe4rt3PlGS5JcXdhq26vGP0SwJL1-JCYw_7rz72Mdx7rYHMQwxHXc1sqUcBcBIAnwN-amYcAI-mvMIuHn46eCo-zz9sXP756kPSdzgVjsbEokrVLZXqtDsSFDKccQtmDSqlbKK4Vi6JhUITDQToFOF1PkHv4GAHx0f47AwW9BFYqkSf4uAbDu5N-0az_-r86Aw4PsvO4XBdaRnWwuI20VJrNupoJpHYJgaGVYNw4jaVdUeziMQdwssn7g6Hw3fnfOPzB4-_Pnk_Hn3JvAj6ToK-Xw2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
143.104.237.46 New York, United States, ASN395139 (NYP-INTERNET, US),
Reverse DNS
Software
/
Resource Hash
02cff5e248b1acc6ce1bccab6dc5261e7a0c17db4f01d5828f9383b8fa5fb24b
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.pingone.com ; img-src 'self' *.nyp.org *.pingone.com *.duosecurity.com *.duo.com data: ; connect-src 'self' http://127.0.0.1:27367 *.twosense.ai *.pingone.com *.mixpanel.com; font-src 'self' fonts.gstatic.com ; style-src 'self' 'unsafe-inline' *.nyp.org *.pingone.com *.googleapis.com ; worker-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.pingone.com *.nyp.org data: ; object-src 'none' ; frame-ancestors 'self' *.nyp.org *.pingone.com *.infor.com *.service-now.com *.sabacloud.com ; child-src 'self' data: *.duosecurity.com
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fed.nyp.org/

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Security-Policy
default-src 'self' *.pingone.com ; img-src 'self' *.nyp.org *.pingone.com *.duosecurity.com *.duo.com data: ; connect-src 'self' http://127.0.0.1:27367 *.twosense.ai *.pingone.com *.mixpanel.com; font-src 'self' fonts.gstatic.com ; style-src 'self' 'unsafe-inline' *.nyp.org *.pingone.com *.googleapis.com ; worker-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.pingone.com *.nyp.org data: ; object-src 'none' ; frame-ancestors 'self' *.nyp.org *.pingone.com *.infor.com *.service-now.com *.sabacloud.com ; child-src 'self' data: *.duosecurity.com
Cache-Control
max-age=0, must-revalidate
Referrer-Policy
origin
X-Content-Type-Options
nosniff
Content-Length
9443
Date
Tue, 15 Oct 2024 09:37:10 GMT
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 02 Oct 2020 19:00:34 GMT
Content-Type
text/css
X-Frame-Options
DENY
nyp.css
fed.nyp.org/assets/css/ 		6 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fed.nyp.org/assets/css/nyp.css
Requested by
Host: fed.nyp.org
URL: https://fed.nyp.org/idp/eyJ2c2lkIjoiaHR0cDpcL1wvbnlwLm9yZ1wvUGluZ0ZlZGVyYXRlIn0/prp.wsf?login_hint=hss9004%40nyp.org&client-request-id=21782c61-fa32-8c2c-e419-ae11bbbeb17a&username=hss9004%40nyp.org&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAAjZE7bNNgFIXzx6n74NHQCQaEsJiqOrEdJ44jIeGkqZKQKAmp42KEIue3nVftP43tJnWVnYGhQmLpCCx04NEB0SAh5k5l7VQJhCoGQEwRLDhCSGxwhu-e4d4z3LOI0SE6cY36LYackKR0nSahNnF_qbcwF1SWBleZH0v3P156duHN25fuLpg2t7oh1GvsgStN2-5aiXAYOfY6Qp0Q0vUW1EIQGWHUV8KvATgC4BSAB_75pmXxFMXe-HPs52KReIxlWS7uDSoajUToEM8pdZ2JMiQb5RUPKiQVb4HkKI2hVZWPsix97J8vCo7dZCZAvZarfffP6qhn1LrIsnexfZC_bdeXUaGxkq4MImW7FhNEJ9skO2vicoRaSfUVlK8oOZLjmEil7Rqrq0VZbOfTvCxq3UYhaW1wlpSW6EwSyigv2WaflDbayRxaS6U6N4Ws2sxWtS25AstyueoomrGZzrlSySnLHB-vm1U5ycdqNqm23Sq3ZaalwpqXoqe4rt3PlGS5JcXdhq26vGP0SwJL1-JCYw_7rz72Mdx7rYHMQwxHXc1sqUcBcBIAnwN-amYcAI-mvMIuHn46eCo-zz9sXP756kPSdzgVjsbEokrVLZXqtDsSFDKccQtmDSqlbKK4Vi6JhUITDQToFOF1PkHv4GAHx0f47AwW9BFYqkSf4uAbDu5N-0az_-r86Aw4PsvO4XBdaRnWwuI20VJrNupoJpHYJgaGVYNw4jaVdUeziMQdwssn7g6Hw3fnfOPzB4-_Pnk_Hn3JvAj6ToK-Xw2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
143.104.237.46 New York, United States, ASN395139 (NYP-INTERNET, US),
Reverse DNS
Software
/
Resource Hash
5d5ffa83c844f975d522a8f8366ef8397b352aa34497c4223d8ed4833422d552
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.pingone.com ; img-src 'self' *.nyp.org *.pingone.com *.duosecurity.com *.duo.com data: ; connect-src 'self' http://127.0.0.1:27367 *.twosense.ai *.pingone.com *.mixpanel.com; font-src 'self' fonts.gstatic.com ; style-src 'self' 'unsafe-inline' *.nyp.org *.pingone.com *.googleapis.com ; worker-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.pingone.com *.nyp.org data: ; object-src 'none' ; frame-ancestors 'self' *.nyp.org *.pingone.com *.infor.com *.service-now.com *.sabacloud.com ; child-src 'self' data: *.duosecurity.com
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fed.nyp.org/

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Security-Policy
default-src 'self' *.pingone.com ; img-src 'self' *.nyp.org *.pingone.com *.duosecurity.com *.duo.com data: ; connect-src 'self' http://127.0.0.1:27367 *.twosense.ai *.pingone.com *.mixpanel.com; font-src 'self' fonts.gstatic.com ; style-src 'self' 'unsafe-inline' *.nyp.org *.pingone.com *.googleapis.com ; worker-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.pingone.com *.nyp.org data: ; object-src 'none' ; frame-ancestors 'self' *.nyp.org *.pingone.com *.infor.com *.service-now.com *.sabacloud.com ; child-src 'self' data: *.duosecurity.com
Cache-Control
max-age=0, must-revalidate
Referrer-Policy
origin
X-Content-Type-Options
nosniff
Content-Length
6211
Date
Tue, 15 Oct 2024 09:37:10 GMT
X-XSS-Protection
1; mode=block
Last-Modified
Wed, 18 Oct 2023 16:20:40 GMT
Content-Type
text/css
X-Frame-Options
DENY
jquery.js
fed.nyp.org/assets/resources/ 		94 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fed.nyp.org/assets/resources/jquery.js
Requested by
Host: fed.nyp.org
URL: https://fed.nyp.org/idp/eyJ2c2lkIjoiaHR0cDpcL1wvbnlwLm9yZ1wvUGluZ0ZlZGVyYXRlIn0/prp.wsf?login_hint=hss9004%40nyp.org&client-request-id=21782c61-fa32-8c2c-e419-ae11bbbeb17a&username=hss9004%40nyp.org&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAAjZE7bNNgFIXzx6n74NHQCQaEsJiqOrEdJ44jIeGkqZKQKAmp42KEIue3nVftP43tJnWVnYGhQmLpCCx04NEB0SAh5k5l7VQJhCoGQEwRLDhCSGxwhu-e4d4z3LOI0SE6cY36LYackKR0nSahNnF_qbcwF1SWBleZH0v3P156duHN25fuLpg2t7oh1GvsgStN2-5aiXAYOfY6Qp0Q0vUW1EIQGWHUV8KvATgC4BSAB_75pmXxFMXe-HPs52KReIxlWS7uDSoajUToEM8pdZ2JMiQb5RUPKiQVb4HkKI2hVZWPsix97J8vCo7dZCZAvZarfffP6qhn1LrIsnexfZC_bdeXUaGxkq4MImW7FhNEJ9skO2vicoRaSfUVlK8oOZLjmEil7Rqrq0VZbOfTvCxq3UYhaW1wlpSW6EwSyigv2WaflDbayRxaS6U6N4Ws2sxWtS25AstyueoomrGZzrlSySnLHB-vm1U5ycdqNqm23Sq3ZaalwpqXoqe4rt3PlGS5JcXdhq26vGP0SwJL1-JCYw_7rz72Mdx7rYHMQwxHXc1sqUcBcBIAnwN-amYcAI-mvMIuHn46eCo-zz9sXP756kPSdzgVjsbEokrVLZXqtDsSFDKccQtmDSqlbKK4Vi6JhUITDQToFOF1PkHv4GAHx0f47AwW9BFYqkSf4uAbDu5N-0az_-r86Aw4PsvO4XBdaRnWwuI20VJrNupoJpHYJgaGVYNw4jaVdUeziMQdwssn7g6Hw3fnfOPzB4-_Pnk_Hn3JvAj6ToK-Xw2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
143.104.237.46 New York, United States, ASN395139 (NYP-INTERNET, US),
Reverse DNS
Software
/
Resource Hash
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.pingone.com ; img-src 'self' *.nyp.org *.pingone.com *.duosecurity.com *.duo.com data: ; connect-src 'self' http://127.0.0.1:27367 *.twosense.ai *.pingone.com *.mixpanel.com; font-src 'self' fonts.gstatic.com ; style-src 'self' 'unsafe-inline' *.nyp.org *.pingone.com *.googleapis.com ; worker-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.pingone.com *.nyp.org data: ; object-src 'none' ; frame-ancestors 'self' *.nyp.org *.pingone.com *.infor.com *.service-now.com *.sabacloud.com ; child-src 'self' data: *.duosecurity.com
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fed.nyp.org/

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Security-Policy
default-src 'self' *.pingone.com ; img-src 'self' *.nyp.org *.pingone.com *.duosecurity.com *.duo.com data: ; connect-src 'self' http://127.0.0.1:27367 *.twosense.ai *.pingone.com *.mixpanel.com; font-src 'self' fonts.gstatic.com ; style-src 'self' 'unsafe-inline' *.nyp.org *.pingone.com *.googleapis.com ; worker-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.pingone.com *.nyp.org data: ; object-src 'none' ; frame-ancestors 'self' *.nyp.org *.pingone.com *.infor.com *.service-now.com *.sabacloud.com ; child-src 'self' data: *.duosecurity.com
Cache-Control
max-age=0, must-revalidate
Service-Worker-Allowed
/
Referrer-Policy
origin
X-Content-Type-Options
nosniff
Content-Length
96381
Date
Tue, 15 Oct 2024 09:37:10 GMT
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 02 Oct 2020 19:01:41 GMT
Content-Type
application/javascript
X-Frame-Options
DENY
mobile-detect.js
fed.nyp.org/assets/resources/ 		37 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fed.nyp.org/assets/resources/mobile-detect.js
Requested by
Host: fed.nyp.org
URL: https://fed.nyp.org/idp/eyJ2c2lkIjoiaHR0cDpcL1wvbnlwLm9yZ1wvUGluZ0ZlZGVyYXRlIn0/prp.wsf?login_hint=hss9004%40nyp.org&client-request-id=21782c61-fa32-8c2c-e419-ae11bbbeb17a&username=hss9004%40nyp.org&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAAjZE7bNNgFIXzx6n74NHQCQaEsJiqOrEdJ44jIeGkqZKQKAmp42KEIue3nVftP43tJnWVnYGhQmLpCCx04NEB0SAh5k5l7VQJhCoGQEwRLDhCSGxwhu-e4d4z3LOI0SE6cY36LYackKR0nSahNnF_qbcwF1SWBleZH0v3P156duHN25fuLpg2t7oh1GvsgStN2-5aiXAYOfY6Qp0Q0vUW1EIQGWHUV8KvATgC4BSAB_75pmXxFMXe-HPs52KReIxlWS7uDSoajUToEM8pdZ2JMiQb5RUPKiQVb4HkKI2hVZWPsix97J8vCo7dZCZAvZarfffP6qhn1LrIsnexfZC_bdeXUaGxkq4MImW7FhNEJ9skO2vicoRaSfUVlK8oOZLjmEil7Rqrq0VZbOfTvCxq3UYhaW1wlpSW6EwSyigv2WaflDbayRxaS6U6N4Ws2sxWtS25AstyueoomrGZzrlSySnLHB-vm1U5ycdqNqm23Sq3ZaalwpqXoqe4rt3PlGS5JcXdhq26vGP0SwJL1-JCYw_7rz72Mdx7rYHMQwxHXc1sqUcBcBIAnwN-amYcAI-mvMIuHn46eCo-zz9sXP756kPSdzgVjsbEokrVLZXqtDsSFDKccQtmDSqlbKK4Vi6JhUITDQToFOF1PkHv4GAHx0f47AwW9BFYqkSf4uAbDu5N-0az_-r86Aw4PsvO4XBdaRnWwuI20VJrNupoJpHYJgaGVYNw4jaVdUeziMQdwssn7g6Hw3fnfOPzB4-_Pnk_Hn3JvAj6ToK-Xw2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
143.104.237.46 New York, United States, ASN395139 (NYP-INTERNET, US),
Reverse DNS
Software
/
Resource Hash
4e6c746b993a50fc935988c27c05cb51d7afb3ff0f1a84ac1ff5d66785c98625
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.pingone.com ; img-src 'self' *.nyp.org *.pingone.com *.duosecurity.com *.duo.com data: ; connect-src 'self' http://127.0.0.1:27367 *.twosense.ai *.pingone.com *.mixpanel.com; font-src 'self' fonts.gstatic.com ; style-src 'self' 'unsafe-inline' *.nyp.org *.pingone.com *.googleapis.com ; worker-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.pingone.com *.nyp.org data: ; object-src 'none' ; frame-ancestors 'self' *.nyp.org *.pingone.com *.infor.com *.service-now.com *.sabacloud.com ; child-src 'self' data: *.duosecurity.com
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fed.nyp.org/

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Security-Policy
default-src 'self' *.pingone.com ; img-src 'self' *.nyp.org *.pingone.com *.duosecurity.com *.duo.com data: ; connect-src 'self' http://127.0.0.1:27367 *.twosense.ai *.pingone.com *.mixpanel.com; font-src 'self' fonts.gstatic.com ; style-src 'self' 'unsafe-inline' *.nyp.org *.pingone.com *.googleapis.com ; worker-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.pingone.com *.nyp.org data: ; object-src 'none' ; frame-ancestors 'self' *.nyp.org *.pingone.com *.infor.com *.service-now.com *.sabacloud.com ; child-src 'self' data: *.duosecurity.com
Cache-Control
max-age=0, must-revalidate
Service-Worker-Allowed
/
Referrer-Policy
origin
X-Content-Type-Options
nosniff
Content-Length
37785
Date
Tue, 15 Oct 2024 09:37:10 GMT
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 02 Oct 2020 19:01:41 GMT
Content-Type
application/javascript
X-Frame-Options
DENY
nyplogo.png
fed.nyp.org/assets/resources/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fed.nyp.org/assets/resources/nyplogo.png
Requested by
Host: fed.nyp.org
URL: https://fed.nyp.org/idp/eyJ2c2lkIjoiaHR0cDpcL1wvbnlwLm9yZ1wvUGluZ0ZlZGVyYXRlIn0/prp.wsf?login_hint=hss9004%40nyp.org&client-request-id=21782c61-fa32-8c2c-e419-ae11bbbeb17a&username=hss9004%40nyp.org&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAAjZE7bNNgFIXzx6n74NHQCQaEsJiqOrEdJ44jIeGkqZKQKAmp42KEIue3nVftP43tJnWVnYGhQmLpCCx04NEB0SAh5k5l7VQJhCoGQEwRLDhCSGxwhu-e4d4z3LOI0SE6cY36LYackKR0nSahNnF_qbcwF1SWBleZH0v3P156duHN25fuLpg2t7oh1GvsgStN2-5aiXAYOfY6Qp0Q0vUW1EIQGWHUV8KvATgC4BSAB_75pmXxFMXe-HPs52KReIxlWS7uDSoajUToEM8pdZ2JMiQb5RUPKiQVb4HkKI2hVZWPsix97J8vCo7dZCZAvZarfffP6qhn1LrIsnexfZC_bdeXUaGxkq4MImW7FhNEJ9skO2vicoRaSfUVlK8oOZLjmEil7Rqrq0VZbOfTvCxq3UYhaW1wlpSW6EwSyigv2WaflDbayRxaS6U6N4Ws2sxWtS25AstyueoomrGZzrlSySnLHB-vm1U5ycdqNqm23Sq3ZaalwpqXoqe4rt3PlGS5JcXdhq26vGP0SwJL1-JCYw_7rz72Mdx7rYHMQwxHXc1sqUcBcBIAnwN-amYcAI-mvMIuHn46eCo-zz9sXP756kPSdzgVjsbEokrVLZXqtDsSFDKccQtmDSqlbKK4Vi6JhUITDQToFOF1PkHv4GAHx0f47AwW9BFYqkSf4uAbDu5N-0az_-r86Aw4PsvO4XBdaRnWwuI20VJrNupoJpHYJgaGVYNw4jaVdUeziMQdwssn7g6Hw3fnfOPzB4-_Pnk_Hn3JvAj6ToK-Xw2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
143.104.237.46 New York, United States, ASN395139 (NYP-INTERNET, US),
Reverse DNS
Software
/
Resource Hash
a10b08cc6e24474cf111d60d68b47e62f03fb665337cdbe21df01a2a84429bc2
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.pingone.com ; img-src 'self' *.nyp.org *.pingone.com *.duosecurity.com *.duo.com data: ; connect-src 'self' http://127.0.0.1:27367 *.twosense.ai *.pingone.com *.mixpanel.com; font-src 'self' fonts.gstatic.com ; style-src 'self' 'unsafe-inline' *.nyp.org *.pingone.com *.googleapis.com ; worker-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.pingone.com *.nyp.org data: ; object-src 'none' ; frame-ancestors 'self' *.nyp.org *.pingone.com *.infor.com *.service-now.com *.sabacloud.com ; child-src 'self' data: *.duosecurity.com
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fed.nyp.org/

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Security-Policy
default-src 'self' *.pingone.com ; img-src 'self' *.nyp.org *.pingone.com *.duosecurity.com *.duo.com data: ; connect-src 'self' http://127.0.0.1:27367 *.twosense.ai *.pingone.com *.mixpanel.com; font-src 'self' fonts.gstatic.com ; style-src 'self' 'unsafe-inline' *.nyp.org *.pingone.com *.googleapis.com ; worker-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.pingone.com *.nyp.org data: ; object-src 'none' ; frame-ancestors 'self' *.nyp.org *.pingone.com *.infor.com *.service-now.com *.sabacloud.com ; child-src 'self' data: *.duosecurity.com
Cache-Control
max-age=0, must-revalidate
Referrer-Policy
origin
X-Content-Type-Options
nosniff
Content-Length
18500
Date
Tue, 15 Oct 2024 09:37:10 GMT
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 02 Oct 2020 19:01:41 GMT
Content-Type
image/png
X-Frame-Options
DENY
office365-logo.png
fed.nyp.org/assets/resources/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fed.nyp.org/assets/resources/office365-logo.png
Requested by
Host: fed.nyp.org
URL: https://fed.nyp.org/idp/eyJ2c2lkIjoiaHR0cDpcL1wvbnlwLm9yZ1wvUGluZ0ZlZGVyYXRlIn0/prp.wsf?login_hint=hss9004%40nyp.org&client-request-id=21782c61-fa32-8c2c-e419-ae11bbbeb17a&username=hss9004%40nyp.org&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAAjZE7bNNgFIXzx6n74NHQCQaEsJiqOrEdJ44jIeGkqZKQKAmp42KEIue3nVftP43tJnWVnYGhQmLpCCx04NEB0SAh5k5l7VQJhCoGQEwRLDhCSGxwhu-e4d4z3LOI0SE6cY36LYackKR0nSahNnF_qbcwF1SWBleZH0v3P156duHN25fuLpg2t7oh1GvsgStN2-5aiXAYOfY6Qp0Q0vUW1EIQGWHUV8KvATgC4BSAB_75pmXxFMXe-HPs52KReIxlWS7uDSoajUToEM8pdZ2JMiQb5RUPKiQVb4HkKI2hVZWPsix97J8vCo7dZCZAvZarfffP6qhn1LrIsnexfZC_bdeXUaGxkq4MImW7FhNEJ9skO2vicoRaSfUVlK8oOZLjmEil7Rqrq0VZbOfTvCxq3UYhaW1wlpSW6EwSyigv2WaflDbayRxaS6U6N4Ws2sxWtS25AstyueoomrGZzrlSySnLHB-vm1U5ycdqNqm23Sq3ZaalwpqXoqe4rt3PlGS5JcXdhq26vGP0SwJL1-JCYw_7rz72Mdx7rYHMQwxHXc1sqUcBcBIAnwN-amYcAI-mvMIuHn46eCo-zz9sXP756kPSdzgVjsbEokrVLZXqtDsSFDKccQtmDSqlbKK4Vi6JhUITDQToFOF1PkHv4GAHx0f47AwW9BFYqkSf4uAbDu5N-0az_-r86Aw4PsvO4XBdaRnWwuI20VJrNupoJpHYJgaGVYNw4jaVdUeziMQdwssn7g6Hw3fnfOPzB4-_Pnk_Hn3JvAj6ToK-Xw2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
143.104.237.46 New York, United States, ASN395139 (NYP-INTERNET, US),
Reverse DNS
Software
/
Resource Hash
cc1e0a87136da48d3ffa0aa6a1edafe770623a3d82964be0beebfedddbe9f8d5
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.pingone.com ; img-src 'self' *.nyp.org *.pingone.com *.duosecurity.com *.duo.com data: ; connect-src 'self' http://127.0.0.1:27367 *.twosense.ai *.pingone.com *.mixpanel.com; font-src 'self' fonts.gstatic.com ; style-src 'self' 'unsafe-inline' *.nyp.org *.pingone.com *.googleapis.com ; worker-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.pingone.com *.nyp.org data: ; object-src 'none' ; frame-ancestors 'self' *.nyp.org *.pingone.com *.infor.com *.service-now.com *.sabacloud.com ; child-src 'self' data: *.duosecurity.com
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fed.nyp.org/

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Security-Policy
default-src 'self' *.pingone.com ; img-src 'self' *.nyp.org *.pingone.com *.duosecurity.com *.duo.com data: ; connect-src 'self' http://127.0.0.1:27367 *.twosense.ai *.pingone.com *.mixpanel.com; font-src 'self' fonts.gstatic.com ; style-src 'self' 'unsafe-inline' *.nyp.org *.pingone.com *.googleapis.com ; worker-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.pingone.com *.nyp.org data: ; object-src 'none' ; frame-ancestors 'self' *.nyp.org *.pingone.com *.infor.com *.service-now.com *.sabacloud.com ; child-src 'self' data: *.duosecurity.com
Cache-Control
max-age=0, must-revalidate
Referrer-Policy
origin
X-Content-Type-Options
nosniff
Content-Length
15736
Date
Tue, 15 Oct 2024 09:37:10 GMT
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 08 Oct 2020 18:14:48 GMT
Content-Type
image/png
X-Frame-Options
DENY
signin.png
fed.nyp.org/assets/resources/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fed.nyp.org/assets/resources/signin.png
Requested by
Host: fed.nyp.org
URL: https://fed.nyp.org/idp/eyJ2c2lkIjoiaHR0cDpcL1wvbnlwLm9yZ1wvUGluZ0ZlZGVyYXRlIn0/prp.wsf?login_hint=hss9004%40nyp.org&client-request-id=21782c61-fa32-8c2c-e419-ae11bbbeb17a&username=hss9004%40nyp.org&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAAjZE7bNNgFIXzx6n74NHQCQaEsJiqOrEdJ44jIeGkqZKQKAmp42KEIue3nVftP43tJnWVnYGhQmLpCCx04NEB0SAh5k5l7VQJhCoGQEwRLDhCSGxwhu-e4d4z3LOI0SE6cY36LYackKR0nSahNnF_qbcwF1SWBleZH0v3P156duHN25fuLpg2t7oh1GvsgStN2-5aiXAYOfY6Qp0Q0vUW1EIQGWHUV8KvATgC4BSAB_75pmXxFMXe-HPs52KReIxlWS7uDSoajUToEM8pdZ2JMiQb5RUPKiQVb4HkKI2hVZWPsix97J8vCo7dZCZAvZarfffP6qhn1LrIsnexfZC_bdeXUaGxkq4MImW7FhNEJ9skO2vicoRaSfUVlK8oOZLjmEil7Rqrq0VZbOfTvCxq3UYhaW1wlpSW6EwSyigv2WaflDbayRxaS6U6N4Ws2sxWtS25AstyueoomrGZzrlSySnLHB-vm1U5ycdqNqm23Sq3ZaalwpqXoqe4rt3PlGS5JcXdhq26vGP0SwJL1-JCYw_7rz72Mdx7rYHMQwxHXc1sqUcBcBIAnwN-amYcAI-mvMIuHn46eCo-zz9sXP756kPSdzgVjsbEokrVLZXqtDsSFDKccQtmDSqlbKK4Vi6JhUITDQToFOF1PkHv4GAHx0f47AwW9BFYqkSf4uAbDu5N-0az_-r86Aw4PsvO4XBdaRnWwuI20VJrNupoJpHYJgaGVYNw4jaVdUeziMQdwssn7g6Hw3fnfOPzB4-_Pnk_Hn3JvAj6ToK-Xw2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
143.104.237.46 New York, United States, ASN395139 (NYP-INTERNET, US),
Reverse DNS
Software
/
Resource Hash
07f38b8b8c1f96ed85ecd96988f0454a95d1f665427086a507c72e55ff3ce0e7
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.pingone.com ; img-src 'self' *.nyp.org *.pingone.com *.duosecurity.com *.duo.com data: ; connect-src 'self' http://127.0.0.1:27367 *.twosense.ai *.pingone.com *.mixpanel.com; font-src 'self' fonts.gstatic.com ; style-src 'self' 'unsafe-inline' *.nyp.org *.pingone.com *.googleapis.com ; worker-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.pingone.com *.nyp.org data: ; object-src 'none' ; frame-ancestors 'self' *.nyp.org *.pingone.com *.infor.com *.service-now.com *.sabacloud.com ; child-src 'self' data: *.duosecurity.com
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fed.nyp.org/

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Security-Policy
default-src 'self' *.pingone.com ; img-src 'self' *.nyp.org *.pingone.com *.duosecurity.com *.duo.com data: ; connect-src 'self' http://127.0.0.1:27367 *.twosense.ai *.pingone.com *.mixpanel.com; font-src 'self' fonts.gstatic.com ; style-src 'self' 'unsafe-inline' *.nyp.org *.pingone.com *.googleapis.com ; worker-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.pingone.com *.nyp.org data: ; object-src 'none' ; frame-ancestors 'self' *.nyp.org *.pingone.com *.infor.com *.service-now.com *.sabacloud.com ; child-src 'self' data: *.duosecurity.com
Cache-Control
max-age=0, must-revalidate
Referrer-Policy
origin
X-Content-Type-Options
nosniff
Content-Length
1441
Date
Tue, 15 Oct 2024 09:37:10 GMT
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 02 Oct 2020 19:01:41 GMT
Content-Type
image/png
X-Frame-Options
DENY
NYP_StayAmazing.png
fed.nyp.org/assets/resources/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fed.nyp.org/assets/resources/NYP_StayAmazing.png
Requested by
Host: fed.nyp.org
URL: https://fed.nyp.org/idp/eyJ2c2lkIjoiaHR0cDpcL1wvbnlwLm9yZ1wvUGluZ0ZlZGVyYXRlIn0/prp.wsf?login_hint=hss9004%40nyp.org&client-request-id=21782c61-fa32-8c2c-e419-ae11bbbeb17a&username=hss9004%40nyp.org&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAAjZE7bNNgFIXzx6n74NHQCQaEsJiqOrEdJ44jIeGkqZKQKAmp42KEIue3nVftP43tJnWVnYGhQmLpCCx04NEB0SAh5k5l7VQJhCoGQEwRLDhCSGxwhu-e4d4z3LOI0SE6cY36LYackKR0nSahNnF_qbcwF1SWBleZH0v3P156duHN25fuLpg2t7oh1GvsgStN2-5aiXAYOfY6Qp0Q0vUW1EIQGWHUV8KvATgC4BSAB_75pmXxFMXe-HPs52KReIxlWS7uDSoajUToEM8pdZ2JMiQb5RUPKiQVb4HkKI2hVZWPsix97J8vCo7dZCZAvZarfffP6qhn1LrIsnexfZC_bdeXUaGxkq4MImW7FhNEJ9skO2vicoRaSfUVlK8oOZLjmEil7Rqrq0VZbOfTvCxq3UYhaW1wlpSW6EwSyigv2WaflDbayRxaS6U6N4Ws2sxWtS25AstyueoomrGZzrlSySnLHB-vm1U5ycdqNqm23Sq3ZaalwpqXoqe4rt3PlGS5JcXdhq26vGP0SwJL1-JCYw_7rz72Mdx7rYHMQwxHXc1sqUcBcBIAnwN-amYcAI-mvMIuHn46eCo-zz9sXP756kPSdzgVjsbEokrVLZXqtDsSFDKccQtmDSqlbKK4Vi6JhUITDQToFOF1PkHv4GAHx0f47AwW9BFYqkSf4uAbDu5N-0az_-r86Aw4PsvO4XBdaRnWwuI20VJrNupoJpHYJgaGVYNw4jaVdUeziMQdwssn7g6Hw3fnfOPzB4-_Pnk_Hn3JvAj6ToK-Xw2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
143.104.237.46 New York, United States, ASN395139 (NYP-INTERNET, US),
Reverse DNS
Software
/
Resource Hash
abfdcab05fbb6374810479a9dc2f8a356b05c6f21b33b5e5bd2b630491958778
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.pingone.com ; img-src 'self' *.nyp.org *.pingone.com *.duosecurity.com *.duo.com data: ; connect-src 'self' http://127.0.0.1:27367 *.twosense.ai *.pingone.com *.mixpanel.com; font-src 'self' fonts.gstatic.com ; style-src 'self' 'unsafe-inline' *.nyp.org *.pingone.com *.googleapis.com ; worker-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.pingone.com *.nyp.org data: ; object-src 'none' ; frame-ancestors 'self' *.nyp.org *.pingone.com *.infor.com *.service-now.com *.sabacloud.com ; child-src 'self' data: *.duosecurity.com
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fed.nyp.org/

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Security-Policy
default-src 'self' *.pingone.com ; img-src 'self' *.nyp.org *.pingone.com *.duosecurity.com *.duo.com data: ; connect-src 'self' http://127.0.0.1:27367 *.twosense.ai *.pingone.com *.mixpanel.com; font-src 'self' fonts.gstatic.com ; style-src 'self' 'unsafe-inline' *.nyp.org *.pingone.com *.googleapis.com ; worker-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.pingone.com *.nyp.org data: ; object-src 'none' ; frame-ancestors 'self' *.nyp.org *.pingone.com *.infor.com *.service-now.com *.sabacloud.com ; child-src 'self' data: *.duosecurity.com
Cache-Control
max-age=0, must-revalidate
Referrer-Policy
origin
X-Content-Type-Options
nosniff
Content-Length
24811
Date
Tue, 15 Oct 2024 09:37:10 GMT
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 17 Oct 2023 17:28:11 GMT
Content-Type
image/png
X-Frame-Options
DENY
background.js
fed.nyp.org/assets/resources/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fed.nyp.org/assets/resources/background.js
Requested by
Host: fed.nyp.org
URL: https://fed.nyp.org/idp/eyJ2c2lkIjoiaHR0cDpcL1wvbnlwLm9yZ1wvUGluZ0ZlZGVyYXRlIn0/prp.wsf?login_hint=hss9004%40nyp.org&client-request-id=21782c61-fa32-8c2c-e419-ae11bbbeb17a&username=hss9004%40nyp.org&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAAjZE7bNNgFIXzx6n74NHQCQaEsJiqOrEdJ44jIeGkqZKQKAmp42KEIue3nVftP43tJnWVnYGhQmLpCCx04NEB0SAh5k5l7VQJhCoGQEwRLDhCSGxwhu-e4d4z3LOI0SE6cY36LYackKR0nSahNnF_qbcwF1SWBleZH0v3P156duHN25fuLpg2t7oh1GvsgStN2-5aiXAYOfY6Qp0Q0vUW1EIQGWHUV8KvATgC4BSAB_75pmXxFMXe-HPs52KReIxlWS7uDSoajUToEM8pdZ2JMiQb5RUPKiQVb4HkKI2hVZWPsix97J8vCo7dZCZAvZarfffP6qhn1LrIsnexfZC_bdeXUaGxkq4MImW7FhNEJ9skO2vicoRaSfUVlK8oOZLjmEil7Rqrq0VZbOfTvCxq3UYhaW1wlpSW6EwSyigv2WaflDbayRxaS6U6N4Ws2sxWtS25AstyueoomrGZzrlSySnLHB-vm1U5ycdqNqm23Sq3ZaalwpqXoqe4rt3PlGS5JcXdhq26vGP0SwJL1-JCYw_7rz72Mdx7rYHMQwxHXc1sqUcBcBIAnwN-amYcAI-mvMIuHn46eCo-zz9sXP756kPSdzgVjsbEokrVLZXqtDsSFDKccQtmDSqlbKK4Vi6JhUITDQToFOF1PkHv4GAHx0f47AwW9BFYqkSf4uAbDu5N-0az_-r86Aw4PsvO4XBdaRnWwuI20VJrNupoJpHYJgaGVYNw4jaVdUeziMQdwssn7g6Hw3fnfOPzB4-_Pnk_Hn3JvAj6ToK-Xw2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
143.104.237.46 New York, United States, ASN395139 (NYP-INTERNET, US),
Reverse DNS
Software
/
Resource Hash
a3e8794147a27e779f14ce8291529b62f92b4dcbb76b7a6edec2ff259bc763ed
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.pingone.com ; img-src 'self' *.nyp.org *.pingone.com *.duosecurity.com *.duo.com data: ; connect-src 'self' http://127.0.0.1:27367 *.twosense.ai *.pingone.com *.mixpanel.com; font-src 'self' fonts.gstatic.com ; style-src 'self' 'unsafe-inline' *.nyp.org *.pingone.com *.googleapis.com ; worker-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.pingone.com *.nyp.org data: ; object-src 'none' ; frame-ancestors 'self' *.nyp.org *.pingone.com *.infor.com *.service-now.com *.sabacloud.com ; child-src 'self' data: *.duosecurity.com
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fed.nyp.org/

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Security-Policy
default-src 'self' *.pingone.com ; img-src 'self' *.nyp.org *.pingone.com *.duosecurity.com *.duo.com data: ; connect-src 'self' http://127.0.0.1:27367 *.twosense.ai *.pingone.com *.mixpanel.com; font-src 'self' fonts.gstatic.com ; style-src 'self' 'unsafe-inline' *.nyp.org *.pingone.com *.googleapis.com ; worker-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.pingone.com *.nyp.org data: ; object-src 'none' ; frame-ancestors 'self' *.nyp.org *.pingone.com *.infor.com *.service-now.com *.sabacloud.com ; child-src 'self' data: *.duosecurity.com
Cache-Control
max-age=0, must-revalidate
Service-Worker-Allowed
/
Referrer-Policy
origin
X-Content-Type-Options
nosniff
Content-Length
1637
Date
Tue, 15 Oct 2024 09:37:10 GMT
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 02 Oct 2020 19:01:41 GMT
Content-Type
application/javascript
X-Frame-Options
DENY
NYP1.jpg
fed.nyp.org/assets/resources/images/ 		397 KB
398 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fed.nyp.org/assets/resources/images/NYP1.jpg
Requested by
Host: fed.nyp.org
URL: https://fed.nyp.org/idp/eyJ2c2lkIjoiaHR0cDpcL1wvbnlwLm9yZ1wvUGluZ0ZlZGVyYXRlIn0/prp.wsf?login_hint=hss9004%40nyp.org&client-request-id=21782c61-fa32-8c2c-e419-ae11bbbeb17a&username=hss9004%40nyp.org&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAAjZE7bNNgFIXzx6n74NHQCQaEsJiqOrEdJ44jIeGkqZKQKAmp42KEIue3nVftP43tJnWVnYGhQmLpCCx04NEB0SAh5k5l7VQJhCoGQEwRLDhCSGxwhu-e4d4z3LOI0SE6cY36LYackKR0nSahNnF_qbcwF1SWBleZH0v3P156duHN25fuLpg2t7oh1GvsgStN2-5aiXAYOfY6Qp0Q0vUW1EIQGWHUV8KvATgC4BSAB_75pmXxFMXe-HPs52KReIxlWS7uDSoajUToEM8pdZ2JMiQb5RUPKiQVb4HkKI2hVZWPsix97J8vCo7dZCZAvZarfffP6qhn1LrIsnexfZC_bdeXUaGxkq4MImW7FhNEJ9skO2vicoRaSfUVlK8oOZLjmEil7Rqrq0VZbOfTvCxq3UYhaW1wlpSW6EwSyigv2WaflDbayRxaS6U6N4Ws2sxWtS25AstyueoomrGZzrlSySnLHB-vm1U5ycdqNqm23Sq3ZaalwpqXoqe4rt3PlGS5JcXdhq26vGP0SwJL1-JCYw_7rz72Mdx7rYHMQwxHXc1sqUcBcBIAnwN-amYcAI-mvMIuHn46eCo-zz9sXP756kPSdzgVjsbEokrVLZXqtDsSFDKccQtmDSqlbKK4Vi6JhUITDQToFOF1PkHv4GAHx0f47AwW9BFYqkSf4uAbDu5N-0az_-r86Aw4PsvO4XBdaRnWwuI20VJrNupoJpHYJgaGVYNw4jaVdUeziMQdwssn7g6Hw3fnfOPzB4-_Pnk_Hn3JvAj6ToK-Xw2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
143.104.237.46 New York, United States, ASN395139 (NYP-INTERNET, US),
Reverse DNS
Software
/
Resource Hash
2810b66a83b01ba6c8b3cf30e3883d266345ec1b5a664204db05d16b9f6188fe
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.pingone.com ; img-src 'self' *.nyp.org *.pingone.com *.duosecurity.com *.duo.com data: ; connect-src 'self' http://127.0.0.1:27367 *.twosense.ai *.pingone.com *.mixpanel.com; font-src 'self' fonts.gstatic.com ; style-src 'self' 'unsafe-inline' *.nyp.org *.pingone.com *.googleapis.com ; worker-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.pingone.com *.nyp.org data: ; object-src 'none' ; frame-ancestors 'self' *.nyp.org *.pingone.com *.infor.com *.service-now.com *.sabacloud.com ; child-src 'self' data: *.duosecurity.com
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fed.nyp.org/idp/eyJ2c2lkIjoiaHR0cDpcL1wvbnlwLm9yZ1wvUGluZ0ZlZGVyYXRlIn0/prp.wsf?login_hint=hss9004%40nyp.org&client-request-id=21782c61-fa32-8c2c-e419-ae11bbbeb17a&username=hss9004%40nyp.org&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAAjZE7bNNgFIXzx6n74NHQCQaEsJiqOrEdJ44jIeGkqZKQKAmp42KEIue3nVftP43tJnWVnYGhQmLpCCx04NEB0SAh5k5l7VQJhCoGQEwRLDhCSGxwhu-e4d4z3LOI0SE6cY36LYackKR0nSahNnF_qbcwF1SWBleZH0v3P156duHN25fuLpg2t7oh1GvsgStN2-5aiXAYOfY6Qp0Q0vUW1EIQGWHUV8KvATgC4BSAB_75pmXxFMXe-HPs52KReIxlWS7uDSoajUToEM8pdZ2JMiQb5RUPKiQVb4HkKI2hVZWPsix97J8vCo7dZCZAvZarfffP6qhn1LrIsnexfZC_bdeXUaGxkq4MImW7FhNEJ9skO2vicoRaSfUVlK8oOZLjmEil7Rqrq0VZbOfTvCxq3UYhaW1wlpSW6EwSyigv2WaflDbayRxaS6U6N4Ws2sxWtS25AstyueoomrGZzrlSySnLHB-vm1U5ycdqNqm23Sq3ZaalwpqXoqe4rt3PlGS5JcXdhq26vGP0SwJL1-JCYw_7rz72Mdx7rYHMQwxHXc1sqUcBcBIAnwN-amYcAI-mvMIuHn46eCo-zz9sXP756kPSdzgVjsbEokrVLZXqtDsSFDKccQtmDSqlbKK4Vi6JhUITDQToFOF1PkHv4GAHx0f47AwW9BFYqkSf4uAbDu5N-0az_-r86Aw4PsvO4XBdaRnWwuI20VJrNupoJpHYJgaGVYNw4jaVdUeziMQdwssn7g6Hw3fnfOPzB4-_Pnk_Hn3JvAj6ToK-Xw2

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Security-Policy
default-src 'self' *.pingone.com ; img-src 'self' *.nyp.org *.pingone.com *.duosecurity.com *.duo.com data: ; connect-src 'self' http://127.0.0.1:27367 *.twosense.ai *.pingone.com *.mixpanel.com; font-src 'self' fonts.gstatic.com ; style-src 'self' 'unsafe-inline' *.nyp.org *.pingone.com *.googleapis.com ; worker-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.pingone.com *.nyp.org data: ; object-src 'none' ; frame-ancestors 'self' *.nyp.org *.pingone.com *.infor.com *.service-now.com *.sabacloud.com ; child-src 'self' data: *.duosecurity.com
Cache-Control
max-age=0, must-revalidate
Referrer-Policy
origin
X-Content-Type-Options
nosniff
Content-Length
406582
Date
Tue, 15 Oct 2024 09:37:11 GMT
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 02 Oct 2020 19:01:41 GMT
Content-Type
image/jpeg
X-Frame-Options
DENY
segoeui-regular.ttf
fed.nyp.org/assets/css/ 		55 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fed.nyp.org/assets/css/segoeui-regular.ttf
Requested by
Host: fed.nyp.org
URL: https://fed.nyp.org/assets/css/nyp1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
143.104.237.46 New York, United States, ASN395139 (NYP-INTERNET, US),
Reverse DNS
Software
/
Resource Hash
f9b9407c8667877fc4bab247b64768898d8ad1de7832c8ef1292b8dd27c7902f
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.pingone.com ; img-src 'self' *.nyp.org *.pingone.com *.duosecurity.com *.duo.com data: ; connect-src 'self' http://127.0.0.1:27367 *.twosense.ai *.pingone.com *.mixpanel.com; font-src 'self' fonts.gstatic.com ; style-src 'self' 'unsafe-inline' *.nyp.org *.pingone.com *.googleapis.com ; worker-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.pingone.com *.nyp.org data: ; object-src 'none' ; frame-ancestors 'self' *.nyp.org *.pingone.com *.infor.com *.service-now.com *.sabacloud.com ; child-src 'self' data: *.duosecurity.com
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://fed.nyp.org
Referer
https://fed.nyp.org/

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Security-Policy
default-src 'self' *.pingone.com ; img-src 'self' *.nyp.org *.pingone.com *.duosecurity.com *.duo.com data: ; connect-src 'self' http://127.0.0.1:27367 *.twosense.ai *.pingone.com *.mixpanel.com; font-src 'self' fonts.gstatic.com ; style-src 'self' 'unsafe-inline' *.nyp.org *.pingone.com *.googleapis.com ; worker-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.pingone.com *.nyp.org data: ; object-src 'none' ; frame-ancestors 'self' *.nyp.org *.pingone.com *.infor.com *.service-now.com *.sabacloud.com ; child-src 'self' data: *.duosecurity.com
Cache-Control
max-age=0, must-revalidate
Referrer-Policy
origin
X-Content-Type-Options
nosniff
Content-Length
56760
Date
Tue, 15 Oct 2024 09:37:11 GMT
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 02 Oct 2020 19:00:34 GMT
X-Frame-Options
DENY
segoeui-semilight.ttf
fed.nyp.org/assets/css/ 		41 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fed.nyp.org/assets/css/segoeui-semilight.ttf
Requested by
Host: fed.nyp.org
URL: https://fed.nyp.org/assets/css/nyp1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
143.104.237.46 New York, United States, ASN395139 (NYP-INTERNET, US),
Reverse DNS
Software
/
Resource Hash
d5711928bed3c1d3b7d643100a394200cbeec4d449c1301ad132aa62cc2a0b8f
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.pingone.com ; img-src 'self' *.nyp.org *.pingone.com *.duosecurity.com *.duo.com data: ; connect-src 'self' http://127.0.0.1:27367 *.twosense.ai *.pingone.com *.mixpanel.com; font-src 'self' fonts.gstatic.com ; style-src 'self' 'unsafe-inline' *.nyp.org *.pingone.com *.googleapis.com ; worker-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.pingone.com *.nyp.org data: ; object-src 'none' ; frame-ancestors 'self' *.nyp.org *.pingone.com *.infor.com *.service-now.com *.sabacloud.com ; child-src 'self' data: *.duosecurity.com
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://fed.nyp.org
Referer
https://fed.nyp.org/

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Security-Policy
default-src 'self' *.pingone.com ; img-src 'self' *.nyp.org *.pingone.com *.duosecurity.com *.duo.com data: ; connect-src 'self' http://127.0.0.1:27367 *.twosense.ai *.pingone.com *.mixpanel.com; font-src 'self' fonts.gstatic.com ; style-src 'self' 'unsafe-inline' *.nyp.org *.pingone.com *.googleapis.com ; worker-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.pingone.com *.nyp.org data: ; object-src 'none' ; frame-ancestors 'self' *.nyp.org *.pingone.com *.infor.com *.service-now.com *.sabacloud.com ; child-src 'self' data: *.duosecurity.com
Cache-Control
max-age=0, must-revalidate
Referrer-Policy
origin
X-Content-Type-Options
nosniff
Content-Length
41560
Date
Tue, 15 Oct 2024 09:37:11 GMT
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 02 Oct 2020 19:00:34 GMT
X-Frame-Options
DENY
NYP2.jpg
fed.nyp.org/assets/resources/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fed.nyp.org/assets/resources/images/NYP2.jpg
Requested by
Host: fed.nyp.org
URL: https://fed.nyp.org/idp/eyJ2c2lkIjoiaHR0cDpcL1wvbnlwLm9yZ1wvUGluZ0ZlZGVyYXRlIn0/prp.wsf?login_hint=hss9004%40nyp.org&client-request-id=21782c61-fa32-8c2c-e419-ae11bbbeb17a&username=hss9004%40nyp.org&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAAjZE7bNNgFIXzx6n74NHQCQaEsJiqOrEdJ44jIeGkqZKQKAmp42KEIue3nVftP43tJnWVnYGhQmLpCCx04NEB0SAh5k5l7VQJhCoGQEwRLDhCSGxwhu-e4d4z3LOI0SE6cY36LYackKR0nSahNnF_qbcwF1SWBleZH0v3P156duHN25fuLpg2t7oh1GvsgStN2-5aiXAYOfY6Qp0Q0vUW1EIQGWHUV8KvATgC4BSAB_75pmXxFMXe-HPs52KReIxlWS7uDSoajUToEM8pdZ2JMiQb5RUPKiQVb4HkKI2hVZWPsix97J8vCo7dZCZAvZarfffP6qhn1LrIsnexfZC_bdeXUaGxkq4MImW7FhNEJ9skO2vicoRaSfUVlK8oOZLjmEil7Rqrq0VZbOfTvCxq3UYhaW1wlpSW6EwSyigv2WaflDbayRxaS6U6N4Ws2sxWtS25AstyueoomrGZzrlSySnLHB-vm1U5ycdqNqm23Sq3ZaalwpqXoqe4rt3PlGS5JcXdhq26vGP0SwJL1-JCYw_7rz72Mdx7rYHMQwxHXc1sqUcBcBIAnwN-amYcAI-mvMIuHn46eCo-zz9sXP756kPSdzgVjsbEokrVLZXqtDsSFDKccQtmDSqlbKK4Vi6JhUITDQToFOF1PkHv4GAHx0f47AwW9BFYqkSf4uAbDu5N-0az_-r86Aw4PsvO4XBdaRnWwuI20VJrNupoJpHYJgaGVYNw4jaVdUeziMQdwssn7g6Hw3fnfOPzB4-_Pnk_Hn3JvAj6ToK-Xw2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
143.104.237.46 New York, United States, ASN395139 (NYP-INTERNET, US),
Reverse DNS
Software
/
Resource Hash
a9ff8f918d40a963a69fb4cba8f7e840af8ff7acd4e7692008b7e2a9ef11677d
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.pingone.com ; img-src 'self' *.nyp.org *.pingone.com *.duosecurity.com *.duo.com data: ; connect-src 'self' http://127.0.0.1:27367 *.twosense.ai *.pingone.com *.mixpanel.com; font-src 'self' fonts.gstatic.com ; style-src 'self' 'unsafe-inline' *.nyp.org *.pingone.com *.googleapis.com ; worker-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.pingone.com *.nyp.org data: ; object-src 'none' ; frame-ancestors 'self' *.nyp.org *.pingone.com *.infor.com *.service-now.com *.sabacloud.com ; child-src 'self' data: *.duosecurity.com
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fed.nyp.org/idp/eyJ2c2lkIjoiaHR0cDpcL1wvbnlwLm9yZ1wvUGluZ0ZlZGVyYXRlIn0/prp.wsf?login_hint=hss9004%40nyp.org&client-request-id=21782c61-fa32-8c2c-e419-ae11bbbeb17a&username=hss9004%40nyp.org&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAAjZE7bNNgFIXzx6n74NHQCQaEsJiqOrEdJ44jIeGkqZKQKAmp42KEIue3nVftP43tJnWVnYGhQmLpCCx04NEB0SAh5k5l7VQJhCoGQEwRLDhCSGxwhu-e4d4z3LOI0SE6cY36LYackKR0nSahNnF_qbcwF1SWBleZH0v3P156duHN25fuLpg2t7oh1GvsgStN2-5aiXAYOfY6Qp0Q0vUW1EIQGWHUV8KvATgC4BSAB_75pmXxFMXe-HPs52KReIxlWS7uDSoajUToEM8pdZ2JMiQb5RUPKiQVb4HkKI2hVZWPsix97J8vCo7dZCZAvZarfffP6qhn1LrIsnexfZC_bdeXUaGxkq4MImW7FhNEJ9skO2vicoRaSfUVlK8oOZLjmEil7Rqrq0VZbOfTvCxq3UYhaW1wlpSW6EwSyigv2WaflDbayRxaS6U6N4Ws2sxWtS25AstyueoomrGZzrlSySnLHB-vm1U5ycdqNqm23Sq3ZaalwpqXoqe4rt3PlGS5JcXdhq26vGP0SwJL1-JCYw_7rz72Mdx7rYHMQwxHXc1sqUcBcBIAnwN-amYcAI-mvMIuHn46eCo-zz9sXP756kPSdzgVjsbEokrVLZXqtDsSFDKccQtmDSqlbKK4Vi6JhUITDQToFOF1PkHv4GAHx0f47AwW9BFYqkSf4uAbDu5N-0az_-r86Aw4PsvO4XBdaRnWwuI20VJrNupoJpHYJgaGVYNw4jaVdUeziMQdwssn7g6Hw3fnfOPzB4-_Pnk_Hn3JvAj6ToK-Xw2

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Security-Policy
default-src 'self' *.pingone.com ; img-src 'self' *.nyp.org *.pingone.com *.duosecurity.com *.duo.com data: ; connect-src 'self' http://127.0.0.1:27367 *.twosense.ai *.pingone.com *.mixpanel.com; font-src 'self' fonts.gstatic.com ; style-src 'self' 'unsafe-inline' *.nyp.org *.pingone.com *.googleapis.com ; worker-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.pingone.com *.nyp.org data: ; object-src 'none' ; frame-ancestors 'self' *.nyp.org *.pingone.com *.infor.com *.service-now.com *.sabacloud.com ; child-src 'self' data: *.duosecurity.com
Cache-Control
must-revalidate,no-cache,no-store
Referrer-Policy
origin
X-Content-Type-Options
nosniff
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
1753
X-XSS-Protection
1; mode=block
Content-Type
text/html;charset=utf-8
X-Frame-Options
DENY
NYP3.jpg
fed.nyp.org/assets/resources/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fed.nyp.org/assets/resources/images/NYP3.jpg
Requested by
Host: fed.nyp.org
URL: https://fed.nyp.org/idp/eyJ2c2lkIjoiaHR0cDpcL1wvbnlwLm9yZ1wvUGluZ0ZlZGVyYXRlIn0/prp.wsf?login_hint=hss9004%40nyp.org&client-request-id=21782c61-fa32-8c2c-e419-ae11bbbeb17a&username=hss9004%40nyp.org&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAAjZE7bNNgFIXzx6n74NHQCQaEsJiqOrEdJ44jIeGkqZKQKAmp42KEIue3nVftP43tJnWVnYGhQmLpCCx04NEB0SAh5k5l7VQJhCoGQEwRLDhCSGxwhu-e4d4z3LOI0SE6cY36LYackKR0nSahNnF_qbcwF1SWBleZH0v3P156duHN25fuLpg2t7oh1GvsgStN2-5aiXAYOfY6Qp0Q0vUW1EIQGWHUV8KvATgC4BSAB_75pmXxFMXe-HPs52KReIxlWS7uDSoajUToEM8pdZ2JMiQb5RUPKiQVb4HkKI2hVZWPsix97J8vCo7dZCZAvZarfffP6qhn1LrIsnexfZC_bdeXUaGxkq4MImW7FhNEJ9skO2vicoRaSfUVlK8oOZLjmEil7Rqrq0VZbOfTvCxq3UYhaW1wlpSW6EwSyigv2WaflDbayRxaS6U6N4Ws2sxWtS25AstyueoomrGZzrlSySnLHB-vm1U5ycdqNqm23Sq3ZaalwpqXoqe4rt3PlGS5JcXdhq26vGP0SwJL1-JCYw_7rz72Mdx7rYHMQwxHXc1sqUcBcBIAnwN-amYcAI-mvMIuHn46eCo-zz9sXP756kPSdzgVjsbEokrVLZXqtDsSFDKccQtmDSqlbKK4Vi6JhUITDQToFOF1PkHv4GAHx0f47AwW9BFYqkSf4uAbDu5N-0az_-r86Aw4PsvO4XBdaRnWwuI20VJrNupoJpHYJgaGVYNw4jaVdUeziMQdwssn7g6Hw3fnfOPzB4-_Pnk_Hn3JvAj6ToK-Xw2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
143.104.237.46 New York, United States, ASN395139 (NYP-INTERNET, US),
Reverse DNS
Software
/
Resource Hash
4774de14b83572cf976dbb5c4633b51ca5dc07d1f3dbc2a9113efcc96f43b3e4
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.pingone.com ; img-src 'self' *.nyp.org *.pingone.com *.duosecurity.com *.duo.com data: ; connect-src 'self' http://127.0.0.1:27367 *.twosense.ai *.pingone.com *.mixpanel.com; font-src 'self' fonts.gstatic.com ; style-src 'self' 'unsafe-inline' *.nyp.org *.pingone.com *.googleapis.com ; worker-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.pingone.com *.nyp.org data: ; object-src 'none' ; frame-ancestors 'self' *.nyp.org *.pingone.com *.infor.com *.service-now.com *.sabacloud.com ; child-src 'self' data: *.duosecurity.com
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fed.nyp.org/idp/eyJ2c2lkIjoiaHR0cDpcL1wvbnlwLm9yZ1wvUGluZ0ZlZGVyYXRlIn0/prp.wsf?login_hint=hss9004%40nyp.org&client-request-id=21782c61-fa32-8c2c-e419-ae11bbbeb17a&username=hss9004%40nyp.org&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAAjZE7bNNgFIXzx6n74NHQCQaEsJiqOrEdJ44jIeGkqZKQKAmp42KEIue3nVftP43tJnWVnYGhQmLpCCx04NEB0SAh5k5l7VQJhCoGQEwRLDhCSGxwhu-e4d4z3LOI0SE6cY36LYackKR0nSahNnF_qbcwF1SWBleZH0v3P156duHN25fuLpg2t7oh1GvsgStN2-5aiXAYOfY6Qp0Q0vUW1EIQGWHUV8KvATgC4BSAB_75pmXxFMXe-HPs52KReIxlWS7uDSoajUToEM8pdZ2JMiQb5RUPKiQVb4HkKI2hVZWPsix97J8vCo7dZCZAvZarfffP6qhn1LrIsnexfZC_bdeXUaGxkq4MImW7FhNEJ9skO2vicoRaSfUVlK8oOZLjmEil7Rqrq0VZbOfTvCxq3UYhaW1wlpSW6EwSyigv2WaflDbayRxaS6U6N4Ws2sxWtS25AstyueoomrGZzrlSySnLHB-vm1U5ycdqNqm23Sq3ZaalwpqXoqe4rt3PlGS5JcXdhq26vGP0SwJL1-JCYw_7rz72Mdx7rYHMQwxHXc1sqUcBcBIAnwN-amYcAI-mvMIuHn46eCo-zz9sXP756kPSdzgVjsbEokrVLZXqtDsSFDKccQtmDSqlbKK4Vi6JhUITDQToFOF1PkHv4GAHx0f47AwW9BFYqkSf4uAbDu5N-0az_-r86Aw4PsvO4XBdaRnWwuI20VJrNupoJpHYJgaGVYNw4jaVdUeziMQdwssn7g6Hw3fnfOPzB4-_Pnk_Hn3JvAj6ToK-Xw2

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Security-Policy
default-src 'self' *.pingone.com ; img-src 'self' *.nyp.org *.pingone.com *.duosecurity.com *.duo.com data: ; connect-src 'self' http://127.0.0.1:27367 *.twosense.ai *.pingone.com *.mixpanel.com; font-src 'self' fonts.gstatic.com ; style-src 'self' 'unsafe-inline' *.nyp.org *.pingone.com *.googleapis.com ; worker-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.pingone.com *.nyp.org data: ; object-src 'none' ; frame-ancestors 'self' *.nyp.org *.pingone.com *.infor.com *.service-now.com *.sabacloud.com ; child-src 'self' data: *.duosecurity.com
Cache-Control
must-revalidate,no-cache,no-store
Referrer-Policy
origin
X-Content-Type-Options
nosniff
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
1753
X-XSS-Protection
1; mode=block
Content-Type
text/html;charset=utf-8
X-Frame-Options
DENY
NYP4.jpg
fed.nyp.org/assets/resources/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fed.nyp.org/assets/resources/images/NYP4.jpg
Requested by
Host: fed.nyp.org
URL: https://fed.nyp.org/idp/eyJ2c2lkIjoiaHR0cDpcL1wvbnlwLm9yZ1wvUGluZ0ZlZGVyYXRlIn0/prp.wsf?login_hint=hss9004%40nyp.org&client-request-id=21782c61-fa32-8c2c-e419-ae11bbbeb17a&username=hss9004%40nyp.org&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAAjZE7bNNgFIXzx6n74NHQCQaEsJiqOrEdJ44jIeGkqZKQKAmp42KEIue3nVftP43tJnWVnYGhQmLpCCx04NEB0SAh5k5l7VQJhCoGQEwRLDhCSGxwhu-e4d4z3LOI0SE6cY36LYackKR0nSahNnF_qbcwF1SWBleZH0v3P156duHN25fuLpg2t7oh1GvsgStN2-5aiXAYOfY6Qp0Q0vUW1EIQGWHUV8KvATgC4BSAB_75pmXxFMXe-HPs52KReIxlWS7uDSoajUToEM8pdZ2JMiQb5RUPKiQVb4HkKI2hVZWPsix97J8vCo7dZCZAvZarfffP6qhn1LrIsnexfZC_bdeXUaGxkq4MImW7FhNEJ9skO2vicoRaSfUVlK8oOZLjmEil7Rqrq0VZbOfTvCxq3UYhaW1wlpSW6EwSyigv2WaflDbayRxaS6U6N4Ws2sxWtS25AstyueoomrGZzrlSySnLHB-vm1U5ycdqNqm23Sq3ZaalwpqXoqe4rt3PlGS5JcXdhq26vGP0SwJL1-JCYw_7rz72Mdx7rYHMQwxHXc1sqUcBcBIAnwN-amYcAI-mvMIuHn46eCo-zz9sXP756kPSdzgVjsbEokrVLZXqtDsSFDKccQtmDSqlbKK4Vi6JhUITDQToFOF1PkHv4GAHx0f47AwW9BFYqkSf4uAbDu5N-0az_-r86Aw4PsvO4XBdaRnWwuI20VJrNupoJpHYJgaGVYNw4jaVdUeziMQdwssn7g6Hw3fnfOPzB4-_Pnk_Hn3JvAj6ToK-Xw2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
143.104.237.46 New York, United States, ASN395139 (NYP-INTERNET, US),
Reverse DNS
Software
/
Resource Hash
4774de14b83572cf976dbb5c4633b51ca5dc07d1f3dbc2a9113efcc96f43b3e4
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.pingone.com ; img-src 'self' *.nyp.org *.pingone.com *.duosecurity.com *.duo.com data: ; connect-src 'self' http://127.0.0.1:27367 *.twosense.ai *.pingone.com *.mixpanel.com; font-src 'self' fonts.gstatic.com ; style-src 'self' 'unsafe-inline' *.nyp.org *.pingone.com *.googleapis.com ; worker-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.pingone.com *.nyp.org data: ; object-src 'none' ; frame-ancestors 'self' *.nyp.org *.pingone.com *.infor.com *.service-now.com *.sabacloud.com ; child-src 'self' data: *.duosecurity.com
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fed.nyp.org/idp/eyJ2c2lkIjoiaHR0cDpcL1wvbnlwLm9yZ1wvUGluZ0ZlZGVyYXRlIn0/prp.wsf?login_hint=hss9004%40nyp.org&client-request-id=21782c61-fa32-8c2c-e419-ae11bbbeb17a&username=hss9004%40nyp.org&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAAjZE7bNNgFIXzx6n74NHQCQaEsJiqOrEdJ44jIeGkqZKQKAmp42KEIue3nVftP43tJnWVnYGhQmLpCCx04NEB0SAh5k5l7VQJhCoGQEwRLDhCSGxwhu-e4d4z3LOI0SE6cY36LYackKR0nSahNnF_qbcwF1SWBleZH0v3P156duHN25fuLpg2t7oh1GvsgStN2-5aiXAYOfY6Qp0Q0vUW1EIQGWHUV8KvATgC4BSAB_75pmXxFMXe-HPs52KReIxlWS7uDSoajUToEM8pdZ2JMiQb5RUPKiQVb4HkKI2hVZWPsix97J8vCo7dZCZAvZarfffP6qhn1LrIsnexfZC_bdeXUaGxkq4MImW7FhNEJ9skO2vicoRaSfUVlK8oOZLjmEil7Rqrq0VZbOfTvCxq3UYhaW1wlpSW6EwSyigv2WaflDbayRxaS6U6N4Ws2sxWtS25AstyueoomrGZzrlSySnLHB-vm1U5ycdqNqm23Sq3ZaalwpqXoqe4rt3PlGS5JcXdhq26vGP0SwJL1-JCYw_7rz72Mdx7rYHMQwxHXc1sqUcBcBIAnwN-amYcAI-mvMIuHn46eCo-zz9sXP756kPSdzgVjsbEokrVLZXqtDsSFDKccQtmDSqlbKK4Vi6JhUITDQToFOF1PkHv4GAHx0f47AwW9BFYqkSf4uAbDu5N-0az_-r86Aw4PsvO4XBdaRnWwuI20VJrNupoJpHYJgaGVYNw4jaVdUeziMQdwssn7g6Hw3fnfOPzB4-_Pnk_Hn3JvAj6ToK-Xw2

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Security-Policy
default-src 'self' *.pingone.com ; img-src 'self' *.nyp.org *.pingone.com *.duosecurity.com *.duo.com data: ; connect-src 'self' http://127.0.0.1:27367 *.twosense.ai *.pingone.com *.mixpanel.com; font-src 'self' fonts.gstatic.com ; style-src 'self' 'unsafe-inline' *.nyp.org *.pingone.com *.googleapis.com ; worker-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.pingone.com *.nyp.org data: ; object-src 'none' ; frame-ancestors 'self' *.nyp.org *.pingone.com *.infor.com *.service-now.com *.sabacloud.com ; child-src 'self' data: *.duosecurity.com
Cache-Control
must-revalidate,no-cache,no-store
Referrer-Policy
origin
X-Content-Type-Options
nosniff
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
1753
X-XSS-Protection
1; mode=block
Content-Type
text/html;charset=utf-8
X-Frame-Options
DENY
NYP5.jpg
fed.nyp.org/assets/resources/images/ 		563 KB
564 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fed.nyp.org/assets/resources/images/NYP5.jpg
Requested by
Host: fed.nyp.org
URL: https://fed.nyp.org/idp/eyJ2c2lkIjoiaHR0cDpcL1wvbnlwLm9yZ1wvUGluZ0ZlZGVyYXRlIn0/prp.wsf?login_hint=hss9004%40nyp.org&client-request-id=21782c61-fa32-8c2c-e419-ae11bbbeb17a&username=hss9004%40nyp.org&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAAjZE7bNNgFIXzx6n74NHQCQaEsJiqOrEdJ44jIeGkqZKQKAmp42KEIue3nVftP43tJnWVnYGhQmLpCCx04NEB0SAh5k5l7VQJhCoGQEwRLDhCSGxwhu-e4d4z3LOI0SE6cY36LYackKR0nSahNnF_qbcwF1SWBleZH0v3P156duHN25fuLpg2t7oh1GvsgStN2-5aiXAYOfY6Qp0Q0vUW1EIQGWHUV8KvATgC4BSAB_75pmXxFMXe-HPs52KReIxlWS7uDSoajUToEM8pdZ2JMiQb5RUPKiQVb4HkKI2hVZWPsix97J8vCo7dZCZAvZarfffP6qhn1LrIsnexfZC_bdeXUaGxkq4MImW7FhNEJ9skO2vicoRaSfUVlK8oOZLjmEil7Rqrq0VZbOfTvCxq3UYhaW1wlpSW6EwSyigv2WaflDbayRxaS6U6N4Ws2sxWtS25AstyueoomrGZzrlSySnLHB-vm1U5ycdqNqm23Sq3ZaalwpqXoqe4rt3PlGS5JcXdhq26vGP0SwJL1-JCYw_7rz72Mdx7rYHMQwxHXc1sqUcBcBIAnwN-amYcAI-mvMIuHn46eCo-zz9sXP756kPSdzgVjsbEokrVLZXqtDsSFDKccQtmDSqlbKK4Vi6JhUITDQToFOF1PkHv4GAHx0f47AwW9BFYqkSf4uAbDu5N-0az_-r86Aw4PsvO4XBdaRnWwuI20VJrNupoJpHYJgaGVYNw4jaVdUeziMQdwssn7g6Hw3fnfOPzB4-_Pnk_Hn3JvAj6ToK-Xw2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
143.104.237.46 New York, United States, ASN395139 (NYP-INTERNET, US),
Reverse DNS
Software
/
Resource Hash
215caf62a4245c76cf72d33e6dde0cf59225bd76d78f8ec48b69db45ae97ea66
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.pingone.com ; img-src 'self' *.nyp.org *.pingone.com *.duosecurity.com *.duo.com data: ; connect-src 'self' http://127.0.0.1:27367 *.twosense.ai *.pingone.com *.mixpanel.com; font-src 'self' fonts.gstatic.com ; style-src 'self' 'unsafe-inline' *.nyp.org *.pingone.com *.googleapis.com ; worker-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.pingone.com *.nyp.org data: ; object-src 'none' ; frame-ancestors 'self' *.nyp.org *.pingone.com *.infor.com *.service-now.com *.sabacloud.com ; child-src 'self' data: *.duosecurity.com
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fed.nyp.org/idp/eyJ2c2lkIjoiaHR0cDpcL1wvbnlwLm9yZ1wvUGluZ0ZlZGVyYXRlIn0/prp.wsf?login_hint=hss9004%40nyp.org&client-request-id=21782c61-fa32-8c2c-e419-ae11bbbeb17a&username=hss9004%40nyp.org&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAAjZE7bNNgFIXzx6n74NHQCQaEsJiqOrEdJ44jIeGkqZKQKAmp42KEIue3nVftP43tJnWVnYGhQmLpCCx04NEB0SAh5k5l7VQJhCoGQEwRLDhCSGxwhu-e4d4z3LOI0SE6cY36LYackKR0nSahNnF_qbcwF1SWBleZH0v3P156duHN25fuLpg2t7oh1GvsgStN2-5aiXAYOfY6Qp0Q0vUW1EIQGWHUV8KvATgC4BSAB_75pmXxFMXe-HPs52KReIxlWS7uDSoajUToEM8pdZ2JMiQb5RUPKiQVb4HkKI2hVZWPsix97J8vCo7dZCZAvZarfffP6qhn1LrIsnexfZC_bdeXUaGxkq4MImW7FhNEJ9skO2vicoRaSfUVlK8oOZLjmEil7Rqrq0VZbOfTvCxq3UYhaW1wlpSW6EwSyigv2WaflDbayRxaS6U6N4Ws2sxWtS25AstyueoomrGZzrlSySnLHB-vm1U5ycdqNqm23Sq3ZaalwpqXoqe4rt3PlGS5JcXdhq26vGP0SwJL1-JCYw_7rz72Mdx7rYHMQwxHXc1sqUcBcBIAnwN-amYcAI-mvMIuHn46eCo-zz9sXP756kPSdzgVjsbEokrVLZXqtDsSFDKccQtmDSqlbKK4Vi6JhUITDQToFOF1PkHv4GAHx0f47AwW9BFYqkSf4uAbDu5N-0az_-r86Aw4PsvO4XBdaRnWwuI20VJrNupoJpHYJgaGVYNw4jaVdUeziMQdwssn7g6Hw3fnfOPzB4-_Pnk_Hn3JvAj6ToK-Xw2

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Security-Policy
default-src 'self' *.pingone.com ; img-src 'self' *.nyp.org *.pingone.com *.duosecurity.com *.duo.com data: ; connect-src 'self' http://127.0.0.1:27367 *.twosense.ai *.pingone.com *.mixpanel.com; font-src 'self' fonts.gstatic.com ; style-src 'self' 'unsafe-inline' *.nyp.org *.pingone.com *.googleapis.com ; worker-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.pingone.com *.nyp.org data: ; object-src 'none' ; frame-ancestors 'self' *.nyp.org *.pingone.com *.infor.com *.service-now.com *.sabacloud.com ; child-src 'self' data: *.duosecurity.com
Cache-Control
max-age=0, must-revalidate
Referrer-Policy
origin
X-Content-Type-Options
nosniff
Content-Length
576134
Date
Tue, 15 Oct 2024 09:37:11 GMT
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 02 Oct 2020 19:01:41 GMT
Content-Type
image/jpeg
X-Frame-Options
DENY
NYP6.jpg
fed.nyp.org/assets/resources/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fed.nyp.org/assets/resources/images/NYP6.jpg
Requested by
Host: fed.nyp.org
URL: https://fed.nyp.org/idp/eyJ2c2lkIjoiaHR0cDpcL1wvbnlwLm9yZ1wvUGluZ0ZlZGVyYXRlIn0/prp.wsf?login_hint=hss9004%40nyp.org&client-request-id=21782c61-fa32-8c2c-e419-ae11bbbeb17a&username=hss9004%40nyp.org&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAAjZE7bNNgFIXzx6n74NHQCQaEsJiqOrEdJ44jIeGkqZKQKAmp42KEIue3nVftP43tJnWVnYGhQmLpCCx04NEB0SAh5k5l7VQJhCoGQEwRLDhCSGxwhu-e4d4z3LOI0SE6cY36LYackKR0nSahNnF_qbcwF1SWBleZH0v3P156duHN25fuLpg2t7oh1GvsgStN2-5aiXAYOfY6Qp0Q0vUW1EIQGWHUV8KvATgC4BSAB_75pmXxFMXe-HPs52KReIxlWS7uDSoajUToEM8pdZ2JMiQb5RUPKiQVb4HkKI2hVZWPsix97J8vCo7dZCZAvZarfffP6qhn1LrIsnexfZC_bdeXUaGxkq4MImW7FhNEJ9skO2vicoRaSfUVlK8oOZLjmEil7Rqrq0VZbOfTvCxq3UYhaW1wlpSW6EwSyigv2WaflDbayRxaS6U6N4Ws2sxWtS25AstyueoomrGZzrlSySnLHB-vm1U5ycdqNqm23Sq3ZaalwpqXoqe4rt3PlGS5JcXdhq26vGP0SwJL1-JCYw_7rz72Mdx7rYHMQwxHXc1sqUcBcBIAnwN-amYcAI-mvMIuHn46eCo-zz9sXP756kPSdzgVjsbEokrVLZXqtDsSFDKccQtmDSqlbKK4Vi6JhUITDQToFOF1PkHv4GAHx0f47AwW9BFYqkSf4uAbDu5N-0az_-r86Aw4PsvO4XBdaRnWwuI20VJrNupoJpHYJgaGVYNw4jaVdUeziMQdwssn7g6Hw3fnfOPzB4-_Pnk_Hn3JvAj6ToK-Xw2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
143.104.237.46 New York, United States, ASN395139 (NYP-INTERNET, US),
Reverse DNS
Software
/
Resource Hash
a9ff8f918d40a963a69fb4cba8f7e840af8ff7acd4e7692008b7e2a9ef11677d
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.pingone.com ; img-src 'self' *.nyp.org *.pingone.com *.duosecurity.com *.duo.com data: ; connect-src 'self' http://127.0.0.1:27367 *.twosense.ai *.pingone.com *.mixpanel.com; font-src 'self' fonts.gstatic.com ; style-src 'self' 'unsafe-inline' *.nyp.org *.pingone.com *.googleapis.com ; worker-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.pingone.com *.nyp.org data: ; object-src 'none' ; frame-ancestors 'self' *.nyp.org *.pingone.com *.infor.com *.service-now.com *.sabacloud.com ; child-src 'self' data: *.duosecurity.com
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fed.nyp.org/idp/eyJ2c2lkIjoiaHR0cDpcL1wvbnlwLm9yZ1wvUGluZ0ZlZGVyYXRlIn0/prp.wsf?login_hint=hss9004%40nyp.org&client-request-id=21782c61-fa32-8c2c-e419-ae11bbbeb17a&username=hss9004%40nyp.org&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAAjZE7bNNgFIXzx6n74NHQCQaEsJiqOrEdJ44jIeGkqZKQKAmp42KEIue3nVftP43tJnWVnYGhQmLpCCx04NEB0SAh5k5l7VQJhCoGQEwRLDhCSGxwhu-e4d4z3LOI0SE6cY36LYackKR0nSahNnF_qbcwF1SWBleZH0v3P156duHN25fuLpg2t7oh1GvsgStN2-5aiXAYOfY6Qp0Q0vUW1EIQGWHUV8KvATgC4BSAB_75pmXxFMXe-HPs52KReIxlWS7uDSoajUToEM8pdZ2JMiQb5RUPKiQVb4HkKI2hVZWPsix97J8vCo7dZCZAvZarfffP6qhn1LrIsnexfZC_bdeXUaGxkq4MImW7FhNEJ9skO2vicoRaSfUVlK8oOZLjmEil7Rqrq0VZbOfTvCxq3UYhaW1wlpSW6EwSyigv2WaflDbayRxaS6U6N4Ws2sxWtS25AstyueoomrGZzrlSySnLHB-vm1U5ycdqNqm23Sq3ZaalwpqXoqe4rt3PlGS5JcXdhq26vGP0SwJL1-JCYw_7rz72Mdx7rYHMQwxHXc1sqUcBcBIAnwN-amYcAI-mvMIuHn46eCo-zz9sXP756kPSdzgVjsbEokrVLZXqtDsSFDKccQtmDSqlbKK4Vi6JhUITDQToFOF1PkHv4GAHx0f47AwW9BFYqkSf4uAbDu5N-0az_-r86Aw4PsvO4XBdaRnWwuI20VJrNupoJpHYJgaGVYNw4jaVdUeziMQdwssn7g6Hw3fnfOPzB4-_Pnk_Hn3JvAj6ToK-Xw2

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Security-Policy
default-src 'self' *.pingone.com ; img-src 'self' *.nyp.org *.pingone.com *.duosecurity.com *.duo.com data: ; connect-src 'self' http://127.0.0.1:27367 *.twosense.ai *.pingone.com *.mixpanel.com; font-src 'self' fonts.gstatic.com ; style-src 'self' 'unsafe-inline' *.nyp.org *.pingone.com *.googleapis.com ; worker-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.pingone.com *.nyp.org data: ; object-src 'none' ; frame-ancestors 'self' *.nyp.org *.pingone.com *.infor.com *.service-now.com *.sabacloud.com ; child-src 'self' data: *.duosecurity.com
Cache-Control
must-revalidate,no-cache,no-store
Referrer-Policy
origin
X-Content-Type-Options
nosniff
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
1753
X-XSS-Protection
1; mode=block
Content-Type
text/html;charset=utf-8
X-Frame-Options
DENY
favicon_azure.png
fed.nyp.org/assets/resources/ 		2 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://fed.nyp.org/assets/resources/favicon_azure.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
143.104.237.46 New York, United States, ASN395139 (NYP-INTERNET, US),
Reverse DNS
Software
/
Resource Hash
7492c6fd4c49be4decd9f9bda313ddd120e94401add8e0f4621a8d502910b8b6
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.pingone.com ; img-src 'self' *.nyp.org *.pingone.com *.duosecurity.com *.duo.com data: ; connect-src 'self' http://127.0.0.1:27367 *.twosense.ai *.pingone.com *.mixpanel.com; font-src 'self' fonts.gstatic.com ; style-src 'self' 'unsafe-inline' *.nyp.org *.pingone.com *.googleapis.com ; worker-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.pingone.com *.nyp.org data: ; object-src 'none' ; frame-ancestors 'self' *.nyp.org *.pingone.com *.infor.com *.service-now.com *.sabacloud.com ; child-src 'self' data: *.duosecurity.com
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fed.nyp.org/

Response headers

Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Security-Policy
default-src 'self' *.pingone.com ; img-src 'self' *.nyp.org *.pingone.com *.duosecurity.com *.duo.com data: ; connect-src 'self' http://127.0.0.1:27367 *.twosense.ai *.pingone.com *.mixpanel.com; font-src 'self' fonts.gstatic.com ; style-src 'self' 'unsafe-inline' *.nyp.org *.pingone.com *.googleapis.com ; worker-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.pingone.com *.nyp.org data: ; object-src 'none' ; frame-ancestors 'self' *.nyp.org *.pingone.com *.infor.com *.service-now.com *.sabacloud.com ; child-src 'self' data: *.duosecurity.com
Cache-Control
max-age=0, must-revalidate
Referrer-Policy
origin
X-Content-Type-Options
nosniff
Content-Length
1734
Date
Tue, 15 Oct 2024 09:37:11 GMT
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 08 Oct 2020 18:14:48 GMT
Content-Type
image/png
X-Frame-Options
DENY

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Office 365 (Online)

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| MobileDetect function| initLogon function| redir function| shw function| hd function| clkSecExp function| kdSecExp function| clkSec function| clkBsc function| checkSubmit function| clkLgn function| clkReLgn function| gbid function| IsOwaPremiumBrowser function| hres function| LogoffMime function| addPerfMarker number| a_fRC number| g_fFcs function| IsMimeCtlInst function| RndMimeCtl function| RndMimeCtlHlpr object| mainLogonDiv string| mainLogonDivClassName function| setPlaceholderText function| showPasswordClick object| md object| year function| postOk function| postCancel function| postOnReturn function| setFocus function| setMobile function| getScreenWidth object| bodyTag number| width function| cycleToNextImage number| currentImageIndex object| imageIds number| fadeSpeed number| SCALING_MODE_STRETCH number| SCALING_MODE_COVER number| SCALING_MODE_CONTAIN function| cycleBG

2 Cookies

Domain/Path Name / Value
fed.nyp.org/ Name: PF
Value: 0slPewxFAD6kydbRPpoQZi
fed.nyp.org/ Name: BIGipServer~INFO-SEC_traffic_grp-2~fed_https_pool
Value: !Ktc9/BGEWZMtgihjtDLAADhCeswvQvvJ/8rr5WtSAo+oOLgzpA9wDxtp3etfVJBQHhF1JZGy4bL4tW0=

5 Console Messages

Source Level URL
Text
recommendation verbose URL: https://fed.nyp.org/idp/eyJ2c2lkIjoiaHR0cDpcL1wvbnlwLm9yZ1wvUGluZ0ZlZGVyYXRlIn0/prp.wsf?login_hint=hss9004%40nyp.org&client-request-id=21782c61-fa32-8c2c-e419-ae11bbbeb17a&username=hss9004%40nyp.org&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQQIARAAjZE7bNNgFIXzx6n74NHQCQaEsJiqOrEdJ44jIeGkqZKQKAmp42KEIue3nVftP43tJnWVnYGhQmLpCCx04NEB0SAh5k5l7VQJhCoGQEwRLDhCSGxwhu-e4d4z3LOI0SE6cY36LYackKR0nSahNnF_qbcwF1SWBleZH0v3P156duHN25fuLpg2t7oh1GvsgStN2-5aiXAYOfY6Qp0Q0vUW1EIQGWHUV8KvATgC4BSAB_75pmXxFMXe-HPs52KReIxlWS7uDSoajUToEM8pdZ2JMiQb5RUPKiQVb4HkKI2hVZWPsix97J8vCo7dZCZAvZarfffP6qhn1LrIsnexfZC_bdeXUaGxkq4MImW7FhNEJ9skO2vicoRaSfUVlK8oOZLjmEil7Rqrq0VZbOfTvCxq3UYhaW1wlpSW6EwSyigv2WaflDbayRxaS6U6N4Ws2sxWtS25AstyueoomrGZzrlSySnLHB-vm1U5ycdqNqm23Sq3ZaalwpqXoqe4rt3PlGS5JcXdhq26vGP0SwJL1-JCYw_7rz72Mdx7rYHMQwxHXc1sqUcBcBIAnwN-amYcAI-mvMIuHn46eCo-zz9sXP756kPSdzgVjsbEokrVLZXqtDsSFDKccQtmDSqlbKK4Vi6JhUITDQToFOF1PkHv4GAHx0f47AwW9BFYqkSf4uAbDu5N-0az_-r86Aw4PsvO4XBdaRnWwuI20VJrNupoJpHYJgaGVYNw4jaVdUeziMQdwssn7g6Hw3fnfOPzB4-_Pnk_Hn3JvAj6ToK-Xw2
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network error URL: https://fed.nyp.org/assets/resources/images/NYP3.jpg
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://fed.nyp.org/assets/resources/images/NYP4.jpg
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://fed.nyp.org/assets/resources/images/NYP2.jpg
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://fed.nyp.org/assets/resources/images/NYP6.jpg
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' *.pingone.com ; img-src 'self' *.nyp.org *.pingone.com *.duosecurity.com *.duo.com data: ; connect-src 'self' http://127.0.0.1:27367 *.twosense.ai *.pingone.com *.mixpanel.com; font-src 'self' fonts.gstatic.com ; style-src 'self' 'unsafe-inline' *.nyp.org *.pingone.com *.googleapis.com ; worker-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.pingone.com *.nyp.org data: ; object-src 'none' ; frame-ancestors 'self' *.nyp.org *.pingone.com *.infor.com *.service-now.com *.sabacloud.com ; child-src 'self' data: *.duosecurity.com
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block