Domain cri.studentaid.gov
Germany
Software information
AkamaiGHost
tcp/443 tcp/80
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
IP: 23.50.131.149
Domain: mmaapi.cri.studentaid.gov
Port: 443
URL: https://mmaapi.cri.studentaid.govFirst seen 2025-11-16 09:34
Last seen 2026-01-23 18:11
Open for 68 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549a2728d0319e58688a89fac6ea9b8ca409fdc122aPublic Swagger UI/API detected at path: /swagger/index.html - sample paths: DELETE /api/1/payment/scheduled/{paymentId}/{paymentDetailId} DELETE /api/1/web-account/authorized-payers/{authorizedPayerWebAccountId} GET /api/1/auto-debit/indicator GET /api/1/auto-debit/is-application-in-process GET /api/1/auto-debit/summary GET /api/1/borrower-voice GET /api/1/borrower-voice/borrower-ivr-actions GET /api/1/borrower-voice/forbearance-info GET /api/1/borrower-voice/is-vape-required GET /api/1/borrower-voice/proactive-messaging GET /api/1/borrower-voice/recent-documents GET /api/1/borrower-voice/repayment-plans GET /api/1/borrower/application-statuses GET /api/1/borrower/borrower-actions GET /api/1/borrower/borrower-contact-information GET /api/1/borrower/captive-pages GET /api/1/borrower/cell-phone-consent GET /api/1/borrower/conditional-notifications GET /api/1/borrower/current-school GET /api/1/borrower/current-school/overview GET /api/1/borrower/custom-status-actions GET /api/1/borrower/details GET /api/1/borrower/email-disclaimer GET /api/1/borrower/forbearance-hardship-summary GET /api/1/borrower/group-disclosure-details GET /api/1/borrower/info GET /api/1/borrower/is-economic-hardship-eligible/income/{monthlyIncome}/family/{familySize} GET /api/1/borrower/is-in-school GET /api/1/borrower/profile/overview GET /api/1/borrower/repayment-notification GET /api/1/borrower/repayment-recertifications GET /api/1/borrower/repayment-schedule-validations GET /api/1/borrower/repayment/overview GET /api/1/borrower/status GET /api/1/borrower/very-delinquent GET /api/1/borrower/with-accounts GET /api/1/borrower/workflow-requests GET /api/1/borrower/workflow-statuses GET /api/1/content/alias/{clientId}/{applicationId}/{alias} GET /api/1/content/client-content/{clientId}/{applicationId} GET /api/1/content/loan-info/alias/{clientId}/{applicationId}/{alias} GET /api/1/content/version/{clientId}/{applicationId} GET /api/1/deferment-forbearance/deferment-eligibility GET /api/1/deferment-forbearance/deferment-eligible-groups GET /api/1/deferment-forbearance/in-school-data GET /api/1/deferment-forbearance/is-economic-hardship-eligible/income/{monthlyIncome}/family/{familySize} GET /api/1/deferment-forbearance/military-deferment-dates GET /api/1/deferment-forbearance/render-in-school-pdf GET /api/1/demographic/countries/{clientId} GET /api/1/demographic/countries/{code}/states/{clientId} GET /api/1/demographic/countries/{code}/{clientId} GET /api/1/demographic/states/{clientId} GET /api/1/demographic/states/{code}/{clientId} GET /api/1/document-uploads GET /api/1/inbox/is-ecorr-enrolled GET /api/1/inbox/list GET /api/1/inbox/pdf/{messageId}/{isDirect} GET /api/1/inbox/txt/{messageId}/{isDirect} GET /api/1/loan/account-numbers GET /api/1/loan/benefits/{accountNumber} GET /api/1/loan/information GET /api/1/loan/mortgage-letter GET /api/1/loan/overview GET /api/1/loan/summary GET /api/1/loan/summary/{accountNumber}/{includeCancelledDisbursements} GET /api/1/notification/list GET /api/1/notification/public/list/client/{clientId}/application/{appId} GET /api/1/notification/text-alerts GET /api/1/payment/available-payment-dates GET /api/1/payment/bank-name/{routingNumber} GET /api/1/payment/borrower-payment-due GET /api/1/payment/earliest-payment-date GET /api/1/payment/history GET /api/1/payment/is-after-processing-cutoff-time GET /api/1/payment/latest GET /api/1/payment/latest-pending GET /api/1/payment/latest/account-level GET /api/1/payment/methods GET /api/1/payment/methods/{methodId} GET /api/1/payment/overview/{sortByEffectiveDate} GET /api/1/payment/payment-after-cutoff GET /api/1/payment/payoff-data/{numOfDays} GET /api/1/payment/scheduled GET /api/1/repayment-plan/application-in-process GET /api/1/repayment-plan/idr-application GET /api/1/repayment-plan/is-eligible-for-repayment-options GET /api/1/repayment-plan/term-based-application GET /api/1/special-payment-instructions GET /api/1/statements GET /api/1/statements/pdf/{documentId}/{isDirect} GET /api/1/tax/account-tax-info GET /api/1/tax/is-tax-season-in-effect GET /api/1/tax/tax-form-corrected GET /api/1/time/epoch GET /api/1/web-account GET /api/1/web-account/authorized-payers GET /api/1/web-account/check-user-name/user/{username} GET /api/1/web-account/email POST /api/1/auto-debit/auto-debit POST /api/1/auto-debit/auto-debit-cancel POST /api/1/borrower-voice/deferment-doc POST /api/1/borrower-voice/forbearance-doc POST /api/1/borrower/email-us POST /api/1/borrower/inflate POST /api/1/command/cell-phone-consent POST /api/1/command/ecorrespondence/enroll POST /api/1/command/ecorrespondence/unenroll POST /api/1/command/ecorrespondenceNotNow POST /api/1/command/idr-email-comm-serial POST /api/1/content/list POST /api/1/content/loan-info/search-results POST /api/1/content/loan-info/static POST /api/1/content/loan-info/text POST /api/1/content/path-keys POST /api/1/content/text POST /api/1/deferment-forbearance/economic-hardship-deferment POST /api/1/deferment-forbearance/in-school-deferment POST /api/1/deferment-forbearance/military-deferment POST /api/1/deferment-forbearance/rehab-deferment POST /api/1/deferment-forbearance/unemployment-deferment POST /api/1/document-uploads/upload-with-form-data POST /api/1/document-uploads/upload/{documentTypeId}/{isDefermentFlow} POST /api/1/forms/ca-privacy-optout POST /api/1/forms/privacy-optout POST /api/1/payment/nacha-validation POST /api/1/payment/submit POST /api/1/payment/validate POST /api/1/repayment-plan/hardship-forbearance POST /api/1/web-account/check-registration-user-name/user/client/{clientId}/application/{appId} POST /api/1/web-account/register-user/client/{clientId}/application/{appId} POST /api/1/web-account/registration-demographics/client/{clientId}/application/{appId} POST /api/1/web-account/registration-validate-tertiary/client/{clientId}/application/{appId} POST /api/1/web-account/terms-agreement POST /api/1/web-account/user-count-with-email/{clientId}/{appId} POST /api/1/web-account/validate-address PUT /api/1/borrower-voice/phone-consent PUT /api/1/inbox/message/{isRead} PUT /api/1/special-payment-instructions/submit PUT /api/1/special-payment-instructions/validate PUT /api/1/web-account/authorized-payers/{authorizedPayerUserId}/reset-password PUT /api/1/web-account/change-passwordFound on 2026-01-23 18:11 -
Severity: info
Fingerprint: 5733ddf49ff49cd1aad03549a2728d0319e58688a89fac6ea9b8ca40579fa894Public Swagger UI/API detected at path: /swagger/index.html - sample paths: DELETE /api/1/payment/scheduled/{paymentId}/{paymentDetailId} DELETE /api/1/web-account/authorized-payers/{authorizedPayerWebAccountId} GET /api/1/auto-debit/indicator GET /api/1/auto-debit/is-application-in-process GET /api/1/auto-debit/summary GET /api/1/borrower-voice GET /api/1/borrower-voice/borrower-ivr-actions GET /api/1/borrower-voice/forbearance-info GET /api/1/borrower-voice/is-vape-required GET /api/1/borrower-voice/proactive-messaging GET /api/1/borrower-voice/recent-documents GET /api/1/borrower-voice/repayment-plans GET /api/1/borrower/application-statuses GET /api/1/borrower/borrower-actions GET /api/1/borrower/borrower-contact-information GET /api/1/borrower/captive-pages GET /api/1/borrower/cell-phone-consent GET /api/1/borrower/conditional-notifications GET /api/1/borrower/current-school GET /api/1/borrower/current-school/overview GET /api/1/borrower/custom-status-actions GET /api/1/borrower/details GET /api/1/borrower/email-disclaimer GET /api/1/borrower/forbearance-hardship-summary GET /api/1/borrower/group-disclosure-details GET /api/1/borrower/info GET /api/1/borrower/is-economic-hardship-eligible/income/{monthlyIncome}/family/{familySize} GET /api/1/borrower/is-in-school GET /api/1/borrower/profile/overview GET /api/1/borrower/repayment-notification GET /api/1/borrower/repayment-recertifications GET /api/1/borrower/repayment-schedule-validations GET /api/1/borrower/repayment/overview GET /api/1/borrower/status GET /api/1/borrower/very-delinquent GET /api/1/borrower/with-accounts GET /api/1/borrower/workflow-requests GET /api/1/borrower/workflow-statuses GET /api/1/chat/chat-information GET /api/1/content/alias/{clientId}/{applicationId}/{alias} GET /api/1/content/client-content/{clientId}/{applicationId} GET /api/1/content/loan-info/alias/{clientId}/{applicationId}/{alias} GET /api/1/content/version/{clientId}/{applicationId} GET /api/1/deferment-forbearance/deferment-eligibility GET /api/1/deferment-forbearance/deferment-eligible-groups GET /api/1/deferment-forbearance/in-school-data GET /api/1/deferment-forbearance/is-economic-hardship-eligible/income/{monthlyIncome}/family/{familySize} GET /api/1/deferment-forbearance/military-deferment-dates GET /api/1/deferment-forbearance/render-in-school-pdf GET /api/1/demographic/countries/{clientId} GET /api/1/demographic/countries/{code}/states/{clientId} GET /api/1/demographic/countries/{code}/{clientId} GET /api/1/demographic/states/{clientId} GET /api/1/demographic/states/{code}/{clientId} GET /api/1/document-uploads GET /api/1/inbox/is-ecorr-enrolled GET /api/1/inbox/list GET /api/1/inbox/pdf/{messageId}/{isDirect} GET /api/1/inbox/txt/{messageId}/{isDirect} GET /api/1/loan/account-numbers GET /api/1/loan/benefits/{accountNumber} GET /api/1/loan/information GET /api/1/loan/mortgage-letter GET /api/1/loan/overview GET /api/1/loan/summary GET /api/1/loan/summary/{accountNumber}/{includeCancelledDisbursements} GET /api/1/notification/list GET /api/1/notification/public/list/client/{clientId}/application/{appId} GET /api/1/notification/text-alerts GET /api/1/payment/available-payment-dates GET /api/1/payment/bank-name/{routingNumber} GET /api/1/payment/borrower-payment-due GET /api/1/payment/earliest-payment-date GET /api/1/payment/history GET /api/1/payment/is-after-processing-cutoff-time GET /api/1/payment/latest GET /api/1/payment/latest-pending GET /api/1/payment/latest/account-level GET /api/1/payment/methods GET /api/1/payment/methods/{methodId} GET /api/1/payment/overview/{sortByEffectiveDate} GET /api/1/payment/payment-after-cutoff GET /api/1/payment/payoff-data/{numOfDays} GET /api/1/payment/scheduled GET /api/1/repayment-plan/application-in-process GET /api/1/repayment-plan/idr-application GET /api/1/repayment-plan/is-eligible-for-repayment-options GET /api/1/repayment-plan/term-based-application GET /api/1/special-payment-instructions GET /api/1/statements GET /api/1/statements/pdf/{documentId}/{isDirect} GET /api/1/tax/account-tax-info GET /api/1/tax/is-tax-season-in-effect GET /api/1/tax/tax-form-corrected GET /api/1/time/epoch GET /api/1/web-account GET /api/1/web-account/authorized-payers GET /api/1/web-account/check-user-name/user/{username} GET /api/1/web-account/email POST /api/1/auto-debit/auto-debit POST /api/1/auto-debit/auto-debit-cancel POST /api/1/borrower-voice/deferment-doc POST /api/1/borrower-voice/forbearance-doc POST /api/1/borrower/email-us POST /api/1/borrower/inflate POST /api/1/command/cell-phone-consent POST /api/1/command/ecorrespondence/enroll POST /api/1/command/ecorrespondence/unenroll POST /api/1/command/ecorrespondenceNotNow POST /api/1/command/idr-email-comm-serial POST /api/1/content/list POST /api/1/content/loan-info/search-results POST /api/1/content/loan-info/static POST /api/1/content/loan-info/text POST /api/1/content/path-keys POST /api/1/content/text POST /api/1/deferment-forbearance/economic-hardship-deferment POST /api/1/deferment-forbearance/in-school-deferment POST /api/1/deferment-forbearance/military-deferment POST /api/1/deferment-forbearance/rehab-deferment POST /api/1/deferment-forbearance/unemployment-deferment POST /api/1/document-uploads/upload-with-form-data POST /api/1/document-uploads/upload/{documentTypeId}/{isDefermentFlow} POST /api/1/forms/ca-privacy-optout POST /api/1/forms/privacy-optout POST /api/1/payment/nacha-validation POST /api/1/payment/submit POST /api/1/payment/validate POST /api/1/repayment-plan/hardship-forbearance POST /api/1/web-account/check-registration-user-name/user/client/{clientId}/application/{appId} POST /api/1/web-account/register-user/client/{clientId}/application/{appId} POST /api/1/web-account/registration-demographics/client/{clientId}/application/{appId} POST /api/1/web-account/registration-validate-tertiary/client/{clientId}/application/{appId} POST /api/1/web-account/terms-agreement POST /api/1/web-account/user-count-with-email/{clientId}/{appId} POST /api/1/web-account/validate-address PUT /api/1/borrower-voice/phone-consent PUT /api/1/inbox/message/{isRead} PUT /api/1/special-payment-instructions/submit PUT /api/1/special-payment-instructions/validate PUT /api/1/web-account/authorized-payers/{authorizedPayerUserId}/reset-password PUT /api/1/web-account/change-passwordFound on 2026-01-16 20:24
-
-
Open service 2a02:26f0:3500:14::1724:a24f:443 · auth.cri.studentaid.gov
2026-01-23 18:11
HTTP/1.1 404 Not Found X-Frame-Options: deny X-Content-Type-Options: nosniff Content-Security-Policy: style-src 'unsafe-inline' https://fonts.googleapis.com 'self' app.pendo.io https://ajax.googleapis.com/ajax/libs/jqueryui/1.13.2/themes/smoothness/jquery-ui.css content.guides.cri.studentaid.gov data.guides.cri.studentaid.gov cdn.pendo.io pendo-static-6309816517066752.storage.googleapis.com contentmma.guides.cri.studentaid.gov; default-src *.cri.studentaid.gov *.cri.nulsc.net *.akstat.io c.go-mpulse.net s.go-mpulse.net s2.go-mpulse.net trial-eum-clientnsv4-s.akamaihd.net https://ajax.googleapis.com/ https://ajax.googleapis.com/ajax/libs/jqueryui/1.13.2/themes/smoothness/jquery-ui.css https://www.nelnetmarketing.com https://www.cri.studentaid.gov fonts.googleapis.com https://ajax.googleapis.com https://www.google-analytics.com https://ssl.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://content.guides.cri.studentaid.gov/agent/static/f7570055-633e-4ee9-7881-784aeea304cb/pendo.js app.pendo.io pendo-io-static.storage.googleapis.com content.guides.cri.studentaid.gov data.guides.cri.studentaid.gov cdn.pendo.io pendo-static-6309816517066752.storage.googleapis.com datamma.guides.cri.studentaid.gov contentmma.guides.cri.studentaid.gov api.feedback.us.pendo.io data.pendo.io *.hotjar.com:* *.hotjar.io wss://*.hotjar.com maxcdn.bootstrapcdn.com cdn.cookielaw.org assets.adobedtm.com stats.g.doubleclick.net data: 'self'; script-src 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com tiqcdn.com tealiumiq.com tealium.com https://www.cri.studentaid.gov https://ajax.googleapis.com https://www.google-analytics.com https://ssl.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://content.guides.cri.studentaid.gov/agent/static/f7570055-633e-4ee9-7881-784aeea304cb/pendo.js app.pendo.io pendo-io-static.storage.googleapis.com content.guides.cri.studentaid.gov data.guides.cri.studentaid.gov cdn.pendo.io pendo-static-6309816517066752.storage.googleapis.com contentmma.guides.cri.studentaid.gov data.pendo.io *.hotjar.com:* *.hotjar.io wss://*.hotjar.com maxcdn.bootstrapcdn.com cdn.cookielaw.org assets.adobedtm.com stats.g.doubleclick.net data: 'self'; font-src https://fonts.googleapis.com https://fonts.gstatic.com app.pendo.io use.fontawesome.com script.hotjar.com data: 'self'; img-src https://cdn.cookielaw.org https://www.cri.studentaid.gov https://ajax.googleapis.com https://cri.studentaid.gov/content-images/favicon.ico https://cri.studentaid.gov/content-images/ *.cri.studentaid.gov *.cri.nulsc.net *.akstat.io c.go-mpulse.net s.go-mpulse.net s2.go-mpulse.net trial-eum-clientnsv4-s.akamaihd.net https://www.cri.studentaid.gov https://datamma.guides.cri.studentaid.gov/ https://www.google-analytics.com www.googletagmanager.com www.gstatic.com ssl.gstatic.com script.hotjar.com data: 'self' content.guides.cri.studentaid.gov data.guides.cri.studentaid.gov cdn.pendo.io app.pendo.io pendo-static-6309816517066752.storage.googleapis.com data.pendo.io; child-src app.pendo.io *.cri.studentaid.gov *.cri.nulsc.net *.akstat.io c.go-mpulse.net s.go-mpulse.net s2.go-mpulse.net trial-eum-clientnsv4-s.akamaihd.net blob: 'self' data: 'self'; worker-src *.cri.studentaid.gov *.cri.nulsc.net *.akstat.io c.go-mpulse.net s.go-mpulse.net s2.go-mpulse.net trial-eum-clientnsv4-s.akamaihd.net data: 'self' blob: 'self'; frame-src *.cri.studentaid.gov *.akstat.io c.go-mpulse.net s.go-mpulse.net s2.go-mpulse.net trial-eum-clientnsv4-s.akamaihd.net app.pendo.io 'self'; frame-ancestors 'self' app.pendo.io https://datamma.guides.cri.studentaid.gov; form-action 'self' https://auth.cri.studentaid.gov https://mmaapi.cri.studentaid.gov https://mmaapi1.cri.studentaid.gov https://mmaapi2.cri.studentaid.gov https://cri.studentaid.gov https://dark.cri.studentaid.gov; X-XSS-Protection: 1; mode=block Feature-Policy: accelerometer 'none'; camera 'self'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'self'; payment 'none'; usb 'none' Permissions-Policy: accelerometer=(), camera=(self), geolocation=(self), gyroscope=(), magnetometer=(), microphone=(self), payment=(), usb=() Referrer-Policy: strict-origin-when-cross-origin Content-Length: 0 Expires: Fri, 23 Jan 2026 18:11:25 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Fri, 23 Jan 2026 18:11:25 GMT Connection: close Server-Timing: cdn-cache; desc=MISS Server-Timing: edge; dur=106 Server-Timing: origin; dur=82 Strict-Transport-Security: max-age=86400 Set-Cookie: akaalb_auth_cri=~op=auth_cri_studentaid_gov_lbm:auth_cri_dc1|~rv=71~m=auth_cri_dc1:0|~os=1d83e77c4541edbcb6dc805acc533558~id=db9d230a081af844f4fe9478ccfb89fd; path=/; HttpOnly; Secure; SameSite=None Server-Timing: ak_p; desc="1769191885524_388276239_821366743_18839_12180_101_107_-";dur=1
Found 2026-01-23 by HttpPluginCreate report
-
Open service 2a02:26f0:3500:14::1724:a249:80 · auth.cri.studentaid.gov
2026-01-23 18:11
HTTP/1.1 301 Moved Permanently Server: AkamaiGHost Content-Length: 0 Location: https://auth.cri.studentaid.gov/ Expires: Fri, 23 Jan 2026 18:11:46 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Fri, 23 Jan 2026 18:11:46 GMT Connection: close Server-Timing: cdn-cache; desc=HIT Server-Timing: edge; dur=1 Set-Cookie: akaalb_auth_cri=~op=~rv=57~m=~os=~id=d5b458172975f3f4d48db353ba1a64f9; path=/; HttpOnly Server-Timing: ak_p; desc="1769191906229_388276233_391467739_13_12380_0_0_-";dur=1
Found 2026-01-23 by HttpPluginCreate report
-
Open service 2.16.204.71:443 · auth.cri.studentaid.gov
2026-01-23 18:11
HTTP/1.1 404 Not Found X-Frame-Options: deny X-Content-Type-Options: nosniff Content-Security-Policy: style-src 'unsafe-inline' https://fonts.googleapis.com 'self' app.pendo.io https://ajax.googleapis.com/ajax/libs/jqueryui/1.13.2/themes/smoothness/jquery-ui.css content.guides.cri.studentaid.gov data.guides.cri.studentaid.gov cdn.pendo.io pendo-static-6309816517066752.storage.googleapis.com contentmma.guides.cri.studentaid.gov; default-src *.cri.studentaid.gov *.cri.nulsc.net *.akstat.io c.go-mpulse.net s.go-mpulse.net s2.go-mpulse.net trial-eum-clientnsv4-s.akamaihd.net https://ajax.googleapis.com/ https://ajax.googleapis.com/ajax/libs/jqueryui/1.13.2/themes/smoothness/jquery-ui.css https://www.nelnetmarketing.com https://www.cri.studentaid.gov fonts.googleapis.com https://ajax.googleapis.com https://www.google-analytics.com https://ssl.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://content.guides.cri.studentaid.gov/agent/static/f7570055-633e-4ee9-7881-784aeea304cb/pendo.js app.pendo.io pendo-io-static.storage.googleapis.com content.guides.cri.studentaid.gov data.guides.cri.studentaid.gov cdn.pendo.io pendo-static-6309816517066752.storage.googleapis.com datamma.guides.cri.studentaid.gov contentmma.guides.cri.studentaid.gov api.feedback.us.pendo.io data.pendo.io *.hotjar.com:* *.hotjar.io wss://*.hotjar.com maxcdn.bootstrapcdn.com cdn.cookielaw.org assets.adobedtm.com stats.g.doubleclick.net data: 'self'; script-src 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com tiqcdn.com tealiumiq.com tealium.com https://www.cri.studentaid.gov https://ajax.googleapis.com https://www.google-analytics.com https://ssl.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://content.guides.cri.studentaid.gov/agent/static/f7570055-633e-4ee9-7881-784aeea304cb/pendo.js app.pendo.io pendo-io-static.storage.googleapis.com content.guides.cri.studentaid.gov data.guides.cri.studentaid.gov cdn.pendo.io pendo-static-6309816517066752.storage.googleapis.com contentmma.guides.cri.studentaid.gov data.pendo.io *.hotjar.com:* *.hotjar.io wss://*.hotjar.com maxcdn.bootstrapcdn.com cdn.cookielaw.org assets.adobedtm.com stats.g.doubleclick.net data: 'self'; font-src https://fonts.googleapis.com https://fonts.gstatic.com app.pendo.io use.fontawesome.com script.hotjar.com data: 'self'; img-src https://cdn.cookielaw.org https://www.cri.studentaid.gov https://ajax.googleapis.com https://cri.studentaid.gov/content-images/favicon.ico https://cri.studentaid.gov/content-images/ *.cri.studentaid.gov *.cri.nulsc.net *.akstat.io c.go-mpulse.net s.go-mpulse.net s2.go-mpulse.net trial-eum-clientnsv4-s.akamaihd.net https://www.cri.studentaid.gov https://datamma.guides.cri.studentaid.gov/ https://www.google-analytics.com www.googletagmanager.com www.gstatic.com ssl.gstatic.com script.hotjar.com data: 'self' content.guides.cri.studentaid.gov data.guides.cri.studentaid.gov cdn.pendo.io app.pendo.io pendo-static-6309816517066752.storage.googleapis.com data.pendo.io; child-src app.pendo.io *.cri.studentaid.gov *.cri.nulsc.net *.akstat.io c.go-mpulse.net s.go-mpulse.net s2.go-mpulse.net trial-eum-clientnsv4-s.akamaihd.net blob: 'self' data: 'self'; worker-src *.cri.studentaid.gov *.cri.nulsc.net *.akstat.io c.go-mpulse.net s.go-mpulse.net s2.go-mpulse.net trial-eum-clientnsv4-s.akamaihd.net data: 'self' blob: 'self'; frame-src *.cri.studentaid.gov *.akstat.io c.go-mpulse.net s.go-mpulse.net s2.go-mpulse.net trial-eum-clientnsv4-s.akamaihd.net app.pendo.io 'self'; frame-ancestors 'self' app.pendo.io https://datamma.guides.cri.studentaid.gov; form-action 'self' https://auth.cri.studentaid.gov https://mmaapi.cri.studentaid.gov https://mmaapi1.cri.studentaid.gov https://mmaapi2.cri.studentaid.gov https://cri.studentaid.gov https://dark.cri.studentaid.gov; X-XSS-Protection: 1; mode=block Feature-Policy: accelerometer 'none'; camera 'self'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'self'; payment 'none'; usb 'none' Permissions-Policy: accelerometer=(), camera=(self), geolocation=(self), gyroscope=(), magnetometer=(), microphone=(self), payment=(), usb=() Referrer-Policy: strict-origin-when-cross-origin Content-Length: 0 Expires: Fri, 23 Jan 2026 18:11:25 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Fri, 23 Jan 2026 18:11:25 GMT Connection: close Server-Timing: cdn-cache; desc=MISS Server-Timing: edge; dur=91 Server-Timing: origin; dur=246 Strict-Transport-Security: max-age=86400 Set-Cookie: akaalb_auth_cri=~op=auth_cri_studentaid_gov_lbm:auth_cri_dc1|~rv=84~m=auth_cri_dc1:0|~os=1d83e77c4541edbcb6dc805acc533558~id=7229ed93ca903cfe0c842649c42b655e; path=/; HttpOnly; Secure; SameSite=None Server-Timing: ak_p; desc="1769191884784_34610513_916479957_33696_11239_12_14_-";dur=1
Found 2026-01-23 by HttpPluginCreate report
-
Open service 2a02:26f0:3500:14::1724:a24f:80 · auth.cri.studentaid.gov
2026-01-23 18:11
HTTP/1.1 301 Moved Permanently Server: AkamaiGHost Content-Length: 0 Location: https://auth.cri.studentaid.gov/ Expires: Fri, 23 Jan 2026 18:11:46 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Fri, 23 Jan 2026 18:11:46 GMT Connection: close Server-Timing: cdn-cache; desc=HIT Server-Timing: edge; dur=1 Set-Cookie: akaalb_auth_cri=~op=~rv=15~m=~os=~id=ea907c8ba8249e195f4c2b80387ac4f9; path=/; HttpOnly Server-Timing: ak_p; desc="1769191906269_388276239_821411969_12_12256_16_0_-";dur=1
Found 2026-01-23 by HttpPluginCreate report
-
Open service 2.16.204.81:443 · auth.cri.studentaid.gov
2026-01-23 18:11
HTTP/1.1 404 Not Found X-Frame-Options: deny X-Content-Type-Options: nosniff Content-Security-Policy: style-src 'unsafe-inline' https://fonts.googleapis.com 'self' app.pendo.io https://ajax.googleapis.com/ajax/libs/jqueryui/1.13.2/themes/smoothness/jquery-ui.css content.guides.cri.studentaid.gov data.guides.cri.studentaid.gov cdn.pendo.io pendo-static-6309816517066752.storage.googleapis.com contentmma.guides.cri.studentaid.gov; default-src *.cri.studentaid.gov *.cri.nulsc.net *.akstat.io c.go-mpulse.net s.go-mpulse.net s2.go-mpulse.net trial-eum-clientnsv4-s.akamaihd.net https://ajax.googleapis.com/ https://ajax.googleapis.com/ajax/libs/jqueryui/1.13.2/themes/smoothness/jquery-ui.css https://www.nelnetmarketing.com https://www.cri.studentaid.gov fonts.googleapis.com https://ajax.googleapis.com https://www.google-analytics.com https://ssl.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://content.guides.cri.studentaid.gov/agent/static/f7570055-633e-4ee9-7881-784aeea304cb/pendo.js app.pendo.io pendo-io-static.storage.googleapis.com content.guides.cri.studentaid.gov data.guides.cri.studentaid.gov cdn.pendo.io pendo-static-6309816517066752.storage.googleapis.com datamma.guides.cri.studentaid.gov contentmma.guides.cri.studentaid.gov api.feedback.us.pendo.io data.pendo.io *.hotjar.com:* *.hotjar.io wss://*.hotjar.com maxcdn.bootstrapcdn.com cdn.cookielaw.org assets.adobedtm.com stats.g.doubleclick.net data: 'self'; script-src 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com tiqcdn.com tealiumiq.com tealium.com https://www.cri.studentaid.gov https://ajax.googleapis.com https://www.google-analytics.com https://ssl.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://content.guides.cri.studentaid.gov/agent/static/f7570055-633e-4ee9-7881-784aeea304cb/pendo.js app.pendo.io pendo-io-static.storage.googleapis.com content.guides.cri.studentaid.gov data.guides.cri.studentaid.gov cdn.pendo.io pendo-static-6309816517066752.storage.googleapis.com contentmma.guides.cri.studentaid.gov data.pendo.io *.hotjar.com:* *.hotjar.io wss://*.hotjar.com maxcdn.bootstrapcdn.com cdn.cookielaw.org assets.adobedtm.com stats.g.doubleclick.net data: 'self'; font-src https://fonts.googleapis.com https://fonts.gstatic.com app.pendo.io use.fontawesome.com script.hotjar.com data: 'self'; img-src https://cdn.cookielaw.org https://www.cri.studentaid.gov https://ajax.googleapis.com https://cri.studentaid.gov/content-images/favicon.ico https://cri.studentaid.gov/content-images/ *.cri.studentaid.gov *.cri.nulsc.net *.akstat.io c.go-mpulse.net s.go-mpulse.net s2.go-mpulse.net trial-eum-clientnsv4-s.akamaihd.net https://www.cri.studentaid.gov https://datamma.guides.cri.studentaid.gov/ https://www.google-analytics.com www.googletagmanager.com www.gstatic.com ssl.gstatic.com script.hotjar.com data: 'self' content.guides.cri.studentaid.gov data.guides.cri.studentaid.gov cdn.pendo.io app.pendo.io pendo-static-6309816517066752.storage.googleapis.com data.pendo.io; child-src app.pendo.io *.cri.studentaid.gov *.cri.nulsc.net *.akstat.io c.go-mpulse.net s.go-mpulse.net s2.go-mpulse.net trial-eum-clientnsv4-s.akamaihd.net blob: 'self' data: 'self'; worker-src *.cri.studentaid.gov *.cri.nulsc.net *.akstat.io c.go-mpulse.net s.go-mpulse.net s2.go-mpulse.net trial-eum-clientnsv4-s.akamaihd.net data: 'self' blob: 'self'; frame-src *.cri.studentaid.gov *.akstat.io c.go-mpulse.net s.go-mpulse.net s2.go-mpulse.net trial-eum-clientnsv4-s.akamaihd.net app.pendo.io 'self'; frame-ancestors 'self' app.pendo.io https://datamma.guides.cri.studentaid.gov; form-action 'self' https://auth.cri.studentaid.gov https://mmaapi.cri.studentaid.gov https://mmaapi1.cri.studentaid.gov https://mmaapi2.cri.studentaid.gov https://cri.studentaid.gov https://dark.cri.studentaid.gov; X-XSS-Protection: 1; mode=block Feature-Policy: accelerometer 'none'; camera 'self'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'self'; payment 'none'; usb 'none' Permissions-Policy: accelerometer=(), camera=(self), geolocation=(self), gyroscope=(), magnetometer=(), microphone=(self), payment=(), usb=() Referrer-Policy: strict-origin-when-cross-origin Content-Length: 0 Expires: Fri, 23 Jan 2026 18:11:25 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Fri, 23 Jan 2026 18:11:25 GMT Connection: close Server-Timing: cdn-cache; desc=MISS Server-Timing: edge; dur=92 Server-Timing: origin; dur=201 Strict-Transport-Security: max-age=86400 Set-Cookie: akaalb_auth_cri=~op=auth_cri_studentaid_gov_lbm:auth_cri_dc1|~rv=91~m=auth_cri_dc1:0|~os=1d83e77c4541edbcb6dc805acc533558~id=e1594f66afcdc3b8b01dd1fee9e2372b; path=/; HttpOnly; Secure; SameSite=None Server-Timing: ak_p; desc="1769191884771_34610513_916479937_29331_10880_8_11_-";dur=1
Found 2026-01-23 by HttpPluginCreate report
-
Open service 2.16.204.81:80 · auth.cri.studentaid.gov
2026-01-23 18:11
HTTP/1.1 301 Moved Permanently Server: AkamaiGHost Content-Length: 0 Location: https://auth.cri.studentaid.gov/ Expires: Fri, 23 Jan 2026 18:11:46 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Fri, 23 Jan 2026 18:11:46 GMT Connection: close Server-Timing: cdn-cache; desc=HIT Server-Timing: edge; dur=1 Set-Cookie: akaalb_auth_cri=~op=~rv=56~m=~os=~id=7079c60a581070b0e1a6503f593f3d2c; path=/; HttpOnly Server-Timing: ak_p; desc="1769191906222_34610513_916502361_11_9397_9_0_-";dur=1
Found 2026-01-23 by HttpPluginCreate report
-
Open service 2.16.204.71:80 · auth.cri.studentaid.gov
2026-01-23 18:11
HTTP/1.1 301 Moved Permanently Server: AkamaiGHost Content-Length: 0 Location: https://auth.cri.studentaid.gov/ Expires: Fri, 23 Jan 2026 18:11:46 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Fri, 23 Jan 2026 18:11:46 GMT Connection: close Server-Timing: cdn-cache; desc=HIT Server-Timing: edge; dur=1 Set-Cookie: akaalb_auth_cri=~op=~rv=35~m=~os=~id=ca8a12817b6d03536675e1bcdd2fd0ab; path=/; HttpOnly Server-Timing: ak_p; desc="1769191906224_34610503_1442835023_11_9845_8_0_-";dur=1
Found 2026-01-23 by HttpPluginCreate report
-
Open service 2a02:26f0:3500:14::1724:a249:443 · auth.cri.studentaid.gov
2026-01-23 18:11
HTTP/1.1 404 Not Found X-Frame-Options: deny X-Content-Type-Options: nosniff Content-Security-Policy: style-src 'unsafe-inline' https://fonts.googleapis.com 'self' app.pendo.io https://ajax.googleapis.com/ajax/libs/jqueryui/1.13.2/themes/smoothness/jquery-ui.css content.guides.cri.studentaid.gov data.guides.cri.studentaid.gov cdn.pendo.io pendo-static-6309816517066752.storage.googleapis.com contentmma.guides.cri.studentaid.gov; default-src *.cri.studentaid.gov *.cri.nulsc.net *.akstat.io c.go-mpulse.net s.go-mpulse.net s2.go-mpulse.net trial-eum-clientnsv4-s.akamaihd.net https://ajax.googleapis.com/ https://ajax.googleapis.com/ajax/libs/jqueryui/1.13.2/themes/smoothness/jquery-ui.css https://www.nelnetmarketing.com https://www.cri.studentaid.gov fonts.googleapis.com https://ajax.googleapis.com https://www.google-analytics.com https://ssl.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://content.guides.cri.studentaid.gov/agent/static/f7570055-633e-4ee9-7881-784aeea304cb/pendo.js app.pendo.io pendo-io-static.storage.googleapis.com content.guides.cri.studentaid.gov data.guides.cri.studentaid.gov cdn.pendo.io pendo-static-6309816517066752.storage.googleapis.com datamma.guides.cri.studentaid.gov contentmma.guides.cri.studentaid.gov api.feedback.us.pendo.io data.pendo.io *.hotjar.com:* *.hotjar.io wss://*.hotjar.com maxcdn.bootstrapcdn.com cdn.cookielaw.org assets.adobedtm.com stats.g.doubleclick.net data: 'self'; script-src 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com tiqcdn.com tealiumiq.com tealium.com https://www.cri.studentaid.gov https://ajax.googleapis.com https://www.google-analytics.com https://ssl.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://content.guides.cri.studentaid.gov/agent/static/f7570055-633e-4ee9-7881-784aeea304cb/pendo.js app.pendo.io pendo-io-static.storage.googleapis.com content.guides.cri.studentaid.gov data.guides.cri.studentaid.gov cdn.pendo.io pendo-static-6309816517066752.storage.googleapis.com contentmma.guides.cri.studentaid.gov data.pendo.io *.hotjar.com:* *.hotjar.io wss://*.hotjar.com maxcdn.bootstrapcdn.com cdn.cookielaw.org assets.adobedtm.com stats.g.doubleclick.net data: 'self'; font-src https://fonts.googleapis.com https://fonts.gstatic.com app.pendo.io use.fontawesome.com script.hotjar.com data: 'self'; img-src https://cdn.cookielaw.org https://www.cri.studentaid.gov https://ajax.googleapis.com https://cri.studentaid.gov/content-images/favicon.ico https://cri.studentaid.gov/content-images/ *.cri.studentaid.gov *.cri.nulsc.net *.akstat.io c.go-mpulse.net s.go-mpulse.net s2.go-mpulse.net trial-eum-clientnsv4-s.akamaihd.net https://www.cri.studentaid.gov https://datamma.guides.cri.studentaid.gov/ https://www.google-analytics.com www.googletagmanager.com www.gstatic.com ssl.gstatic.com script.hotjar.com data: 'self' content.guides.cri.studentaid.gov data.guides.cri.studentaid.gov cdn.pendo.io app.pendo.io pendo-static-6309816517066752.storage.googleapis.com data.pendo.io; child-src app.pendo.io *.cri.studentaid.gov *.cri.nulsc.net *.akstat.io c.go-mpulse.net s.go-mpulse.net s2.go-mpulse.net trial-eum-clientnsv4-s.akamaihd.net blob: 'self' data: 'self'; worker-src *.cri.studentaid.gov *.cri.nulsc.net *.akstat.io c.go-mpulse.net s.go-mpulse.net s2.go-mpulse.net trial-eum-clientnsv4-s.akamaihd.net data: 'self' blob: 'self'; frame-src *.cri.studentaid.gov *.akstat.io c.go-mpulse.net s.go-mpulse.net s2.go-mpulse.net trial-eum-clientnsv4-s.akamaihd.net app.pendo.io 'self'; frame-ancestors 'self' app.pendo.io https://datamma.guides.cri.studentaid.gov; form-action 'self' https://auth.cri.studentaid.gov https://mmaapi.cri.studentaid.gov https://mmaapi1.cri.studentaid.gov https://mmaapi2.cri.studentaid.gov https://cri.studentaid.gov https://dark.cri.studentaid.gov; X-XSS-Protection: 1; mode=block Feature-Policy: accelerometer 'none'; camera 'self'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'self'; payment 'none'; usb 'none' Permissions-Policy: accelerometer=(), camera=(self), geolocation=(self), gyroscope=(), magnetometer=(), microphone=(self), payment=(), usb=() Referrer-Policy: strict-origin-when-cross-origin Content-Length: 0 Expires: Fri, 23 Jan 2026 18:11:25 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Fri, 23 Jan 2026 18:11:25 GMT Connection: close Server-Timing: cdn-cache; desc=MISS Server-Timing: edge; dur=98 Server-Timing: origin; dur=198 Strict-Transport-Security: max-age=86400 Set-Cookie: akaalb_auth_cri=~op=auth_cri_studentaid_gov_lbm:auth_cri_dc1|~rv=96~m=auth_cri_dc1:0|~os=1d83e77c4541edbcb6dc805acc533558~id=8f0282a7a7fecaac432c630577fd0b86; path=/; HttpOnly; Secure; SameSite=None Server-Timing: ak_p; desc="1769191884762_388276239_821365053_29586_45070_83_85_-";dur=1
Found 2026-01-23 by HttpPluginCreate report
-
Open service 2a02:26f0:3500:14::1724:a249:80 · mmaapi.cri.studentaid.gov
2026-01-23 18:11
HTTP/1.1 301 Moved Permanently Server: AkamaiGHost Content-Length: 0 Location: https://mmaapi.cri.studentaid.gov/ Expires: Fri, 23 Jan 2026 18:11:46 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Fri, 23 Jan 2026 18:11:46 GMT Connection: close Server-Timing: cdn-cache; desc=HIT Server-Timing: edge; dur=1 Set-Cookie: akaalb_mmaapi_cri=~op=~rv=56~m=~os=~id=7079c60a581070b0e1a6503f593f3d2c; path=/; HttpOnly Server-Timing: ak_p; desc="1769191906864_388276233_391469126_11_10759_149_0_-";dur=1
Found 2026-01-23 by HttpPluginCreate report
-
Open service 2.16.204.81:443 · cri.studentaid.gov
2026-01-23 18:11
HTTP/1.1 200 OK Content-Type: text/html Last-Modified: Tue, 13 Jan 2026 23:31:23 GMT Accept-Ranges: bytes ETag: "5f2f8fbae484dc1:0" X-XSS-Protection: 1; mode=block Content-Security-Policy: frame-ancestors 'self' app.pendo.io https://datamma.guides.nelnet.com *.home-c73.niceincontact.com home-c73.niceincontact.com:* X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Expect-CT: max-age=0,report-uri= "" Feature-Policy: accelerometer 'none'; camera 'self'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'self'; payment 'none'; usb 'none' Permissions-Policy: accelerometer=(), camera=(self), geolocation=(self), gyroscope=(), magnetometer=(), microphone=(self), payment=(), usb=() Referrer-Policy: strict-origin-when-cross-origin X-Akamai-Transformed: 9 38417 0 pmb=mRUM,1 Expires: Fri, 23 Jan 2026 18:11:25 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Fri, 23 Jan 2026 18:11:25 GMT Transfer-Encoding: chunked Connection: close Connection: Transfer-Encoding Server-Timing: cdn-cache; desc=MISS Server-Timing: edge; dur=228 Server-Timing: origin; dur=84 Strict-Transport-Security: max-age=86400 Set-Cookie: akaalb_cri_alb=~op=cri_studentaid_gov_lbm:cri_cri_dc1|~rv=57~m=cri_cri_dc1:0|~os=1d83e77c4541edbcb6dc805acc533558~id=2621c6099c90eb7af6e5bebd2eb4fcec; path=/; HttpOnly; Secure; SameSite=None Server-Timing: ak_p; desc="1769191885222_34610513_916480629_31160_139114_166_169_-";dur=1
Found 2026-01-23 by HttpPluginCreate report
-
Open service 2.16.204.81:80 · cri.studentaid.gov
2026-01-23 18:11
HTTP/1.1 301 Moved Permanently Server: AkamaiGHost Content-Length: 0 Location: https://cri.studentaid.gov/ Expires: Fri, 23 Jan 2026 18:11:46 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Fri, 23 Jan 2026 18:11:46 GMT Connection: close Server-Timing: cdn-cache; desc=HIT Server-Timing: edge; dur=1 Set-Cookie: akaalb_cri_alb=~op=~rv=62~m=~os=~id=393472a11483ef966bcb99e4dbb0b02d; path=/; HttpOnly Server-Timing: ak_p; desc="1769191906818_34610513_916503053_12_9938_144_0_-";dur=1
Found 2026-01-23 by HttpPluginCreate report
-
Open service 2a02:26f0:3500:14::1724:a249:80 · cri.studentaid.gov
2026-01-23 18:11
HTTP/1.1 301 Moved Permanently Server: AkamaiGHost Content-Length: 0 Location: https://cri.studentaid.gov/ Expires: Fri, 23 Jan 2026 18:11:46 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Fri, 23 Jan 2026 18:11:46 GMT Connection: close Server-Timing: cdn-cache; desc=HIT Server-Timing: edge; dur=1 Set-Cookie: akaalb_cri_alb=~op=~rv=79~m=~os=~id=0bc908c53c4281225169b2600103ad79; path=/; HttpOnly Server-Timing: ak_p; desc="1769191906447_388276233_391468193_14_11761_83_0_-";dur=1
Found 2026-01-23 by HttpPluginCreate report
-
Open service 2.16.204.81:443 · mmaapi.cri.studentaid.gov
2026-01-23 18:11
HTTP/1.1 404 Not Found Access-Control-Allow-Methods: POST, PUT, GET, OPTIONS, DELETE Access-Control-Max-Age: 7200 X-Frame-Options: deny X-Content-Type-Options: nosniff Content-Security-Policy: default-src 'unsafe-inline' https://cri.studentaid.gov https://dark.cri.studentaid.gov *.cri.studentaid.gov *.nelnet.com *.cri.nulsc.net https://www.nelnetmarketing.com https://www.nelnet.com fonts.googleapis.com https://ajax.googleapis.com https://www.google-analytics.com https://ssl.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://content.guides.cri.studentaid.gov/agent/static/f7570055-633e-4ee9-7881-784aeea304cb/pendo.js app.pendo.io pendo-io-static.storage.googleapis.com content.guides.cri.studentaid.gov cdn.pendo.io pendo-static-6309816517066752.storage.googleapis.com datamma.guides.nelnet.com api.feedback.us.pendo.io data.pendo.io *.hotjar.com:* *.hotjar.io wss://*.hotjar.com maxcdn.bootstrapcdn.com cdn.cookielaw.org assets.adobedtm.com stats.g.doubleclick.net data: 'self'; script-src 'unsafe-inline' 'unsafe-eval' https://www.nelnetmarketing.com https://www.cri.studentaid.gov https://ajax.googleapis.com https://www.google-analytics.com https://ssl.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://content.guides.cri.studentaid.gov/agent/static/f7570055-633e-4ee9-7881-784aeea304cb/pendo.js app.pendo.io pendo-io-static.storage.googleapis.com content.guides.cri.studentaid.gov cdn.pendo.io pendo-static-6309816517066752.storage.googleapis.com contentmma.guides.nelnet.com data.pendo.io *.hotjar.com:* *.hotjar.io wss://*.hotjar.com maxcdn.bootstrapcdn.com cdn.cookielaw.org assets.adobedtm.com stats.g.doubleclick.net data: 'self'; font-src https://fonts.googleapis.com https://fonts.gstatic.com app.pendo.io use.fontawesome.com script.hotjar.com data: 'self'; img-src nelv3.112.2o7.net *.nelnet.com https://datamma.guides.nelnet.com/ https://www.google-analytics.com www.googletagmanager.com www.gstatic.com ssl.gstatic.com script.hotjar.com data: 'self' content.guides.cri.studentaid.gov cdn.pendo.io app.pendo.io pendo-static-6309816517066752.storage.googleapis.com data.pendo.io; child-src app.pendo.io *.nelnet.net *.nelnet.com blob: 'self' data: 'self'; worker-src *.nelnet.net *.nelnet.com data: 'self' blob: 'self'; frame-src *.nelnet.net *.nelnet.com app.pendo.io 'self'; X-XSS-Protection: 1; mode=block Feature-Policy: accelerometer 'none'; camera 'self'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'self'; payment 'none'; usb 'none' Permissions-Policy: accelerometer=(), camera=(self), geolocation=(self), gyroscope=(), magnetometer=(), microphone=(self), payment=(), usb=() Referrer-Policy: strict-origin-when-cross-origin Content-Length: 0 Expires: Fri, 23 Jan 2026 18:11:25 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Fri, 23 Jan 2026 18:11:25 GMT Connection: close Server-Timing: cdn-cache; desc=MISS Server-Timing: edge; dur=94 Server-Timing: origin; dur=201 Strict-Transport-Security: max-age=86400 Set-Cookie: akaalb_mmaapi_cri=~op=mmaapi_cri_studentaid_gov_lbm:mmaapi_cri_dc1|~rv=11~m=mmaapi_cri_dc1:0|~os=1d83e77c4541edbcb6dc805acc533558~id=6199cfb85efaa775bf5a1484fa74fa3c; path=/; HttpOnly; Secure; SameSite=None Server-Timing: ak_p; desc="1769191884943_34610513_916480346_29536_9704_157_160_-";dur=1
Found 2026-01-23 by HttpPluginCreate report
-
Open service 2a02:26f0:3500:14::1724:a24f:80 · cri.studentaid.gov
2026-01-23 18:11
HTTP/1.1 301 Moved Permanently Server: AkamaiGHost Content-Length: 0 Location: https://cri.studentaid.gov/ Expires: Fri, 23 Jan 2026 18:11:46 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Fri, 23 Jan 2026 18:11:46 GMT Connection: close Server-Timing: cdn-cache; desc=HIT Server-Timing: edge; dur=1 Set-Cookie: akaalb_cri_alb=~op=~rv=23~m=~os=~id=85405efadbf6399b4372bbc0aec6aad0; path=/; HttpOnly Server-Timing: ak_p; desc="1769191906867_388276239_821413223_12_11936_159_0_-";dur=1
Found 2026-01-23 by HttpPluginCreate report
-
Open service 2.16.204.71:443 · cri.studentaid.gov
2026-01-23 18:11
HTTP/1.1 200 OK Content-Type: text/html Last-Modified: Tue, 13 Jan 2026 23:31:23 GMT Accept-Ranges: bytes ETag: "5f2f8fbae484dc1:0" X-XSS-Protection: 1; mode=block Content-Security-Policy: frame-ancestors 'self' app.pendo.io https://datamma.guides.nelnet.com *.home-c73.niceincontact.com home-c73.niceincontact.com:* X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Expect-CT: max-age=0,report-uri= "" Feature-Policy: accelerometer 'none'; camera 'self'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'self'; payment 'none'; usb 'none' Permissions-Policy: accelerometer=(), camera=(self), geolocation=(self), gyroscope=(), magnetometer=(), microphone=(self), payment=(), usb=() Referrer-Policy: strict-origin-when-cross-origin X-Akamai-Transformed: 9 38417 0 pmb=mRUM,1 Expires: Fri, 23 Jan 2026 18:11:25 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Fri, 23 Jan 2026 18:11:25 GMT Transfer-Encoding: chunked Connection: close Connection: Transfer-Encoding Server-Timing: cdn-cache; desc=MISS Server-Timing: edge; dur=139 Server-Timing: origin; dur=83 Strict-Transport-Security: max-age=86400 Set-Cookie: akaalb_cri_alb=~op=cri_studentaid_gov_lbm:cri_cri_dc1|~rv=58~m=cri_cri_dc1:0|~os=1d83e77c4541edbcb6dc805acc533558~id=31342a0755f3682de8def84557dfd40b; path=/; HttpOnly; Secure; SameSite=None Server-Timing: ak_p; desc="1769191885249_34610513_916480656_22258_119940_161_169_-";dur=1
Found 2026-01-23 by HttpPluginCreate report
-
Open service 2.16.204.71:80 · cri.studentaid.gov
2026-01-23 18:11
HTTP/1.1 301 Moved Permanently Server: AkamaiGHost Content-Length: 0 Location: https://cri.studentaid.gov/ Expires: Fri, 23 Jan 2026 18:11:46 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Fri, 23 Jan 2026 18:11:46 GMT Connection: close Server-Timing: cdn-cache; desc=HIT Server-Timing: edge; dur=1 Set-Cookie: akaalb_cri_alb=~op=~rv=84~m=~os=~id=3bf2a1de3316aea6951284d4b6d87b1b; path=/; HttpOnly Server-Timing: ak_p; desc="1769191906917_34610503_1442836313_11_10231_163_0_-";dur=1
Found 2026-01-23 by HttpPluginCreate report
-
Open service 2a02:26f0:3500:14::1724:a24f:443 · mmaapi.cri.studentaid.gov
2026-01-23 18:11
HTTP/1.1 404 Not Found Access-Control-Allow-Methods: POST, PUT, GET, OPTIONS, DELETE Access-Control-Max-Age: 7200 X-Frame-Options: deny X-Content-Type-Options: nosniff Content-Security-Policy: default-src 'unsafe-inline' https://cri.studentaid.gov https://dark.cri.studentaid.gov *.cri.studentaid.gov *.nelnet.com *.cri.nulsc.net https://www.nelnetmarketing.com https://www.nelnet.com fonts.googleapis.com https://ajax.googleapis.com https://www.google-analytics.com https://ssl.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://content.guides.cri.studentaid.gov/agent/static/f7570055-633e-4ee9-7881-784aeea304cb/pendo.js app.pendo.io pendo-io-static.storage.googleapis.com content.guides.cri.studentaid.gov cdn.pendo.io pendo-static-6309816517066752.storage.googleapis.com datamma.guides.nelnet.com api.feedback.us.pendo.io data.pendo.io *.hotjar.com:* *.hotjar.io wss://*.hotjar.com maxcdn.bootstrapcdn.com cdn.cookielaw.org assets.adobedtm.com stats.g.doubleclick.net data: 'self'; script-src 'unsafe-inline' 'unsafe-eval' https://www.nelnetmarketing.com https://www.cri.studentaid.gov https://ajax.googleapis.com https://www.google-analytics.com https://ssl.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://content.guides.cri.studentaid.gov/agent/static/f7570055-633e-4ee9-7881-784aeea304cb/pendo.js app.pendo.io pendo-io-static.storage.googleapis.com content.guides.cri.studentaid.gov cdn.pendo.io pendo-static-6309816517066752.storage.googleapis.com contentmma.guides.nelnet.com data.pendo.io *.hotjar.com:* *.hotjar.io wss://*.hotjar.com maxcdn.bootstrapcdn.com cdn.cookielaw.org assets.adobedtm.com stats.g.doubleclick.net data: 'self'; font-src https://fonts.googleapis.com https://fonts.gstatic.com app.pendo.io use.fontawesome.com script.hotjar.com data: 'self'; img-src nelv3.112.2o7.net *.nelnet.com https://datamma.guides.nelnet.com/ https://www.google-analytics.com www.googletagmanager.com www.gstatic.com ssl.gstatic.com script.hotjar.com data: 'self' content.guides.cri.studentaid.gov cdn.pendo.io app.pendo.io pendo-static-6309816517066752.storage.googleapis.com data.pendo.io; child-src app.pendo.io *.nelnet.net *.nelnet.com blob: 'self' data: 'self'; worker-src *.nelnet.net *.nelnet.com data: 'self' blob: 'self'; frame-src *.nelnet.net *.nelnet.com app.pendo.io 'self'; X-XSS-Protection: 1; mode=block Feature-Policy: accelerometer 'none'; camera 'self'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'self'; payment 'none'; usb 'none' Permissions-Policy: accelerometer=(), camera=(self), geolocation=(self), gyroscope=(), magnetometer=(), microphone=(self), payment=(), usb=() Referrer-Policy: strict-origin-when-cross-origin Content-Length: 0 Expires: Fri, 23 Jan 2026 18:11:24 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Fri, 23 Jan 2026 18:11:24 GMT Connection: close Server-Timing: cdn-cache; desc=MISS Server-Timing: edge; dur=99 Server-Timing: origin; dur=83 Strict-Transport-Security: max-age=86400 Set-Cookie: akaalb_mmaapi_cri=~op=mmaapi_cri_studentaid_gov_lbm:mmaapi_cri_dc1|~rv=89~m=mmaapi_cri_dc1:0|~os=1d83e77c4541edbcb6dc805acc533558~id=e648c3521a9091a7843db59445d19cc7; path=/; HttpOnly; Secure; SameSite=None Server-Timing: ak_p; desc="1769191884675_388276233_391422792_18178_12569_83_96_-";dur=1
Found 2026-01-23 by HttpPluginCreate report
-
Open service 2.16.204.81:80 · mmaapi.cri.studentaid.gov
2026-01-23 18:11
HTTP/1.1 301 Moved Permanently Server: AkamaiGHost Content-Length: 0 Location: https://mmaapi.cri.studentaid.gov/ Expires: Fri, 23 Jan 2026 18:11:46 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Fri, 23 Jan 2026 18:11:46 GMT Connection: close Server-Timing: cdn-cache; desc=HIT Server-Timing: edge; dur=1 Set-Cookie: akaalb_mmaapi_cri=~op=~rv=40~m=~os=~id=2caaf1fea845aa6557e4269b2e98f1f6; path=/; HttpOnly Server-Timing: ak_p; desc="1769191906467_34610513_916502646_14_8507_97_0_-";dur=1
Found 2026-01-23 by HttpPluginCreate report
-
Open service 2.16.204.71:80 · mmaapi.cri.studentaid.gov
2026-01-23 18:11
HTTP/1.1 301 Moved Permanently Server: AkamaiGHost Content-Length: 0 Location: https://mmaapi.cri.studentaid.gov/ Expires: Fri, 23 Jan 2026 18:11:46 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Fri, 23 Jan 2026 18:11:46 GMT Connection: close Server-Timing: cdn-cache; desc=HIT Server-Timing: edge; dur=1 Set-Cookie: akaalb_mmaapi_cri=~op=~rv=17~m=~os=~id=04f3a901c7fc6ec48e801fd3f857e2c2; path=/; HttpOnly Server-Timing: ak_p; desc="1769191906469_34610503_1442835460_12_10459_98_0_-";dur=1
Found 2026-01-23 by HttpPluginCreate report
-
Open service 2a02:26f0:3500:14::1724:a249:443 · cri.studentaid.gov
2026-01-23 18:11
HTTP/1.1 200 OK Content-Type: text/html Last-Modified: Tue, 13 Jan 2026 23:31:23 GMT Accept-Ranges: bytes ETag: "5f2f8fbae484dc1:0" X-XSS-Protection: 1; mode=block Content-Security-Policy: frame-ancestors 'self' app.pendo.io https://datamma.guides.nelnet.com *.home-c73.niceincontact.com home-c73.niceincontact.com:* X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Expect-CT: max-age=0,report-uri= "" Feature-Policy: accelerometer 'none'; camera 'self'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'self'; payment 'none'; usb 'none' Permissions-Policy: accelerometer=(), camera=(self), geolocation=(self), gyroscope=(), magnetometer=(), microphone=(self), payment=(), usb=() Referrer-Policy: strict-origin-when-cross-origin X-Akamai-Transformed: 9 38417 0 pmb=mRUM,1 Expires: Fri, 23 Jan 2026 18:11:25 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Fri, 23 Jan 2026 18:11:25 GMT Transfer-Encoding: chunked Connection: close Connection: Transfer-Encoding Server-Timing: cdn-cache; desc=MISS Server-Timing: edge; dur=116 Server-Timing: origin; dur=93 Strict-Transport-Security: max-age=86400 Set-Cookie: akaalb_cri_alb=~op=cri_studentaid_gov_lbm:cri_cri_dc1|~rv=90~m=cri_cri_dc1:0|~os=1d83e77c4541edbcb6dc805acc533558~id=c2e740c605870d54c2c6301dde0335da; path=/; HttpOnly; Secure; SameSite=None Server-Timing: ak_p; desc="1769191884785_388276239_821365101_20902_11500_83_86_-";dur=1
Found 2026-01-23 by HttpPluginCreate report
-
Open service 2a02:26f0:3500:14::1724:a249:80 · nsighthub.cri.studentaid.gov
2026-01-23 18:11
HTTP/1.1 403 Forbidden Server: AkamaiGHost Mime-Version: 1.0 Content-Type: text/html Content-Length: 384 Expires: Fri, 23 Jan 2026 18:11:46 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Fri, 23 Jan 2026 18:11:46 GMT Connection: close Server-Timing: cdn-cache; desc=HIT Server-Timing: edge; dur=1 Set-Cookie: akaalb_nsighthub_cri=~op=~rv=41~m=~os=~id=e475f7670ac404915593acb31d0a7bec; path=/; HttpOnly Server-Timing: ak_p; desc="1769191906367_388276233_391468038_16_8147_85_0_-";dur=1 Page title: Access Denied <HTML><HEAD> <TITLE>Access Denied</TITLE> </HEAD><BODY> <H1>Access Denied</H1> You don't have permission to access "http://nsighthub.cri.studentaid.gov/" on this server.<P> Reference #18.9a02417.1769191906.17555406 <P>https://errors.edgesuite.net/18.9a02417.1769191906.17555406</P> </BODY> </HTML>
Found 2026-01-23 by HttpPluginCreate report
-
Open service 2.16.204.71:80 · nsighthub.cri.studentaid.gov
2026-01-23 18:11
HTTP/1.1 403 Forbidden Server: AkamaiGHost Mime-Version: 1.0 Content-Type: text/html Content-Length: 386 Expires: Fri, 23 Jan 2026 18:11:46 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Fri, 23 Jan 2026 18:11:46 GMT Connection: close Server-Timing: cdn-cache; desc=HIT Server-Timing: edge; dur=1 Set-Cookie: akaalb_nsighthub_cri=~op=~rv=23~m=~os=~id=85405efadbf6399b4372bbc0aec6aad0; path=/; HttpOnly Server-Timing: ak_p; desc="1769191906392_34610503_1442835317_14_6652_83_0_-";dur=1 Page title: Access Denied <HTML><HEAD> <TITLE>Access Denied</TITLE> </HEAD><BODY> <H1>Access Denied</H1> You don't have permission to access "http://nsighthub.cri.studentaid.gov/" on this server.<P> Reference #18.471d1002.1769191906.55ffeb75 <P>https://errors.edgesuite.net/18.471d1002.1769191906.55ffeb75</P> </BODY> </HTML>
Found 2026-01-23 by HttpPluginCreate report
-
Open service 2a02:26f0:3500:14::1724:a24f:443 · nsighthub.cri.studentaid.gov
2026-01-23 18:11
HTTP/1.1 403 Forbidden Server: AkamaiGHost Mime-Version: 1.0 Content-Type: text/html Content-Length: 384 Expires: Fri, 23 Jan 2026 18:11:24 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Fri, 23 Jan 2026 18:11:24 GMT Connection: close Server-Timing: cdn-cache; desc=HIT Server-Timing: edge; dur=1 Strict-Transport-Security: max-age=86400 Set-Cookie: akaalb_nsighthub_cri=~op=nsighthub_cri_studentaid_gov_lbm:nsighthub_cri_dc1|~rv=100~m=nsighthub_cri_dc1:0|~os=1d83e77c4541edbcb6dc805acc533558~id=f06ecee11706290f14a5ecaa01a66af3; path=/; HttpOnly; Secure; SameSite=None Server-Timing: ak_p; desc="1769191884426_388276239_821364315_17_8497_83_86_-";dur=1 Page title: Access Denied <HTML><HEAD> <TITLE>Access Denied</TITLE> </HEAD><BODY> <H1>Access Denied</H1> You don't have permission to access "http://nsighthub.cri.studentaid.gov/" on this server.<P> Reference #18.fa02417.1769191884.30f5065b <P>https://errors.edgesuite.net/18.fa02417.1769191884.30f5065b</P> </BODY> </HTML>
Found 2026-01-23 by HttpPluginCreate report
-
Open service 2a02:26f0:3500:14::1724:a24f:443 · cri.studentaid.gov
2026-01-23 18:11
HTTP/1.1 200 OK Content-Type: text/html Last-Modified: Tue, 13 Jan 2026 23:31:23 GMT Accept-Ranges: bytes ETag: "5f2f8fbae484dc1:0" X-XSS-Protection: 1; mode=block Content-Security-Policy: frame-ancestors 'self' app.pendo.io https://datamma.guides.nelnet.com *.home-c73.niceincontact.com home-c73.niceincontact.com:* X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Expect-CT: max-age=0,report-uri= "" Feature-Policy: accelerometer 'none'; camera 'self'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'self'; payment 'none'; usb 'none' Permissions-Policy: accelerometer=(), camera=(self), geolocation=(self), gyroscope=(), magnetometer=(), microphone=(self), payment=(), usb=() Referrer-Policy: strict-origin-when-cross-origin X-Akamai-Transformed: 9 38417 0 pmb=mRUM,1 Expires: Fri, 23 Jan 2026 18:11:24 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Fri, 23 Jan 2026 18:11:24 GMT Transfer-Encoding: chunked Connection: close Connection: Transfer-Encoding Server-Timing: cdn-cache; desc=MISS Server-Timing: edge; dur=276 Server-Timing: origin; dur=96 Strict-Transport-Security: max-age=86400 Set-Cookie: akaalb_cri_alb=~op=cri_studentaid_gov_lbm:cri_cri_dc1|~rv=87~m=cri_cri_dc1:0|~os=1d83e77c4541edbcb6dc805acc533558~id=6815c6e2f5edb8bb5a2d53243ebc4128; path=/; HttpOnly; Secure; SameSite=None Server-Timing: ak_p; desc="1769191884157_388276239_821363570_37160_12115_0_8_-";dur=1
Found 2026-01-23 by HttpPluginCreate report
-
Open service 2a02:26f0:3500:14::1724:a24f:80 · mmaapi.cri.studentaid.gov
2026-01-23 18:11
HTTP/1.1 301 Moved Permanently Server: AkamaiGHost Content-Length: 0 Location: https://mmaapi.cri.studentaid.gov/ Expires: Fri, 23 Jan 2026 18:11:45 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Fri, 23 Jan 2026 18:11:45 GMT Connection: close Server-Timing: cdn-cache; desc=HIT Server-Timing: edge; dur=1 Set-Cookie: akaalb_mmaapi_cri=~op=~rv=80~m=~os=~id=964d00cfe94a11123b2e86a5a227c5f6; path=/; HttpOnly Server-Timing: ak_p; desc="1769191905798_388276239_821410911_11_9358_1_0_-";dur=1
Found 2026-01-23 by HttpPluginCreate report
-
Open service 2.16.204.71:443 · mmaapi.cri.studentaid.gov
2026-01-23 18:11
HTTP/1.1 404 Not Found Access-Control-Allow-Methods: POST, PUT, GET, OPTIONS, DELETE Access-Control-Max-Age: 7200 X-Frame-Options: deny X-Content-Type-Options: nosniff Content-Security-Policy: default-src 'unsafe-inline' https://cri.studentaid.gov https://dark.cri.studentaid.gov *.cri.studentaid.gov *.nelnet.com *.cri.nulsc.net https://www.nelnetmarketing.com https://www.nelnet.com fonts.googleapis.com https://ajax.googleapis.com https://www.google-analytics.com https://ssl.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://content.guides.cri.studentaid.gov/agent/static/f7570055-633e-4ee9-7881-784aeea304cb/pendo.js app.pendo.io pendo-io-static.storage.googleapis.com content.guides.cri.studentaid.gov cdn.pendo.io pendo-static-6309816517066752.storage.googleapis.com datamma.guides.nelnet.com api.feedback.us.pendo.io data.pendo.io *.hotjar.com:* *.hotjar.io wss://*.hotjar.com maxcdn.bootstrapcdn.com cdn.cookielaw.org assets.adobedtm.com stats.g.doubleclick.net data: 'self'; script-src 'unsafe-inline' 'unsafe-eval' https://www.nelnetmarketing.com https://www.cri.studentaid.gov https://ajax.googleapis.com https://www.google-analytics.com https://ssl.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://content.guides.cri.studentaid.gov/agent/static/f7570055-633e-4ee9-7881-784aeea304cb/pendo.js app.pendo.io pendo-io-static.storage.googleapis.com content.guides.cri.studentaid.gov cdn.pendo.io pendo-static-6309816517066752.storage.googleapis.com contentmma.guides.nelnet.com data.pendo.io *.hotjar.com:* *.hotjar.io wss://*.hotjar.com maxcdn.bootstrapcdn.com cdn.cookielaw.org assets.adobedtm.com stats.g.doubleclick.net data: 'self'; font-src https://fonts.googleapis.com https://fonts.gstatic.com app.pendo.io use.fontawesome.com script.hotjar.com data: 'self'; img-src nelv3.112.2o7.net *.nelnet.com https://datamma.guides.nelnet.com/ https://www.google-analytics.com www.googletagmanager.com www.gstatic.com ssl.gstatic.com script.hotjar.com data: 'self' content.guides.cri.studentaid.gov cdn.pendo.io app.pendo.io pendo-static-6309816517066752.storage.googleapis.com data.pendo.io; child-src app.pendo.io *.nelnet.net *.nelnet.com blob: 'self' data: 'self'; worker-src *.nelnet.net *.nelnet.com data: 'self' blob: 'self'; frame-src *.nelnet.net *.nelnet.com app.pendo.io 'self'; X-XSS-Protection: 1; mode=block Feature-Policy: accelerometer 'none'; camera 'self'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'self'; payment 'none'; usb 'none' Permissions-Policy: accelerometer=(), camera=(self), geolocation=(self), gyroscope=(), magnetometer=(), microphone=(self), payment=(), usb=() Referrer-Policy: strict-origin-when-cross-origin Content-Length: 0 Expires: Fri, 23 Jan 2026 18:11:24 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Fri, 23 Jan 2026 18:11:24 GMT Connection: close Server-Timing: cdn-cache; desc=MISS Server-Timing: edge; dur=91 Server-Timing: origin; dur=84 Strict-Transport-Security: max-age=86400 Set-Cookie: akaalb_mmaapi_cri=~op=mmaapi_cri_studentaid_gov_lbm:mmaapi_cri_dc1|~rv=9~m=mmaapi_cri_dc1:0|~os=1d83e77c4541edbcb6dc805acc533558~id=9db67acb22f040b48b26e0ac7dfa0f93; path=/; HttpOnly; Secure; SameSite=None Server-Timing: ak_p; desc="1769191884525_34610503_1442797365_17484_47072_17_20_-";dur=1
Found 2026-01-23 by HttpPluginCreate report
-
Open service 2a02:26f0:3500:14::1724:a24f:80 · nsighthub.cri.studentaid.gov
2026-01-23 18:11
HTTP/1.1 403 Forbidden Server: AkamaiGHost Mime-Version: 1.0 Content-Type: text/html Content-Length: 384 Expires: Fri, 23 Jan 2026 18:11:45 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Fri, 23 Jan 2026 18:11:45 GMT Connection: close Server-Timing: cdn-cache; desc=HIT Server-Timing: edge; dur=1 Set-Cookie: akaalb_nsighthub_cri=~op=~rv=10~m=~os=~id=b28b1b52f3e491767456f8a492c69323; path=/; HttpOnly Server-Timing: ak_p; desc="1769191905775_388276239_821410862_16_7564_1_0_-";dur=1 Page title: Access Denied <HTML><HEAD> <TITLE>Access Denied</TITLE> </HEAD><BODY> <H1>Access Denied</H1> You don't have permission to access "http://nsighthub.cri.studentaid.gov/" on this server.<P> Reference #18.fa02417.1769191905.30f5bc2e <P>https://errors.edgesuite.net/18.fa02417.1769191905.30f5bc2e</P> </BODY> </HTML>
Found 2026-01-23 by HttpPluginCreate report
-
Open service 2a02:26f0:3500:14::1724:a249:443 · nsighthub.cri.studentaid.gov
2026-01-23 18:11
HTTP/1.1 403 Forbidden Server: AkamaiGHost Mime-Version: 1.0 Content-Type: text/html Content-Length: 384 Expires: Fri, 23 Jan 2026 18:11:23 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Fri, 23 Jan 2026 18:11:23 GMT Connection: close Server-Timing: cdn-cache; desc=HIT Server-Timing: edge; dur=1 Strict-Transport-Security: max-age=86400 Set-Cookie: akaalb_nsighthub_cri=~op=nsighthub_cri_studentaid_gov_lbm:nsighthub_cri_dc1|~rv=97~m=nsighthub_cri_dc1:0|~os=1d83e77c4541edbcb6dc805acc533558~id=b04705bc8605454417c3cbf9590422a3; path=/; HttpOnly; Secure; SameSite=None Server-Timing: ak_p; desc="1769191883932_388276233_391420903_18_8901_0_3_-";dur=1 Page title: Access Denied <HTML><HEAD> <TITLE>Access Denied</TITLE> </HEAD><BODY> <H1>Access Denied</H1> You don't have permission to access "http://nsighthub.cri.studentaid.gov/" on this server.<P> Reference #18.9a02417.1769191883.17549be7 <P>https://errors.edgesuite.net/18.9a02417.1769191883.17549be7</P> </BODY> </HTML>
Found 2026-01-23 by HttpPluginCreate report
-
Open service 2a02:26f0:3500:14::1724:a249:443 · mmaapi.cri.studentaid.gov
2026-01-23 18:11
HTTP/1.1 404 Not Found Access-Control-Allow-Methods: POST, PUT, GET, OPTIONS, DELETE Access-Control-Max-Age: 7200 X-Frame-Options: deny X-Content-Type-Options: nosniff Content-Security-Policy: default-src 'unsafe-inline' https://cri.studentaid.gov https://dark.cri.studentaid.gov *.cri.studentaid.gov *.nelnet.com *.cri.nulsc.net https://www.nelnetmarketing.com https://www.nelnet.com fonts.googleapis.com https://ajax.googleapis.com https://www.google-analytics.com https://ssl.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://content.guides.cri.studentaid.gov/agent/static/f7570055-633e-4ee9-7881-784aeea304cb/pendo.js app.pendo.io pendo-io-static.storage.googleapis.com content.guides.cri.studentaid.gov cdn.pendo.io pendo-static-6309816517066752.storage.googleapis.com datamma.guides.nelnet.com api.feedback.us.pendo.io data.pendo.io *.hotjar.com:* *.hotjar.io wss://*.hotjar.com maxcdn.bootstrapcdn.com cdn.cookielaw.org assets.adobedtm.com stats.g.doubleclick.net data: 'self'; script-src 'unsafe-inline' 'unsafe-eval' https://www.nelnetmarketing.com https://www.cri.studentaid.gov https://ajax.googleapis.com https://www.google-analytics.com https://ssl.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://content.guides.cri.studentaid.gov/agent/static/f7570055-633e-4ee9-7881-784aeea304cb/pendo.js app.pendo.io pendo-io-static.storage.googleapis.com content.guides.cri.studentaid.gov cdn.pendo.io pendo-static-6309816517066752.storage.googleapis.com contentmma.guides.nelnet.com data.pendo.io *.hotjar.com:* *.hotjar.io wss://*.hotjar.com maxcdn.bootstrapcdn.com cdn.cookielaw.org assets.adobedtm.com stats.g.doubleclick.net data: 'self'; font-src https://fonts.googleapis.com https://fonts.gstatic.com app.pendo.io use.fontawesome.com script.hotjar.com data: 'self'; img-src nelv3.112.2o7.net *.nelnet.com https://datamma.guides.nelnet.com/ https://www.google-analytics.com www.googletagmanager.com www.gstatic.com ssl.gstatic.com script.hotjar.com data: 'self' content.guides.cri.studentaid.gov cdn.pendo.io app.pendo.io pendo-static-6309816517066752.storage.googleapis.com data.pendo.io; child-src app.pendo.io *.nelnet.net *.nelnet.com blob: 'self' data: 'self'; worker-src *.nelnet.net *.nelnet.com data: 'self' blob: 'self'; frame-src *.nelnet.net *.nelnet.com app.pendo.io 'self'; X-XSS-Protection: 1; mode=block Feature-Policy: accelerometer 'none'; camera 'self'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'self'; payment 'none'; usb 'none' Permissions-Policy: accelerometer=(), camera=(self), geolocation=(self), gyroscope=(), magnetometer=(), microphone=(self), payment=(), usb=() Referrer-Policy: strict-origin-when-cross-origin Content-Length: 0 Expires: Fri, 23 Jan 2026 18:11:24 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Fri, 23 Jan 2026 18:11:24 GMT Connection: close Server-Timing: cdn-cache; desc=MISS Server-Timing: edge; dur=86 Server-Timing: origin; dur=83 Strict-Transport-Security: max-age=86400 Set-Cookie: akaalb_mmaapi_cri=~op=mmaapi_cri_studentaid_gov_lbm:mmaapi_cri_dc1|~rv=35~m=mmaapi_cri_dc1:0|~os=1d83e77c4541edbcb6dc805acc533558~id=2f5cf5ed996fbe3fd24d658eec967e66; path=/; HttpOnly; Secure; SameSite=None Server-Timing: ak_p; desc="1769191884330_388276239_821363965_16906_10781_16_19_-";dur=1
Found 2026-01-23 by HttpPluginCreate report
-
Open service 2.16.204.81:443 · nsighthub.cri.studentaid.gov
2026-01-23 18:11
HTTP/1.1 403 Forbidden Server: AkamaiGHost Mime-Version: 1.0 Content-Type: text/html Content-Length: 386 Expires: Fri, 23 Jan 2026 18:11:24 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Fri, 23 Jan 2026 18:11:24 GMT Connection: close Server-Timing: cdn-cache; desc=HIT Server-Timing: edge; dur=1 Strict-Transport-Security: max-age=86400 Set-Cookie: akaalb_nsighthub_cri=~op=nsighthub_cri_studentaid_gov_lbm:nsighthub_cri_dc1|~rv=40~m=nsighthub_cri_dc1:0|~os=1d83e77c4541edbcb6dc805acc533558~id=784e4a3162919ef7e2097ef302158202; path=/; HttpOnly; Secure; SameSite=None Server-Timing: ak_p; desc="1769191883989_34610503_1442796561_51_7508_18_20_-";dur=1 Page title: Access Denied <HTML><HEAD> <TITLE>Access Denied</TITLE> </HEAD><BODY> <H1>Access Denied</H1> You don't have permission to access "http://nsighthub.cri.studentaid.gov/" on this server.<P> Reference #18.471d1002.1769191883.55ff5411 <P>https://errors.edgesuite.net/18.471d1002.1769191883.55ff5411</P> </BODY> </HTML>
Found 2026-01-23 by HttpPluginCreate report
-
Open service 2.16.204.71:443 · nsighthub.cri.studentaid.gov
2026-01-23 18:11
HTTP/1.1 403 Forbidden Server: AkamaiGHost Mime-Version: 1.0 Content-Type: text/html Content-Length: 386 Expires: Fri, 23 Jan 2026 18:11:24 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Fri, 23 Jan 2026 18:11:24 GMT Connection: close Server-Timing: cdn-cache; desc=HIT Server-Timing: edge; dur=1 Strict-Transport-Security: max-age=86400 Set-Cookie: akaalb_nsighthub_cri=~op=nsighthub_cri_studentaid_gov_lbm:nsighthub_cri_dc1|~rv=19~m=nsighthub_cri_dc1:0|~os=1d83e77c4541edbcb6dc805acc533558~id=403bba864b557daf0ce28e2d681bcb90; path=/; HttpOnly; Secure; SameSite=None Server-Timing: ak_p; desc="1769191884068_34610513_916479191_15_7457_8_13_-";dur=1 Page title: Access Denied <HTML><HEAD> <TITLE>Access Denied</TITLE> </HEAD><BODY> <H1>Access Denied</H1> You don't have permission to access "http://nsighthub.cri.studentaid.gov/" on this server.<P> Reference #18.511d1002.1769191884.36a05cd7 <P>https://errors.edgesuite.net/18.511d1002.1769191884.36a05cd7</P> </BODY> </HTML>
Found 2026-01-23 by HttpPluginCreate report
-
Open service 2.16.204.81:80 · nsighthub.cri.studentaid.gov
2026-01-23 18:11
HTTP/1.1 403 Forbidden Server: AkamaiGHost Mime-Version: 1.0 Content-Type: text/html Content-Length: 386 Expires: Fri, 23 Jan 2026 18:11:45 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Fri, 23 Jan 2026 18:11:45 GMT Connection: close Server-Timing: cdn-cache; desc=HIT Server-Timing: edge; dur=1 Set-Cookie: akaalb_nsighthub_cri=~op=~rv=39~m=~os=~id=fbc39b734e1baa2b74756416626117c2; path=/; HttpOnly Server-Timing: ak_p; desc="1769191905864_34610513_916501986_14_6492_11_0_-";dur=1 Page title: Access Denied <HTML><HEAD> <TITLE>Access Denied</TITLE> </HEAD><BODY> <H1>Access Denied</H1> You don't have permission to access "http://nsighthub.cri.studentaid.gov/" on this server.<P> Reference #18.511d1002.1769191905.36a0b5e2 <P>https://errors.edgesuite.net/18.511d1002.1769191905.36a0b5e2</P> </BODY> </HTML>
Found 2026-01-23 by HttpPluginCreate report
-
Open service 23.50.131.149:443 · mmaapi.cri.studentaid.gov
2026-01-23 09:57
HTTP/1.1 404 Not Found Access-Control-Allow-Methods: POST, PUT, GET, OPTIONS, DELETE Access-Control-Max-Age: 7200 X-Frame-Options: deny X-Content-Type-Options: nosniff Content-Security-Policy: default-src 'unsafe-inline' https://cri.studentaid.gov https://dark.cri.studentaid.gov *.cri.studentaid.gov *.nelnet.com *.cri.nulsc.net https://www.nelnetmarketing.com https://www.nelnet.com fonts.googleapis.com https://ajax.googleapis.com https://www.google-analytics.com https://ssl.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://content.guides.cri.studentaid.gov/agent/static/f7570055-633e-4ee9-7881-784aeea304cb/pendo.js app.pendo.io pendo-io-static.storage.googleapis.com content.guides.cri.studentaid.gov cdn.pendo.io pendo-static-6309816517066752.storage.googleapis.com datamma.guides.nelnet.com api.feedback.us.pendo.io data.pendo.io *.hotjar.com:* *.hotjar.io wss://*.hotjar.com maxcdn.bootstrapcdn.com cdn.cookielaw.org assets.adobedtm.com stats.g.doubleclick.net data: 'self'; script-src 'unsafe-inline' 'unsafe-eval' https://www.nelnetmarketing.com https://www.cri.studentaid.gov https://ajax.googleapis.com https://www.google-analytics.com https://ssl.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://content.guides.cri.studentaid.gov/agent/static/f7570055-633e-4ee9-7881-784aeea304cb/pendo.js app.pendo.io pendo-io-static.storage.googleapis.com content.guides.cri.studentaid.gov cdn.pendo.io pendo-static-6309816517066752.storage.googleapis.com contentmma.guides.nelnet.com data.pendo.io *.hotjar.com:* *.hotjar.io wss://*.hotjar.com maxcdn.bootstrapcdn.com cdn.cookielaw.org assets.adobedtm.com stats.g.doubleclick.net data: 'self'; font-src https://fonts.googleapis.com https://fonts.gstatic.com app.pendo.io use.fontawesome.com script.hotjar.com data: 'self'; img-src nelv3.112.2o7.net *.nelnet.com https://datamma.guides.nelnet.com/ https://www.google-analytics.com www.googletagmanager.com www.gstatic.com ssl.gstatic.com script.hotjar.com data: 'self' content.guides.cri.studentaid.gov cdn.pendo.io app.pendo.io pendo-static-6309816517066752.storage.googleapis.com data.pendo.io; child-src app.pendo.io *.nelnet.net *.nelnet.com blob: 'self' data: 'self'; worker-src *.nelnet.net *.nelnet.com data: 'self' blob: 'self'; frame-src *.nelnet.net *.nelnet.com app.pendo.io 'self'; X-XSS-Protection: 1; mode=block Feature-Policy: accelerometer 'none'; camera 'self'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'self'; payment 'none'; usb 'none' Permissions-Policy: accelerometer=(), camera=(self), geolocation=(self), gyroscope=(), magnetometer=(), microphone=(self), payment=(), usb=() Referrer-Policy: strict-origin-when-cross-origin Content-Length: 0 Expires: Fri, 23 Jan 2026 09:57:57 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Fri, 23 Jan 2026 09:57:57 GMT Connection: close Server-Timing: cdn-cache; desc=MISS Server-Timing: edge; dur=86 Server-Timing: origin; dur=83 Strict-Transport-Security: max-age=86400 Set-Cookie: akaalb_mmaapi_cri=~op=mmaapi_cri_studentaid_gov_lbm:mmaapi_cri_dc1|~rv=24~m=mmaapi_cri_dc1:0|~os=1d83e77c4541edbcb6dc805acc533558~id=ec0d2dd7ff0cc6771e138f62d6e9caf1; path=/; HttpOnly; Secure; SameSite=None Server-Timing: ak_p; desc="1769162277276_389224213_366080064_16869_8517_0_60_-";dur=1
Found 2026-01-23 by HttpPluginCreate report
-
Open service 23.50.131.149:443 · mmaapi.cri.studentaid.gov
2026-01-09 08:58
HTTP/1.1 404 Not Found Access-Control-Allow-Methods: POST, PUT, GET, OPTIONS, DELETE Access-Control-Max-Age: 7200 X-Frame-Options: deny X-Content-Type-Options: nosniff Content-Security-Policy: default-src 'unsafe-inline' https://cri.studentaid.gov https://dark.cri.studentaid.gov *.cri.studentaid.gov *.cri.nulsc.net *.nelnet.com https://www.nelnetmarketing.com https://www.nelnet.com fonts.googleapis.com https://ajax.googleapis.com https://www.google-analytics.com https://ssl.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://content.guides.cri.studentaid.gov/agent/static/f7570055-633e-4ee9-7881-784aeea304cb/pendo.js app.pendo.io pendo-io-static.storage.googleapis.com content.guides.cri.studentaid.gov cdn.pendo.io pendo-static-6309816517066752.storage.googleapis.com datamma.guides.nelnet.com api.feedback.us.pendo.io data.pendo.io *.hotjar.com:* *.hotjar.io wss://*.hotjar.com maxcdn.bootstrapcdn.com cdn.cookielaw.org assets.adobedtm.com stats.g.doubleclick.net data: 'self'; script-src 'unsafe-inline' 'unsafe-eval' https://www.nelnetmarketing.com https://www.cri.studentaid.gov https://ajax.googleapis.com https://www.google-analytics.com https://ssl.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://content.guides.cri.studentaid.gov/agent/static/f7570055-633e-4ee9-7881-784aeea304cb/pendo.js app.pendo.io pendo-io-static.storage.googleapis.com content.guides.cri.studentaid.gov cdn.pendo.io pendo-static-6309816517066752.storage.googleapis.com contentmma.guides.nelnet.com data.pendo.io *.hotjar.com:* *.hotjar.io wss://*.hotjar.com maxcdn.bootstrapcdn.com cdn.cookielaw.org assets.adobedtm.com stats.g.doubleclick.net data: 'self'; font-src https://fonts.googleapis.com https://fonts.gstatic.com app.pendo.io use.fontawesome.com script.hotjar.com data: 'self'; img-src nelv3.112.2o7.net *.nelnet.com https://datamma.guides.nelnet.com/ https://www.google-analytics.com www.googletagmanager.com www.gstatic.com ssl.gstatic.com script.hotjar.com data: 'self' content.guides.cri.studentaid.gov cdn.pendo.io app.pendo.io pendo-static-6309816517066752.storage.googleapis.com data.pendo.io; child-src app.pendo.io *.nelnet.net *.nelnet.com blob: 'self' data: 'self'; worker-src *.nelnet.net *.nelnet.com data: 'self' blob: 'self'; frame-src *.nelnet.net *.nelnet.com app.pendo.io 'self'; X-XSS-Protection: 1; mode=block Feature-Policy: accelerometer 'none'; camera 'self'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'self'; payment 'none'; usb 'none' Permissions-Policy: accelerometer=(), camera=(self), geolocation=(self), gyroscope=(), magnetometer=(), microphone=(self), payment=(), usb=() Referrer-Policy: strict-origin-when-cross-origin Content-Length: 0 Expires: Fri, 09 Jan 2026 08:58:27 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Fri, 09 Jan 2026 08:58:27 GMT Connection: close Server-Timing: cdn-cache; desc=MISS Server-Timing: edge; dur=87 Server-Timing: origin; dur=202 Strict-Transport-Security: max-age=86400 Set-Cookie: akaalb_mmaapi_cri=~op=mmaapi_cri_studentaid_gov_lbm:mmaapi_cri_dc1|~rv=24~m=mmaapi_cri_dc1:0|~os=1d83e77c4541edbcb6dc805acc533558~id=ec0d2dd7ff0cc6771e138f62d6e9caf1; path=/; HttpOnly; Secure; SameSite=None Server-Timing: ak_p; desc="1767949106878_389224197_800086400_28804_24035_99_107_-";dur=1
Found 2026-01-09 by HttpPluginCreate report
-
Open service 23.50.131.149:443 · mmaapi.cri.studentaid.gov
2026-01-02 13:14
HTTP/1.1 404 Not Found Access-Control-Allow-Methods: POST, PUT, GET, OPTIONS, DELETE Access-Control-Max-Age: 7200 X-Frame-Options: deny X-Content-Type-Options: nosniff Content-Security-Policy: default-src 'unsafe-inline' https://cri.studentaid.gov https://dark.cri.studentaid.gov *.cri.studentaid.gov *.nelnet.com *.cri.nulsc.net https://www.nelnetmarketing.com https://www.nelnet.com fonts.googleapis.com https://ajax.googleapis.com https://www.google-analytics.com https://ssl.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://content.guides.cri.studentaid.gov/agent/static/f7570055-633e-4ee9-7881-784aeea304cb/pendo.js app.pendo.io pendo-io-static.storage.googleapis.com content.guides.cri.studentaid.gov cdn.pendo.io pendo-static-6309816517066752.storage.googleapis.com datamma.guides.nelnet.com api.feedback.us.pendo.io data.pendo.io *.hotjar.com:* *.hotjar.io wss://*.hotjar.com maxcdn.bootstrapcdn.com cdn.cookielaw.org assets.adobedtm.com stats.g.doubleclick.net data: 'self'; script-src 'unsafe-inline' 'unsafe-eval' https://www.nelnetmarketing.com https://www.cri.studentaid.gov https://ajax.googleapis.com https://www.google-analytics.com https://ssl.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://content.guides.cri.studentaid.gov/agent/static/f7570055-633e-4ee9-7881-784aeea304cb/pendo.js app.pendo.io pendo-io-static.storage.googleapis.com content.guides.cri.studentaid.gov cdn.pendo.io pendo-static-6309816517066752.storage.googleapis.com contentmma.guides.nelnet.com data.pendo.io *.hotjar.com:* *.hotjar.io wss://*.hotjar.com maxcdn.bootstrapcdn.com cdn.cookielaw.org assets.adobedtm.com stats.g.doubleclick.net data: 'self'; font-src https://fonts.googleapis.com https://fonts.gstatic.com app.pendo.io use.fontawesome.com script.hotjar.com data: 'self'; img-src nelv3.112.2o7.net *.nelnet.com https://datamma.guides.nelnet.com/ https://www.google-analytics.com www.googletagmanager.com www.gstatic.com ssl.gstatic.com script.hotjar.com data: 'self' content.guides.cri.studentaid.gov cdn.pendo.io app.pendo.io pendo-static-6309816517066752.storage.googleapis.com data.pendo.io; child-src app.pendo.io *.nelnet.net *.nelnet.com blob: 'self' data: 'self'; worker-src *.nelnet.net *.nelnet.com data: 'self' blob: 'self'; frame-src *.nelnet.net *.nelnet.com app.pendo.io 'self'; X-XSS-Protection: 1; mode=block Feature-Policy: accelerometer 'none'; camera 'self'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'self'; payment 'none'; usb 'none' Permissions-Policy: accelerometer=(), camera=(self), geolocation=(self), gyroscope=(), magnetometer=(), microphone=(self), payment=(), usb=() Referrer-Policy: strict-origin-when-cross-origin Content-Length: 0 Expires: Fri, 02 Jan 2026 13:14:35 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Fri, 02 Jan 2026 13:14:35 GMT Connection: close Server-Timing: cdn-cache; desc=MISS Server-Timing: edge; dur=90 Server-Timing: origin; dur=200 Strict-Transport-Security: max-age=86400 Set-Cookie: akaalb_mmaapi_cri=~op=mmaapi_cri_studentaid_gov_lbm:mmaapi_cri_dc1|~rv=6~m=mmaapi_cri_dc1:0|~os=1d83e77c4541edbcb6dc805acc533558~id=b118b90700bf6c2fdd2fda2ace6f37f4; path=/; HttpOnly; Secure; SameSite=None Server-Timing: ak_p; desc="1767359674664_389224197_2198420524_28896_4833_128_130_-";dur=1
Found 2026-01-02 by HttpPluginCreate report
-
Open service 23.50.131.149:443 · mmaapi.cri.studentaid.gov
2025-12-22 18:07
HTTP/1.1 404 Not Found Access-Control-Allow-Methods: POST, PUT, GET, OPTIONS, DELETE Access-Control-Max-Age: 7200 X-Frame-Options: deny X-Content-Type-Options: nosniff Content-Security-Policy: default-src 'unsafe-inline' https://cri.studentaid.gov https://dark.cri.studentaid.gov *.cri.studentaid.gov *.nelnet.com *.cri.nulsc.net https://www.nelnetmarketing.com https://www.nelnet.com fonts.googleapis.com https://ajax.googleapis.com https://www.google-analytics.com https://ssl.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://content.guides.cri.studentaid.gov/agent/static/f7570055-633e-4ee9-7881-784aeea304cb/pendo.js app.pendo.io pendo-io-static.storage.googleapis.com content.guides.cri.studentaid.gov cdn.pendo.io pendo-static-6309816517066752.storage.googleapis.com datamma.guides.nelnet.com api.feedback.us.pendo.io data.pendo.io *.hotjar.com:* *.hotjar.io wss://*.hotjar.com maxcdn.bootstrapcdn.com cdn.cookielaw.org assets.adobedtm.com stats.g.doubleclick.net data: 'self'; script-src 'unsafe-inline' 'unsafe-eval' https://www.nelnetmarketing.com https://www.cri.studentaid.gov https://ajax.googleapis.com https://www.google-analytics.com https://ssl.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://content.guides.cri.studentaid.gov/agent/static/f7570055-633e-4ee9-7881-784aeea304cb/pendo.js app.pendo.io pendo-io-static.storage.googleapis.com content.guides.cri.studentaid.gov cdn.pendo.io pendo-static-6309816517066752.storage.googleapis.com contentmma.guides.nelnet.com data.pendo.io *.hotjar.com:* *.hotjar.io wss://*.hotjar.com maxcdn.bootstrapcdn.com cdn.cookielaw.org assets.adobedtm.com stats.g.doubleclick.net data: 'self'; font-src https://fonts.googleapis.com https://fonts.gstatic.com app.pendo.io use.fontawesome.com script.hotjar.com data: 'self'; img-src nelv3.112.2o7.net *.nelnet.com https://datamma.guides.nelnet.com/ https://www.google-analytics.com www.googletagmanager.com www.gstatic.com ssl.gstatic.com script.hotjar.com data: 'self' content.guides.cri.studentaid.gov cdn.pendo.io app.pendo.io pendo-static-6309816517066752.storage.googleapis.com data.pendo.io; child-src app.pendo.io *.nelnet.net *.nelnet.com blob: 'self' data: 'self'; worker-src *.nelnet.net *.nelnet.com data: 'self' blob: 'self'; frame-src *.nelnet.net *.nelnet.com app.pendo.io 'self'; X-XSS-Protection: 1; mode=block Feature-Policy: accelerometer 'none'; camera 'self'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'self'; payment 'none'; usb 'none' Permissions-Policy: accelerometer=(), camera=(self), geolocation=(self), gyroscope=(), magnetometer=(), microphone=(self), payment=(), usb=() Referrer-Policy: strict-origin-when-cross-origin Content-Length: 0 Expires: Mon, 22 Dec 2025 18:07:51 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Mon, 22 Dec 2025 18:07:51 GMT Connection: close Server-Timing: cdn-cache; desc=MISS Server-Timing: edge; dur=91 Server-Timing: origin; dur=205 Strict-Transport-Security: max-age=86400 Set-Cookie: akaalb_mmaapi_cri=~op=mmaapi_cri_studentaid_gov_lbm:mmaapi_cri_dc1|~rv=12~m=mmaapi_cri_dc1:0|~os=1d83e77c4541edbcb6dc805acc533558~id=d0ffb222e1fb5c3802add5c57a9206bb; path=/; HttpOnly; Secure; SameSite=None Server-Timing: ak_p; desc="1766426871026_389224197_674066082_29545_6017_1_11_-";dur=1
Found 2025-12-22 by HttpPluginCreate report