urlscan.io logo urlscan.io
SecurityTrails logo

payments.ogp-mgmt.fcs.gsa.gov Open in urlscan Pro
3.222.16.49  Public Scan

Go To Rescan Add Verdict Report
URL: https://payments.ogp-mgmt.fcs.gsa.gov/
Submission: On December 20 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 3 domains to perform 9 HTTP transactions. The main IP is 3.222.16.49, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is payments.ogp-mgmt.fcs.gsa.gov.
TLS certificate: Issued by Amazon on August 27th 2021. Valid for: a year.
This is the only time payments.ogp-mgmt.fcs.gsa.gov was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 10 3.222.16.49 14618 (AMAZON-AES)
1 1 2620:10f:b000... 4185 (ATTIS-ASN...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
9 2
Apex Domain
Subdomains		 Transfer
10 gsa.gov
payments.ogp-mgmt.fcs.gsa.gov
97 KB
1 jsdelivr.net
cdn.jsdelivr.net
8 KB
1 max.gov
login.max.gov
556 B
9 3
Domain Requested by
10 payments.ogp-mgmt.fcs.gsa.gov 2 redirects payments.ogp-mgmt.fcs.gsa.gov
1 cdn.jsdelivr.net payments.ogp-mgmt.fcs.gsa.gov
1 login.max.gov 1 redirects
9 3

This site contains links to these domains. Also see Links.

Domain
www.drupal.org
Subject Issuer Validity Valid
payments.ogp-mgmt.fcs.gsa.gov
Amazon		 2021-08-27 -
2022-09-25		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-03 -
2022-07-02		 a year crt.sh

This page contains 1 frames:

Primary Page: https://payments.ogp-mgmt.fcs.gsa.gov/
Frame ID: 7B8F8BD9029AC59004E1E78805DD63FC
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Welcome to the FY21 Improper Payments Data Call | FY21 Improper Payments Data Call

Page URL History Show full URLs

  1. https://payments.ogp-mgmt.fcs.gsa.gov/ HTTP 302
    https://login.max.gov/cas/login?gateway=true&service=https%3A//payments.ogp-mgmt.fcs.gsa.gov/casse... HTTP 302
    https://payments.ogp-mgmt.fcs.gsa.gov/casservice?destination=/ HTTP 302
    https://payments.ogp-mgmt.fcs.gsa.gov/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

9
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

105 kB
Transfer

269 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://payments.ogp-mgmt.fcs.gsa.gov/ HTTP 302
    https://login.max.gov/cas/login?gateway=true&service=https%3A//payments.ogp-mgmt.fcs.gsa.gov/casservice%3Fdestination%3D/ HTTP 302
    https://payments.ogp-mgmt.fcs.gsa.gov/casservice?destination=/ HTTP 302
    https://payments.ogp-mgmt.fcs.gsa.gov/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
payments.ogp-mgmt.fcs.gsa.gov/
Redirect Chain
  • https://payments.ogp-mgmt.fcs.gsa.gov/
  • https://login.max.gov/cas/login?gateway=true&service=https%3A//payments.ogp-mgmt.fcs.gsa.gov/casservice%3Fdestination%3D/
  • https://payments.ogp-mgmt.fcs.gsa.gov/casservice?destination=/
  • https://payments.ogp-mgmt.fcs.gsa.gov/
14 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://payments.ogp-mgmt.fcs.gsa.gov/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.16.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-16-49.compute-1.amazonaws.com
Software
Apache / PHP/7.4.15
Resource Hash
ecf671f85a94c707d65ce981ccbe636fe44dc282420f693d30eb71db8b5e4976
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Mon, 20 Dec 2021 21:12:36 GMT
content-type
text/html; charset=UTF-8
content-length
14083
server
Apache
x-content-type-options
nosniff nosniff
x-powered-by
PHP/7.4.15
cache-control
must-revalidate, no-cache, private
x-drupal-dynamic-cache
HIT
link
<https://payments.ogp-mgmt.fcs.gsa.gov/node/67>; rel="canonical" <https://payments.ogp-mgmt.fcs.gsa.gov/node/67>; rel="shortlink" <https://payments.ogp-mgmt.fcs.gsa.gov/node/67>; rel="revision"
x-ua-compatible
IE=edge
content-language
en
x-frame-options
DENY
expires
Sun, 19 Nov 1978 05:00:00 GMT
x-generator
Drupal 9 (https://www.drupal.org)
surrogate-control
no-store, content="BigPipe/1.0"
x-accel-buffering
no
apigw-requestid
Kqq2ngHboAMEPJQ=

Redirect headers

date
Mon, 20 Dec 2021 21:12:35 GMT
content-type
text/html; charset=UTF-8
content-length
398
location
https://payments.ogp-mgmt.fcs.gsa.gov/
server
Apache
apigw-requestid
Kqq2jhwLIAMEP6g=
x-content-type-options
nosniff nosniff
x-powered-by
PHP/7.4.15
cache-control
must-revalidate, no-cache, private
x-ua-compatible
IE=edge
content-language
en
x-frame-options
DENY
expires
Sun, 19 Nov 1978 05:00:00 GMT
x-generator
Drupal 9 (https://www.drupal.org)
css_ofwcGw1eCCqDnNtHKB8PTNl_SYj3bzRU4sVpera9NZ8.css
payments.ogp-mgmt.fcs.gsa.gov/sites/default/files/css/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payments.ogp-mgmt.fcs.gsa.gov/sites/default/files/css/css_ofwcGw1eCCqDnNtHKB8PTNl_SYj3bzRU4sVpera9NZ8.css
Requested by
Host: payments.ogp-mgmt.fcs.gsa.gov
URL: https://payments.ogp-mgmt.fcs.gsa.gov/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.16.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-16-49.compute-1.amazonaws.com
Software
Apache /
Resource Hash
a1fc1c1b0d5e082a839cdb47281f0f4cd97f4988f76f3454e2c5697ab6bd359f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://payments.ogp-mgmt.fcs.gsa.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 20 Dec 2021 21:12:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 29 Oct 2021 22:45:52 GMT
server
Apache
etag
"b0c-5cf8596dfd220"
x-frame-options
DENY
content-type
text/css
cache-control
max-age=1209600
accept-ranges
bytes
vary
Accept-encoding
content-length
2828
apigw-requestid
Kqq2tj_nIAMEPqg=
expires
Mon, 03 Jan 2022 21:13:24 GMT
css_kP0p174jxYV6hJ-C9WuBv9DoLN36777-v7z3hgtYNO0.css
payments.ogp-mgmt.fcs.gsa.gov/sites/default/files/css/ 		54 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payments.ogp-mgmt.fcs.gsa.gov/sites/default/files/css/css_kP0p174jxYV6hJ-C9WuBv9DoLN36777-v7z3hgtYNO0.css
Requested by
Host: payments.ogp-mgmt.fcs.gsa.gov
URL: https://payments.ogp-mgmt.fcs.gsa.gov/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.16.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-16-49.compute-1.amazonaws.com
Software
Apache /
Resource Hash
90fd29d7be23c5857a849f82f56b81bfd0e82cddfaefbefebfbcf7860b5834ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://payments.ogp-mgmt.fcs.gsa.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 20 Dec 2021 21:12:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 28 Oct 2021 02:05:05 GMT
server
Apache
etag
"29b4-5cf6023ac9420"
x-frame-options
DENY
content-type
text/css
cache-control
max-age=1209600
accept-ranges
bytes
vary
Accept-encoding
content-length
10676
apigw-requestid
Kqq2tj-ToAMEPtA=
expires
Mon, 03 Jan 2022 21:13:24 GMT
drupal1.PNG
payments.ogp-mgmt.fcs.gsa.gov/sites/default/files/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payments.ogp-mgmt.fcs.gsa.gov/sites/default/files/drupal1.PNG
Requested by
Host: payments.ogp-mgmt.fcs.gsa.gov
URL: https://payments.ogp-mgmt.fcs.gsa.gov/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.16.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-16-49.compute-1.amazonaws.com
Software
Apache /
Resource Hash
30edf5c8c7b84c5d2f508a7bf882e3c95c2bcb59cf5a2a389e19240e97306c5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://payments.ogp-mgmt.fcs.gsa.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 20 Dec 2021 21:12:36 GMT
x-content-type-options
nosniff
last-modified
Mon, 04 Oct 2021 10:17:10 GMT
server
Apache
etag
"59b8-5cd843741f580"
x-frame-options
DENY
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
content-length
22968
apigw-requestid
Kqq2tgJuoAMEPfA=
expires
Mon, 03 Jan 2022 21:13:24 GMT
css_Z5jMg7P_bjcW9iUzujI7oaechMyxQTUqZhHJ_aYSq04.css
payments.ogp-mgmt.fcs.gsa.gov/sites/default/files/css/ 		509 B
579 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payments.ogp-mgmt.fcs.gsa.gov/sites/default/files/css/css_Z5jMg7P_bjcW9iUzujI7oaechMyxQTUqZhHJ_aYSq04.css
Requested by
Host: payments.ogp-mgmt.fcs.gsa.gov
URL: https://payments.ogp-mgmt.fcs.gsa.gov/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.16.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-16-49.compute-1.amazonaws.com
Software
Apache /
Resource Hash
6798cc83b3ff6e3716f62533ba323ba1a79c84ccb141352a6611c9fda612ab4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://payments.ogp-mgmt.fcs.gsa.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 20 Dec 2021 21:12:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 28 Oct 2021 02:03:28 GMT
server
Apache
etag
"112-5cf601dd8c1e0"
x-frame-options
DENY
content-type
text/css
cache-control
max-age=1209600
accept-ranges
bytes
vary
Accept-encoding
content-length
274
apigw-requestid
Kqq2thTrIAMEPDA=
expires
Mon, 03 Jan 2022 21:13:24 GMT
js_ozp0doqiigmdfoLvXSS5F8JLuzjJPWvYOrvKZ8RqSwA.js
payments.ogp-mgmt.fcs.gsa.gov/sites/default/files/js/ 		112 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payments.ogp-mgmt.fcs.gsa.gov/sites/default/files/js/js_ozp0doqiigmdfoLvXSS5F8JLuzjJPWvYOrvKZ8RqSwA.js
Requested by
Host: payments.ogp-mgmt.fcs.gsa.gov
URL: https://payments.ogp-mgmt.fcs.gsa.gov/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.16.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-16-49.compute-1.amazonaws.com
Software
Apache /
Resource Hash
a33a74768aa28a099d7e82ef5d24b917c24bbb38c93d6bd83abbca67c46a4b00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://payments.ogp-mgmt.fcs.gsa.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 20 Dec 2021 21:12:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 22 Nov 2021 22:38:45 GMT
server
Apache
etag
"8d6b-5d1684999f600"
x-frame-options
DENY
content-type
text/javascript
cache-control
max-age=1209600
accept-ranges
bytes
vary
Accept-encoding
content-length
36203
apigw-requestid
Kqq2ugH_IAMEPaw=
expires
Mon, 03 Jan 2022 21:13:24 GMT
jquery.validate.min.js
cdn.jsdelivr.net/npm/jquery-validation@1.17.0/dist/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/jquery-validation@1.17.0/dist/jquery.validate.min.js
Requested by
Host: payments.ogp-mgmt.fcs.gsa.gov
URL: https://payments.ogp-mgmt.fcs.gsa.gov/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17a879e50c3ab3078afaded288e257fb66e94806b76ff7e796b54226f9848f50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://payments.ogp-mgmt.fcs.gsa.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 20 Dec 2021 21:12:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
4839937
x-jsd-version
1.17.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19156-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"5add-anbkx9tHkFM1BYBGmqAQ/r/crNA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6c0bdeab7c7b4a68-FRA
js_18kUwvQMLiLeqSLSMjVSAf7u5QTrA2jHZj38a1BLSog.js
payments.ogp-mgmt.fcs.gsa.gov/sites/default/files/js/ 		33 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payments.ogp-mgmt.fcs.gsa.gov/sites/default/files/js/js_18kUwvQMLiLeqSLSMjVSAf7u5QTrA2jHZj38a1BLSog.js
Requested by
Host: payments.ogp-mgmt.fcs.gsa.gov
URL: https://payments.ogp-mgmt.fcs.gsa.gov/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.16.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-16-49.compute-1.amazonaws.com
Software
Apache /
Resource Hash
d7c914c2f40c2e22dea922d232355201feeee504eb0368c7663dfc6b504b4a88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://payments.ogp-mgmt.fcs.gsa.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 20 Dec 2021 21:12:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 28 Oct 2021 02:05:05 GMT
server
Apache
etag
"2017-5cf6023ad0180"
x-frame-options
DENY
content-type
text/javascript
cache-control
max-age=1209600
accept-ranges
bytes
vary
Accept-encoding
content-length
8215
apigw-requestid
Kqq2uiGmIAMEPHg=
expires
Mon, 03 Jan 2022 21:13:24 GMT
loupe.svg
payments.ogp-mgmt.fcs.gsa.gov/core/misc/icons/505050/ 		491 B
767 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payments.ogp-mgmt.fcs.gsa.gov/core/misc/icons/505050/loupe.svg
Requested by
Host: payments.ogp-mgmt.fcs.gsa.gov
URL: https://payments.ogp-mgmt.fcs.gsa.gov/sites/default/files/css/css_kP0p174jxYV6hJ-C9WuBv9DoLN36777-v7z3hgtYNO0.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.16.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-16-49.compute-1.amazonaws.com
Software
Apache /
Resource Hash
64bf859d26d6a56c05f4506da579091faaf6a218e0dc12a221b63b4033100dd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://payments.ogp-mgmt.fcs.gsa.gov/sites/default/files/css/css_kP0p174jxYV6hJ-C9WuBv9DoLN36777-v7z3hgtYNO0.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 20 Dec 2021 21:12:36 GMT
x-content-type-options
nosniff
last-modified
Wed, 22 Sep 2021 23:39:21 GMT
server
Apache
etag
"1eb-5cc9e05fe3c40"
x-frame-options
DENY
content-type
image/svg+xml
cache-control
max-age=1209600
accept-ranges
bytes
content-length
491
apigw-requestid
Kqq2vhuEoAMEP5A=
expires
Mon, 03 Jan 2022 21:13:24 GMT

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| $ function| jQuery object| drupalSettings object| Drupal string| html_start string| html_sum_start string| html_less2_start string| html_less6_start string| html_end function| _toConsumableArray function| _nonIterableSpread function| _unsupportedIterableToArray function| _iterableToArray function| _arrayWithoutHoles function| _arrayLikeToArray

1 Cookies

Domain/Path Name / Value
.payments.ogp-mgmt.fcs.gsa.gov/ Name: SSESSd71aa7bbb669d8493793425291a17889
Value: _47em2XLGHRCKtyzFqE7Z76VMkX2xEH2qdBgxwIgslQ

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options DENY