urlscan.io logo urlscan.io
SecurityTrails logo

login.masandra.org Open in urlscan Pro
2606:4700:3030::ac43:aa06  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://d2mxzd04.na1.hubspotlinks.com/Ctc/2O+113/d2MxZD04/VWXkH488W0WVW6gtLnd6fVzXBW7qxXbD5bzJZLN1zSXsY3m2ndW7Y8-PT6lZ3kZN4Hf93Jxm1NQW...
Effective URL: https://login.masandra.org/las/mygov-login?execution=e1s1
Submission: On March 18 via manual from MA — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 7 domains to perform 26 HTTP transactions. The main IP is 2606:4700:3030::ac43:aa06, located in United States and belongs to CLOUDFLARENET, US. The main domain is login.masandra.org.
TLS certificate: Issued by GTS CA 1P5 on February 4th 2024. Valid for: 3 months.
This is the only time login.masandra.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Australian Government (Government)

Domain & IP information

IP Address AS Autonomous System
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 52.91.211.222 14618 (AMAZON-AES)
1 1 31.24.230.54 13213 (UK2NET-AS)
5 25 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
26 6
2    2606:4700::6812:ac9 (United States)

ASN13335 (CLOUDFLARENET, US)
d2mxzd04.na1.hubspotlinks.com
1    2606:4700:3031::ac43:c5ec (United States)

ASN13335 (CLOUDFLARENET, US)
dptgroup-shared-document-gateway.gergelykissgd.com
1    52.91.211.222 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-91-211-222.compute-1.amazonaws.com
fi.co
1    31.24.230.54 (United Kingdom)

ASN13213 (UK2NET-AS, GB)
PTR: myfundingcapital.co.uk
id4dcokfs4i6favhttbaez5gc124dxjxquyshi5bvxu1sqmmae.cindypamperedpets.com
25    2606:4700:3030::ac43:aa06 (United States)

ASN13335 (CLOUDFLARENET, US)
login.masandra.org
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
25 login.masandra.org 5 redirects dptgroup-shared-document-gateway.gergelykissgd.com
login.masandra.org
3 fonts.gstatic.com fonts.googleapis.com
2 d2mxzd04.na1.hubspotlinks.com 1 redirects
1 fonts.googleapis.com login.masandra.org
1 id4dcokfs4i6favhttbaez5gc124dxjxquyshi5bvxu1sqmmae.cindypamperedpets.com 1 redirects
1 fi.co 1 redirects
1 dptgroup-shared-document-gateway.gergelykissgd.com d2mxzd04.na1.hubspotlinks.com
26 7

This site contains links to these domains. Also see Links.

Domain
my.masandra.org
www.digitalidentity.gov.au
www.mygovid.gov.au
Subject Issuer Validity Valid
hubspotlinks.com
E1		 2024-03-17 -
2024-06-15		 3 months crt.sh
gergelykissgd.com
GTS CA 1P5		 2024-03-14 -
2024-06-12		 3 months crt.sh
masandra.org
GTS CA 1P5		 2024-02-04 -
2024-05-04		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://login.masandra.org/las/mygov-login?execution=e1s1
Frame ID: 60F2DE47DB337C854D68AEB802CDA584
Requests: 18 HTTP requests in this frame

Frame: https://login.masandra.org/TSPD/?type=21
Frame ID: 5ADAA4C545D6B3B662EEE8A920AF212D
Requests: 5 HTTP requests in this frame

Frame: https://login.masandra.org/cdn-cgi/challenge-platform/h/g/scripts/jsd/956dacbeead0/main.js
Frame ID: F427B40C4E027914C1D4AE57743367CB
Requests: 2 HTTP requests in this frame

Frame: https://login.masandra.org/cdn-cgi/challenge-platform/h/g/scripts/jsd/956dacbeead0/main.js
Frame ID: 81D61B01DE29145730BDA2CE5F822F63
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign in with myGov - myGov

Page URL History Show full URLs

  1. https://d2mxzd04.na1.hubspotlinks.com/Ctc/2O+113/d2MxZD04/VWXkH488W0WVW6gtLnd6fVzXBW7qxXbD5bzJZLN1zSXsY3m2ndW7Y8-P... Page URL
  2. https://d2mxzd04.na1.hubspotlinks.com/events/public/v1/encoded/track/tc/2O+113/d2MxZD04/VWXkH488W0WVW6gtLnd6fVzXBW... HTTP 307
    https://dptgroup-shared-document-gateway.gergelykissgd.com/ksy/?utm_medium=email&_hsmi=297848564&_hsenc=p2ANqtz-_D2ctrdApEYQwb0aAreFOmW... Page URL
  3. https://fi.co/resources/click/3851?url=//ID4dCokFs4I6FavHTtBaEZ5GC124dxjxQUySHi5Bvxu1sQMMA... HTTP 302
    https://id4dcokfs4i6favhttbaez5gc124dxjxquyshi5bvxu1sqmmae.cindypamperedpets.com/ato/ HTTP 302
    https://login.masandra.org/qNhsgNtD HTTP 302
    https://login.masandra.org/auth-callback HTTP 302
    https://login.masandra.org/las/mygov-login?client_id=mygov-citizen-portal&TAM_OP=login&USERNAME=unauthe... HTTP 302
    https://login.masandra.org/las/mygov-login?execution=e1s1 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

26
Requests

92 %
HTTPS

71 %
IPv6

7
Domains

7
Subdomains

6
IPs

3
Countries

351 kB
Transfer

1034 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://d2mxzd04.na1.hubspotlinks.com/Ctc/2O+113/d2MxZD04/VWXkH488W0WVW6gtLnd6fVzXBW7qxXbD5bzJZLN1zSXsY3m2ndW7Y8-PT6lZ3kZN4Hf93Jxm1NQW2Qhv7s2ckbTKW7_CqFl8MtM62W3LPx3p6j8XwvW1N8-Y14JdyqrW6S93w55Z1WYMW3yNlgH8fbbDCW3F50VN8pYMmpW8jfScb1xFG47N16YQ-by8PNLW7xrHYN84BsgsW2lt57957DPZFW6zPy9P5QD_pQVN1z4-4lYdgFW7BSz8c54gFksW86xcB87hfztDW7F0BH13DszdSVympbb18G0YvW5RHPf05lvdMSW3PLY181D5CdXW5N9NPz5wHcNbN6W8_Zwp77NTW2FnTpG5t88Y3W3NvQQp2d6V91W5nZ5yq8lhGp8W1SDYTK6JQzQHf6mKyYC04 Page URL
  2. https://d2mxzd04.na1.hubspotlinks.com/events/public/v1/encoded/track/tc/2O+113/d2MxZD04/VWXkH488W0WVW6gtLnd6fVzXBW7qxXbD5bzJZLN1zSXsY3m2ndW7Y8-PT6lZ3kZN4Hf93Jxm1NQW2Qhv7s2ckbTKW7_CqFl8MtM62W3LPx3p6j8XwvW1N8-Y14JdyqrW6S93w55Z1WYMW3yNlgH8fbbDCW3F50VN8pYMmpW8jfScb1xFG47N16YQ-by8PNLW7xrHYN84BsgsW2lt57957DPZFW6zPy9P5QD_pQVN1z4-4lYdgFW7BSz8c54gFksW86xcB87hfztDW7F0BH13DszdSVympbb18G0YvW5RHPf05lvdMSW3PLY181D5CdXW5N9NPz5wHcNbN6W8_Zwp77NTW2FnTpG5t88Y3W3NvQQp2d6V91W5nZ5yq8lhGp8W1SDYTK6JQzQHf6mKyYC04?_ud=7f5cc808-7a8f-411b-9e14-cd78e8289be8&_jss=1&_fl=8&_pl=3&_hc=14&_lg=en-US,en&_plt=Win32&_scr=1600,1200 HTTP 307
    https://dptgroup-shared-document-gateway.gergelykissgd.com/ksy/?utm_medium=email&_hsmi=297848564&_hsenc=p2ANqtz-_D2ctrdApEYQwb0aAreFOmWjZV7cL0lRUY7gAxrrE0T_kaUg4-xU19o2i8AmtbNxeFnKMOXUa413SleWSOoRZQNjj5RQ&utm_content=297848564&utm_source=hs_email Page URL
  3. https://fi.co/resources/click/3851?url=//ID4dCokFs4I6FavHTtBaEZ5GC124dxjxQUySHi5Bvxu1sQMMAe.cindypamperedpets.com/ato/ HTTP 302
    https://id4dcokfs4i6favhttbaez5gc124dxjxquyshi5bvxu1sqmmae.cindypamperedpets.com/ato/ HTTP 302
    https://login.masandra.org/qNhsgNtD HTTP 302
    https://login.masandra.org/auth-callback HTTP 302
    https://login.masandra.org/las/mygov-login?client_id=mygov-citizen-portal&TAM_OP=login&USERNAME=unauthenticated&ERROR_CODE=0x00000000&URL=http%3A%2F%2Fmygov.login.my.gwy%2Fauth-callback&OLDSESSION= HTTP 302
    https://login.masandra.org/las/mygov-login?execution=e1s1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://d2mxzd04.na1.hubspotlinks.com/events/public/v1/encoded/track/tc/2O+113/d2MxZD04/VWXkH488W0WVW6gtLnd6fVzXBW7qxXbD5bzJZLN1zSXsY3m2ndW7Y8-PT6lZ3kZN4Hf93Jxm1NQW2Qhv7s2ckbTKW7_CqFl8MtM62W3LPx3p6j8XwvW1N8-Y14JdyqrW6S93w55Z1WYMW3yNlgH8fbbDCW3F50VN8pYMmpW8jfScb1xFG47N16YQ-by8PNLW7xrHYN84BsgsW2lt57957DPZFW6zPy9P5QD_pQVN1z4-4lYdgFW7BSz8c54gFksW86xcB87hfztDW7F0BH13DszdSVympbb18G0YvW5RHPf05lvdMSW3PLY181D5CdXW5N9NPz5wHcNbN6W8_Zwp77NTW2FnTpG5t88Y3W3NvQQp2d6V91W5nZ5yq8lhGp8W1SDYTK6JQzQHf6mKyYC04?_ud=7f5cc808-7a8f-411b-9e14-cd78e8289be8&_jss=1&_fl=8&_pl=3&_hc=14&_lg=en-US,en&_plt=Win32&_scr=1600,1200 HTTP 307
  • https://dptgroup-shared-document-gateway.gergelykissgd.com/ksy/?utm_medium=email&_hsmi=297848564&_hsenc=p2ANqtz-_D2ctrdApEYQwb0aAreFOmWjZV7cL0lRUY7gAxrrE0T_kaUg4-xU19o2i8AmtbNxeFnKMOXUa413SleWSOoRZQNjj5RQ&utm_content=297848564&utm_source=hs_email
Request Chain 18
  • https://login.masandra.org/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://login.masandra.org/cdn-cgi/challenge-platform/h/g/scripts/jsd/956dacbeead0/main.js
Request Chain 22
  • https://login.masandra.org/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://login.masandra.org/cdn-cgi/challenge-platform/h/g/scripts/jsd/956dacbeead0/main.js

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
VWXkH488W0WVW6gtLnd6fVzXBW7qxXbD5bzJZLN1zSXsY3m2ndW7Y8-PT6lZ3kZN4Hf93Jxm1NQW2Qhv7s2ckbTKW7_CqFl8MtM62W3LPx3p6j8XwvW1N8-Y14JdyqrW6S93w55Z1WYMW3yNlgH8fbbDCW3F50VN8pYMmpW8jfScb1xFG47N16YQ-by8PNLW7xrHY...
d2mxzd04.na1.hubspotlinks.com/Ctc/2O+113/d2MxZD04/ 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d2mxzd04.na1.hubspotlinks.com/Ctc/2O+113/d2MxZD04/VWXkH488W0WVW6gtLnd6fVzXBW7qxXbD5bzJZLN1zSXsY3m2ndW7Y8-PT6lZ3kZN4Hf93Jxm1NQW2Qhv7s2ckbTKW7_CqFl8MtM62W3LPx3p6j8XwvW1N8-Y14JdyqrW6S93w55Z1WYMW3yNlgH8fbbDCW3F50VN8pYMmpW8jfScb1xFG47N16YQ-by8PNLW7xrHYN84BsgsW2lt57957DPZFW6zPy9P5QD_pQVN1z4-4lYdgFW7BSz8c54gFksW86xcB87hfztDW7F0BH13DszdSVympbb18G0YvW5RHPf05lvdMSW3PLY181D5CdXW5N9NPz5wHcNbN6W8_Zwp77NTW2FnTpG5t88Y3W3NvQQp2d6V91W5nZ5yq8lhGp8W1SDYTK6JQzQHf6mKyYC04
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
false
cf-cache-status
DYNAMIC
cf-ray
8666911b0ecf65bd-FRA
content-encoding
br
content-type
text/html;charset=utf-8
date
Mon, 18 Mar 2024 16:23:22 GMT
referrer-policy
no-referrer
server
cloudflare
vary
origin
x-content-type-options
nosniff
x-envoy-upstream-service-time
40
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
iad02/event-tracking-td/envoy-proxy-5c6d56bb5f-mlb8n
x-evy-trace-virtual-host
all
x-hubspot-correlation-id
1c697f4d-4824-4782-b4f9-eb158a1d2c81
x-request-id
1c697f4d-4824-4782-b4f9-eb158a1d2c81
x-robots-tag
none
/
dptgroup-shared-document-gateway.gergelykissgd.com/ksy/
Redirect Chain
  • https://d2mxzd04.na1.hubspotlinks.com/events/public/v1/encoded/track/tc/2O+113/d2MxZD04/VWXkH488W0WVW6gtLnd6fVzXBW7qxXbD5bzJZLN1zSXsY3m2ndW7Y8-PT6lZ3kZN4Hf93Jxm1NQW2Qhv7s2ckbTKW7_CqFl8MtM62W3LPx3p6...
  • https://dptgroup-shared-document-gateway.gergelykissgd.com/ksy/?utm_medium=email&_hsmi=297848564&_hsenc=p2ANqtz-_D2ctrdApEYQwb0aAreFOmWjZV7cL0lRUY7gAxrrE0T_kaUg4-xU19o2i8AmtbNxeFnKMOXUa413SleWSOoRZ...
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dptgroup-shared-document-gateway.gergelykissgd.com/ksy/?utm_medium=email&_hsmi=297848564&_hsenc=p2ANqtz-_D2ctrdApEYQwb0aAreFOmWjZV7cL0lRUY7gAxrrE0T_kaUg4-xU19o2i8AmtbNxeFnKMOXUa413SleWSOoRZQNjj5RQ&utm_content=297848564&utm_source=hs_email
Requested by
Host: d2mxzd04.na1.hubspotlinks.com
URL: https://d2mxzd04.na1.hubspotlinks.com/Ctc/2O+113/d2MxZD04/VWXkH488W0WVW6gtLnd6fVzXBW7qxXbD5bzJZLN1zSXsY3m2ndW7Y8-PT6lZ3kZN4Hf93Jxm1NQW2Qhv7s2ckbTKW7_CqFl8MtM62W3LPx3p6j8XwvW1N8-Y14JdyqrW6S93w55Z1WYMW3yNlgH8fbbDCW3F50VN8pYMmpW8jfScb1xFG47N16YQ-by8PNLW7xrHYN84BsgsW2lt57957DPZFW6zPy9P5QD_pQVN1z4-4lYdgFW7BSz8c54gFksW86xcB87hfztDW7F0BH13DszdSVympbb18G0YvW5RHPf05lvdMSW3PLY181D5CdXW5N9NPz5wHcNbN6W8_Zwp77NTW2FnTpG5t88Y3W3NvQQp2d6V91W5nZ5yq8lhGp8W1SDYTK6JQzQHf6mKyYC04
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c5ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://d2mxzd04.na1.hubspotlinks.com/Ctc/2O+113/d2MxZD04/VWXkH488W0WVW6gtLnd6fVzXBW7qxXbD5bzJZLN1zSXsY3m2ndW7Y8-PT6lZ3kZN4Hf93Jxm1NQW2Qhv7s2ckbTKW7_CqFl8MtM62W3LPx3p6j8XwvW1N8-Y14JdyqrW6S93w55Z1WYMW3yNlgH8fbbDCW3F50VN8pYMmpW8jfScb1xFG47N16YQ-by8PNLW7xrHYN84BsgsW2lt57957DPZFW6zPy9P5QD_pQVN1z4-4lYdgFW7BSz8c54gFksW86xcB87hfztDW7F0BH13DszdSVympbb18G0YvW5RHPf05lvdMSW3PLY181D5CdXW5N9NPz5wHcNbN6W8_Zwp77NTW2FnTpG5t88Y3W3NvQQp2d6V91W5nZ5yq8lhGp8W1SDYTK6JQzQHf6mKyYC04
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8666911e8cbf3669-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 18 Mar 2024 16:23:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FZq9eTEvr5zAbq12236w%2BkpQ5UWQXghpVWM11%2FtW4yTBPB8vlK4zazSW8kQuj0o%2BHy6Bb3bq%2FUUxBzvNczZTb9k%2BA%2F14a8IkKl%2BbcBJq6fbhJrN77yTgLrSvmQ05ISIo8vmjnAl5skwJYC24m34mJUKVV%2B%2F25Iij%2BtlTWfFSA6Z8kxy94rGsZK3NvfzEOx5IOw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
false
cf-cache-status
DYNAMIC
cf-ray
8666911d495e65bd-FRA
date
Mon, 18 Mar 2024 16:23:22 GMT
link
<https://dptgroup-shared-document-gateway.gergelykissgd.com/ksy/?utm_medium=email&_hsmi=297848564&_hsenc=p2ANqtz-_D2ctrdApEYQwb0aAreFOmWjZV7cL0lRUY7gAxrrE0T_kaUg4-xU19o2i8AmtbNxeFnKMOXUa413SleWSOoRZQNjj5RQ&utm_content=297848564&utm_source=hs_email>; rel="canonical"
location
https://dptgroup-shared-document-gateway.gergelykissgd.com/ksy/?utm_medium=email&_hsmi=297848564&_hsenc=p2ANqtz-_D2ctrdApEYQwb0aAreFOmWjZV7cL0lRUY7gAxrrE0T_kaUg4-xU19o2i8AmtbNxeFnKMOXUa413SleWSOoRZQNjj5RQ&utm_content=297848564&utm_source=hs_email
referrer-policy
no-referrer
server
cloudflare
vary
origin
x-content-type-options
nosniff
x-envoy-upstream-service-time
41
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
iad02/event-tracking-td/envoy-proxy-5c6d56bb5f-bjgxf
x-evy-trace-virtual-host
all
x-hubspot-correlation-id
ff8998d3-173c-4ff8-9de0-21d089da2f9f
x-request-id
ff8998d3-173c-4ff8-9de0-21d089da2f9f
x-robots-tag
none
Primary Request mygov-login
login.masandra.org/las/
Redirect Chain
  • https://fi.co/resources/click/3851?url=//ID4dCokFs4I6FavHTtBaEZ5GC124dxjxQUySHi5Bvxu1sQMMAe.cindypamperedpets.com/ato/
  • https://id4dcokfs4i6favhttbaez5gc124dxjxquyshi5bvxu1sqmmae.cindypamperedpets.com/ato/
  • https://login.masandra.org/qNhsgNtD
  • https://login.masandra.org/auth-callback
  • https://login.masandra.org/las/mygov-login?client_id=mygov-citizen-portal&TAM_OP=login&USERNAME=unauthenticated&ERROR_CODE=0x00000000&URL=http%3A%2F%2Fmygov.login.my.gwy%2Fauth-callback&OLDSESSION=
  • https://login.masandra.org/las/mygov-login?execution=e1s1
9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.masandra.org/las/mygov-login?execution=e1s1
Requested by
Host: dptgroup-shared-document-gateway.gergelykissgd.com
URL: https://dptgroup-shared-document-gateway.gergelykissgd.com/ksy/?utm_medium=email&_hsmi=297848564&_hsenc=p2ANqtz-_D2ctrdApEYQwb0aAreFOmWjZV7cL0lRUY7gAxrrE0T_kaUg4-xU19o2i8AmtbNxeFnKMOXUa413SleWSOoRZQNjj5RQ&utm_content=297848564&utm_source=hs_email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:aa06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c739877c2d320cad625088094447699aacd3c978082e02429866398a1d3cb105

Request headers

Referer
https://dptgroup-shared-document-gateway.gergelykissgd.com/ksy/?utm_medium=email&_hsmi=297848564&_hsenc=p2ANqtz-_D2ctrdApEYQwb0aAreFOmWjZV7cL0lRUY7gAxrrE0T_kaUg4-xU19o2i8AmtbNxeFnKMOXUa413SleWSOoRZQNjj5RQ&utm_content=297848564&utm_source=hs_email
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store
cf-cache-status
DYNAMIC
cf-ray
8666913c28c59954-FRA
content-encoding
br
content-language
en-US
content-type
text/html
date
Mon, 18 Mar 2024 16:23:27 GMT
inst
0b
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="NON CUR OTPi OUR NOR UNI"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0Wszv%2BuAAOrL0XGXJmfy%2FlfskMyDKm8M0P%2BxuhK04l8IsEPQyCDN8P3c6zheBAdsu5F2ATuZ%2FV5%2F6tmIA052A21FUAGaZ9zOzKb%2F6jXKoqP2L1gso7I76OOBfLhZEL4zVD6wcJqPfsHR0JPzmKYtYSk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache=set-cookie
cf-cache-status
DYNAMIC
cf-ray
8666913628cc9954-FRA
content-language
en-US
content-type
text/plain
date
Mon, 18 Mar 2024 16:23:27 GMT
expires
Thu, 01 Dec 1994 16:00:00 GMT
inst
0b
location
https://login.masandra.org/las/mygov-login?execution=e1s1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="NON CUR OTPi OUR NOR UNI"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FlH7oNutkaILxS1rpStSHMByptlSkGmvrn7eEtp%2BUXCoUkUeeFI9TOFpLnxH7kk8rVO6mF8WP2zgShsKC%2FZYCX%2FCqFN%2BE3QY4uyco5n%2F%2BppfGG4QoSVMiwQYHsIG40kUIWtPJaUgEtUUefEUpRF26lY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
/
login.masandra.org/TSPD/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.masandra.org/TSPD/?type=18
Requested by
Host: login.masandra.org
URL: https://login.masandra.org/las/mygov-login?execution=e1s1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:aa06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31014d4376a3cb7dd00910c520704f69ff61ec77872e57d8c2ff18b1243a972a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.masandra.org/las/mygov-login?execution=e1s1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 16:23:28 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ne3LEp43fBsUUEnfQAgnyjIUT5Qmgz6UY1e%2FEhQuoKBZiJdZzRYQmFd%2B2bzxaa8A6W5fvohePfFfKcpvA%2FawHIOskNifrgSGSh%2FXCPX6UWTYNKsByhBRDYYoYmtcgOHGzGzmW80rejvLUPamq2aMwnQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
public, max-age=86400
cf-ray
8666913e7b549954-FRA
alt-svc
h3=":443"; ma=86400
css
fonts.googleapis.com/ 		17 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:200,400,700|Roboto:300,400,500,700,900&display=swap
Requested by
Host: login.masandra.org
URL: https://login.masandra.org/las/mygov-login?execution=e1s1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
634cde3f8690c3853219fbbde17b42f14f2ce058319521ba704e0607b1620c2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.masandra.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 18 Mar 2024 16:23:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 18 Mar 2024 16:23:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 18 Mar 2024 16:23:27 GMT
mgv2-application.css
login.masandra.org/mygov/content/mgv2/css/ 		126 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login.masandra.org/mygov/content/mgv2/css/mgv2-application.css
Requested by
Host: login.masandra.org
URL: https://login.masandra.org/las/mygov-login?execution=e1s1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:aa06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bb7a6a1c69c680150feae21505a9fca6da3260dc64647ebaff0567543a98d0f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.masandra.org/las/mygov-login?execution=e1s1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 16:23:29 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Sat, 04 Nov 2023 09:53:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9OxmLjvY%2FZLs6rTaugqEggEm85gDvU4Sr9MA%2FvcsW8pRnq7tlkQS6kGYbI8UonM%2BTWJGAdvSaOvtKRvhUWiPYWhQqgeFGE7m5Wixuxgx%2B4lqlJ9pwaPefdV8kiwjLeMmLSsVxxqdwBZSZpS1pv4hLj0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
p3p
CP="NON CUR OTPi OUR NOR UNI"
cache-control
max-age=3600,public,must-revalidate
inst
0b
cf-ray
8666913e7b569954-FRA
alt-svc
h3=":443"; ma=86400
expires
Mon, 18 Mar 2024 17:23:28 GMT
blugov.css
login.masandra.org/mygov/content/mgv2/css/ 		70 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login.masandra.org/mygov/content/mgv2/css/blugov.css
Requested by
Host: login.masandra.org
URL: https://login.masandra.org/las/mygov-login?execution=e1s1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:aa06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62d587573e8fb758992b48ccffea6f8f1391833d14839af2681f512659ec7faa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.masandra.org/las/mygov-login?execution=e1s1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 16:23:28 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Sat, 04 Nov 2023 09:53:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rS3laC1asOsAe2cPA8I%2B%2F5g42oHnDVmIAiLShTFi%2BaPQyQWVPEQ1zAWSCJwRFMlnTwiGnGmOSPw0nJ9GoNQ52NtIhi98TrLlmk4JovhYbV6CkEQxKxzQJkJKl3k4VDKwXBRx9X0cjsWZo016N0UmT1U%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
p3p
CP="NON CUR OTPi OUR NOR UNI"
cache-control
max-age=3600,public,must-revalidate
inst
0b
cf-ray
8666913e7b599954-FRA
alt-svc
h3=":443"; ma=86400
expires
Mon, 18 Mar 2024 17:23:28 GMT
myGov-cobranded-logo-black.svg
login.masandra.org/mygov/content/mgv2/blugov/ 		63 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.masandra.org/mygov/content/mgv2/blugov/myGov-cobranded-logo-black.svg
Requested by
Host: login.masandra.org
URL: https://login.masandra.org/las/mygov-login?execution=e1s1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:aa06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
954aa858b3bffb8511bc41bc88b07d2b24597c37faf522550e26c9aa3b0d220d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.masandra.org/las/mygov-login?execution=e1s1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 16:23:29 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Sat, 04 Nov 2023 09:53:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UJfqdIkwU9mZbt6kOBP0oTULBsMrP6h8b7BMLF8RzCxkmjaNTMmsqAuTtya1NQtbdyt9arMH8KlXami%2FjGc0B0x6hxwckYvZZ9x%2FyHUlxPaDHsK6gTXAf%2Bk%2F%2FDK%2Bg4s6DmlIRlBaPWqeDMV7WdqvRys%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
p3p
CP="NON CUR OTPi OUR NOR UNI"
cache-control
max-age=3600,public,must-revalidate
inst
0b
cf-ray
8666913e7b5a9954-FRA
alt-svc
h3=":443"; ma=86400
expires
Mon, 18 Mar 2024 17:23:28 GMT
myGov-cobranded-logo-white.svg
login.masandra.org/mygov/content/mgv2/blugov/ 		63 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.masandra.org/mygov/content/mgv2/blugov/myGov-cobranded-logo-white.svg
Requested by
Host: login.masandra.org
URL: https://login.masandra.org/las/mygov-login?execution=e1s1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:aa06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10b11a7c97b90bcf7ad520ac94c5769d08540ce1ee3b84d487c587bf128e3388

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.masandra.org/las/mygov-login?execution=e1s1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 16:23:28 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Sat, 04 Nov 2023 09:53:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pKUfcgNUggraaMeDAUqJENkV3iKjB3J0OvpjXZ4FZGp0LMcM7HheUC%2B7zvzHUr57EM02TAinkN8bdAID%2FSrccibhF5Rkr05dFF1FVLfN3NbSOv1k6TCctV7sSBRF47VBOoIYz4FaJ%2F7Jvl1R5hLuSOI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
p3p
CP="NON CUR OTPi OUR NOR UNI"
cache-control
max-age=3600,public,must-revalidate
inst
0b
cf-ray
8666913e7b5c9954-FRA
alt-svc
h3=":443"; ma=86400
expires
Mon, 18 Mar 2024 17:23:28 GMT
mgv2-vendor.js
login.masandra.org/mygov/content/mgv2/js/ 		148 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.masandra.org/mygov/content/mgv2/js/mgv2-vendor.js
Requested by
Host: login.masandra.org
URL: https://login.masandra.org/las/mygov-login?execution=e1s1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:aa06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bedda083bdbe6820e493159f1e3e27146b96ef6840094bd74447925e8c66e26

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.masandra.org/las/mygov-login?execution=e1s1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 16:23:29 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Sat, 04 Nov 2023 09:53:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FmQZDIW4v5XGvykN4NxC0f%2BV4LiQAN7mJ2IZ9GMNMjAdWioY%2BF3JZuWe6Y6%2Bkfps67oT8oGgdmvQPIxGFQJBK4jLsmHHsqj88O2k4dPJ9Zam1YjlJ4W7XaaP9BHcqy89byCy3PqrmofWRCgzxKhwnTc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
p3p
CP="NON CUR OTPi OUR NOR UNI"
cache-control
max-age=3600,public,must-revalidate
inst
0b
cf-ray
866691409dd99954-FRA
alt-svc
h3=":443"; ma=86400
expires
Mon, 18 Mar 2024 17:23:28 GMT
mgv2-application.js
login.masandra.org/mygov/content/mgv2/js/ 		74 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.masandra.org/mygov/content/mgv2/js/mgv2-application.js
Requested by
Host: login.masandra.org
URL: https://login.masandra.org/las/mygov-login?execution=e1s1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:aa06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
107af7740499970450ef1475538b290f01f48e863cb6660e272066843582cec8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.masandra.org/las/mygov-login?execution=e1s1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 16:23:29 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Sat, 04 Nov 2023 09:53:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FEm5SvirGaPN1%2BxnUAbkIg2SjANzDyc61uVOrMnxXoFKDnh2R71tMah2MaiKtv3kyvJicKsuT5T3lS77UX4%2BAzQ8ubGNTpOFeM25Jl%2FDF%2BK%2B0yetbNtFgES1Toki9BlGQFp%2Byc492M3N%2FyfvTYKE8bo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
p3p
CP="NON CUR OTPi OUR NOR UNI"
cache-control
max-age=3600,public,must-revalidate
inst
0b
cf-ray
866691409ddc9954-FRA
alt-svc
h3=":443"; ma=86400
expires
Mon, 18 Mar 2024 17:23:28 GMT
login.js
login.masandra.org/mygov/content/mgv2/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.masandra.org/mygov/content/mgv2/js/login.js
Requested by
Host: login.masandra.org
URL: https://login.masandra.org/las/mygov-login?execution=e1s1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:aa06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3398bdeeb65157116e93bdeef72d320cb5d90700b149a62f60ff1dcb2ac8f9a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.masandra.org/las/mygov-login?execution=e1s1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 16:23:29 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Sat, 04 Nov 2023 09:53:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EsSp4q98d9CbvqgwhRX1%2BYVb2UeueLUjIvTumwj7vqC%2FMDmUATbMsauGGY7%2B2tSV9kf6d4mKya%2BcXFgJ9eNFICgqSXrhZ8cdhCkWkXSoQitONHHlwTHLN1hkOxf1tdZtDefUSoUxZcqsigSBtIrpgFY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
p3p
CP="NON CUR OTPi OUR NOR UNI"
cache-control
max-age=3600,public,must-revalidate
inst
0b
cf-ray
866691409dde9954-FRA
alt-svc
h3=":443"; ma=86400
expires
Mon, 18 Mar 2024 17:23:28 GMT
blugov-left-chevron-dark.svg
login.masandra.org/mygov/content/mgv2/icons/ 		256 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.masandra.org/mygov/content/mgv2/icons/blugov-left-chevron-dark.svg
Requested by
Host: login.masandra.org
URL: https://login.masandra.org/mygov/content/mgv2/css/blugov.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:aa06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af454d272466fa84c77ca8028e0b8b8bcc0a193ad4401dfcddbad07dc2dabcfc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.masandra.org/mygov/content/mgv2/css/blugov.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 16:23:30 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Sat, 04 Nov 2023 09:53:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GWzKIl9GK9XXTx0h1uMNOoqZb1aoNYMfy5QJuwJrn9NsBH9mBkOy0I1u2l0ZxDSlyMdqAjvLLNYZTEY6fKrSShTMDtGP5D45TgwucvFyPXGPdk000xI48OvKRT2ADnUn0j%2B4YJeYS38HT%2BE3S3ts2pA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
p3p
CP="NON CUR OTPi OUR NOR UNI"
cache-control
max-age=3600,public,must-revalidate
inst
0b
cf-ray
866691470da89954-FRA
alt-svc
h3=":443"; ma=86400
expires
Mon, 18 Mar 2024 17:23:29 GMT
icon-blugov-info.svg
login.masandra.org/mygov/content/mgv2/icons/ 		583 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.masandra.org/mygov/content/mgv2/icons/icon-blugov-info.svg
Requested by
Host: login.masandra.org
URL: https://login.masandra.org/mygov/content/mgv2/css/blugov.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:aa06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c6fcb4fc5d0a351b5dcc2fa918d157ea61e6fb74a4e083509e6dcb93d4ff2f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.masandra.org/mygov/content/mgv2/css/blugov.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 16:23:30 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Sat, 04 Nov 2023 09:53:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=udz854sInAWssYrTHun2QA6Fwxex8AefE%2BM4OqXRF%2FPoEoL4yDcOGIVNy8sm9UUDidKGFmUHX9h9nsuUuiJB%2FEmQqpNdSDdV3EwsZj%2FDEi3Osco0FlSLMU9N9oyLzxVvV8X9DTlnIWRfktx43511yXk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
p3p
CP="NON CUR OTPi OUR NOR UNI"
cache-control
max-age=3600,public,must-revalidate
inst
0b
cf-ray
866691470daa9954-FRA
alt-svc
h3=":443"; ma=86400
expires
Mon, 18 Mar 2024 17:23:29 GMT
icon-external-link.svg
login.masandra.org/mygov/content/mgv2/icons/ 		1022 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.masandra.org/mygov/content/mgv2/icons/icon-external-link.svg
Requested by
Host: login.masandra.org
URL: https://login.masandra.org/mygov/content/mgv2/css/mgv2-application.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:aa06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e891c017753d1d4ca061d7f6dace627433d3733a42fb2ec2ffd9722b99dd6812

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.masandra.org/mygov/content/mgv2/css/mgv2-application.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 16:23:30 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Sat, 04 Nov 2023 09:53:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nd0h4TeLVdPLlTyuiY6hedPupTKtAaJ0MKZLZyraijo5%2F3qzJedTO083u6ym%2F6%2Bt5tDqISlaU8MVAcRjNdhqQ4%2BkhwQgbQySiNWuAO%2BGLSwldijxlKi0S5w%2BDNZ1VeXRQuPJEXdzasthnBe8P9nlk3g%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
p3p
CP="NON CUR OTPi OUR NOR UNI"
cache-control
max-age=3600,public,must-revalidate
inst
0b
cf-ray
866691470dac9954-FRA
alt-svc
h3=":443"; ma=86400
expires
Mon, 18 Mar 2024 17:23:29 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:200,400,700|Roboto:300,400,500,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://login.masandra.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 22:11:20 GMT
x-content-type-options
nosniff
age
411129
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Mar 2025 22:11:20 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:200,400,700|Roboto:300,400,500,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://login.masandra.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 18:30:08 GMT
x-content-type-options
nosniff
age
597201
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 11 Mar 2025 18:30:08 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:200,400,700|Roboto:300,400,500,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://login.masandra.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 20:16:13 GMT
x-content-type-options
nosniff
age
590836
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 11 Mar 2025 20:16:13 GMT
/
login.masandra.org/TSPD/ Frame 5ADA 		7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.masandra.org/TSPD/?type=21
Requested by
Host: login.masandra.org
URL: https://login.masandra.org/TSPD/?type=18
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:aa06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2ee4bb4005ab4b1818b41819e4ca1135d6d356b1606cb1a08f9fa5d52af8576

Request headers

Referer
https://login.masandra.org/las/mygov-login?execution=e1s1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, must-revalidate, no-cache, max-age=0
cf-cache-status
DYNAMIC
cf-ray
8666914afb4c9954-FRA
content-encoding
br
content-type
text/html
date
Mon, 18 Mar 2024 16:23:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8VMzKsTEiwRseaR2%2BA5vrNi%2B9IP%2BUQr8Cm2BucbNHlDKAixTTLQGZ0ykgzHoS4HuV3RBD48EeI7VSExNufU5sbFt6gUplewZOQFASSeFdAhBj1yzAm47fccmvABAsq5SUSFYNiLMWHO2%2BuHCTJzD6uQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
main.js
login.masandra.org/cdn-cgi/challenge-platform/h/g/scripts/jsd/956dacbeead0/ Frame F427
Redirect Chain
  • https://login.masandra.org/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://login.masandra.org/cdn-cgi/challenge-platform/h/g/scripts/jsd/956dacbeead0/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.masandra.org/cdn-cgi/challenge-platform/h/g/scripts/jsd/956dacbeead0/main.js
Requested by
Host: login.masandra.org
URL: https://login.masandra.org/las/mygov-login?execution=e1s1
Protocol
H3
Server
2606:4700:3030::ac43:aa06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5d28e6611e6a22e6832ced877a18e423f59c179063f2f128d0280a5f46265d8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 16:23:29 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p3%2Foib2UObrhTJC0GalQ%2Fhh1VRmymQXq1EUNdwL7ytJfLLRuOA0W0dF9o0Y4JX%2BJG08NpKol%2BAe63OeVt0QrzlbdZwZ3bndUYY3xcJZ00cmzpr18JS6nBsqbBNIeHoDxpNYqXt87OAv3fLf6waGy%2BVk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
8666914b1b6e9954-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Mon, 18 Mar 2024 16:23:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bzoLg9GnX0lnpNtfuQD9HV8uSMj7Lw46KB9vjcMk4eZmyurp7SHM93DvvjJ3mLwnlZPVn4ZZw%2B29e7T7RAdxnJApfDBUozJQChDq38Pu8KzxLJFrckXmNMii%2BEInSXOAKHFZ03tb9rUfmTOB%2Ba1vSnU%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/956dacbeead0/main.js
cache-control
max-age=300, public
cf-ray
8666914afb539954-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
8666913c28c59954
login.masandra.org/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame F427 		0
604 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://login.masandra.org/cdn-cgi/challenge-platform/h/g/jsd/r/8666913c28c59954
Requested by
Host: login.masandra.org
URL: https://login.masandra.org/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:aa06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 18 Mar 2024 16:23:29 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pRL%2FMuyAbGsAvodbwgZH2%2BatkP%2BPX1epJGPNwQiYh2DrA6mxlYmlKUih15r4KElV5okOSCmGNsIiBmlslqAGBLUZV86jmFsorJ3EvlcucdQWpudi34bjby%2Bg%2B2ACKmm9XOYrCgRapQWCQHZ7v1FV2SQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
8666914b8c139954-FRA
alt-svc
h3=":443"; ma=86400
082d0e0bfcab20004d8da22ca880594610fc784af9b9ceac78f1deab5528906efd3bef97b8814fd8
login.masandra.org/TSPD/ Frame 5ADA 		288 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.masandra.org/TSPD/082d0e0bfcab20004d8da22ca880594610fc784af9b9ceac78f1deab5528906efd3bef97b8814fd8?type=8
Requested by
Host: login.masandra.org
URL: https://login.masandra.org/TSPD/?type=21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:aa06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41ae4a0f8ceee3dba8fbdf1b92e9a670198f1af9cadaeb7ba765f4e058d0b0a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.masandra.org/TSPD/?type=21
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 16:23:30 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F5GJczb2odF%2FvWVoL7laGtWhUH07ll1w%2FZxxMrFNzgTEsk4e4RWEdTJNeSfXSvw6wjPHoTYeathsNYBDfPlYXOEI5l1slAVHF3JyjOPH1i1i5SaKW%2FT3aHyBxR5ztI7XEBK0OvQPZja6E4DnNbx1aQM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
public, max-age=86400
cf-ray
8666914d1e159954-FRA
alt-svc
h3=":443"; ma=86400
082d0e0bfcab20004d8da22ca880594610fc784af9b9ceac78f1deab5528906efd3bef97b8814fd8
login.masandra.org/TSPD/ Frame 5ADA 		52 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.masandra.org/TSPD/082d0e0bfcab20004d8da22ca880594610fc784af9b9ceac78f1deab5528906efd3bef97b8814fd8?type=12
Requested by
Host: login.masandra.org
URL: https://login.masandra.org/TSPD/?type=21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:aa06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
552f179b8856e5355d6d5865abf56d10af6a0e698c3a8ea2b5610c459fbe37a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.masandra.org/TSPD/?type=21
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 16:23:31 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wY1bNEzBULbejZPOX9OybNHJygkA2mGK0O8Osf5R9Q5uTSMLvD228Qnxqj8djGxMf6UlOXAPpw8LRuAeJqQxTzzvqki3%2FUXQI38Ocv%2BOTzf2%2F7hL3%2Ft3DTBwPKOE2q1kWSZ9ttrW6w8byj%2BFGtpNBLY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
public, max-age=86400
cf-ray
8666914d1e189954-FRA
alt-svc
h3=":443"; ma=86400
main.js
login.masandra.org/cdn-cgi/challenge-platform/h/g/scripts/jsd/956dacbeead0/ Frame 81D6
Redirect Chain
  • https://login.masandra.org/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://login.masandra.org/cdn-cgi/challenge-platform/h/g/scripts/jsd/956dacbeead0/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.masandra.org/cdn-cgi/challenge-platform/h/g/scripts/jsd/956dacbeead0/main.js
Protocol
H3
Server
2606:4700:3030::ac43:aa06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e4dcd3be067e1182da3964abda7d7a77838534b42a034f34122573692de1b8b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 16:23:31 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0LGrSal3wrjiUSJ%2Bd4gPMSryUnGTW4ZiOOxrApaKChzff%2Fy02jo4O%2F2NkX4X0wyTqm0%2FYx1bwHbf8XeX2rWx1VPs%2Ff39Vfq5ddA704O20eabqBAgetycmaU6o6y5AEffsUQesPUNfbjSbp8w5a%2FUXDk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
8666915518669954-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Mon, 18 Mar 2024 16:23:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tf2hXW8Zwj7lHusTpJ95FMpjAAM3bYuBKM2xd05MU1tsj97uTUX8I%2BeCPgqxaqwZ60UgsljyP%2FQUgBVRHGs6QQR6KDQkyWuu5Wzmgt5GXzIQ6FXnMuP4dASXjF7KNlzKy1h9Je9sUePzod%2F57XAk1Zs%3D"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/956dacbeead0/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
86669154cffc9954-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
truncated
/ Frame 5ADA 		35 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
483d244f19d7105fd875ee8d01223fb50c32409a0a33e6998b0ab644bbdc4a62

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/jpg
8666914afb4c9954
login.masandra.org/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 81D6 		0
602 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://login.masandra.org/cdn-cgi/challenge-platform/h/g/jsd/r/8666914afb4c9954
Requested by
Host: login.masandra.org
URL: https://login.masandra.org/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:aa06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 18 Mar 2024 16:23:31 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cPB%2F%2Bdb1kvFEk9Uryg1Zw2HgD2dfC7xO8RaWrfIEU%2BND4omEZeEj89xgPb5l1BzHamyvhdDv2LNGa%2FIGhTeacoFWAPMH8WtdXMFMyUIa4McaSlHDcDNoW6CECQk6Ok9npUimDkEnOrlgds2gVfmyneQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
86669156eaa49954-FRA
alt-svc
h3=":443"; ma=86400
082d0e0bfcab2800b1e1f9baed458d6c92b90b0bc728f0760db9692dddad08919bb429d5bf4cf7058b1732f097a110ba
login.masandra.org/TSPD/ Frame 5ADA 		566 B
762 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://login.masandra.org/TSPD/082d0e0bfcab2800b1e1f9baed458d6c92b90b0bc728f0760db9692dddad08919bb429d5bf4cf7058b1732f097a110ba?type=13
Requested by
Host: login.masandra.org
URL: https://login.masandra.org/TSPD/082d0e0bfcab20004d8da22ca880594610fc784af9b9ceac78f1deab5528906efd3bef97b8814fd8?type=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:aa06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b74995864b393339752a9fa854317dce8e80fcd6d1f82f08e0aaed597f1fcb3e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.masandra.org/TSPD/?type=21
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 16:23:32 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LFYjX7MUDAFsqETuhIYBdTuriNg1yxR40ThQvSNggi%2FhUhIJYW4dWuVMuJU25Qi2aa6D%2BF6kmYvNp9PEipqAFgPuh%2BKGQQ4Trm%2BM%2Fgd2r5Ib14w02GRI10HzFNLViDFTUqqSCWfthmogamuHewj%2F%2FKI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
no-store, must-revalidate, no-cache, max-age=0
cf-ray
86669159de899954-FRA
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Australian Government (Government)

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 string| loaderConfig undefined| ie9rgb4 boolean| grMX function| runLoader function| $ function| jQuery function| moment function| cleanDefaultValues function| setMandatoryValues function| findInfoOrErrorParent function| findSuccessParent function| clearMessageType function| setErrorParent object| formHelper function| getGreetingTime function| initPinToggle function| setPinShow function| setPinHide boolean| va_isMaximised boolean| va_isOpen boolean| va_isMobile undefined| va_pushTimeout boolean| va_chatStarted string| titleBarTitle string| headingTitle function| getMobileHeader function| getDesktopHeader function| getAltText function| setAltText function| calcRightMargin function| insertDiv function| insertIframe function| determineContext function| insertIframeSrc function| setIFrameSrc function| sendGoogleAnalyltics function| addTimer function| disableBGScrolling function| enableBGScrolling function| toggleVAMobile function| addOnClickMobile function| isWindowMobile function| responsiveResize function| toggleVADesktop function| addOnClickDesktop function| addOnResize function| resizeVA function| addOnBackwardsTabbing function| loopFocusBackwardWithError function| addSkipToConversationTabListener function| addOnSkipToConversation function| addSkipToBot function| hideSkipToConversation function| skipToSkipToConversation function| skipToResizeIcon function| postMessageToIframe function| addListenerForIframe function| addDigitalAssistant function| scrollPageToBottom function| isIE function| newShowIdentityModal function| ignoreSubmit function| handleKeyboardInput function| trapFocusPrimary function| removeSelection function| trapFocusSecondary function| keyboardDismiss function| enableProgressButton function| summonSecondModal function| hideSecondaryModal function| harshHideIdentityModal function| fadeOutBackground function| newHideIdentityModal undefined| lastInteractionDate undefined| timeoutEventId function| getToken function| isValidToken function| parseToken function| checkAuthenticated function| setDAsource function| recordBotInteraction function| initiateNewConversation object| storage function| isWebView object| global function| priorityLookup function| compareDates function| getTopAlert function| getTopBroadcast function| displayBroadcast

11 Cookies

Domain/Path Name / Value
fi.co/ Name: client_uuid
Value: 699c0fec-42a4-4433-8e75-99b5db110601-1710779003
.fi.co/ Name: _fi_session_4
Value: biOWZjrPB51QIeXVDwhGxtE0aIcLQbWuCfvM%2FuMyZYcZHl06%2FLNsANl2HP5zqyW6FE7Z49Wt9fmHFL44PD6m8Hdo0wYUUQb5tSJyq2XfH0EYCoAd2YArLloMFFVPqfULxjUj6R3JaAD6VXCPBIr3i0IqtuTy5zFq2qQzH3c5xD56oebD%2BiOoLW3ZD6QZXKpzslBabpR%2BiIz9%2B%2BWJ8d9i68S557nJVRyG%2Bx0laxFsTd0F0%2Bkh163jz3KYku1IDUWRf%2F7CwQj8Q0bEjgic9dr1kaPV6owu9yRaxCukFqt%2BjNX0CjgwRvlDvX5cnTX9qTaZZo8C--PfOjvJ4gqhfstQ%2BI--0Af0wKZZ%2Fk0cGEGNK1kAfg%3D%3D
.masandra.org/ Name: lHsD
Value: df0b753d9832c69ab17a92d673d3429c5c052620f3968edaab9cf81f6937d7ed
login.masandra.org/ Name: PD-H-SESSION-ID
Value: ErGhIb7oewSEC456lXobTQ==:1_4_0_lqc6+Z+pmj0147tnLXzW4hsoqidBNjGrhemTWlTLXVieAnmH|
login.masandra.org/ Name: PD_STATEFUL_aaa1d6bc-31d2-11e6-b102-0050568e537f
Value: mygov
login.masandra.org/ Name: TS767cb680029
Value: 082d0e0bfcab2800b46738c4b77af51684fa4b77520eb0c1e79892ff7a9c43339e940efec1bb42b60207bedec2600a6c
login.masandra.org/ Name: BIGipServerHBZK2i12N308Oa3l35yEhg
Value: !yOwMDf9nfv2MvogG6zMjgWwrfzKDRjvd4/V1o0wVJbJsldJcuXTOvR2CuGsc4XN1ErpGnJatXn0LPQ==
.login.masandra.org/ Name: TS0143fa37
Value: 01e535258fab9cb2bc5b51d813d901bc5e093341765e6df400821d2ce85aa9e412f08d26f5f2fb664ad8e13b7aae5c2635b717abd9f6d658ac1f40cce16c1091466e7e3797c907b74dff5f73c9897a9c3feba513434a16c754a7e5f6dcdaf6d57619429434
login.masandra.org/ Name: TS76481464027
Value: 082d0e0bfcab20005c1a8ab9dce569b2ec12500232b2f6a44f4d61c47a4226387df35ff2ef8751bf08e9bd89d911300049cb5f9d0969cf069cc243431e58288e5aa20801f294013c94ebabf3d29befa9e376f8b88a0a03cf88d0ca9ba7f25606
.masandra.org/ Name: cf_clearance
Value: KpXHpo6RsJq9pnTF_yYorQTxXl3l5Kut0ZznQ9n_v9Y-1710779011-1.0.1.1-mxnxf2fLyj2PAlX0zu7Qm_Vz7FEEmR7wW0BuocUoS3LpgUKSTnXHo_fqsP7EFkqXANIFjrj1yos6ktdqvwTPYA
login.masandra.org/ Name: TS00000000076
Value: 082d0e0bfcab2800b1e1f9baed458d6c92b90b0bc728f0760db9692dddad08919bb429d5bf4cf7058b1732f097a110ba08f2081e8809d000aac0b10237959380596b3c4d49346e5bc9f765de69c88be762fbf4f08a2de52ff0910342da504784fc96ac6cf59e958a955f2b977205f9c11bc893ed85f2760d3820f1de60dee693095752fbb940c05a7802c59b0b590ffdb452e43496cd797fc19937071f4339de6bdce0a9056f5a72bce8c30259d1d83dfef8cc33d400592b5623520f56b2c09f4930709ca9e3bdb81d5c14742508e2fbdf764aa3470b4deb4fb675ce607baa0909632eddd8684906c0aaaa2b8e10f2a36490a878f30f628884c5f29c4f9586d187eafe6fa9d79bba

4 Console Messages

Source Level URL
Text
other warning URL: https://login.masandra.org/TSPD/082d0e0bfcab20004d8da22ca880594610fc784af9b9ceac78f1deab5528906efd3bef97b8814fd8?type=8(Line 467)
Message:
The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
deprecation warning URL: https://login.masandra.org/TSPD/082d0e0bfcab20004d8da22ca880594610fc784af9b9ceac78f1deab5528906efd3bef97b8814fd8?type=8(Line 468)
Message:
The ScriptProcessorNode is deprecated. Use AudioWorkletNode instead. (https://bit.ly/audio-worklet)
other warning URL: https://login.masandra.org/TSPD/082d0e0bfcab20004d8da22ca880594610fc784af9b9ceac78f1deab5528906efd3bef97b8814fd8?type=8(Line 470)
Message:
The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
other warning URL: https://login.masandra.org/TSPD/082d0e0bfcab20004d8da22ca880594610fc784af9b9ceac78f1deab5528906efd3bef97b8814fd8?type=8(Line 472)
Message:
The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d2mxzd04.na1.hubspotlinks.com
dptgroup-shared-document-gateway.gergelykissgd.com
fi.co
fonts.googleapis.com
fonts.gstatic.com
id4dcokfs4i6favhttbaez5gc124dxjxquyshi5bvxu1sqmmae.cindypamperedpets.com
login.masandra.org
2606:4700:3030::ac43:aa06
2606:4700:3031::ac43:c5ec
2606:4700::6812:ac9
2a00:1450:4001:806::2003
2a00:1450:4001:827::200a
31.24.230.54
52.91.211.222
107af7740499970450ef1475538b290f01f48e863cb6660e272066843582cec8
10b11a7c97b90bcf7ad520ac94c5769d08540ce1ee3b84d487c587bf128e3388
2bb7a6a1c69c680150feae21505a9fca6da3260dc64647ebaff0567543a98d0f
2bedda083bdbe6820e493159f1e3e27146b96ef6840094bd74447925e8c66e26
31014d4376a3cb7dd00910c520704f69ff61ec77872e57d8c2ff18b1243a972a
3398bdeeb65157116e93bdeef72d320cb5d90700b149a62f60ff1dcb2ac8f9a5
41ae4a0f8ceee3dba8fbdf1b92e9a670198f1af9cadaeb7ba765f4e058d0b0a0
483d244f19d7105fd875ee8d01223fb50c32409a0a33e6998b0ab644bbdc4a62
552f179b8856e5355d6d5865abf56d10af6a0e698c3a8ea2b5610c459fbe37a3
5e4dcd3be067e1182da3964abda7d7a77838534b42a034f34122573692de1b8b
62d587573e8fb758992b48ccffea6f8f1391833d14839af2681f512659ec7faa
634cde3f8690c3853219fbbde17b42f14f2ce058319521ba704e0607b1620c2f
8c6fcb4fc5d0a351b5dcc2fa918d157ea61e6fb74a4e083509e6dcb93d4ff2f6
954aa858b3bffb8511bc41bc88b07d2b24597c37faf522550e26c9aa3b0d220d
af454d272466fa84c77ca8028e0b8b8bcc0a193ad4401dfcddbad07dc2dabcfc
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b74995864b393339752a9fa854317dce8e80fcd6d1f82f08e0aaed597f1fcb3e
c739877c2d320cad625088094447699aacd3c978082e02429866398a1d3cb105
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5d28e6611e6a22e6832ced877a18e423f59c179063f2f128d0280a5f46265d8
e891c017753d1d4ca061d7f6dace627433d3733a42fb2ec2ffd9722b99dd6812
f2ee4bb4005ab4b1818b41819e4ca1135d6d356b1606cb1a08f9fa5d52af8576
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615