URL: https://keystonelogin.pa.gov/
Submission: On August 31 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 8 IPs in 3 countries across 6 domains to perform 21 HTTP transactions. The main IP is 2620:1ec:40::45, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is keystonelogin.pa.gov.
TLS certificate: Issued by Entrust Certification Authority - L1K on August 3rd 2021. Valid for: a year.
This is the only time keystonelogin.pa.gov was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 2620:1ec:40::45 8075 (MICROSOFT...)
4 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:236... 16509 (AMAZON-02)
1 2606:2800:133... 15133 (EDGECAST)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 52.236.186.216 8075 (MICROSOFT...)
1 2600:1f18:445... 14618 (AMAZON-AES)
21 8
Apex Domain
Subdomains
Transfer
6 gstatic.com
www.gstatic.com
fonts.gstatic.com
369 KB
6 pa.gov
keystonelogin.pa.gov
277 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 2
41 KB
2 visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 776
303 B
2 levelaccess.net
cdn.levelaccess.net — Cisco Umbrella Rank: 12933
api.levelaccess.net — Cisco Umbrella Rank: 13640
66 KB
1 msecnd.net
az416426.vo.msecnd.net — Cisco Umbrella Rank: 1877
22 KB
21 6
Domain Requested by
6 keystonelogin.pa.gov keystonelogin.pa.gov
4 www.gstatic.com www.google.com
www.gstatic.com
4 www.google.com keystonelogin.pa.gov
www.gstatic.com
www.google.com
2 dc.services.visualstudio.com az416426.vo.msecnd.net
2 fonts.gstatic.com www.google.com
1 api.levelaccess.net az416426.vo.msecnd.net
1 az416426.vo.msecnd.net keystonelogin.pa.gov
1 cdn.levelaccess.net keystonelogin.pa.gov
21 8

This site contains links to these domains. Also see Links.

Domain
www.pa.gov
Subject Issuer Validity Valid
keystonelogin.pa.gov
Entrust Certification Authority - L1K
2021-08-03 -
2022-09-02
a year crt.sh
www.google.com
GTS CA 1C3
2022-08-15 -
2022-11-07
3 months crt.sh
cdn.levelaccess.net
Amazon
2022-01-30 -
2023-02-27
a year crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA
2022-07-11 -
2023-07-11
a year crt.sh
*.gstatic.com
GTS CA 1C3
2022-08-08 -
2022-10-31
3 months crt.sh
*.google.com
GTS CA 1C3
2022-08-15 -
2022-11-07
3 months crt.sh
in.applicationinsights.azure.com
Microsoft RSA TLS CA 01
2022-08-19 -
2023-08-19
a year crt.sh
api.levelaccess.net
Amazon
2022-01-30 -
2023-02-28
a year crt.sh

This page contains 2 frames:

Primary Page: https://keystonelogin.pa.gov/
Frame ID: 991573196432FF3E2311A424159B1A39
Requests: 12 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdFuLcUAAAAAOJGtvFFzMN2lxtR_C6hHUA8GSjV&co=aHR0cHM6Ly9rZXlzdG9uZWxvZ2luLnBhLmdvdjo0NDM.&hl=de&v=3TZgZIog-UsaFDv31vC4L9R_&size=invisible&cb=ybs50yvf9a6d
Frame ID: 02F871184F7DC738E4ABB46A055D27A8
Requests: 8 HTTP requests in this frame

Screenshot

Page Title

Pennsylvania Keystone Login Portal

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

21
Requests

100 %
HTTPS

88 %
IPv6

6
Domains

8
Subdomains

8
IPs

3
Countries

776 kB
Transfer

2325 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
keystonelogin.pa.gov/
6 KB
3 KB
Document
General
Full URL
https://keystonelogin.pa.gov/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:40::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
61175ef9a72cd36f95618581ec400b3fdaffcd909cd40d40c259e55b7fc9055e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-expose-headers
Request-Context
cache-control
private
content-encoding
gzip
content-length
2766
content-type
text/html; charset=utf-8
date
Wed, 31 Aug 2022 13:29:42 GMT
request-context
appId=cid-v1:530d8a46-2e13-47bd-b6df-d623e949b86f
vary
Accept-Encoding
x-aspnet-version
4.0.30319
x-aspnetmvc-version
5.2
x-azure-ref
0RmIPYwAAAACKi4SVI/sbQZ2k5gWakP4qRlJBMjMxMDUwNDE3MDI1AGMxZDJkNDY1LTFiMWQtNGMyYS04YzMxLTliNjAyNGM5NjIwNg==
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-frame-options
DENY DENY
x-xss-protection
1; mode=block
css
keystonelogin.pa.gov/Content/
204 KB
47 KB
Stylesheet
General
Full URL
https://keystonelogin.pa.gov/Content/css?v=dvOsaA3L4MQUY48mH3xSsG4qLOWJ0rU4yf4OCSGiZ1Y1
Requested by
Host: keystonelogin.pa.gov
URL: https://keystonelogin.pa.gov/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:40::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a5541754f9e56d0588487105cd099150153adac13bdaf9f1dc884f9ddd2a21b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY, DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://keystonelogin.pa.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:29:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-aspnet-version
4.0.30319
x-cache
CONFIG_NOCACHE
vary
User-Agent,Accept-Encoding
content-length
47990
x-xss-protection
1; mode=block
request-context
appId=cid-v1:530d8a46-2e13-47bd-b6df-d623e949b86f
last-modified
Wed, 31 Aug 2022 13:29:43 GMT
x-frame-options
DENY, DENY
x-azure-ref
0RmIPYwAAAACwJnuOY4YETYhR1T827sdORlJBMjMxMDUwNDE3MDI1AGMxZDJkNDY1LTFiMWQtNGMyYS04YzMxLTliNjAyNGM5NjIwNg==
content-type
text/css; charset=utf-8
access-control-expose-headers
Request-Context
cache-control
public
expires
Thu, 31 Aug 2023 13:29:43 GMT
modernizr
keystonelogin.pa.gov/bundles/
11 KB
5 KB
Script
General
Full URL
https://keystonelogin.pa.gov/bundles/modernizr?v=wBEWDufH_8Md-Pbioxomt90vm6tJN2Pyy9u9zHtWsPo1
Requested by
Host: keystonelogin.pa.gov
URL: https://keystonelogin.pa.gov/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:40::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0ec4e0295f86b2142b8996e03d4195888843b50d1954d7e248341da032b7ebba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY, DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://keystonelogin.pa.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:29:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-aspnet-version
4.0.30319
x-cache
CONFIG_NOCACHE
vary
User-Agent,Accept-Encoding
content-length
5229
x-xss-protection
1; mode=block
request-context
appId=cid-v1:530d8a46-2e13-47bd-b6df-d623e949b86f
last-modified
Wed, 31 Aug 2022 13:29:42 GMT
x-frame-options
DENY, DENY
x-azure-ref
0RmIPYwAAAACSfsRtkcAcSIVRUyCxp5RgRlJBMjMxMDUwNDE3MDI1AGMxZDJkNDY1LTFiMWQtNGMyYS04YzMxLTliNjAyNGM5NjIwNg==
content-type
text/javascript; charset=utf-8
access-control-expose-headers
Request-Context
cache-control
public
expires
Thu, 31 Aug 2023 13:29:42 GMT
api.js
www.google.com/recaptcha/
884 B
1001 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?render=6LdFuLcUAAAAAOJGtvFFzMN2lxtR_C6hHUA8GSjV
Requested by
Host: keystonelogin.pa.gov
URL: https://keystonelogin.pa.gov/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c01e76059f92c7caab713f96e281ffe8182182ae18dc6de5e5f6f2d60041038e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://keystonelogin.pa.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:29:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
588
x-xss-protection
1; mode=block
expires
Wed, 31 Aug 2022 13:29:42 GMT
access.js
cdn.levelaccess.net/accessjs/YW1wX2NvcGExMTAy/
621 KB
65 KB
Script
General
Full URL
https://cdn.levelaccess.net/accessjs/YW1wX2NvcGExMTAy/access.js
Requested by
Host: keystonelogin.pa.gov
URL: https://keystonelogin.pa.gov/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:c800:1:fb61:2b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5ae3f0437599a5f4f5bb7f2c1e71f8e862eaa099929a268adc220eed6dccab8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://keystonelogin.pa.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id
EV4W_hpttssWJOfbRn6Kg2JlPxwht5tj
Content-Encoding
gzip
ETag
"3c59abafd32b31dec9bf748b18f68a99"
Age
721
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
66387
Last-Modified
Thu, 18 Aug 2022 14:22:06 GMT
Server
AmazonS3
Date
Wed, 31 Aug 2022 13:19:02 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
Cache-Control
max-age=900
X-Amz-Cf-Pop
FRA60-P1
Accept-Ranges
bytes
X-Amz-Cf-Id
NOroIX-rcShiS_hxEolW1DCIuDxgQPuR09s5i1HgM3gqSNMc5ohVUw==
jquery
keystonelogin.pa.gov/bundles/
342 KB
132 KB
Script
General
Full URL
https://keystonelogin.pa.gov/bundles/jquery?v=yrQLJFHkFUoaU3Zsyb5rzgBYspRR-FrG4F_hzdvlXFE1
Requested by
Host: keystonelogin.pa.gov
URL: https://keystonelogin.pa.gov/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:40::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
966836ef00e774b42d6f81ed91d6a72a5d1c0e48899514d5395c2b68c6c1144e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY, DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://keystonelogin.pa.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:29:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 31 Aug 2023 13:29:43 GMT
last-modified
Wed, 31 Aug 2022 13:29:43 GMT
x-aspnet-version
4.0.30319
x-frame-options
DENY, DENY
vary
User-Agent,Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
text/javascript; charset=utf-8
access-control-expose-headers
Request-Context
cache-control
public
x-azure-ref
0RmIPYwAAAADzCIjOsReKS7UB+iU5X+fXRlJBMjMxMDUwNDE3MDI1AGMxZDJkNDY1LTFiMWQtNGMyYS04YzMxLTliNjAyNGM5NjIwNg==
x-xss-protection
1; mode=block
request-context
appId=cid-v1:530d8a46-2e13-47bd-b6df-d623e949b86f
bootstrap
keystonelogin.pa.gov/bundles/
30 KB
11 KB
Script
General
Full URL
https://keystonelogin.pa.gov/bundles/bootstrap?v=2Fz3B0iizV2NnnamQFrx-NbYJNTFeBJ2GM05SilbtQU1
Requested by
Host: keystonelogin.pa.gov
URL: https://keystonelogin.pa.gov/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:40::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0c477768d9d0fad3f16c9a5a43644a5d0b8556181940a8646c7901e6dc2a8279
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY, DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://keystonelogin.pa.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:29:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-aspnet-version
4.0.30319
x-cache
CONFIG_NOCACHE
vary
User-Agent,Accept-Encoding
content-length
11226
x-xss-protection
1; mode=block
request-context
appId=cid-v1:530d8a46-2e13-47bd-b6df-d623e949b86f
last-modified
Wed, 31 Aug 2022 13:29:42 GMT
x-frame-options
DENY, DENY
x-azure-ref
0RmIPYwAAAADqgGX9Ty0cR6nejIYbuGErRlJBMjMxMDUwNDE3MDI1AGMxZDJkNDY1LTFiMWQtNGMyYS04YzMxLTliNjAyNGM5NjIwNg==
content-type
text/javascript; charset=utf-8
access-control-expose-headers
Request-Context
cache-control
public
expires
Thu, 31 Aug 2023 13:29:42 GMT
ai.0.js
az416426.vo.msecnd.net/scripts/a/
94 KB
22 KB
Script
General
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: keystonelogin.pa.gov
URL: https://keystonelogin.pa.gov/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frd/E287) /
Resource Hash
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://keystonelogin.pa.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 31 Aug 2022 13:29:43 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-01 19:31:04
content-md5
HdY95yzx9wIyQkVEGES+Ew==
age
1522
x-cache
HIT
content-length
22495
x-ms-lease-status
unlocked
last-modified
Thu, 11 Mar 2021 07:46:59 GMT
server
ECAcc (frd/E287)
etag
0x8D8E461DA1A5889
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
22e63ac2-301e-004e-4c3a-bdc6fd000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
expires
Wed, 31 Aug 2022 13:59:43 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/3TZgZIog-UsaFDv31vC4L9R_/
391 KB
156 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/3TZgZIog-UsaFDv31vC4L9R_/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LdFuLcUAAAAAOJGtvFFzMN2lxtR_C6hHUA8GSjV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30a31bd4c38a2400b0e4aeb83da4f028cca84568378d1deedc236406792f1baf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://keystonelogin.pa.gov/
Origin
https://keystonelogin.pa.gov
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:26:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
191
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
159350
x-xss-protection
0
last-modified
Sun, 21 Aug 2022 22:02:06 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 31 Aug 2023 13:26:32 GMT
KL-Banner.jpg
keystonelogin.pa.gov/img/
77 KB
77 KB
Image
General
Full URL
https://keystonelogin.pa.gov/img/KL-Banner.jpg
Requested by
Host: keystonelogin.pa.gov
URL: https://keystonelogin.pa.gov/Content/css?v=dvOsaA3L4MQUY48mH3xSsG4qLOWJ0rU4yf4OCSGiZ1Y1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:40::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2bdf84f5820df6c7df3a1a43c61a3ece802ad07a1234cb4c1ac3122aadccb42b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://keystonelogin.pa.gov/Content/css?v=dvOsaA3L4MQUY48mH3xSsG4qLOWJ0rU4yf4OCSGiZ1Y1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:29:42 GMT
x-content-type-options
nosniff
last-modified
Fri, 12 Aug 2022 14:41:28 GMT
etag
"0dcce9a59aed81:0"
x-frame-options
DENY
x-cache
CONFIG_NOCACHE
content-type
image/jpeg
x-azure-ref
0R2IPYwAAAADoZkVyRE6cRbW1oyvObkl6RlJBMjMxMDUwNDE3MDI1AGMxZDJkNDY1LTFiMWQtNGMyYS04YzMxLTliNjAyNGM5NjIwNg==
accept-ranges
bytes
content-length
78769
x-xss-protection
1; mode=block
anchor
www.google.com/recaptcha/api2/ Frame 02F8
42 KB
22 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdFuLcUAAAAAOJGtvFFzMN2lxtR_C6hHUA8GSjV&co=aHR0cHM6Ly9rZXlzdG9uZWxvZ2luLnBhLmdvdjo0NDM.&hl=de&v=3TZgZIog-UsaFDv31vC4L9R_&size=invisible&cb=ybs50yvf9a6d
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/3TZgZIog-UsaFDv31vC4L9R_/recaptcha__de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d56f504ee75d9e335db1d6d239cffc8f3f00f78c23211fac99cead49b39bffa5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-YtQmSa-a8Trhq2wqX4wlQw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://keystonelogin.pa.gov/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
22356
content-security-policy
script-src 'report-sample' 'nonce-YtQmSa-a8Trhq2wqX4wlQw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 31 Aug 2022 13:29:43 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/3TZgZIog-UsaFDv31vC4L9R_/ Frame 02F8
52 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/3TZgZIog-UsaFDv31vC4L9R_/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdFuLcUAAAAAOJGtvFFzMN2lxtR_C6hHUA8GSjV&co=aHR0cHM6Ly9rZXlzdG9uZWxvZ2luLnBhLmdvdjo0NDM.&hl=de&v=3TZgZIog-UsaFDv31vC4L9R_&size=invisible&cb=ybs50yvf9a6d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:26:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
183
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24251
x-xss-protection
0
last-modified
Sun, 21 Aug 2022 22:02:06 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 31 Aug 2023 13:26:40 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/3TZgZIog-UsaFDv31vC4L9R_/ Frame 02F8
391 KB
156 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/3TZgZIog-UsaFDv31vC4L9R_/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdFuLcUAAAAAOJGtvFFzMN2lxtR_C6hHUA8GSjV&co=aHR0cHM6Ly9rZXlzdG9uZWxvZ2luLnBhLmdvdjo0NDM.&hl=de&v=3TZgZIog-UsaFDv31vC4L9R_&size=invisible&cb=ybs50yvf9a6d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30a31bd4c38a2400b0e4aeb83da4f028cca84568378d1deedc236406792f1baf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:26:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
191
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
159350
x-xss-protection
0
last-modified
Sun, 21 Aug 2022 22:02:06 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 31 Aug 2023 13:26:32 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 02F8
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/3TZgZIog-UsaFDv31vC4L9R_/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/3TZgZIog-UsaFDv31vC4L9R_/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 19:40:09 GMT
x-content-type-options
nosniff
age
496175
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Thu, 01 Sep 2022 19:40:09 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 02F8
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdFuLcUAAAAAOJGtvFFzMN2lxtR_C6hHUA8GSjV&co=aHR0cHM6Ly9rZXlzdG9uZWxvZ2luLnBhLmdvdjo0NDM.&hl=de&v=3TZgZIog-UsaFDv31vC4L9R_&size=invisible&cb=ybs50yvf9a6d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 11:18:05 GMT
x-content-type-options
nosniff
age
94299
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 30 Aug 2023 11:18:05 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 02F8
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdFuLcUAAAAAOJGtvFFzMN2lxtR_C6hHUA8GSjV&co=aHR0cHM6Ly9rZXlzdG9uZWxvZ2luLnBhLmdvdjo0NDM.&hl=de&v=3TZgZIog-UsaFDv31vC4L9R_&size=invisible&cb=ybs50yvf9a6d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 18:59:48 GMT
x-content-type-options
nosniff
age
66596
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 30 Aug 2023 18:59:48 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 02F8
102 B
134 B
Other
General
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=3TZgZIog-UsaFDv31vC4L9R_
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdFuLcUAAAAAOJGtvFFzMN2lxtR_C6hHUA8GSjV&co=aHR0cHM6Ly9rZXlzdG9uZWxvZ2luLnBhLmdvdjo0NDM.&hl=de&v=3TZgZIog-UsaFDv31vC4L9R_&size=invisible&cb=ybs50yvf9a6d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5f431019dbc02c29358a84d7071317fa5c496bf3f934e5f0bcc65a3ae68a5620
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdFuLcUAAAAAOJGtvFFzMN2lxtR_C6hHUA8GSjV&co=aHR0cHM6Ly9rZXlzdG9uZWxvZ2luLnBhLmdvdjo0NDM.&hl=de&v=3TZgZIog-UsaFDv31vC4L9R_&size=invisible&cb=ybs50yvf9a6d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 13:29:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Wed, 31 Aug 2022 13:29:44 GMT
track
dc.services.visualstudio.com/v2/
96 B
303 B
XHR
General
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.236.186.216 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c5c9acb489f6eb82be3e24053b57c1f65634ba52ee61e92a9b0bd6e874be01c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://keystonelogin.pa.gov/
accept-language
de-DE,de;q=0.9
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
679B48E1-00AC-4693-8B12-45AB868818E2
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
date
Wed, 31 Aug 2022 13:29:44 GMT
access-control-max-age
3600
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length
96
track
dc.services.visualstudio.com/v2/ Frame
0
0
Preflight
General
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.236.186.216 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://keystonelogin.pa.gov
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
date
Wed, 31 Aug 2022 13:29:43 GMT
x-content-type-options
nosniff
reload
www.google.com/recaptcha/api2/ Frame 02F8
31 KB
18 KB
XHR
General
Full URL
https://www.google.com/recaptcha/api2/reload?k=6LdFuLcUAAAAAOJGtvFFzMN2lxtR_C6hHUA8GSjV
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/3TZgZIog-UsaFDv31vC4L9R_/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1266b40dc12c72ca5624e8ce2282b691e65291ab0f7753178fabff6bf15b3f9d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdFuLcUAAAAAOJGtvFFzMN2lxtR_C6hHUA8GSjV&co=aHR0cHM6Ly9rZXlzdG9uZWxvZ2luLnBhLmdvdjo0NDM.&hl=de&v=3TZgZIog-UsaFDv31vC4L9R_&size=invisible&cb=ybs50yvf9a6d
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Wed, 31 Aug 2022 13:29:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18310
x-xss-protection
1; mode=block
expires
Wed, 31 Aug 2022 13:29:44 GMT
results
api.levelaccess.net/analytics/3.0/
0
322 B
XHR
General
Full URL
https://api.levelaccess.net/analytics/3.0/results
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4457:4600:669a:f134:d758:d89e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://keystonelogin.pa.gov/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 31 Aug 2022 13:29:46 GMT
x-content-type-options
nosniff
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-length
0
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-expose-headers
Origin, X-Requested-With, Content-Type, Accept

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| html5 object| Modernizr object| appInsights object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| $jscomp function| $jscomp$lookupPolyfilledValue object| LevelAccess_AccessJS_AccessEngine object| LevelAccess_AccessJS_FixPackage object| LevelAccess_AccessJS_OrgDetails object| LevelAccess_AccessJS string| AccNamePrototypeNameSpace object| LevelAccess_CalcNames object| AI object| Microsoft function| __extends function| _endsWith object| recaptcha function| formatTime function| restrictCharacters function| addRestrictFunctionsToFields function| $ function| jQuery object| jQuery112406073797227527014 object| respond object| closure_lm_333415

3 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AMjm62VlOQdEhFFUwwSVZpYacDn76eSVIrljeVeptofgdrR2dzTzr3-KaF31JmwZctKE1H193RgqrtLu_XaN0bw
keystonelogin.pa.gov/ Name: ai_user
Value: 6c5GE|2022-08-31T13:29:43.277Z
keystonelogin.pa.gov/ Name: ai_session
Value: LmHTx|1661952584137.8|1661952584137.8

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options DENY DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.levelaccess.net
az416426.vo.msecnd.net
cdn.levelaccess.net
dc.services.visualstudio.com
fonts.gstatic.com
keystonelogin.pa.gov
www.google.com
www.gstatic.com
2600:1f18:4457:4600:669a:f134:d758:d89e
2600:9000:236e:c800:1:fb61:2b80:93a1
2606:2800:133:206e:1315:22a5:2006:24fd
2620:1ec:40::45
2a00:1450:4001:800::2004
2a00:1450:4001:806::2003
2a00:1450:4001:829::2003
52.236.186.216
0c477768d9d0fad3f16c9a5a43644a5d0b8556181940a8646c7901e6dc2a8279
0ec4e0295f86b2142b8996e03d4195888843b50d1954d7e248341da032b7ebba
1266b40dc12c72ca5624e8ce2282b691e65291ab0f7753178fabff6bf15b3f9d
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2bdf84f5820df6c7df3a1a43c61a3ece802ad07a1234cb4c1ac3122aadccb42b
30a31bd4c38a2400b0e4aeb83da4f028cca84568378d1deedc236406792f1baf
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5ae3f0437599a5f4f5bb7f2c1e71f8e862eaa099929a268adc220eed6dccab8d
5f431019dbc02c29358a84d7071317fa5c496bf3f934e5f0bcc65a3ae68a5620
61175ef9a72cd36f95618581ec400b3fdaffcd909cd40d40c259e55b7fc9055e
966836ef00e774b42d6f81ed91d6a72a5d1c0e48899514d5395c2b68c6c1144e
a5541754f9e56d0588487105cd099150153adac13bdaf9f1dc884f9ddd2a21b1
c01e76059f92c7caab713f96e281ffe8182182ae18dc6de5e5f6f2d60041038e
c5c9acb489f6eb82be3e24053b57c1f65634ba52ee61e92a9b0bd6e874be01c4
caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10
d56f504ee75d9e335db1d6d239cffc8f3f00f78c23211fac99cead49b39bffa5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855