urlscan.io logo urlscan.io
SecurityTrails logo

mycgsportal.com Open in urlscan Pro
208.83.148.17  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://mycgsportal.com/
Effective URL: https://mycgsportal.com/mycgs/
Submission Tags: falconsandbox
Submission: On January 08 via api from US — Scanned from DK
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 26 HTTP transactions. The main IP is 208.83.148.17, located in United States and belongs to BCBSSC, US. The main domain is mycgsportal.com. The Cisco Umbrella rank of the primary domain is 253294.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on June 6th 2024. Valid for: a year.
This is the only time mycgsportal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 12 208.83.148.17 26153 (BCBSSC)
2 3.160.150.127 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 23.38.73.96 16625 (AKAMAI-AS)
3 13 2001:489a:340... 8070 (MICROSOFT...)
26 6
12    208.83.148.17 (United States)

ASN26153 (BCBSSC, US)
PTR: f208-83-148-17.bcbssc.com
mycgsportal.com
2    3.160.150.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-150-127.fra60.r.cloudfront.net
cdn.appdynamics.com
1    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    23.38.73.96 (Hamburg, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-38-73-96.deploy.static.akamaitechnologies.com
zn56y5ozjbiou2k85-cmsmacfedramp.gov1.siteintercept.qualtrics.com
13    2001:489a:3403::5e7 (San Antonio, United States)

ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
gov1.siteintercept.qualtrics.com
Apex Domain
Subdomains		 Transfer
14 qualtrics.com
zn56y5ozjbiou2k85-cmsmacfedramp.gov1.siteintercept.qualtrics.com — Cisco Umbrella Rank: 139337
gov1.siteintercept.qualtrics.com — Cisco Umbrella Rank: 14181
106 KB
12 mycgsportal.com
mycgsportal.com — Cisco Umbrella Rank: 253294
632 KB
2 appdynamics.com
cdn.appdynamics.com — Cisco Umbrella Rank: 4206
49 KB
1 gstatic.com
fonts.gstatic.com
23 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
838 B
26 5
Domain Requested by
13 gov1.siteintercept.qualtrics.com 3 redirects cdn.appdynamics.com
12 mycgsportal.com 1 redirects mycgsportal.com
2 cdn.appdynamics.com mycgsportal.com
cdn.appdynamics.com
1 zn56y5ozjbiou2k85-cmsmacfedramp.gov1.siteintercept.qualtrics.com cdn.appdynamics.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com mycgsportal.com
26 6

This site contains links to these domains. Also see Links.

Domain
www.cgsmedicare.com
www.cms.gov
cgsmedicare.com
www.onlineproviderservices.com
Subject Issuer Validity Valid
mycgsportal.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-06-06 -
2025-06-24		 a year crt.sh
*.appdynamics.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-06-20 -
2025-07-21		 a year crt.sh
upload.video.google.com
WR2		 2024-12-09 -
2025-03-03		 3 months crt.sh
*.gstatic.com
WR2		 2024-12-09 -
2025-03-03		 3 months crt.sh
*.qualtrics.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-03-01 -
2025-02-19		 a year crt.sh

This page contains 1 frames:

Primary Page: https://mycgsportal.com/mycgs/
Frame ID: 0678532F03D2B2BB42F4F096AE54F1FB
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

myCGS

Page URL History Show full URLs

  1. https://mycgsportal.com/ HTTP 301
    https://mycgsportal.com/mycgs/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adrum
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Page Statistics

26
Requests

96 %
HTTPS

50 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

808 kB
Transfer

1128 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://mycgsportal.com/ HTTP 301
    https://mycgsportal.com/mycgs/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24
  • https://gov1.siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/wr-dialog-close-btn-black.png HTTP 307
  • https://gov1.siteintercept.qualtrics.com/static/q-siteintercept/~/img/wr-dialog-close-btn-black.png HTTP 307
  • https://gov1.siteintercept.qualtrics.com/static/q-siteintercept/9ac2c094bdf01c0522ec4d4cff398f97ab2f7d8a/img/wr-dialog-close-btn-black.png HTTP 301
  • https://gov1.siteintercept.qualtrics.com/static/q-siteintercept/.blob/903d4c43fed535fb4d325b1612c605e48417dc74_wr-dialog-close-btn-black.png

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
mycgsportal.com/mycgs/
Redirect Chain
  • https://mycgsportal.com/
  • https://mycgsportal.com/mycgs/
9 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mycgsportal.com/mycgs/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.83.148.17 , United States, ASN26153 (BCBSSC, US),
Reverse DNS
f208-83-148-17.bcbssc.com
Software
/
Resource Hash
aaf71e1671ce2b048d6016ec75edd5b17141db9fe1d34821a71e03ced5a619a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
ORIGIN, X-Requested-With, Content-Type, Accept, Authorization
Access-Control-Allow-Methods
GET, POST, OPTIONS
Cache-Control
private
Content-Type
text/html; charset=utf-8
Date
Wed, 08 Jan 2025 14:42:41 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Frame-Options
sameorigin

Redirect headers

Connection
Keep-Alive
Content-Length
0
Location
https://mycgsportal.com/mycgs/
Strict-Transport-Security
max-age=15552001
MainIndex.css
mycgsportal.com/MyCGS/Content/ 		6 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mycgsportal.com/MyCGS/Content/MainIndex.css
Requested by
Host: mycgsportal.com
URL: https://mycgsportal.com/mycgs/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.83.148.17 , United States, ASN26153 (BCBSSC, US),
Reverse DNS
f208-83-148-17.bcbssc.com
Software
/
Resource Hash
963b13980969e1a79454ce21393cc0b2e700a8f395af82e0b3ef17d10682e7a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mycgsportal.com/mycgs/

Response headers

X-Frame-Options
sameorigin
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
ETag
"021e7ede94cdb1:0"
Connection
Keep-Alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Date
Wed, 08 Jan 2025 14:42:42 GMT
Content-Type
text/css
Last-Modified
Thu, 12 Dec 2024 23:02:34 GMT
Vary
Accept-Encoding
Access-Control-Allow-Headers
ORIGIN, X-Requested-With, Content-Type, Accept, Authorization
modernizr
mycgsportal.com/MyCGS/bundles/ 		11 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mycgsportal.com/MyCGS/bundles/modernizr?v=inCVuEFe6J4Q07A0AcRsbJic_UE5MwpRMNGcOtk94TE1
Requested by
Host: mycgsportal.com
URL: https://mycgsportal.com/mycgs/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.83.148.17 , United States, ASN26153 (BCBSSC, US),
Reverse DNS
f208-83-148-17.bcbssc.com
Software
/
Resource Hash
9e83216908224ffbc39992a5e60f93ca21b8e2240ba28025ba679c4b70f7112d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mycgsportal.com/mycgs/

Response headers

X-Frame-Options
sameorigin
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Cache-Control
public
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
X-Content-Type-Options
nosniff
Expires
Thu, 08 Jan 2026 14:42:42 GMT
Content-Length
11095
Date
Wed, 08 Jan 2025 14:42:42 GMT
Content-Type
text/javascript; charset=utf-8
Last-Modified
Wed, 08 Jan 2025 14:42:42 GMT
Vary
User-Agent
Access-Control-Allow-Headers
ORIGIN, X-Requested-With, Content-Type, Accept, Authorization
adrum-20.12.0.3360.js
cdn.appdynamics.com/adrum/ 		102 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.appdynamics.com/adrum/adrum-20.12.0.3360.js
Requested by
Host: mycgsportal.com
URL: https://mycgsportal.com/mycgs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-127.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a49035b29ceba3953b6d439ded26c93d2e0927690faa93151be4342b558403dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mycgsportal.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"8bebd3fcc126d6acced01beeb96871ee"
age
33546
cross-origin-resource-policy
cross-origin
via
1.1 3e28473376ca49b2cafcfef86a39cf34.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
SYQt9YwOLQEQHsricmdewSLfJk378z4wdjiiBw6xZ1Jiz3VgE3clJg==
date
Wed, 08 Jan 2025 05:23:47 GMT
content-type
text/javascript
last-modified
Fri, 11 Dec 2020 18:05:03 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P7
vary
accept-encoding, Origin
backtocgs.png
mycgsportal.com/MyCGS/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mycgsportal.com/MyCGS/images/backtocgs.png
Requested by
Host: mycgsportal.com
URL: https://mycgsportal.com/mycgs/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.83.148.17 , United States, ASN26153 (BCBSSC, US),
Reverse DNS
f208-83-148-17.bcbssc.com
Software
/
Resource Hash
c9e7323e66923d21657e9f8d81e931dca065948f384d17fdc7a3e6980a668954
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mycgsportal.com/mycgs/

Response headers

X-Frame-Options
sameorigin
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
ETag
"2f624befe94cdb1:0"
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Content-Length
4893
Date
Wed, 08 Jan 2025 14:42:42 GMT
Content-Type
image/png
Last-Modified
Thu, 12 Dec 2024 23:02:36 GMT
Access-Control-Allow-Headers
ORIGIN, X-Requested-With, Content-Type, Accept, Authorization
J15_newbutton.png
mycgsportal.com/MyCGS/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mycgsportal.com/MyCGS/images/J15_newbutton.png
Requested by
Host: mycgsportal.com
URL: https://mycgsportal.com/mycgs/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.83.148.17 , United States, ASN26153 (BCBSSC, US),
Reverse DNS
f208-83-148-17.bcbssc.com
Software
/
Resource Hash
6c43c289636eadce82eaeab41e54f3c43870ce1ff7f367a0ae0517886b8708c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mycgsportal.com/mycgs/

Response headers

X-Frame-Options
sameorigin
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
ETag
"feb852efe94cdb1:0"
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Content-Length
2093
Date
Wed, 08 Jan 2025 14:42:42 GMT
Content-Type
image/png
Last-Modified
Thu, 12 Dec 2024 23:02:36 GMT
Access-Control-Allow-Headers
ORIGIN, X-Requested-With, Content-Type, Accept, Authorization
mycgslogo2021.svg
mycgsportal.com/MyCGS/images/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mycgsportal.com/MyCGS/images/mycgslogo2021.svg
Requested by
Host: mycgsportal.com
URL: https://mycgsportal.com/mycgs/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.83.148.17 , United States, ASN26153 (BCBSSC, US),
Reverse DNS
f208-83-148-17.bcbssc.com
Software
/
Resource Hash
7ab70b265c4d779b18610e759b94146c1daee3e5fe430cba09ed05196110f0bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mycgsportal.com/mycgs/

Response headers

X-Frame-Options
sameorigin
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
ETag
"04e18efe94cdb1:0"
Connection
Keep-Alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Content-Length
14022
Date
Wed, 08 Jan 2025 14:42:42 GMT
Content-Type
image/svg+xml
Last-Modified
Thu, 12 Dec 2024 23:02:36 GMT
Vary
Accept-Encoding
Access-Control-Allow-Headers
ORIGIN, X-Requested-With, Content-Type, Accept, Authorization
graycgsbtn.png
mycgsportal.com/MyCGS/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mycgsportal.com/MyCGS/images/graycgsbtn.png
Requested by
Host: mycgsportal.com
URL: https://mycgsportal.com/mycgs/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.83.148.17 , United States, ASN26153 (BCBSSC, US),
Reverse DNS
f208-83-148-17.bcbssc.com
Software
/
Resource Hash
b6b245eeaaeff4c6502b42a5fb7afe1e58f75b573d8b1be1d6305abe481b1a42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mycgsportal.com/mycgs/

Response headers

X-Frame-Options
sameorigin
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
ETag
"402850efe94cdb1:0"
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Content-Length
4424
Date
Wed, 08 Jan 2025 14:42:42 GMT
Content-Type
image/png
Last-Modified
Thu, 12 Dec 2024 23:02:36 GMT
Access-Control-Allow-Headers
ORIGIN, X-Requested-With, Content-Type, Accept, Authorization
graycmsbtn.png
mycgsportal.com/MyCGS/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mycgsportal.com/MyCGS/images/graycmsbtn.png
Requested by
Host: mycgsportal.com
URL: https://mycgsportal.com/mycgs/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.83.148.17 , United States, ASN26153 (BCBSSC, US),
Reverse DNS
f208-83-148-17.bcbssc.com
Software
/
Resource Hash
1823e6a63a7f0e23ff25a4b6327af6506a42cb7e7a9d8fe9430d522298a255fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mycgsportal.com/mycgs/

Response headers

X-Frame-Options
sameorigin
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
ETag
"feb852efe94cdb1:0"
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Content-Length
4953
Date
Wed, 08 Jan 2025 14:42:42 GMT
Content-Type
image/png
Last-Modified
Thu, 12 Dec 2024 23:02:36 GMT
Access-Control-Allow-Headers
ORIGIN, X-Requested-With, Content-Type, Accept, Authorization
jquery
mycgsportal.com/MyCGS/bundles/ 		508 KB
510 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mycgsportal.com/MyCGS/bundles/jquery?v=DkdJOV538MylRNJPm7p0WNj1-mf42rF1QmsRq2lhnsg1
Requested by
Host: mycgsportal.com
URL: https://mycgsportal.com/mycgs/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.83.148.17 , United States, ASN26153 (BCBSSC, US),
Reverse DNS
f208-83-148-17.bcbssc.com
Software
/
Resource Hash
e466370b4ce06159c62a84c5e532b800c228582fd35602301c356796538ff165
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mycgsportal.com/mycgs/

Response headers

X-Frame-Options
sameorigin
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Cache-Control
public
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
X-Content-Type-Options
nosniff
Expires
Thu, 08 Jan 2026 14:42:42 GMT
Content-Length
520422
Date
Wed, 08 Jan 2025 14:42:42 GMT
Content-Type
text/javascript; charset=utf-8
Last-Modified
Wed, 08 Jan 2025 14:42:42 GMT
Vary
User-Agent
Access-Control-Allow-Headers
ORIGIN, X-Requested-With, Content-Type, Accept, Authorization
css
fonts.googleapis.com/ 		774 B
838 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato
Requested by
Host: mycgsportal.com
URL: https://mycgsportal.com/MyCGS/Content/MainIndex.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
52d62465d244bef9c22960bed269d931eb2b705dff7f09a0bcf5ddba62554f45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mycgsportal.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 08 Jan 2025 14:42:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 08 Jan 2025 14:42:43 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Wed, 08 Jan 2025 13:57:54 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://mycgsportal.com
Referer
https://fonts.googleapis.com/

Response headers

age
107390
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 07 Jan 2026 08:52:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 07 Jan 2025 08:52:53 GMT
last-modified
Tue, 02 May 2023 15:17:22 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
23580
x-xss-protection
0
server
sffe
bg.jpg
mycgsportal.com/MyCGS/Content/images/ 		53 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mycgsportal.com/MyCGS/Content/images/bg.jpg
Requested by
Host: mycgsportal.com
URL: https://mycgsportal.com/MyCGS/Content/MainIndex.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.83.148.17 , United States, ASN26153 (BCBSSC, US),
Reverse DNS
f208-83-148-17.bcbssc.com
Software
/
Resource Hash
0230ca9cec6885ac86e71a0fbc0855d3e4d743ae90c3fa790c56795319e571bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mycgsportal.com/MyCGS/Content/MainIndex.css

Response headers

X-Frame-Options
sameorigin
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
ETag
"25fefdeee94cdb1:0"
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Content-Length
54742
Date
Wed, 08 Jan 2025 14:42:42 GMT
Content-Type
image/jpeg
Last-Modified
Thu, 12 Dec 2024 23:02:35 GMT
Access-Control-Allow-Headers
ORIGIN, X-Requested-With, Content-Type, Accept, Authorization
/
zn56y5ozjbiou2k85-cmsmacfedramp.gov1.siteintercept.qualtrics.com/SIE/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zn56y5ozjbiou2k85-cmsmacfedramp.gov1.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_56y5oZJbiOu2k85&t=1736347364282
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-20.12.0.3360.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.73.96 Hamburg, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-38-73-96.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a0bc731a85d838d9002a02d766ae9435cf739d6c3a9f6d7e591498237c6556b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mycgsportal.com/

Response headers

content-encoding
gzip
etag
W/"2284-lhFWEYW42yQcLAsI17Wt/DtlhLA"
cache-tag
cloudjs-orchestratormain, cloudjs-all-modules, cloudjs-orchestrator-brand-cmsmacfedramp, cloudjs-orchestrator-numbered-3, cloudjs-orchestrator-batch-xAIg4q2Yee
x-content-type-options
nosniff
date
Wed, 08 Jan 2025 14:42:44 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=3600, s-maxage=604800
timing-allow-origin
*
referrer-policy
strict-origin-when-cross-origin
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://gov1.qualtrics.com/csp-report
permissions-policy
camera=(), geolocation=(), microphone=()
access-control-allow-origin
*
content-length
3812
adrum-ext.54a9a330b6d789bd61edecd89332c15b.js
cdn.appdynamics.com/ 		51 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.appdynamics.com/adrum-ext.54a9a330b6d789bd61edecd89332c15b.js
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-20.12.0.3360.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-127.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d9feb46cf586b7596846044f0aa1cad80ce48f05f533de13b1394760849c75d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mycgsportal.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
etag
W/"6819de0fa93c36326b38c5e4b07259d7"
age
49020
cross-origin-resource-policy
cross-origin
via
1.1 3e28473376ca49b2cafcfef86a39cf34.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
sqmmWXyO4gEVwqgJvHdKRnQbMK2QAkGOZq373wZ7H4qjrT6TsLUguA==
date
Wed, 08 Jan 2025 06:45:52 GMT
content-type
text/javascript
last-modified
Fri, 11 Dec 2020 18:05:04 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P7
vary
accept-encoding, Origin
favicon.ico
mycgsportal.com/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://mycgsportal.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.83.148.17 , United States, ASN26153 (BCBSSC, US),
Reverse DNS
f208-83-148-17.bcbssc.com
Software
/
Resource Hash
14aa2ccddff9abb4a6c0db1e5fd37439b7d85ce610e21a288595a9605eb54840

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mycgsportal.com/mycgs/

Response headers

Transfer-Encoding
chunked
Date
Wed, 08 Jan 2025 14:42:43 GMT
Content-Type
text/html
8.372e3f9662e7442947d8.chunk.js
gov1.siteintercept.qualtrics.com/dxjsmodule/ 		78 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gov1.siteintercept.qualtrics.com/dxjsmodule/8.372e3f9662e7442947d8.chunk.js?Q_CLIENTVERSION=2.22.0&Q_CLIENTTYPE=web&Q_BRANDID=mycgsportal.com
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-20.12.0.3360.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:489a:3403::5e7 San Antonio, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
945b88ef669ded280836cf5628ff13bbe817e6616a37420897a24d767edb05c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mycgsportal.com/

Response headers

content-encoding
gzip
etag
W/"137ad-193d0d2dba0"
cache-tag
cloudjs-8.372e3f9662e7442947d8.chunk, cloudjs-js-modules, cloudjs-all-modules
x-fd-int-roxy-purgeid
827046
x-content-type-options
nosniff
x-cache
TCP_HIT
date
Wed, 08 Jan 2025 14:42:45 GMT
edge-control
max-age=604800
content-type
application/javascript
last-modified
Mon, 16 Dec 2024 18:55:00 GMT
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=604800
timing-allow-origin
*
referrer-policy
strict-origin-when-cross-origin
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://gov1.qualtrics.com/csp-report
permissions-policy
camera=(), geolocation=(), microphone=()
access-control-allow-origin
*
x-azure-ref
20250108T144245Z-17889d89dbbv68t2hS1SNRyv4n0000001b00000000001h96
Targeting.php
gov1.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		9 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gov1.siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_56y5oZJbiOu2k85&Q_CLIENTVERSION=2.22.0&Q_CLIENTTYPE=web
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-20.12.0.3360.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:489a:3403::5e7 San Antonio, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3d00087eed5c0b69f02f602173c3953ef77dc5da699c828d629b3959061461ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
Referer
https://mycgsportal.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
content-encoding
gzip
trace-id
908e056270cd9e55
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
permissions-policy
camera=(), geolocation=(), microphone=()
access-control-allow-origin
https://mycgsportal.com
x-cache
TCP_MISS
date
Wed, 08 Jan 2025 14:42:45 GMT
content-type
application/json
x-azure-ref
20250108T144245Z-17889d89dbbv68t2hS1SNRyv4n0000001b00000000001h9e
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://gov1.qualtrics.com/csp-report
CoreModule.js
gov1.siteintercept.qualtrics.com/dxjsmodule/ 		102 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gov1.siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=2.22.0&Q_CLIENTTYPE=web&Q_BRANDID=cmsmacfedramp
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-20.12.0.3360.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:489a:3403::5e7 San Antonio, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
52404e98eee5d973a0c03017a130248aa6656b670fe08de0dce89a0cc91c1f23
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mycgsportal.com/

Response headers

content-encoding
gzip
etag
W/"198ac-193d0d2dba0"
cache-tag
cloudjs-coremodule, cloudjs-js-modules, cloudjs-all-modules
x-fd-int-roxy-purgeid
827046
x-content-type-options
nosniff
x-cache
TCP_HIT
date
Wed, 08 Jan 2025 14:42:45 GMT
edge-control
max-age=604800
content-type
application/javascript
last-modified
Mon, 16 Dec 2024 18:55:00 GMT
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=604800
timing-allow-origin
*
referrer-policy
strict-origin-when-cross-origin
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://gov1.qualtrics.com/csp-report
permissions-policy
camera=(), geolocation=(), microphone=()
access-control-allow-origin
*
x-azure-ref
20250108T144245Z-17889d89dbbv68t2hS1SNRyv4n0000001b00000000001h9s
5.ba6d1d2e1492dd3cace1.chunk.js
gov1.siteintercept.qualtrics.com/dxjsmodule/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gov1.siteintercept.qualtrics.com/dxjsmodule/5.ba6d1d2e1492dd3cace1.chunk.js?Q_CLIENTVERSION=2.22.0&Q_CLIENTTYPE=web&Q_BRANDID=cmsmacfedramp
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-20.12.0.3360.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:489a:3403::5e7 San Antonio, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
59d1068c02d93d070a59d15e41390df70b60c5c0f3e7d4460e6dcdf7a2243574
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mycgsportal.com/

Response headers

content-encoding
gzip
etag
W/"b55-193d0d2dba0"
cache-tag
cloudjs-5.ba6d1d2e1492dd3cace1.chunk, cloudjs-js-modules, cloudjs-all-modules
x-fd-int-roxy-purgeid
827046
x-content-type-options
nosniff
x-cache
TCP_HIT
date
Wed, 08 Jan 2025 14:42:46 GMT
edge-control
max-age=604800
content-type
application/javascript
last-modified
Mon, 16 Dec 2024 18:55:00 GMT
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=604800
timing-allow-origin
*
referrer-policy
strict-origin-when-cross-origin
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://gov1.qualtrics.com/csp-report
permissions-policy
camera=(), geolocation=(), microphone=()
access-control-allow-origin
*
x-azure-ref
20250108T144246Z-17889d89dbbv68t2hS1SNRyv4n0000001b00000000001h9x
1.a0af9a4d429059568f93.chunk.js
gov1.siteintercept.qualtrics.com/dxjsmodule/ 		29 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gov1.siteintercept.qualtrics.com/dxjsmodule/1.a0af9a4d429059568f93.chunk.js?Q_CLIENTVERSION=2.22.0&Q_CLIENTTYPE=web&Q_BRANDID=cmsmacfedramp
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-20.12.0.3360.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:489a:3403::5e7 San Antonio, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8828ead6432a4c07b9d8521310903626a091cabe4ea12a432a18b80b2da35c5b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mycgsportal.com/

Response headers

content-encoding
gzip
etag
W/"7420-193d0d2dba0"
cache-tag
cloudjs-1.a0af9a4d429059568f93.chunk, cloudjs-js-modules, cloudjs-all-modules
x-fd-int-roxy-purgeid
827046
x-content-type-options
nosniff
x-cache
TCP_HIT
date
Wed, 08 Jan 2025 14:42:46 GMT
edge-control
max-age=604800
content-type
application/javascript
last-modified
Mon, 16 Dec 2024 18:55:00 GMT
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=604800
timing-allow-origin
*
referrer-policy
strict-origin-when-cross-origin
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://gov1.qualtrics.com/csp-report
permissions-policy
camera=(), geolocation=(), microphone=()
access-control-allow-origin
*
x-azure-ref
20250108T144246Z-17889d89dbbv68t2hS1SNRyv4n0000001b00000000001h9y
FeedbackButtonModule.js
gov1.siteintercept.qualtrics.com/dxjsmodule/ 		97 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gov1.siteintercept.qualtrics.com/dxjsmodule/FeedbackButtonModule.js?Q_CLIENTVERSION=2.22.0&Q_CLIENTTYPE=web&Q_BRANDID=cmsmacfedramp
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-20.12.0.3360.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:489a:3403::5e7 San Antonio, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c983bb463147488d656b2718bfb9e63383392ae3bf82a60267277f91bcb30965
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mycgsportal.com/

Response headers

content-encoding
gzip
etag
W/"18261-193d0d2dba0"
cache-tag
cloudjs-feedbackbuttonmodule, cloudjs-js-modules, cloudjs-all-modules
x-fd-int-roxy-purgeid
827046
x-content-type-options
nosniff
x-cache
TCP_HIT
date
Wed, 08 Jan 2025 14:42:46 GMT
edge-control
max-age=604800
content-type
application/javascript
last-modified
Mon, 16 Dec 2024 18:55:00 GMT
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=604800
timing-allow-origin
*
referrer-policy
strict-origin-when-cross-origin
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://gov1.qualtrics.com/csp-report
permissions-policy
camera=(), geolocation=(), microphone=()
access-control-allow-origin
*
x-azure-ref
20250108T144246Z-17889d89dbbv68t2hS1SNRyv4n0000001b00000000001h9z
Asset.php
gov1.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gov1.siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_erpxlypVyH62H9b&Version=38&Q_ORIGIN=https://mycgsportal.com&Q_CLIENTVERSION=2.22.0&Q_CLIENTTYPE=web&Q_BrandTier=xAIg4q2Yee&Q_ARCACHEVERSION=21&Q_BRANDDC=gov1
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-20.12.0.3360.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:489a:3403::5e7 San Antonio, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
54743fb74d2dd6e08acb66083c2ae870e294b3f95dfc6c3ad6b90aeea06eea96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mycgsportal.com/

Response headers

x-request-id
27f1b15b-1ac5-4e75-82bd-40505b4e71b5
x-transaction-id
bb648c2d-20e4-4952-8673-ad8047b117d2
content-encoding
gzip
etag
W/"11e6-NUGWUBBHKYl1Xm+Z0rOMdR1XVpQ"
x-fd-int-roxy-purgeid
827046
x-content-type-options
nosniff
x-cache
TCP_HIT
date
Wed, 08 Jan 2025 14:42:46 GMT
edge-control
max-age=604800
content-type
application/json; charset=utf-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=604800
referrer-policy
strict-origin-when-cross-origin
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://gov1.qualtrics.com/csp-report
permissions-policy
camera=(), geolocation=(), microphone=()
access-control-allow-origin
*
x-azure-ref
20250108T144246Z-17889d89dbbgjs8shS1SNRc48800000000z0000000004ft9
Asset.php
gov1.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gov1.siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_eRQmZLyfb1kzi5f&Version=21&Q_InterceptID=SI_erpxlypVyH62H9b&Q_ORIGIN=https://mycgsportal.com&Q_CLIENTVERSION=2.22.0&Q_CLIENTTYPE=web&Q_BrandTier=xAIg4q2Yee&Q_ARCACHEVERSION=21&Q_BRANDDC=gov1
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-20.12.0.3360.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:489a:3403::5e7 San Antonio, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f4bf365c5fd6dac17d5547f02febe3cefca8b69a2b6b7dfd104225fd18b07413
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mycgsportal.com/

Response headers

x-request-id
333baa29-ad0e-425c-8467-bb1e2cff1b9b
x-transaction-id
caead9bc-03f5-4450-afb4-3db9d647cbef
content-encoding
gzip
etag
W/"653-XskzZvLiCUhMAgcV4v7vbb8/45Y"
x-fd-int-roxy-purgeid
827046
x-content-type-options
nosniff
x-cache
TCP_HIT
date
Wed, 08 Jan 2025 14:42:46 GMT
edge-control
max-age=604800
content-type
application/json; charset=utf-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=604800
referrer-policy
strict-origin-when-cross-origin
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://gov1.qualtrics.com/csp-report
permissions-policy
camera=(), geolocation=(), microphone=()
access-control-allow-origin
*
x-azure-ref
20250108T144246Z-17889d89dbbgjs8shS1SNRc48800000000z0000000004fta
/
gov1.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		45 B
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gov1.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_Impress=1&Q_CID=CR_eRQmZLyfb1kzi5f&Q_SIID=SI_erpxlypVyH62H9b&Q_ASID=AS_21737298&Q_CLIENTVERSION=2.22.0&Q_CLIENTTYPE=web&r=1736347366582
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-20.12.0.3360.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:489a:3403::5e7 San Antonio, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
Referer
https://mycgsportal.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, max-age=0
trace-id
819ff26a993e77e6
access-control-allow-credentials
true
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
permissions-policy
camera=(), geolocation=(), microphone=()
access-control-allow-origin
https://mycgsportal.com
x-cache
TCP_MISS
date
Wed, 08 Jan 2025 14:42:46 GMT
content-type
text/plain; charset=UTF-8
x-azure-ref
20250108T144246Z-17889d89dbbgjs8shS1SNRc48800000000z0000000004ftd
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://gov1.qualtrics.com/csp-report
903d4c43fed535fb4d325b1612c605e48417dc74_wr-dialog-close-btn-black.png
gov1.siteintercept.qualtrics.com/static/q-siteintercept/.blob/
Redirect Chain
  • https://gov1.siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/wr-dialog-close-btn-black.png
  • https://gov1.siteintercept.qualtrics.com/static/q-siteintercept/~/img/wr-dialog-close-btn-black.png
  • https://gov1.siteintercept.qualtrics.com/static/q-siteintercept/9ac2c094bdf01c0522ec4d4cff398f97ab2f7d8a/img/wr-dialog-close-btn-black.png
  • https://gov1.siteintercept.qualtrics.com/static/q-siteintercept/.blob/903d4c43fed535fb4d325b1612c605e48417dc74_wr-dialog-close-btn-black.png
757 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gov1.siteintercept.qualtrics.com/static/q-siteintercept/.blob/903d4c43fed535fb4d325b1612c605e48417dc74_wr-dialog-close-btn-black.png
Protocol
H2
Server
2001:489a:3403::5e7 San Antonio, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
28d780f5e175239904df4aebf3980d6fdde24b2722b41c34d73bd09da20237f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mycgsportal.com/

Response headers

x-request-id
4331b0af-431d-4201-a044-a519f2dba26b
x-transaction-id
8421c76d-b725-4b2e-a9ba-2c55feb96714
x-fd-int-roxy-purgeid
827046
x-content-type-options
nosniff
x-cache
TCP_HIT
date
Wed, 08 Jan 2025 14:42:47 GMT
content-type
image/png
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, immutable
referrer-policy
strict-origin-when-cross-origin
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://gov1.qualtrics.com/csp-report
permissions-policy
camera=(), geolocation=(), microphone=()
accept-ranges
bytes
content-length
757
static-digest
903d4c43fed535fb4d325b1612c605e48417dc74
x-azure-ref
20250108T144247Z-17889d89dbbv68t2hS1SNRyv4n0000001b00000000001har

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
x-request-id
67813d39-4291-4ad9-af66-a7bf52e66ef3
x-transaction-id
fe808a46-6d69-420d-aaf1-b6f50cd1b9c8
cache-control
public, max-age=31536000, immutable
location
/static/q-siteintercept/.blob/903d4c43fed535fb4d325b1612c605e48417dc74_wr-dialog-close-btn-black.png
x-fd-int-roxy-purgeid
827046
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
permissions-policy
camera=(), geolocation=(), microphone=()
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://gov1.qualtrics.com/csp-report
x-cache
TCP_HIT
content-length
135
date
Wed, 08 Jan 2025 14:42:47 GMT
content-type
text/html; charset=utf-8
x-azure-ref
20250108T144247Z-17889d89dbbv68t2hS1SNRyv4n0000001b00000000001haq

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| html5 object| Modernizr number| adrum-start-time object| adrum-config object| ADRUM function| $ function| jQuery function| moment string| ua object| QSI object| WAFQualtricsWebpackJsonP-cloud-2.22.0 object| _qsie

4 Cookies

Domain/Path Name / Value
mycgsportal.com/ Name: SameSite
Value: None
mycgsportal.com/ Name: ADRUM_BTa
Value: R:30|g:fc3068da-aecb-419c-8c3e-5216403c1f25|n:customer1_a8eea7df-29ea-44c7-bbb6-204dcac023ee
mycgsportal.com/ Name: BIGipServer~external_medicare~mycgswebportal.cms.gov_pool
Value: !prij9iKwxnese8vBFnwmoKJkixIKyjPU5zd9bGLFsHLM8rfXt8xi4ptu9tgF9MswzLNyB82ns734s/FHawCXyjvvKG1K1X7MCBSCuPY=
mycgsportal.com/ Name: TS0142fa81
Value: 01a170a28e4878d3bfd729a69f5791b5b50644c80dfb86ffad7151a90939b64fe74d9af8d3a2a4a86ef565d28e0b3ffa4e29eaf3c950ef725524dc48f7fdfc40f3aa884a37d3a679693f06e6c82b919be6bd17c737092b06dd38b42812c921ce750a6890670c6f01d588093f137af8f72a2669d9fae61661676c21dec86b32b56dc6b4eec779621bb3b7ed233fd6adeaa19394377f

1 Console Messages

Source Level URL
Text
network error URL: https://mycgsportal.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.appdynamics.com
fonts.googleapis.com
fonts.gstatic.com
gov1.siteintercept.qualtrics.com
mycgsportal.com
zn56y5ozjbiou2k85-cmsmacfedramp.gov1.siteintercept.qualtrics.com
2001:489a:3403::5e7
208.83.148.17
23.38.73.96
2a00:1450:4001:809::200a
2a00:1450:4001:829::2003
3.160.150.127
0230ca9cec6885ac86e71a0fbc0855d3e4d743ae90c3fa790c56795319e571bc
14aa2ccddff9abb4a6c0db1e5fd37439b7d85ce610e21a288595a9605eb54840
1823e6a63a7f0e23ff25a4b6327af6506a42cb7e7a9d8fe9430d522298a255fc
28d780f5e175239904df4aebf3980d6fdde24b2722b41c34d73bd09da20237f0
3d00087eed5c0b69f02f602173c3953ef77dc5da699c828d629b3959061461ef
52404e98eee5d973a0c03017a130248aa6656b670fe08de0dce89a0cc91c1f23
52d62465d244bef9c22960bed269d931eb2b705dff7f09a0bcf5ddba62554f45
54743fb74d2dd6e08acb66083c2ae870e294b3f95dfc6c3ad6b90aeea06eea96
59d1068c02d93d070a59d15e41390df70b60c5c0f3e7d4460e6dcdf7a2243574
6c43c289636eadce82eaeab41e54f3c43870ce1ff7f367a0ae0517886b8708c2
7ab70b265c4d779b18610e759b94146c1daee3e5fe430cba09ed05196110f0bf
8828ead6432a4c07b9d8521310903626a091cabe4ea12a432a18b80b2da35c5b
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
945b88ef669ded280836cf5628ff13bbe817e6616a37420897a24d767edb05c6
963b13980969e1a79454ce21393cc0b2e700a8f395af82e0b3ef17d10682e7a0
9e83216908224ffbc39992a5e60f93ca21b8e2240ba28025ba679c4b70f7112d
a0bc731a85d838d9002a02d766ae9435cf739d6c3a9f6d7e591498237c6556b8
a49035b29ceba3953b6d439ded26c93d2e0927690faa93151be4342b558403dd
aaf71e1671ce2b048d6016ec75edd5b17141db9fe1d34821a71e03ced5a619a1
b6b245eeaaeff4c6502b42a5fb7afe1e58f75b573d8b1be1d6305abe481b1a42
c983bb463147488d656b2718bfb9e63383392ae3bf82a60267277f91bcb30965
c9e7323e66923d21657e9f8d81e931dca065948f384d17fdc7a3e6980a668954
d9feb46cf586b7596846044f0aa1cad80ce48f05f533de13b1394760849c75d5
e466370b4ce06159c62a84c5e532b800c228582fd35602301c356796538ff165
f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9
f4bf365c5fd6dac17d5547f02febe3cefca8b69a2b6b7dfd104225fd18b07413