urlscan.io logo urlscan.io
SecurityTrails logo

ilogin-dev.illinois.gov Open in urlscan Pro
2a02:26f0:3500:14::1724:a252  Public Scan

Go To Rescan Add Verdict Report
URL: https://ilogin-dev.illinois.gov/enduser/report-suspicious-activity?i=eyJ6aXAiOiJERUYiLCJ2ZXIiOiIxIiwiZW5jIjoiQTI1NkdDTSIsImFsZyI...
Submission: On April 05 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 15 HTTP transactions. The main IP is 2a02:26f0:3500:14::1724:a252, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is ilogin-dev.illinois.gov.
TLS certificate: Issued by R3 on February 17th 2023. Valid for: 3 months.
This is the only time ilogin-dev.illinois.gov was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
11 99.86.4.103 16509 (AMAZON-02)
2 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
15 4
Apex Domain
Subdomains		 Transfer
11 oktacdn.com
op3static.oktacdn.com — Cisco Umbrella Rank: 136461
391 KB
2 go-mpulse.net
s.go-mpulse.net — Cisco Umbrella Rank: 1312
c.go-mpulse.net — Cisco Umbrella Rank: 662
51 KB
1 akstat.io
02179913.akstat.io — Cisco Umbrella Rank: 65180
207 B
1 illinois.gov
ilogin-dev.illinois.gov
8 KB
15 4
Domain Requested by
11 op3static.oktacdn.com ilogin-dev.illinois.gov
op3static.oktacdn.com
1 02179913.akstat.io s.go-mpulse.net
1 c.go-mpulse.net s.go-mpulse.net
1 s.go-mpulse.net ilogin-dev.illinois.gov
1 ilogin-dev.illinois.gov
15 5

This site contains links to these domains. Also see Links.

Domain
support.okta.com
Subject Issuer Validity Valid
illinois.gov
R3		 2023-02-17 -
2023-05-18		 3 months crt.sh
*.oktacdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-03 -
2024-01-02		 a year crt.sh
akstat.io
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-05 -
2024-04-04		 a year crt.sh

This page contains 1 frames:

Primary Page: https://ilogin-dev.illinois.gov/enduser/report-suspicious-activity?i=eyJ6aXAiOiJERUYiLCJ2ZXIiOiIxIiwiZW5jIjoiQTI1NkdDTSIsImFsZyI6ImRpciJ9..hcNwHAFoH8cXR8dD.AdYl57gCgjcEJ5PNVYUdP3dtw4fzYuVuhgd0VSQtzAX_3wYhdHw6f5jT8ogNftgEtmRQb2Yd60sGNpzJEI6A2TSrqr4ugQtOeG-yu3IAiW-qpoR2Y1AUlDMmYg4ae_kLpKyjDmaqgPw3a0zn9A2UOC1BAqr5YEXREn5BCrufZjzHQyAuzKSSWJVkrZbdiw55q9AtDL0z6dcygZ-x.D_fvx18ORFqY8jP0JpSkGQ
Frame ID: C5DB0E0913AE2503AC57FBC655E7D8FB
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ILogin-Dev - State of Illinois - Verdächtige Aktivität melden

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

15
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

5
Subdomains

4
IPs

2
Countries

450 kB
Transfer

1404 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request report-suspicious-activity
ilogin-dev.illinois.gov/enduser/ 		15 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ilogin-dev.illinois.gov/enduser/report-suspicious-activity?i=eyJ6aXAiOiJERUYiLCJ2ZXIiOiIxIiwiZW5jIjoiQTI1NkdDTSIsImFsZyI6ImRpciJ9..hcNwHAFoH8cXR8dD.AdYl57gCgjcEJ5PNVYUdP3dtw4fzYuVuhgd0VSQtzAX_3wYhdHw6f5jT8ogNftgEtmRQb2Yd60sGNpzJEI6A2TSrqr4ugQtOeG-yu3IAiW-qpoR2Y1AUlDMmYg4ae_kLpKyjDmaqgPw3a0zn9A2UOC1BAqr5YEXREn5BCrufZjzHQyAuzKSSWJVkrZbdiw55q9AtDL0z6dcygZ-x.D_fvx18ORFqY8jP0JpSkGQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:14::1724:a252 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
d4e65f82be8268084c9018986862efe2434a197bd18b9e42bd6f3864ec297679
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=600 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-language
de
content-length
5821
content-security-policy
frame-ancestors 'self'
content-security-policy-report-only
default-src 'self' illinoisgov-ext.oktapreview.com ilogin-dev.illinois.gov *.oktacdn.com; connect-src 'self' illinoisgov-ext.oktapreview.com illinoisgov-ext-admin.oktapreview.com ilogin-dev.illinois.gov *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com *.mtls.oktapreview.com illinoisgov-ext.kerberos.oktapreview.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' illinoisgov-ext.oktapreview.com ilogin-dev.illinois.gov *.oktacdn.com; style-src 'unsafe-inline' 'self' illinoisgov-ext.oktapreview.com ilogin-dev.illinois.gov *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' illinoisgov-ext.oktapreview.com illinoisgov-ext-admin.oktapreview.com ilogin-dev.illinois.gov login.okta.com com-okta-authenticator:; img-src 'self' illinoisgov-ext.oktapreview.com ilogin-dev.illinois.gov *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' illinoisgov-ext.oktapreview.com ilogin-dev.illinois.gov data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
content-type
text/html;charset=utf-8
date
Wed, 05 Apr 2023 20:30:20 GMT
expires
Wed, 05 Apr 2023 20:30:20 GMT
p3p
CP="HONK"
pragma
no-cache
server-timing
cdn-cache; desc=MISS edge; dur=262 origin; dur=935 ak_p; desc="466868_388276242_911694139_119682_844_8_0";dur=1
strict-transport-security
max-age=600 ; includeSubDomains
vary
Accept-Encoding
x-akamai-transformed
9 4043 0 pmb=mRUM,1
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-okta-request-id
ZC3aW4eQerwwU-bpoGVywQAAAd8
x-rate-limit-limit
10000
x-rate-limit-remaining
9999
x-rate-limit-reset
1680726679
x-robots-tag
noindex,nofollow
x-xss-protection
0
moment-with-locales.6e3038cf40602b967dc379abf9524fe0.js
op3static.oktacdn.com/assets/js/mvc/vendor/lib/ 		131 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://op3static.oktacdn.com/assets/js/mvc/vendor/lib/moment-with-locales.6e3038cf40602b967dc379abf9524fe0.js
Requested by
Host: ilogin-dev.illinois.gov
URL: https://ilogin-dev.illinois.gov/enduser/report-suspicious-activity?i=eyJ6aXAiOiJERUYiLCJ2ZXIiOiIxIiwiZW5jIjoiQTI1NkdDTSIsImFsZyI6ImRpciJ9..hcNwHAFoH8cXR8dD.AdYl57gCgjcEJ5PNVYUdP3dtw4fzYuVuhgd0VSQtzAX_3wYhdHw6f5jT8ogNftgEtmRQb2Yd60sGNpzJEI6A2TSrqr4ugQtOeG-yu3IAiW-qpoR2Y1AUlDMmYg4ae_kLpKyjDmaqgPw3a0zn9A2UOC1BAqr5YEXREn5BCrufZjzHQyAuzKSSWJVkrZbdiw55q9AtDL0z6dcygZ-x.D_fvx18ORFqY8jP0JpSkGQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-103.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
95d1a50b54178b2dcd0d0e5586f3897e0686df1a328ea2307325d1e8895a20f8
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

Referer
https://ilogin-dev.illinois.gov/
Origin
https://ilogin-dev.illinois.gov
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 05 Apr 2023 20:30:20 GMT
strict-transport-security
max-age=315360000; includeSubDomains
content-encoding
gzip
via
1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
last-modified
Thu, 27 Jan 2022 00:46:01 GMT
server
nginx
etag
W/"6e3038cf40602b967dc379abf9524fe0"
vary
Accept-Encoding
content-type
application/javascript
public-key-pins-report-only
pin-sha256="jZomPEBSDXoipA9un78hKRIeN/+U4ZteRaiX8YpWfqc="; pin-sha256="axSbM6RQ+19oXxudaOTdwXJbSr6f7AahxbDHFy3p8s8="; pin-sha256="SE4qe2vdD9tAegPwO79rMnZyhHvqj3i5g1c2HkyGUNE="; pin-sha256="ylP0lMLMvBaiHn0ihLxHjzvlPVQNoyQ+rMiaj0da/Pw="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id
P9MCq3LC6b8aPGs8-7rjnp2B8z17A8tTrx2XJAY_9U3-zwjm974tnw==
expires
Thu, 04 Apr 2024 20:30:20 GMT
saasure.cd78cfa15834b4971c5123bc886ab7e0.css
op3static.oktacdn.com/assets/css/ 		77 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://op3static.oktacdn.com/assets/css/saasure.cd78cfa15834b4971c5123bc886ab7e0.css
Requested by
Host: ilogin-dev.illinois.gov
URL: https://ilogin-dev.illinois.gov/enduser/report-suspicious-activity?i=eyJ6aXAiOiJERUYiLCJ2ZXIiOiIxIiwiZW5jIjoiQTI1NkdDTSIsImFsZyI6ImRpciJ9..hcNwHAFoH8cXR8dD.AdYl57gCgjcEJ5PNVYUdP3dtw4fzYuVuhgd0VSQtzAX_3wYhdHw6f5jT8ogNftgEtmRQb2Yd60sGNpzJEI6A2TSrqr4ugQtOeG-yu3IAiW-qpoR2Y1AUlDMmYg4ae_kLpKyjDmaqgPw3a0zn9A2UOC1BAqr5YEXREn5BCrufZjzHQyAuzKSSWJVkrZbdiw55q9AtDL0z6dcygZ-x.D_fvx18ORFqY8jP0JpSkGQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-103.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
991b4af1406e8d5cb2fb1cb81e9a15afee8293fbc4a8334ab439321167d3ecd7
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ilogin-dev.illinois.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 02:35:56 GMT
x-amz-meta-sha1sum
57e3d04bdbf6d1cf9d5d12dc09ee9fdb7d7c6205
content-encoding
gzip
strict-transport-security
max-age=315360000; includeSubDomains
via
1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
842064
x-cache
Hit from cloudfront
last-modified
Thu, 02 Feb 2023 21:50:35 GMT
server
nginx
etag
W/"cd78cfa15834b4971c5123bc886ab7e0"
vary
Accept-Encoding
content-type
text/css
public-key-pins-report-only
pin-sha256="jZomPEBSDXoipA9un78hKRIeN/+U4ZteRaiX8YpWfqc="; pin-sha256="axSbM6RQ+19oXxudaOTdwXJbSr6f7AahxbDHFy3p8s8="; pin-sha256="SE4qe2vdD9tAegPwO79rMnZyhHvqj3i5g1c2HkyGUNE="; pin-sha256="ylP0lMLMvBaiHn0ihLxHjzvlPVQNoyQ+rMiaj0da/Pw="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id
3ZoNkilb2ZeFeCedGHjI7wfZNJkGrKfob-CBnwzknFEdupWyCDKUVg==
expires
Tue, 26 Mar 2024 02:35:56 GMT
courage.7d434dcb032cd8a46b404c6f04be338a.css
op3static.oktacdn.com/assets/courage/css/ 		170 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://op3static.oktacdn.com/assets/courage/css/courage.7d434dcb032cd8a46b404c6f04be338a.css
Requested by
Host: ilogin-dev.illinois.gov
URL: https://ilogin-dev.illinois.gov/enduser/report-suspicious-activity?i=eyJ6aXAiOiJERUYiLCJ2ZXIiOiIxIiwiZW5jIjoiQTI1NkdDTSIsImFsZyI6ImRpciJ9..hcNwHAFoH8cXR8dD.AdYl57gCgjcEJ5PNVYUdP3dtw4fzYuVuhgd0VSQtzAX_3wYhdHw6f5jT8ogNftgEtmRQb2Yd60sGNpzJEI6A2TSrqr4ugQtOeG-yu3IAiW-qpoR2Y1AUlDMmYg4ae_kLpKyjDmaqgPw3a0zn9A2UOC1BAqr5YEXREn5BCrufZjzHQyAuzKSSWJVkrZbdiw55q9AtDL0z6dcygZ-x.D_fvx18ORFqY8jP0JpSkGQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-103.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
7958761c625c46840633c5eaa206522ef864d5d089034199a5cf478f9d3b5a9f
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ilogin-dev.illinois.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 02:35:56 GMT
x-amz-meta-sha1sum
e3b330581742ab8ca56474fdc4938e5b7621c2c6
content-encoding
gzip
strict-transport-security
max-age=315360000; includeSubDomains
via
1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
842064
x-cache
Hit from cloudfront
last-modified
Thu, 12 Jan 2023 03:16:43 GMT
server
nginx
etag
W/"7d434dcb032cd8a46b404c6f04be338a"
vary
Accept-Encoding
content-type
text/css
public-key-pins-report-only
pin-sha256="jZomPEBSDXoipA9un78hKRIeN/+U4ZteRaiX8YpWfqc="; pin-sha256="axSbM6RQ+19oXxudaOTdwXJbSr6f7AahxbDHFy3p8s8="; pin-sha256="SE4qe2vdD9tAegPwO79rMnZyhHvqj3i5g1c2HkyGUNE="; pin-sha256="ylP0lMLMvBaiHn0ihLxHjzvlPVQNoyQ+rMiaj0da/Pw="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id
xeXNTeSnhSFKXS7vD8QgdSTvfhwXK8SIdNSyTH-A1hgGEhySt4h38g==
expires
Tue, 26 Mar 2024 02:35:56 GMT
admin-overrides.a8f85aef7e3cc7fbc4377c7f6de96dfe.css
op3static.oktacdn.com/assets/css/ 		122 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://op3static.oktacdn.com/assets/css/admin-overrides.a8f85aef7e3cc7fbc4377c7f6de96dfe.css
Requested by
Host: ilogin-dev.illinois.gov
URL: https://ilogin-dev.illinois.gov/enduser/report-suspicious-activity?i=eyJ6aXAiOiJERUYiLCJ2ZXIiOiIxIiwiZW5jIjoiQTI1NkdDTSIsImFsZyI6ImRpciJ9..hcNwHAFoH8cXR8dD.AdYl57gCgjcEJ5PNVYUdP3dtw4fzYuVuhgd0VSQtzAX_3wYhdHw6f5jT8ogNftgEtmRQb2Yd60sGNpzJEI6A2TSrqr4ugQtOeG-yu3IAiW-qpoR2Y1AUlDMmYg4ae_kLpKyjDmaqgPw3a0zn9A2UOC1BAqr5YEXREn5BCrufZjzHQyAuzKSSWJVkrZbdiw55q9AtDL0z6dcygZ-x.D_fvx18ORFqY8jP0JpSkGQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-103.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
f259a4d17acde3a23ceb5a4f6f42913e6379abcfc63ee7d1506286d0148b49b2
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ilogin-dev.illinois.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 08:58:29 GMT
x-amz-meta-sha1sum
b1f26c90c7991d4b1494ba7972e919e09b69e38d
content-encoding
gzip
strict-transport-security
max-age=315360000; includeSubDomains
via
1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
559911
x-cache
Hit from cloudfront
last-modified
Thu, 09 Mar 2023 19:06:08 GMT
server
nginx
etag
W/"a8f85aef7e3cc7fbc4377c7f6de96dfe"
vary
Accept-Encoding
content-type
text/css
public-key-pins-report-only
pin-sha256="jZomPEBSDXoipA9un78hKRIeN/+U4ZteRaiX8YpWfqc="; pin-sha256="axSbM6RQ+19oXxudaOTdwXJbSr6f7AahxbDHFy3p8s8="; pin-sha256="SE4qe2vdD9tAegPwO79rMnZyhHvqj3i5g1c2HkyGUNE="; pin-sha256="ylP0lMLMvBaiHn0ihLxHjzvlPVQNoyQ+rMiaj0da/Pw="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id
d5qszciPgDfBsUSLHpY9ziVGGaRPv_uZkFFJzFnwOaj-2h1tNb49bg==
expires
Fri, 29 Mar 2024 08:58:29 GMT
report-suspicious-activity.a3b871a2a23ea6514727f0d9fe8a120d.css
op3static.oktacdn.com/assets/css/sections/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://op3static.oktacdn.com/assets/css/sections/report-suspicious-activity.a3b871a2a23ea6514727f0d9fe8a120d.css
Requested by
Host: ilogin-dev.illinois.gov
URL: https://ilogin-dev.illinois.gov/enduser/report-suspicious-activity?i=eyJ6aXAiOiJERUYiLCJ2ZXIiOiIxIiwiZW5jIjoiQTI1NkdDTSIsImFsZyI6ImRpciJ9..hcNwHAFoH8cXR8dD.AdYl57gCgjcEJ5PNVYUdP3dtw4fzYuVuhgd0VSQtzAX_3wYhdHw6f5jT8ogNftgEtmRQb2Yd60sGNpzJEI6A2TSrqr4ugQtOeG-yu3IAiW-qpoR2Y1AUlDMmYg4ae_kLpKyjDmaqgPw3a0zn9A2UOC1BAqr5YEXREn5BCrufZjzHQyAuzKSSWJVkrZbdiw55q9AtDL0z6dcygZ-x.D_fvx18ORFqY8jP0JpSkGQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-103.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
9c1f08dfa48c343162de0d31baa57519db5dc501927b6d449615e4e62bc67e8d
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ilogin-dev.illinois.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 05 Apr 2023 20:30:20 GMT
strict-transport-security
max-age=315360000; includeSubDomains
content-encoding
gzip
via
1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
last-modified
Fri, 20 May 2022 18:39:59 GMT
server
nginx
etag
W/"a3b871a2a23ea6514727f0d9fe8a120d"
vary
Accept-Encoding
content-type
text/css
public-key-pins-report-only
pin-sha256="jZomPEBSDXoipA9un78hKRIeN/+U4ZteRaiX8YpWfqc="; pin-sha256="axSbM6RQ+19oXxudaOTdwXJbSr6f7AahxbDHFy3p8s8="; pin-sha256="SE4qe2vdD9tAegPwO79rMnZyhHvqj3i5g1c2HkyGUNE="; pin-sha256="ylP0lMLMvBaiHn0ihLxHjzvlPVQNoyQ+rMiaj0da/Pw="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id
ZwGcqV7CgEHJa2XE0DrcO1i8gwQpBQqiemKZ7hw1nQriNoPmWelQKw==
expires
Thu, 04 Apr 2024 20:30:20 GMT
saasure.jqueryui.min.3518c2e48e027660c24ca2e18f52a8a2.js
op3static.oktacdn.com/assets/js/ 		633 KB
221 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://op3static.oktacdn.com/assets/js/saasure.jqueryui.min.3518c2e48e027660c24ca2e18f52a8a2.js
Requested by
Host: ilogin-dev.illinois.gov
URL: https://ilogin-dev.illinois.gov/enduser/report-suspicious-activity?i=eyJ6aXAiOiJERUYiLCJ2ZXIiOiIxIiwiZW5jIjoiQTI1NkdDTSIsImFsZyI6ImRpciJ9..hcNwHAFoH8cXR8dD.AdYl57gCgjcEJ5PNVYUdP3dtw4fzYuVuhgd0VSQtzAX_3wYhdHw6f5jT8ogNftgEtmRQb2Yd60sGNpzJEI6A2TSrqr4ugQtOeG-yu3IAiW-qpoR2Y1AUlDMmYg4ae_kLpKyjDmaqgPw3a0zn9A2UOC1BAqr5YEXREn5BCrufZjzHQyAuzKSSWJVkrZbdiw55q9AtDL0z6dcygZ-x.D_fvx18ORFqY8jP0JpSkGQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-103.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
d0b0cf4fc1751d5c3e5b242cfe9f9d607d0b942aaa5bcdcccf9ef46bc2c0f78a
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

Referer
https://ilogin-dev.illinois.gov/
Origin
https://ilogin-dev.illinois.gov
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 09:44:56 GMT
x-amz-meta-sha1sum
69c096fd4af698663793a328f6c78b1c97f8094f
content-encoding
gzip
strict-transport-security
max-age=315360000; includeSubDomains
via
1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
557124
x-cache
Hit from cloudfront
last-modified
Thu, 09 Mar 2023 19:09:29 GMT
server
nginx
etag
W/"3518c2e48e027660c24ca2e18f52a8a2"
vary
Accept-Encoding
content-type
application/javascript
public-key-pins-report-only
pin-sha256="jZomPEBSDXoipA9un78hKRIeN/+U4ZteRaiX8YpWfqc="; pin-sha256="axSbM6RQ+19oXxudaOTdwXJbSr6f7AahxbDHFy3p8s8="; pin-sha256="SE4qe2vdD9tAegPwO79rMnZyhHvqj3i5g1c2HkyGUNE="; pin-sha256="ylP0lMLMvBaiHn0ihLxHjzvlPVQNoyQ+rMiaj0da/Pw="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id
M9-TlwHRLIfPmxTwWolh6vyJsw2s57a997LEVaGnKedSxnfiMuU_Ag==
expires
Fri, 29 Mar 2024 09:44:56 GMT
routing.77e1bbe6e9f5f13ec333a5b6f091135e.js
op3static.oktacdn.com/assets/js/sections/user/ 		571 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://op3static.oktacdn.com/assets/js/sections/user/routing.77e1bbe6e9f5f13ec333a5b6f091135e.js
Requested by
Host: ilogin-dev.illinois.gov
URL: https://ilogin-dev.illinois.gov/enduser/report-suspicious-activity?i=eyJ6aXAiOiJERUYiLCJ2ZXIiOiIxIiwiZW5jIjoiQTI1NkdDTSIsImFsZyI6ImRpciJ9..hcNwHAFoH8cXR8dD.AdYl57gCgjcEJ5PNVYUdP3dtw4fzYuVuhgd0VSQtzAX_3wYhdHw6f5jT8ogNftgEtmRQb2Yd60sGNpzJEI6A2TSrqr4ugQtOeG-yu3IAiW-qpoR2Y1AUlDMmYg4ae_kLpKyjDmaqgPw3a0zn9A2UOC1BAqr5YEXREn5BCrufZjzHQyAuzKSSWJVkrZbdiw55q9AtDL0z6dcygZ-x.D_fvx18ORFqY8jP0JpSkGQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-103.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
b058e72333f2f26fe5e26eaf6b982c57832f5b463756ff6ee3595a8583d0d702
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

Referer
https://ilogin-dev.illinois.gov/
Origin
https://ilogin-dev.illinois.gov
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 10:55:45 GMT
strict-transport-security
max-age=315360000; includeSubDomains
content-encoding
gzip
via
1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
466475
x-cache
Hit from cloudfront
last-modified
Tue, 07 Apr 2020 23:35:41 GMT
server
nginx
etag
W/"77e1bbe6e9f5f13ec333a5b6f091135e"
vary
Accept-Encoding
content-type
application/javascript
public-key-pins-report-only
pin-sha256="jZomPEBSDXoipA9un78hKRIeN/+U4ZteRaiX8YpWfqc="; pin-sha256="axSbM6RQ+19oXxudaOTdwXJbSr6f7AahxbDHFy3p8s8="; pin-sha256="SE4qe2vdD9tAegPwO79rMnZyhHvqj3i5g1c2HkyGUNE="; pin-sha256="ylP0lMLMvBaiHn0ihLxHjzvlPVQNoyQ+rMiaj0da/Pw="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id
Dm3CzN3lBf1n8ACNy5gsrVrewNIiOb9My5Du2HGfTd0QoKWx011JRg==
expires
Sat, 30 Mar 2024 10:55:45 GMT
saasure-js-bundle.39092b64792b88d2888f93bd8579e8b7.js
op3static.oktacdn.com/assets/js/properties/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://op3static.oktacdn.com/assets/js/properties/saasure-js-bundle.39092b64792b88d2888f93bd8579e8b7.js
Requested by
Host: ilogin-dev.illinois.gov
URL: https://ilogin-dev.illinois.gov/enduser/report-suspicious-activity?i=eyJ6aXAiOiJERUYiLCJ2ZXIiOiIxIiwiZW5jIjoiQTI1NkdDTSIsImFsZyI6ImRpciJ9..hcNwHAFoH8cXR8dD.AdYl57gCgjcEJ5PNVYUdP3dtw4fzYuVuhgd0VSQtzAX_3wYhdHw6f5jT8ogNftgEtmRQb2Yd60sGNpzJEI6A2TSrqr4ugQtOeG-yu3IAiW-qpoR2Y1AUlDMmYg4ae_kLpKyjDmaqgPw3a0zn9A2UOC1BAqr5YEXREn5BCrufZjzHQyAuzKSSWJVkrZbdiw55q9AtDL0z6dcygZ-x.D_fvx18ORFqY8jP0JpSkGQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-103.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
a9ce250ff630ecdd949e562fe9bad541e0b3eb8988e7a7619cdd35f3168d80ab
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

Referer
https://ilogin-dev.illinois.gov/
Origin
https://ilogin-dev.illinois.gov
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 18:20:12 GMT
x-amz-meta-sha1sum
dac39f38d1f9b3ccb0d822dbded9b407374772f7
content-encoding
gzip
strict-transport-security
max-age=315360000; includeSubDomains
via
1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
526208
x-cache
Hit from cloudfront
last-modified
Thu, 30 Mar 2023 17:29:17 GMT
server
nginx
etag
W/"39092b64792b88d2888f93bd8579e8b7"
vary
Accept-Encoding
content-type
application/javascript
public-key-pins-report-only
pin-sha256="jZomPEBSDXoipA9un78hKRIeN/+U4ZteRaiX8YpWfqc="; pin-sha256="axSbM6RQ+19oXxudaOTdwXJbSr6f7AahxbDHFy3p8s8="; pin-sha256="SE4qe2vdD9tAegPwO79rMnZyhHvqj3i5g1c2HkyGUNE="; pin-sha256="ylP0lMLMvBaiHn0ihLxHjzvlPVQNoyQ+rMiaj0da/Pw="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id
ROaOhzy8aXoujxpxa9cKnTyyi8zhb8_5lz1fgXniSfDa9FwHQGjSrQ==
expires
Fri, 29 Mar 2024 18:20:12 GMT
fs06mnfwl0yzJh7p81d7
op3static.oktacdn.com/fs/bco/1/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://op3static.oktacdn.com/fs/bco/1/fs06mnfwl0yzJh7p81d7
Requested by
Host: ilogin-dev.illinois.gov
URL: https://ilogin-dev.illinois.gov/enduser/report-suspicious-activity?i=eyJ6aXAiOiJERUYiLCJ2ZXIiOiIxIiwiZW5jIjoiQTI1NkdDTSIsImFsZyI6ImRpciJ9..hcNwHAFoH8cXR8dD.AdYl57gCgjcEJ5PNVYUdP3dtw4fzYuVuhgd0VSQtzAX_3wYhdHw6f5jT8ogNftgEtmRQb2Yd60sGNpzJEI6A2TSrqr4ugQtOeG-yu3IAiW-qpoR2Y1AUlDMmYg4ae_kLpKyjDmaqgPw3a0zn9A2UOC1BAqr5YEXREn5BCrufZjzHQyAuzKSSWJVkrZbdiw55q9AtDL0z6dcygZ-x.D_fvx18ORFqY8jP0JpSkGQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-103.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
b576d5461acd23df747c0db3fa23e2a2bd3f8f0a4e9c8971095fcbd0c79ab315
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ilogin-dev.illinois.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 16:27:12 GMT
strict-transport-security
max-age=315360000; includeSubDomains
via
1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
187388
x-cache
Hit from cloudfront
content-length
2750
last-modified
Thu, 12 Jan 2023 17:44:54 GMT
server
nginx
etag
"6d2fa9263125e290982b246a0a7b6582"
public-key-pins-report-only
pin-sha256="jZomPEBSDXoipA9un78hKRIeN/+U4ZteRaiX8YpWfqc="; pin-sha256="axSbM6RQ+19oXxudaOTdwXJbSr6f7AahxbDHFy3p8s8="; pin-sha256="SE4qe2vdD9tAegPwO79rMnZyhHvqj3i5g1c2HkyGUNE="; pin-sha256="ylP0lMLMvBaiHn0ihLxHjzvlPVQNoyQ+rMiaj0da/Pw="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
JYTqyECZV4PpJqA-lSY_pkfOWEi9gseE_rKfgrJc-tZYOGRJOexRHQ==
expires
Tue, 02 Apr 2024 16:27:12 GMT
LE6YU-KWS32-WW2ST-8PTDY-DX2F7
s.go-mpulse.net/boomerang/ 		205 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.go-mpulse.net/boomerang/LE6YU-KWS32-WW2ST-8PTDY-DX2F7
Requested by
Host: ilogin-dev.illinois.gov
URL: https://ilogin-dev.illinois.gov/enduser/report-suspicious-activity?i=eyJ6aXAiOiJERUYiLCJ2ZXIiOiIxIiwiZW5jIjoiQTI1NkdDTSIsImFsZyI6ImRpciJ9..hcNwHAFoH8cXR8dD.AdYl57gCgjcEJ5PNVYUdP3dtw4fzYuVuhgd0VSQtzAX_3wYhdHw6f5jT8ogNftgEtmRQb2Yd60sGNpzJEI6A2TSrqr4ugQtOeG-yu3IAiW-qpoR2Y1AUlDMmYg4ae_kLpKyjDmaqgPw3a0zn9A2UOC1BAqr5YEXREn5BCrufZjzHQyAuzKSSWJVkrZbdiw55q9AtDL0z6dcygZ-x.D_fvx18ORFqY8jP0JpSkGQ
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:690::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ilogin-dev.illinois.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 05 Apr 2023 20:30:21 GMT
content-encoding
br
last-modified
Wed, 15 Mar 2023 03:28:30 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
timing-allow-origin
*
content-length
50393
proximanova-reg-webfont.353416ed0ff540352235.woff2
op3static.oktacdn.com/assets/courage/font/assets/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://op3static.oktacdn.com/assets/courage/font/assets/proximanova-reg-webfont.353416ed0ff540352235.woff2
Requested by
Host: op3static.oktacdn.com
URL: https://op3static.oktacdn.com/assets/courage/css/courage.7d434dcb032cd8a46b404c6f04be338a.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-103.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
affdba1620552b12a1a8a04467136aeb408c03fa337d20e9c38374d682d4d149
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

Referer
https://op3static.oktacdn.com/assets/courage/css/courage.7d434dcb032cd8a46b404c6f04be338a.css
Origin
https://ilogin-dev.illinois.gov
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 09:41:12 GMT
x-amz-meta-sha1sum
2b5fcd8431953c44e410d0489899e74f6d2cfecc
via
1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
strict-transport-security
max-age=315360000; includeSubDomains
x-amz-cf-pop
FRA6-C1
age
298149
x-cache
Hit from cloudfront
content-length
20416
last-modified
Thu, 27 Oct 2022 18:08:56 GMT
server
nginx
etag
"d99a7377dabb55772ca9f986b0a04b57"
public-key-pins-report-only
pin-sha256="jZomPEBSDXoipA9un78hKRIeN/+U4ZteRaiX8YpWfqc="; pin-sha256="axSbM6RQ+19oXxudaOTdwXJbSr6f7AahxbDHFy3p8s8="; pin-sha256="SE4qe2vdD9tAegPwO79rMnZyhHvqj3i5g1c2HkyGUNE="; pin-sha256="ylP0lMLMvBaiHn0ihLxHjzvlPVQNoyQ+rMiaj0da/Pw="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
1KSe5DE6RbPfw_aaZ4HzX7wS4VMwI4RFz9YLyN-6tuwWgAlIftGLkA==
expires
Mon, 01 Apr 2024 09:41:12 GMT
proximanova-light-webfont.aba797dabec6686294a9.woff2
op3static.oktacdn.com/assets/courage/font/assets/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://op3static.oktacdn.com/assets/courage/font/assets/proximanova-light-webfont.aba797dabec6686294a9.woff2
Requested by
Host: op3static.oktacdn.com
URL: https://op3static.oktacdn.com/assets/courage/css/courage.7d434dcb032cd8a46b404c6f04be338a.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-103.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
018930498a4b01e598099a6e45d7316d54c7b1411ce2b741a3b1f1b0ed4e578b
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

Referer
https://op3static.oktacdn.com/assets/courage/css/courage.7d434dcb032cd8a46b404c6f04be338a.css
Origin
https://ilogin-dev.illinois.gov
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 04:14:35 GMT
x-amz-meta-sha1sum
28b8b4bd234dde07b7ee63a6d32c6f275f03eca1
via
1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
strict-transport-security
max-age=315360000; includeSubDomains
x-amz-cf-pop
FRA6-C1
age
836146
x-cache
Hit from cloudfront
content-length
20052
last-modified
Thu, 27 Oct 2022 18:12:17 GMT
server
nginx
etag
"3bf194f33d52c87ea38f13e04fd41950"
public-key-pins-report-only
pin-sha256="jZomPEBSDXoipA9un78hKRIeN/+U4ZteRaiX8YpWfqc="; pin-sha256="axSbM6RQ+19oXxudaOTdwXJbSr6f7AahxbDHFy3p8s8="; pin-sha256="SE4qe2vdD9tAegPwO79rMnZyhHvqj3i5g1c2HkyGUNE="; pin-sha256="ylP0lMLMvBaiHn0ihLxHjzvlPVQNoyQ+rMiaj0da/Pw="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
oDMhMN6rPf6HIykaZdxNsDwKuTyFeTegh0DM2ocJF4ZIu0L3310uyg==
expires
Tue, 26 Mar 2024 04:14:35 GMT
config.json
c.go-mpulse.net/api/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.go-mpulse.net/api/config.json?key=LE6YU-KWS32-WW2ST-8PTDY-DX2F7&d=ilogin-dev.illinois.gov&t=5602422&v=1.720.0&sl=0&si=3cfbc94c-0f05-4e81-8153-17330c476775-rsnsyj&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=739176
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/LE6YU-KWS32-WW2ST-8PTDY-DX2F7
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:981::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
537f486e4665236aba91d30c9b263a5913837794d38e1a66002c6411b9167e43

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ilogin-dev.illinois.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Wed, 05 Apr 2023 20:30:21 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
813
/
02179913.akstat.io/ 		0
207 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://02179913.akstat.io/
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/LE6YU-KWS32-WW2ST-8PTDY-DX2F7
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:690::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ilogin-dev.illinois.gov/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 05 Apr 2023 20:30:21 GMT
content-type
image/gif
access-control-allow-origin
https://ilogin-dev.illinois.gov
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
0
expires
Wed, 05 Apr 2023 20:30:21 GMT

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| e function| t function| moment string| cspNonce object| okta function| oldval function| OktaWayPoint object| webFontConfig object| AjaxForm object| JobManager object| ModalDialog object| Utils object| Preferences object| OktaMetrics function| $ function| jQuery object| BROWSER object| jQuery1124019023461074691306 function| _ object| webfont object| WebFont object| saasure object| hashChangeHandler object| mixpanel string| BOOMR_API_key object| BOOMR object| oktaMetrics function| trackEvent function| showBadBrowserIfNotSeen number| BOOMR_onload function| BOOMR_check_doc_domain object| ErrorStackParser object| UserTimingCompression object| BOOMR_mq

3 Cookies

Domain/Path Name / Value
ilogin-dev.illinois.gov/ Name: JSESSIONID
Value: F721C1FA975D77E88410F020EEBE09D0
ilogin-dev.illinois.gov/ Name: t
Value: summer
ilogin-dev.illinois.gov/ Name: DT
Value: DI1VibsYF0ITCum2Dm9_MM4mQ

5 Console Messages

Source Level URL
Text
security error URL: https://ilogin-dev.illinois.gov/enduser/report-suspicious-activity?i=eyJ6aXAiOiJERUYiLCJ2ZXIiOiIxIiwiZW5jIjoiQTI1NkdDTSIsImFsZyI6ImRpciJ9..hcNwHAFoH8cXR8dD.AdYl57gCgjcEJ5PNVYUdP3dtw4fzYuVuhgd0VSQtzAX_3wYhdHw6f5jT8ogNftgEtmRQb2Yd60sGNpzJEI6A2TSrqr4ugQtOeG-yu3IAiW-qpoR2Y1AUlDMmYg4ae_kLpKyjDmaqgPw3a0zn9A2UOC1BAqr5YEXREn5BCrufZjzHQyAuzKSSWJVkrZbdiw55q9AtDL0z6dcygZ-x.D_fvx18ORFqY8jP0JpSkGQ(Line 45)
Message:
[Report Only] Refused to load the script 'https://s.go-mpulse.net/boomerang/LE6YU-KWS32-WW2ST-8PTDY-DX2F7' because it violates the following Content Security Policy directive: "script-src 'unsafe-inline' 'unsafe-eval' 'self' illinoisgov-ext.oktapreview.com ilogin-dev.illinois.gov *.oktacdn.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://ilogin-dev.illinois.gov/enduser/report-suspicious-activity?i=eyJ6aXAiOiJERUYiLCJ2ZXIiOiIxIiwiZW5jIjoiQTI1NkdDTSIsImFsZyI6ImRpciJ9..hcNwHAFoH8cXR8dD.AdYl57gCgjcEJ5PNVYUdP3dtw4fzYuVuhgd0VSQtzAX_3wYhdHw6f5jT8ogNftgEtmRQb2Yd60sGNpzJEI6A2TSrqr4ugQtOeG-yu3IAiW-qpoR2Y1AUlDMmYg4ae_kLpKyjDmaqgPw3a0zn9A2UOC1BAqr5YEXREn5BCrufZjzHQyAuzKSSWJVkrZbdiw55q9AtDL0z6dcygZ-x.D_fvx18ORFqY8jP0JpSkGQ(Line 45)
Message:
[Report Only] Refused to load the script 'https://s.go-mpulse.net/boomerang/LE6YU-KWS32-WW2ST-8PTDY-DX2F7' because it violates the following Content Security Policy directive: "script-src 'unsafe-inline' 'unsafe-eval' 'self' illinoisgov-ext.oktapreview.com ilogin-dev.illinois.gov *.oktacdn.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://s.go-mpulse.net/boomerang/LE6YU-KWS32-WW2ST-8PTDY-DX2F7(Line 9)
Message:
[Report Only] Refused to connect to 'https://c.go-mpulse.net/api/config.json?key=LE6YU-KWS32-WW2ST-8PTDY-DX2F7&d=ilogin-dev.illinois.gov&t=5602422&v=1.720.0&sl=0&si=3cfbc94c-0f05-4e81-8153-17330c476775-rsnsyj&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=739176' because it violates the following Content Security Policy directive: "connect-src 'self' illinoisgov-ext.oktapreview.com illinoisgov-ext-admin.oktapreview.com ilogin-dev.illinois.gov *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com *.mtls.oktapreview.com illinoisgov-ext.kerberos.oktapreview.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data:".
security error URL: https://s.go-mpulse.net/boomerang/LE6YU-KWS32-WW2ST-8PTDY-DX2F7(Line 9)
Message:
[Report Only] Refused to connect to 'https://02179913.akstat.io/' because it violates the following Content Security Policy directive: "connect-src 'self' illinoisgov-ext.oktapreview.com illinoisgov-ext-admin.oktapreview.com ilogin-dev.illinois.gov *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com *.mtls.oktapreview.com illinoisgov-ext.kerberos.oktapreview.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data:".
security error URL: https://s.go-mpulse.net/boomerang/LE6YU-KWS32-WW2ST-8PTDY-DX2F7(Line 9)
Message:
[Report Only] Refused to connect to 'https://02179913.akstat.io/' because it violates the following Content Security Policy directive: "connect-src 'self' illinoisgov-ext.oktapreview.com illinoisgov-ext-admin.oktapreview.com ilogin-dev.illinois.gov *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com *.mtls.oktapreview.com illinoisgov-ext.kerberos.oktapreview.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data:".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=600 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0