unemployment.oregon.gov Open in urlscan Pro
138.197.218.83  Public Scan

38 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request unemployment-insurance-fraud-id-theft Show response unemployment.oregon.gov/	33 KB 8 KB	953ms 368ms	Document text/html	138.197.218.83 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://unemployment.oregon.gov/unemployment-insurance-fraud-id-theft Protocol H2 Security TLS 1.3, , AES_256_GCM Server 138.197.218.83 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Craft CMS, SEOmatic Resource Hash 17cb77b424df8e3d460fcde6a9aea5baca060dfbb8f1988dc109ad381100ef73 Request headers :method GET :authority unemployment.oregon.gov :scheme https :path /unemployment-insurance-fraud-id-theft pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers server nginx date Fri, 20 Aug 2021 20:22:00 GMT content-type text/html; charset=UTF-8 content-length 7950 permissions-policy interest-cohort=() x-powered-by Craft CMS, SEOmatic x-robots-tag all link <https://unemployment.oregon.gov/unemployment-insurance-fraud-id-theft>; rel='canonical' referrer-policy no-referrer-when-downgrade cache-control max-age=1, private, must-revalidate expires Fri, 20 Aug 2021 20:22:01 GMT vary Accept-Encoding content-encoding gzip
GET H2	200	app.css unemployment.oregon.gov/assets/css/	122 KB 25 KB	321ms 321ms	Stylesheet text/css	138.197.218.83 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://unemployment.oregon.gov/assets/css/app.css?v=210429 Requested by Host: unemployment.oregon.gov URL: https://unemployment.oregon.gov/unemployment-insurance-fraud-id-theft Protocol H2 Security TLS 1.3, , AES_256_GCM Server 138.197.218.83 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 2b9c3d4bd3754f96db4d7699fb6e7ff673b86868458606abfe8285de49ae20f1 Request headers :path /assets/css/app.css?v=210429 pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority unemployment.oregon.gov referer https://unemployment.oregon.gov/unemployment-insurance-fraud-id-theft :scheme https sec-fetch-site same-origin :method GET Referer https://unemployment.oregon.gov/unemployment-insurance-fraud-id-theft User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 20:22:00 GMT content-encoding gzip last-modified Wed, 13 Jan 2021 22:25:43 GMT server nginx etag "1e621-5b8cf9eaf9454-gzip" vary Accept-Encoding content-type text/css cache-control max-age=604800, public accept-ranges bytes content-length 25120 expires Fri, 27 Aug 2021 20:22:00 GMT
GET H2	200	OR_employment_department.png unemployment.oregon.gov/assets/images/	19 KB 19 KB	172ms 171ms	Image image/png	138.197.218.83 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://unemployment.oregon.gov/assets/images/OR_employment_department.png Requested by Host: unemployment.oregon.gov URL: https://unemployment.oregon.gov/unemployment-insurance-fraud-id-theft Protocol H2 Security TLS 1.3, , AES_256_GCM Server 138.197.218.83 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 965d659f43c1ce9ce227902580804b4fe0d0b09e76e01ea928934b21c41071e1 Request headers :path /assets/images/OR_employment_department.png pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority unemployment.oregon.gov referer https://unemployment.oregon.gov/unemployment-insurance-fraud-id-theft :scheme https sec-fetch-site same-origin :method GET Referer https://unemployment.oregon.gov/unemployment-insurance-fraud-id-theft User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 20:22:00 GMT last-modified Wed, 01 Jul 2020 04:54:53 GMT server nginx etag "4a46-5a95a17ba993c" content-type image/png cache-control max-age=604800, public accept-ranges bytes content-length 19014 expires Fri, 27 Aug 2021 20:22:00 GMT
GET H2	200	app.js Show response unemployment.oregon.gov/assets/js/	220 KB 71 KB	467ms 466ms	Script application/javascript	138.197.218.83 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://unemployment.oregon.gov/assets/js/app.js?v=210429 Requested by Host: unemployment.oregon.gov URL: https://unemployment.oregon.gov/unemployment-insurance-fraud-id-theft Protocol H2 Security TLS 1.3, , AES_256_GCM Server 138.197.218.83 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash a450d3b18fc806a4a362b863a6446c20249cf7645100d7ce310755d94f44bbd3 Request headers :path /assets/js/app.js?v=210429 pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority unemployment.oregon.gov referer https://unemployment.oregon.gov/unemployment-insurance-fraud-id-theft :scheme https sec-fetch-site same-origin :method GET Referer https://unemployment.oregon.gov/unemployment-insurance-fraud-id-theft User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 20:22:00 GMT content-encoding gzip last-modified Fri, 10 Jul 2020 03:51:03 GMT server nginx etag "371fe-5aa0e3ffbadb8-gzip" vary Accept-Encoding content-type application/javascript cache-control max-age=604800, private accept-ranges bytes expires Fri, 27 Aug 2021 20:22:00 GMT
GET H2	200	bootstrap.js Show response www.gstatic.com/dialogflow-console/fast/messenger/	2 KB 1 KB	32ms 14ms	Script text/javascript	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/dialogflow-console/fast/messenger/bootstrap.js?v=1 Requested by Host: unemployment.oregon.gov URL: https://unemployment.oregon.gov/unemployment-insurance-fraud-id-theft Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 052a0b4fd64a0d01ed47d626b332265edbbf0da6b576b1a609c4446d5920e249 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://unemployment.oregon.gov/unemployment-insurance-fraud-id-theft User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 20:22:00 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/dialogflow-console cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 717 x-xss-protection 0 pragma no-cache last-modified Sat, 04 Apr 2020 19:45:00 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control no-cache, must-revalidate accept-ranges bytes expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	101 KB 40 KB	35ms 35ms	Script application/javascript	2a00:1450:4001:82a::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-172413525-1 Requested by Host: unemployment.oregon.gov URL: https://unemployment.oregon.gov/unemployment-insurance-fraud-id-theft Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash e172acd99e69f25c1c5db531dc083ef1eafd7a0b720171140bdff0516170b33a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://unemployment.oregon.gov/unemployment-insurance-fraud-id-theft User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 20:22:00 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 41045 x-xss-protection 0 last-modified Fri, 20 Aug 2021 18:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 20 Aug 2021 20:22:00 GMT
GET H2	200	fa-brands-400.woff2 unemployment.oregon.gov/assets/webfonts/	75 KB 75 KB	196ms 196ms	Font font/woff2	138.197.218.83 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://unemployment.oregon.gov/assets/webfonts/fa-brands-400.woff2 Requested by Host: unemployment.oregon.gov URL: https://unemployment.oregon.gov/assets/css/app.css?v=210429 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 138.197.218.83 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 80c7d8d88a91688aa18a1ce39ec33e15ac5e1cad7c7be1c5fa3c403f34f1b53c Request headers :path /assets/webfonts/fa-brands-400.woff2 pragma no-cache origin https://unemployment.oregon.gov accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest font :authority unemployment.oregon.gov referer https://unemployment.oregon.gov/assets/css/app.css?v=210429 :scheme https sec-fetch-site same-origin :method GET Origin https://unemployment.oregon.gov Referer https://unemployment.oregon.gov/assets/css/app.css?v=210429 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 20:22:01 GMT last-modified Wed, 01 Jul 2020 04:55:02 GMT server nginx etag "12b5c-5a95a1838c486" content-type font/woff2 cache-control max-age=300 accept-ranges bytes content-length 76636 expires Fri, 20 Aug 2021 20:27:01 GMT
GET H2	200	update.min.js Show response browser-update.org/	9 KB 5 KB	44ms 27ms	Script application/javascript	2606:4700:20::ac43:459c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://browser-update.org/update.min.js Requested by Host: unemployment.oregon.gov URL: https://unemployment.oregon.gov/unemployment-insurance-fraud-id-theft Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:459c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3fd07911935a6cddda712673be5c3a6179d57328f016b40db8706491f2cd4203 Request headers Referer https://unemployment.oregon.gov/unemployment-insurance-fraud-id-theft User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 20:22:01 GMT content-encoding br cf-cache-status HIT last-modified Sun, 01 Aug 2021 15:39:02 GMT server cloudflare age 1658562 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fWV5wzDROvBtv%2BLZQH%2FGIKrimUTLCRD1g21vsK5FhZOcWrM3lSDPKRhxcHk6nfq4tgtyqT2Vh8VfvCfrVci4qAddAMCarRC8tsXhAXBvoNx1OK7UIUTB7wILKheMJUoWn246aO38XIW6qUvQ5vt9lA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 681e54d31f0a175a-FRA expires Mon, 02 Aug 2021 15:39:19 GMT
GET H2	200	custom-elements-es5-adapter.js Show response static.dialogflow.com/common/messenger/webcomponentsjs/2.1.3/	930 B 989 B	50ms 7ms	Script text/javascript	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://static.dialogflow.com/common/messenger/webcomponentsjs/2.1.3/custom-elements-es5-adapter.js Requested by Host: www.gstatic.com URL: https://www.gstatic.com/dialogflow-console/fast/messenger/bootstrap.js?v=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7034ae8d8aaa077dc02a62b5b4a0b9d0eefacc5619832a2637a9afd4ef626cc6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://unemployment.oregon.gov/unemployment-insurance-fraud-id-theft User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 03:08:04 GMT content-encoding gzip x-content-type-options nosniff age 62037 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/dialogflow-console cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 493 x-xss-protection 0 last-modified Fri, 26 Oct 2018 00:59:09 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=604800 accept-ranges bytes expires Fri, 27 Aug 2021 03:08:04 GMT
GET H2	200	webcomponents-loader.js Show response static.dialogflow.com/common/messenger/webcomponentsjs/2.1.3/	6 KB 6 KB	50ms 7ms	Script text/javascript	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://static.dialogflow.com/common/messenger/webcomponentsjs/2.1.3/webcomponents-loader.js Requested by Host: www.gstatic.com URL: https://www.gstatic.com/dialogflow-console/fast/messenger/bootstrap.js?v=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7c8eb3fac2da085b9b9162f25b769e760c25fbbfbe5edd7a354def8ee0bebe6b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://unemployment.oregon.gov/unemployment-insurance-fraud-id-theft User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 16 Aug 2021 05:26:32 GMT x-content-type-options nosniff age 399329 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/dialogflow-console cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6152 x-xss-protection 0 last-modified Fri, 26 Oct 2018 00:59:09 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=604800 accept-ranges bytes expires Mon, 23 Aug 2021 05:26:32 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	48 KB 19 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-172413525-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://unemployment.oregon.gov/unemployment-insurance-fraud-id-theft User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 13 Jul 2021 18:24:06 GMT server Golfe2 age 2727 date Fri, 20 Aug 2021 19:36:34 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19672 expires Fri, 20 Aug 2021 21:36:34 GMT
POST H3-29	200	collect Show response www.google-analytics.com/j/	2 B 22 B	13ms 13ms	XHR text/plain	2a00:1450:4001:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1500840890&t=pageview&_s=1&dl=https%3A%2F%2Funemployment.oregon.gov%2Funemployment-insurance-fraud-id-theft&ul=en-us&de=UTF-8&dt=OED%20Unemployment%20%7C%20Report%20ID%20Theft%20or%20UI%20Fraud&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=921601292&gjid=1034968740&cid=1642258697.1629490921&tid=UA-172413525-1&_gid=1710655833.1629490921&_r=1&gtm=2ou8i0&z=1165059582 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://unemployment.oregon.gov/unemployment-insurance-fraud-id-theft User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 20 Aug 2021 20:22:01 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://unemployment.oregon.gov cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	update.show.min.js Show response browser-update.org/	21 KB 10 KB	19ms 18ms	Script application/javascript	2606:4700:20::ac43:459c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://browser-update.org/update.show.min.js Requested by Host: browser-update.org URL: https://browser-update.org/update.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:459c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e98e5f2079a8b9edf4621a42bd064f2c3ff4dfb7cb105715ed483d24a52b99c2 Request headers Referer https://unemployment.oregon.gov/unemployment-insurance-fraud-id-theft User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 20:22:01 GMT content-encoding br cf-cache-status HIT last-modified Sun, 01 Aug 2021 15:39:03 GMT server cloudflare age 1658564 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g3W8857Nr8awEsFukMAPCXEZ1q5Se95QkptZZI3VDQ%2FcTT23P%2BzkhBDIGO%2BAME%2F8GzmiiyAQwMTmw4fxmvMYqnBeSYuPSXY4wadFqT3xifGgE4iVWAdF3GN0b0238DrdaGb3FZM%2Fx1%2FTaMds14sDIQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 681e54d35f88175a-FRA expires Mon, 02 Aug 2021 15:39:17 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	1 B 91 B	14ms 14ms	XHR text/plain	2a00:1450:400c:c08::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-172413525-1&cid=1642258697.1629490921&jid=921601292&gjid=1034968740&_gid=1710655833.1629490921&_u=YEBAAUAAAAAAAC~&z=395760441 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://unemployment.oregon.gov/unemployment-insurance-fraud-id-theft User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Fri, 20 Aug 2021 20:22:01 GMT content-type text/plain access-control-allow-origin https://unemployment.oregon.gov cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	c.png browser-update.org/static/img/small/	787 B 1 KB	21ms 20ms	Image image/png	2606:4700:20::ac43:459c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://browser-update.org/static/img/small/c.png Requested by Host: unemployment.oregon.gov URL: https://unemployment.oregon.gov/unemployment-insurance-fraud-id-theft Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:459c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5f979bb91eaf11b4a8f292cf49bab2250eb755cff8f6a10169977db44acabd3e Request headers Referer https://unemployment.oregon.gov/unemployment-insurance-fraud-id-theft User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 20:22:01 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4123 content-length 787 last-modified Sun, 21 Mar 2021 12:19:17 GMT server cloudflare etag "1616329157.897669-787-3015314254" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GQmAlZYSYMAnUwgjYUXQ31Z9vEt4A3X5n53SNfriINDZTK1Mg18k8faDjHP%2BrtuIcD2DrncAAKeUYLmEIq8GcxIqCafiNGr4G1BWMRT5Eo4D1SZoU4w21G%2BFJXQt5nwthJHyRr64K1myC%2Fjg8l3LQw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=86400 accept-ranges bytes cf-ray 681e54d38fe6175a-FRA expires Sat, 21 Aug 2021 07:13:18 GMT
GET H3-29	200	messenger-internal.min.js Show response www.gstatic.com/dialogflow-console/fast/messenger/	117 KB 35 KB	23ms 22ms	Script text/javascript	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/dialogflow-console/fast/messenger/messenger-internal.min.js?v=4 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/dialogflow-console/fast/messenger/bootstrap.js?v=1 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1c29fc696d1501f4634511d57f6e751c893aa7e24ca4ee35b5c1ad752c6b4078 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://unemployment.oregon.gov/unemployment-insurance-fraud-id-theft User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 20:22:01 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/dialogflow-console cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35498 x-xss-protection 0 pragma no-cache last-modified Thu, 27 Aug 2020 19:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control no-cache, must-revalidate accept-ranges bytes expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	icon fonts.googleapis.com/	568 B 461 B	15ms 14ms	Stylesheet text/css	2a00:1450:4001:80e::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/icon?family=Material+Icons Requested by Host: www.gstatic.com URL: https://www.gstatic.com/dialogflow-console/fast/messenger/messenger-internal.min.js?v=4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 4650bc273b69bd9e63d1ef0ea2c6b0d39be59ce91ef942898a224546fb6689f4 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://unemployment.oregon.gov/unemployment-insurance-fraud-id-theft User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 20 Aug 2021 20:22:01 GMT server ESF date Fri, 20 Aug 2021 20:22:01 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 20 Aug 2021 20:22:01 GMT
GET H2	200	css fonts.googleapis.com/	2 KB 609 B	16ms 15ms	Stylesheet text/css	2a00:1450:4001:80e::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto Requested by Host: www.gstatic.com URL: https://www.gstatic.com/dialogflow-console/fast/messenger/messenger-internal.min.js?v=4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 99155f31d46dc469aa872ce824309fae9210fb9357f463b889d617b85b35eb61 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://unemployment.oregon.gov/unemployment-insurance-fraud-id-theft User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 20 Aug 2021 18:48:48 GMT server ESF date Fri, 20 Aug 2021 20:22:01 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 20 Aug 2021 20:22:01 GMT
GET H2	403	DF-logo.png storage.googleapis.com/slg-demos/	0 0	158ms 138ms	Image application/xml	2a00:1450:4001:810::2010 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://storage.googleapis.com/slg-demos/DF-logo.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://unemployment.oregon.gov/unemployment-insurance-fraud-id-theft User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H2	404	botlogo.png storage.googleapis.com/mdol-assets/	0 0	291ms 279ms	Image application/xml	2a00:1450:4001:810::2010 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://storage.googleapis.com/mdol-assets/botlogo.png Requested by Host: unemployment.oregon.gov URL: https://unemployment.oregon.gov/unemployment-insurance-fraud-id-theft Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://unemployment.oregon.gov/unemployment-insurance-fraud-id-theft User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v27/	15 KB 15 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://unemployment.oregon.gov Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 16 Aug 2021 18:26:24 GMT x-content-type-options nosniff age 352537 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15688 x-xss-protection 0 last-modified Mon, 05 Apr 2021 21:10:35 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 16 Aug 2022 18:26:24 GMT

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| $buoop function| $buo_f object| df boolean| dfLoaded function| expandChatWindow function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| $bu_ function| $buo function| $bu_getBrowser object| _buorgres object| WebComponents function| $buo_show object| $jscomp object| ShadyCSS

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			unemployment.oregon.gov/	1970-01-19 20:48:15	Name: browserupdateorg Value: pause
			.oregon.gov/	1970-01-19 20:39:37	Name: _gid Value: GA1.2.1710655833.1629490921
			.oregon.gov/	1970-01-19 20:38:10	Name: _gat_gtag_UA_172413525_1 Value: 1
			.oregon.gov/	1970-01-20 14:09:22	Name: _ga Value: GA1.2.1642258697.1629490921

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

browser-update.org
fonts.googleapis.com
fonts.gstatic.com
static.dialogflow.com
stats.g.doubleclick.net
storage.googleapis.com
unemployment.oregon.gov
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
138.197.218.83
2606:4700:20::ac43:459c
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2010
2a00:1450:4001:811::2003
2a00:1450:4001:82a::2008
2a00:1450:400c:c08::9c
052a0b4fd64a0d01ed47d626b332265edbbf0da6b576b1a609c4446d5920e249
17cb77b424df8e3d460fcde6a9aea5baca060dfbb8f1988dc109ad381100ef73
1c29fc696d1501f4634511d57f6e751c893aa7e24ca4ee35b5c1ad752c6b4078
2b9c3d4bd3754f96db4d7699fb6e7ff673b86868458606abfe8285de49ae20f1
3fd07911935a6cddda712673be5c3a6179d57328f016b40db8706491f2cd4203
4650bc273b69bd9e63d1ef0ea2c6b0d39be59ce91ef942898a224546fb6689f4
5f979bb91eaf11b4a8f292cf49bab2250eb755cff8f6a10169977db44acabd3e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7034ae8d8aaa077dc02a62b5b4a0b9d0eefacc5619832a2637a9afd4ef626cc6
7c8eb3fac2da085b9b9162f25b769e760c25fbbfbe5edd7a354def8ee0bebe6b
80c7d8d88a91688aa18a1ce39ec33e15ac5e1cad7c7be1c5fa3c403f34f1b53c
965d659f43c1ce9ce227902580804b4fe0d0b09e76e01ea928934b21c41071e1
99155f31d46dc469aa872ce824309fae9210fb9357f463b889d617b85b35eb61
a450d3b18fc806a4a362b863a6446c20249cf7645100d7ce310755d94f44bbd3
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e172acd99e69f25c1c5db531dc083ef1eafd7a0b720171140bdff0516170b33a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e98e5f2079a8b9edf4621a42bd064f2c3ff4dfb7cb105715ed483d24a52b99c2