urlscan.io logo urlscan.io
SecurityTrails logo

my.ny.gov Open in urlscan Pro
161.11.222.92  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://login.ny.gov/home/nys_laboronlineservicesdtf_1/0oaax4eynwIxVOZbM297/alnax4m631T6ytO19297
Effective URL: https://my.ny.gov/LoginV4/login.xhtml
Submission: On December 11 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 3 domains to perform 35 HTTP transactions. The main IP is 161.11.222.92, located in Albany, United States and belongs to NYS, US. The main domain is my.ny.gov. The Cisco Umbrella rank of the primary domain is 82046.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on March 27th 2023. Valid for: a year.
This is the only time my.ny.gov was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 34.223.206.27 16509 (AMAZON-02)
4 18.66.147.97 16509 (AMAZON-02)
4 161.11.222.92 26854 (NYS)
35 4
Apex Domain
Subdomains		 Transfer
6 ny.gov
login.ny.gov — Cisco Umbrella Rank: 86244
my.ny.gov — Cisco Umbrella Rank: 82046
180 KB
4 oktacdn.com
ok5static.oktacdn.com — Cisco Umbrella Rank: 26060
249 KB
0 Failed
function sub() { [native code] }. Failed
35 3
Domain Requested by
4 my.ny.gov my.ny.gov
4 ok5static.oktacdn.com login.ny.gov
2 login.ny.gov 1 redirects
0 iebpjdmgckacbodjpijphcplhebcmeop Failed my.ny.gov
0 djflhoibgkdhkhhcedjiklpkjnoahfmg Failed my.ny.gov
0 cplklnmnlbnpmjogncfgfijoopmnlemp Failed my.ny.gov
0 gpolcofcjjiooogejfbaamdgmgfehgff Failed my.ny.gov
0 nndknepjnldbdbepjfgmncbggmopgden Failed my.ny.gov
0 jnhgnonknehpejjnehehllkliplmbmhn Failed my.ny.gov
0 bjjgbdlbgjeoankjijbmheneoekbghcg Failed my.ny.gov
0 rumola Failed my.ny.gov
0 nconiknmmhhhffhmbknbplalknajiaef Failed my.ny.gov
0 neodgnejhhhlcdoglifbmioajmagpeci Failed my.ny.gov
35 13

This site contains no links.

Subject Issuer Validity Valid
login.ny.gov
R3		 2023-11-15 -
2024-02-13		 3 months crt.sh
*.oktacdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-03 -
2024-01-02		 a year crt.sh
*.ny.gov
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-27 -
2024-04-26		 a year crt.sh

This page contains 1 frames:

Frame: https://my.ny.gov/LoginV4/login.xhtml
Frame ID: C0F0A2A33B9904ECD64E58A6FB61668C
Requests: 39 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://login.ny.gov/home/nys_laboronlineservicesdtf_1/0oaax4eynwIxVOZbM297/alnax4m631T6ytO19297 HTTP 302
    https://login.ny.gov/login/login.htm?fromURI=%2Fhome%2Fnys_laboronlineservicesdtf_1%2F0oaax4eynwI... Page URL
  2. https://my.ny.gov/LoginV4/login.xhtml Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

35
Requests

26 %
HTTPS

0 %
IPv6

3
Domains

13
Subdomains

4
IPs

1
Countries

427 kB
Transfer

976 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://login.ny.gov/home/nys_laboronlineservicesdtf_1/0oaax4eynwIxVOZbM297/alnax4m631T6ytO19297 HTTP 302
    https://login.ny.gov/login/login.htm?fromURI=%2Fhome%2Fnys_laboronlineservicesdtf_1%2F0oaax4eynwIxVOZbM297%2Falnax4m631T6ytO19297 Page URL
  2. https://my.ny.gov/LoginV4/login.xhtml Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://login.ny.gov/home/nys_laboronlineservicesdtf_1/0oaax4eynwIxVOZbM297/alnax4m631T6ytO19297 HTTP 302
  • https://login.ny.gov/login/login.htm?fromURI=%2Fhome%2Fnys_laboronlineservicesdtf_1%2F0oaax4eynwIxVOZbM297%2Falnax4m631T6ytO19297

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
login.htm
login.ny.gov/login/
Redirect Chain
  • https://login.ny.gov/home/nys_laboronlineservicesdtf_1/0oaax4eynwIxVOZbM297/alnax4m631T6ytO19297
  • https://login.ny.gov/login/login.htm?fromURI=%2Fhome%2Fnys_laboronlineservicesdtf_1%2F0oaax4eynwIxVOZbM297%2Falnax4m631T6ytO19297
30 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.ny.gov/login/login.htm?fromURI=%2Fhome%2Fnys_laboronlineservicesdtf_1%2F0oaax4eynwIxVOZbM297%2Falnax4m631T6ytO19297
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.223.206.27 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-223-206-27.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
740551c7100c7497590a2fbb1c6ac42557bd96cbf3bc896bd2fcf87c3820d5c9
Security Headers
Name Value
Content-Security-Policy default-src 'self' nys.okta.com login.ny.gov *.oktacdn.com; connect-src 'self' nys.okta.com nys-admin.okta.com login.ny.gov *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com *.mtls.okta.com nys.kerberos.okta.com https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' nys.okta.com login.ny.gov *.oktacdn.com; style-src 'unsafe-inline' 'self' nys.okta.com login.ny.gov *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' nys.okta.com nys-admin.okta.com login.ny.gov login.okta.com; img-src 'self' nys.okta.com login.ny.gov *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' nys.okta.com login.ny.gov data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self' https://apps.labor.ny.gov
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Type
text/html;charset=utf-8
Date
Mon, 11 Dec 2023 13:37:27 GMT
Keep-Alive
timeout=5, max=99
Server
nginx
Strict-Transport-Security
max-age=315360000; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Robots-Tag
noindex,nofollow
cache-control
no-cache, no-store
content-language
de
content-security-policy
default-src 'self' nys.okta.com login.ny.gov *.oktacdn.com; connect-src 'self' nys.okta.com nys-admin.okta.com login.ny.gov *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com *.mtls.okta.com nys.kerberos.okta.com https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' nys.okta.com login.ny.gov *.oktacdn.com; style-src 'unsafe-inline' 'self' nys.okta.com login.ny.gov *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' nys.okta.com nys-admin.okta.com login.ny.gov login.okta.com; img-src 'self' nys.okta.com login.ny.gov *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' nys.okta.com login.ny.gov data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self' https://apps.labor.ny.gov
expires
0
p3p
CP="HONK"
pragma
no-cache
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-okta-request-id
ZXcQlwgltSgmusLCwplHXgAAByI
x-rate-limit-limit
30000
x-rate-limit-remaining
30000
x-rate-limit-reset
1702301898
x-xss-protection
0

Redirect headers

Connection
Keep-Alive
Content-Length
0
Date
Mon, 11 Dec 2023 13:37:27 GMT
Keep-Alive
timeout=5, max=100
Server
nginx
Strict-Transport-Security
max-age=315360000; includeSubDomains
X-Robots-Tag
noindex,nofollow
content-language
en
content-security-policy
default-src 'self' nys.okta.com login.ny.gov *.oktacdn.com; connect-src 'self' nys.okta.com nys-admin.okta.com login.ny.gov *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com *.mtls.okta.com nys.kerberos.okta.com https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' nys.okta.com login.ny.gov *.oktacdn.com; style-src 'unsafe-inline' 'self' nys.okta.com login.ny.gov *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' nys.okta.com nys-admin.okta.com login.ny.gov login.okta.com; img-src 'self' nys.okta.com login.ny.gov *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' nys.okta.com login.ny.gov data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self' https://apps.labor.ny.gov
location
https://login.ny.gov/login/login.htm?fromURI=%2Fhome%2Fnys_laboronlineservicesdtf_1%2F0oaax4eynwIxVOZbM297%2Falnax4m631T6ytO19297
p3p
CP="HONK"
x-okta-request-id
ZXcQlwgltSgmusLCwplHXQAAByI
x-xss-protection
0
jquery-1.12.4.2ef93d9aedc4198ec425a799a371292d.js
ok5static.oktacdn.com/assets/js/ 		289 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ok5static.oktacdn.com/assets/js/jquery-1.12.4.2ef93d9aedc4198ec425a799a371292d.js
Requested by
Host: login.ny.gov
URL: https://login.ny.gov/login/login.htm?fromURI=%2Fhome%2Fnys_laboronlineservicesdtf_1%2F0oaax4eynwIxVOZbM297%2Falnax4m631T6ytO19297
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-97.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
43e51f129fb6eb0f52aee5fb4857f14796f9a5b38e66f445658db1ac1fb7298e
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

Referer
https://login.ny.gov/
Origin
https://login.ny.gov
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:12:00 GMT
x-amz-meta-sha1sum
26667ee897b9e91a9b54c3d4aa445649aa92543d
content-encoding
gzip
strict-transport-security
max-age=315360000; includeSubDomains
via
1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
865527
x-cache
Hit from cloudfront
last-modified
Tue, 06 Dec 2022 21:58:14 GMT
server
nginx
etag
W/"2ef93d9aedc4198ec425a799a371292d"
vary
Accept-Encoding
content-type
application/javascript
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id
0ov0cPkgUcG37vDs4e4VuSnEBfQXqewgXN-f5X1vt6RqP5yf7jxfDw==
expires
Sat, 30 Nov 2024 13:12:00 GMT
interstitial.c280c95e9e8c971dad6d6dd597ab23f8.css
ok5static.oktacdn.com/assets/css/sections/ 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ok5static.oktacdn.com/assets/css/sections/interstitial.c280c95e9e8c971dad6d6dd597ab23f8.css
Requested by
Host: login.ny.gov
URL: https://login.ny.gov/login/login.htm?fromURI=%2Fhome%2Fnys_laboronlineservicesdtf_1%2F0oaax4eynwIxVOZbM297%2Falnax4m631T6ytO19297
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-97.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
d952fafe2ace405711d16dd5b78225162c199fffc0132fb1d85b612b629c5e22
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.ny.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 19:40:33 GMT
x-amz-meta-sha1sum
254ba22d6a26decbf68aac1f9710e47a39cc4bfa
content-encoding
gzip
strict-transport-security
max-age=315360000; includeSubDomains
via
1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
496614
x-cache
Hit from cloudfront
last-modified
Tue, 05 Dec 2023 18:37:10 GMT
server
nginx
etag
W/"c280c95e9e8c971dad6d6dd597ab23f8"
vary
Accept-Encoding
content-type
text/css
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id
DUQ2vwEFFnd9uv3s88RbFNAlXu4Hf5QhXMci-wWKaq0oalqID9RxOw==
expires
Wed, 04 Dec 2024 19:40:33 GMT
interstitial-dark-blue-brand.d4ca51b5579d1772af159f12276beb72.gif
ok5static.oktacdn.com/assets/img/ui/indicators/ 		143 KB
144 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ok5static.oktacdn.com/assets/img/ui/indicators/interstitial-dark-blue-brand.d4ca51b5579d1772af159f12276beb72.gif
Requested by
Host: login.ny.gov
URL: https://login.ny.gov/login/login.htm?fromURI=%2Fhome%2Fnys_laboronlineservicesdtf_1%2F0oaax4eynwIxVOZbM297%2Falnax4m631T6ytO19297
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-97.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
3911e7c9d421c5b4435541e78ea1ea99b9975249fe7dc21cddad7418e666be02
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.ny.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=315360000; includeSubDomains
date
Sun, 03 Dec 2023 05:24:46 GMT
via
1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
1492430
x-cache
Hit from cloudfront
content-length
146495
last-modified
Wed, 15 Dec 2021 01:25:34 GMT
server
nginx
etag
"d4ca51b5579d1772af159f12276beb72"
content-type
image/gif
access-control-allow-origin
*
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
2nfA9_b4vKZMsmsR3Jbg-MRT2vKYR-4Jnwb-sjeFqaNVKwQwX7BevA==
expires
Sat, 23 Nov 2024 07:03:37 GMT
interstitial.474dce61acfac4a4d016921943cf2a68.js
ok5static.oktacdn.com/assets/js/app/sso/ 		678 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ok5static.oktacdn.com/assets/js/app/sso/interstitial.474dce61acfac4a4d016921943cf2a68.js
Requested by
Host: login.ny.gov
URL: https://login.ny.gov/login/login.htm?fromURI=%2Fhome%2Fnys_laboronlineservicesdtf_1%2F0oaax4eynwIxVOZbM297%2Falnax4m631T6ytO19297
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-97.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
77b5ff765ff7653b7756896e3951eb246f500edea52c79e0c64a6ef085e4c14e
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

Referer
https://login.ny.gov/
Origin
https://login.ny.gov
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=315360000; includeSubDomains
content-encoding
gzip
via
1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
date
Wed, 22 Nov 2023 01:17:49 GMT
x-amz-cf-pop
FRA60-P4
age
1685978
x-cache
Hit from cloudfront
last-modified
Thu, 06 Dec 2018 09:03:13 GMT
server
nginx
etag
W/"474dce61acfac4a4d016921943cf2a68"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id
kJQ9hX8ZnOuhC8Z5HptdYP4Vte6GRezk3Uyko83uINocErqeZMWn2w==
expires
Thu, 21 Nov 2024 01:17:49 GMT
Primary Request login.xhtml
my.ny.gov/LoginV4/ 		10 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://my.ny.gov/LoginV4/login.xhtml
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
161.11.222.92 Albany, United States, ASN26854 (NYS, US),
Reverse DNS
Software
/
Resource Hash
19d9f34b9230c01106ce1ac12f2fd5d88f9e90f0e40e3d190922e5ea80128a95

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://login.ny.gov
Referer
https://login.ny.gov/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-store, must-revalidate, no-cache, max-age=0
Content-Length
9916
Content-Type
text/html
084c043756ab200070bd3dcd7f8136059621f5234ce75e02d642440253b0e7296b6128c16750e924
my.ny.gov/TSPD/ 		408 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.ny.gov/TSPD/084c043756ab200070bd3dcd7f8136059621f5234ce75e02d642440253b0e7296b6128c16750e924?type=11
Requested by
Host: my.ny.gov
URL: https://my.ny.gov/LoginV4/login.xhtml
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
161.11.222.92 Albany, United States, ASN26854 (NYS, US),
Reverse DNS
Software
/
Resource Hash
67197e630411bf9f483df595aaf28ecf4da81762a87d581861ab0e4c1a55b51b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.ny.gov/LoginV4/login.xhtml
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Encoding
gzip
Cache-Control
public, max-age=86400
Content-Length
121034
Content-Type
text/javascript
084c043756ab200070bd3dcd7f8136059621f5234ce75e02d642440253b0e7296b6128c16750e924
my.ny.gov/TSPD/ 		52 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.ny.gov/TSPD/084c043756ab200070bd3dcd7f8136059621f5234ce75e02d642440253b0e7296b6128c16750e924?type=12
Requested by
Host: my.ny.gov
URL: https://my.ny.gov/LoginV4/login.xhtml
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
161.11.222.92 Albany, United States, ASN26854 (NYS, US),
Reverse DNS
Software
/
Resource Hash
552f179b8856e5355d6d5865abf56d10af6a0e698c3a8ea2b5610c459fbe37a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.ny.gov/LoginV4/login.xhtml
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Encoding
gzip
Cache-Control
public, max-age=86400
Content-Length
37876
Content-Type
text/javascript
truncated
/ 		34 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		67 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60d20c34efdd7103c273f54369cfc42c6d0a39126ce22298f2d31924b4ca5a56

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		34 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		35 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
483d244f19d7105fd875ee8d01223fb50c32409a0a33e6998b0ab644bbdc4a62

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/jpg
084c043756ab2800a9f066e1ec0224ec054529a0d4c1228dd6d85197ff9b26f6afb2ebc3a506b5ea9c94da044342ecc7
my.ny.gov/TSPD/ 		566 B
694 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.ny.gov/TSPD/084c043756ab2800a9f066e1ec0224ec054529a0d4c1228dd6d85197ff9b26f6afb2ebc3a506b5ea9c94da044342ecc7?type=13
Requested by
Host: my.ny.gov
URL: https://my.ny.gov/TSPD/084c043756ab200070bd3dcd7f8136059621f5234ce75e02d642440253b0e7296b6128c16750e924?type=11
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
161.11.222.92 Albany, United States, ASN26854 (NYS, US),
Reverse DNS
Software
/
Resource Hash
527618cea9061d8b50c06858a76cba5fcfd7af6aa4435b8051fd699f4bbf6dc7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my.ny.gov/LoginV4/login.xhtml
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Cache-Control
no-store, must-revalidate, no-cache, max-age=0
Content-Length
566
Content-Type
text/html
32.png
neodgnejhhhlcdoglifbmioajmagpeci/img/anticaptcha-logo/ 		0
0
icon-128.png
nconiknmmhhhffhmbknbplalknajiaef/ 		0
0
icon-16.png
nconiknmmhhhffhmbknbplalknajiaef/ 		0
0
rumola48.png
rumola/content/ 		0
0
rumola128.png
bjjgbdlbgjeoankjijbmheneoekbghcg/images/ 		0
0
on.png
bjjgbdlbgjeoankjijbmheneoekbghcg/images/ 		0
0
rumola48.png
bjjgbdlbgjeoankjijbmheneoekbghcg/images/ 		0
0
icon16.png
jnhgnonknehpejjnehehllkliplmbmhn/assets/images/ 		0
0
icon16.png
jnhgnonknehpejjnehehllkliplmbmhn/images/ 		0
0
icon48.png
jnhgnonknehpejjnehehllkliplmbmhn/images/ 		0
0
options.html
nndknepjnldbdbepjfgmncbggmopgden/ 		0
0
mining128.png
nndknepjnldbdbepjfgmncbggmopgden/img/ 		0
0
mining16.png
nndknepjnldbdbepjfgmncbggmopgden/img/ 		0
0
index.html
nndknepjnldbdbepjfgmncbggmopgden/client/dist/ 		0
0
pixel.gif
gpolcofcjjiooogejfbaamdgmgfehgff/ 		0
0
agenty-100.png
gpolcofcjjiooogejfbaamdgmgfehgff/icons/ 		0
0
agenty-16.png
gpolcofcjjiooogejfbaamdgmgfehgff/icons/ 		0
0
sgplus.css
gpolcofcjjiooogejfbaamdgmgfehgff/core/ 		0
0
logo24.png
cplklnmnlbnpmjogncfgfijoopmnlemp/skin/ 		0
0
spoofer_cs.js
djflhoibgkdhkhhcedjiklpkjnoahfmg/ 		0
0
jquery.js
djflhoibgkdhkhhcedjiklpkjnoahfmg/ 		0
0
icon.addressbar.gif
iebpjdmgckacbodjpijphcplhebcmeop/images/ 		0
0
manifest.json
iebpjdmgckacbodjpijphcplhebcmeop/ 		0
0
background.html
iebpjdmgckacbodjpijphcplhebcmeop/ 		0
0
popup.html
iebpjdmgckacbodjpijphcplhebcmeop/ 		0
0
login.xhtml
my.ny.gov/LoginV4/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
neodgnejhhhlcdoglifbmioajmagpeci
URL
chrome-extension://neodgnejhhhlcdoglifbmioajmagpeci/img/anticaptcha-logo/32.png
Domain
nconiknmmhhhffhmbknbplalknajiaef
URL
chrome-extension://nconiknmmhhhffhmbknbplalknajiaef/icon-128.png
Domain
nconiknmmhhhffhmbknbplalknajiaef
URL
chrome-extension://nconiknmmhhhffhmbknbplalknajiaef/icon-16.png
Domain
rumola
URL
chrome://rumola/content/rumola48.png
Domain
bjjgbdlbgjeoankjijbmheneoekbghcg
URL
chrome-extension://bjjgbdlbgjeoankjijbmheneoekbghcg/images/rumola128.png
Domain
bjjgbdlbgjeoankjijbmheneoekbghcg
URL
chrome-extension://bjjgbdlbgjeoankjijbmheneoekbghcg/images/on.png
Domain
bjjgbdlbgjeoankjijbmheneoekbghcg
URL
chrome-extension://bjjgbdlbgjeoankjijbmheneoekbghcg/images/rumola48.png
Domain
jnhgnonknehpejjnehehllkliplmbmhn
URL
chrome-extension://jnhgnonknehpejjnehehllkliplmbmhn/assets/images/icon16.png
Domain
jnhgnonknehpejjnehehllkliplmbmhn
URL
chrome-extension://jnhgnonknehpejjnehehllkliplmbmhn/images/icon16.png
Domain
jnhgnonknehpejjnehehllkliplmbmhn
URL
chrome-extension://jnhgnonknehpejjnehehllkliplmbmhn/images/icon48.png
Domain
nndknepjnldbdbepjfgmncbggmopgden
URL
chrome-extension://nndknepjnldbdbepjfgmncbggmopgden/options.html
Domain
nndknepjnldbdbepjfgmncbggmopgden
URL
chrome-extension://nndknepjnldbdbepjfgmncbggmopgden/img/mining128.png
Domain
nndknepjnldbdbepjfgmncbggmopgden
URL
chrome-extension://nndknepjnldbdbepjfgmncbggmopgden/img/mining16.png
Domain
nndknepjnldbdbepjfgmncbggmopgden
URL
chrome-extension://nndknepjnldbdbepjfgmncbggmopgden/client/dist/index.html
Domain
gpolcofcjjiooogejfbaamdgmgfehgff
URL
chrome-extension://gpolcofcjjiooogejfbaamdgmgfehgff/pixel.gif
Domain
gpolcofcjjiooogejfbaamdgmgfehgff
URL
chrome-extension://gpolcofcjjiooogejfbaamdgmgfehgff/icons/agenty-100.png
Domain
gpolcofcjjiooogejfbaamdgmgfehgff
URL
chrome-extension://gpolcofcjjiooogejfbaamdgmgfehgff/icons/agenty-16.png
Domain
gpolcofcjjiooogejfbaamdgmgfehgff
URL
chrome-extension://gpolcofcjjiooogejfbaamdgmgfehgff/core/sgplus.css
Domain
cplklnmnlbnpmjogncfgfijoopmnlemp
URL
chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png
Domain
djflhoibgkdhkhhcedjiklpkjnoahfmg
URL
chrome-extension://djflhoibgkdhkhhcedjiklpkjnoahfmg/spoofer_cs.js
Domain
djflhoibgkdhkhhcedjiklpkjnoahfmg
URL
chrome-extension://djflhoibgkdhkhhcedjiklpkjnoahfmg/jquery.js
Domain
iebpjdmgckacbodjpijphcplhebcmeop
URL
chrome-extension://iebpjdmgckacbodjpijphcplhebcmeop/images/icon.addressbar.gif
Domain
iebpjdmgckacbodjpijphcplhebcmeop
URL
chrome-extension://iebpjdmgckacbodjpijphcplhebcmeop/manifest.json
Domain
iebpjdmgckacbodjpijphcplhebcmeop
URL
chrome-extension://iebpjdmgckacbodjpijphcplhebcmeop/background.html
Domain
iebpjdmgckacbodjpijphcplhebcmeop
URL
chrome-extension://iebpjdmgckacbodjpijphcplhebcmeop/popup.html
Domain
my.ny.gov
URL
https://my.ny.gov/LoginV4/login.xhtml

Verdicts & Comments Add Verdict or Comment

104 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture string| bobcmn string| failureConfig boolean| VAa object| _z undefined| ie9rgb4 object| zO boolean| jO object| lz function| oz function| zz boolean| jz object| sZ function| _Z boolean| iZ boolean| IZ boolean| jZ boolean| Js object| Ls object| os function| ss function| debugLog function| Ss object| is object| js object| JS string| LS object| zS object| ZS object| sS string| SS string| _S object| iS object| IS number| J_ number| l_ number| o_ number| O_ number| z_ object| Z_ function| s_ object| S_ object| __ object| i_ object| I_ object| Ji function| li object| oi object| Oi object| zi object| Zi object| si object| Si object| _i number| j object| ii object| Ii object| ji object| JI object| lI object| LI object| oI object| OI object| zI object| ZI object| sI object| SI object| _I object| iI object| II object| jI object| Jj object| lj function| oj object| Oj object| zj object| Zj object| sj object| Sj object| _j number| ij string| Ij object| jj object| J0 object| l0 object| L0 object| o0 number| activeGroups object| Z0 object| html5 function| yepnope object| webrootkit_fnlist_exclude object| z0 string| O0 string| blobfp string| slobfp object| fpdefs string| sz string| Sz number| _r3 number| _m number| OZ string| prop object| obj

6 Cookies

Domain/Path Name / Value
login.ny.gov/ Name: JSESSIONID
Value: F4503D031596B947FEE2776E2395357F
login.ny.gov/ Name: t
Value: default
login.ny.gov/ Name: DT
Value: DI1nTYmOK0RSBKXfluupITIZw
my.ny.gov/ Name: TS443d8d13029
Value: 084c043756ab28004109d2c50af7da030bbaf1a0f6cd6c329603d7d990dcc422090ab09eba192e3cd29ade30883d5f43
my.ny.gov/ Name: TS55d6f691027
Value: 084c043756ab20007682ef8995f261528a6c4885db94a9d372d83bba84447974ab8f242f49d1f14208d318516a11300029c8fcc0bf2eb61fcb0dea781f31e3469d3745aa6db10f98e25c7204e2f5e92a26990fbe2af206ed08ff61d94ce9b91a
my.ny.gov/ Name: TS00000000076
Value: 084c043756ab2800a9f066e1ec0224ec054529a0d4c1228dd6d85197ff9b26f6afb2ebc3a506b5ea9c94da044342ecc708299e9c3f09d000d08a0c0474cc558f29c2d11750a15710060277ac3cce6baa58495a85708981c974f9fdcd4f49d22a10b4abc69ebf8d3985fd375df0f44fc6e6cd6076a60e74a7b7ae0339b483901c723b449cc8b17a5797a15b28e06738177e1d41644e57d2352bbabf4d602c8da2a281b4f80570a831868bc7792a9872ff4ef8b4999b7e0403f3f817b0082546063f2fb736e49273045b5bcc7f8bcc216a0a2629772f900b21435ab55a5711d926bc114464403a8a6a2ba92659cdee1b526b07f9aac7265913d9abfa8378c59892ae3f89f2ef0c5256

53 Console Messages

Source Level URL
Text
other warning URL: https://my.ny.gov/TSPD/084c043756ab200070bd3dcd7f8136059621f5234ce75e02d642440253b0e7296b6128c16750e924?type=11(Line 403)
Message:
The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
deprecation warning URL: https://my.ny.gov/TSPD/084c043756ab200070bd3dcd7f8136059621f5234ce75e02d642440253b0e7296b6128c16750e924?type=11(Line 403)
Message:
The ScriptProcessorNode is deprecated. Use AudioWorkletNode instead. (https://bit.ly/audio-worklet)
other warning URL: https://my.ny.gov/TSPD/084c043756ab200070bd3dcd7f8136059621f5234ce75e02d642440253b0e7296b6128c16750e924?type=11(Line 406)
Message:
The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
other warning URL: https://my.ny.gov/TSPD/084c043756ab200070bd3dcd7f8136059621f5234ce75e02d642440253b0e7296b6128c16750e924?type=11(Line 407)
Message:
The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
javascript error URL: https://my.ny.gov/TSPD/084c043756ab200070bd3dcd7f8136059621f5234ce75e02d642440253b0e7296b6128c16750e924?type=11(Line 835)
Message:
Not allowed to load local resource: chrome://rumola/content/rumola48.png
javascript error URL: https://my.ny.gov/LoginV4/login.xhtml
Message:
Access to XMLHttpRequest at 'chrome-extension://neodgnejhhhlcdoglifbmioajmagpeci/img/anticaptcha-logo/32.png' from origin 'https://my.ny.gov' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network error URL: chrome-extension://neodgnejhhhlcdoglifbmioajmagpeci/img/anticaptcha-logo/32.png
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://my.ny.gov/LoginV4/login.xhtml
Message:
Access to XMLHttpRequest at 'chrome-extension://nconiknmmhhhffhmbknbplalknajiaef/icon-128.png' from origin 'https://my.ny.gov' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network error URL: chrome-extension://nconiknmmhhhffhmbknbplalknajiaef/icon-128.png
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://my.ny.gov/LoginV4/login.xhtml
Message:
Access to XMLHttpRequest at 'chrome-extension://nconiknmmhhhffhmbknbplalknajiaef/icon-16.png' from origin 'https://my.ny.gov' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network error URL: chrome-extension://nconiknmmhhhffhmbknbplalknajiaef/icon-16.png
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://my.ny.gov/LoginV4/login.xhtml
Message:
Access to XMLHttpRequest at 'chrome-extension://bjjgbdlbgjeoankjijbmheneoekbghcg/images/rumola128.png' from origin 'https://my.ny.gov' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network error URL: chrome-extension://bjjgbdlbgjeoankjijbmheneoekbghcg/images/rumola128.png
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://my.ny.gov/LoginV4/login.xhtml
Message:
Access to XMLHttpRequest at 'chrome-extension://bjjgbdlbgjeoankjijbmheneoekbghcg/images/on.png' from origin 'https://my.ny.gov' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network error URL: chrome-extension://bjjgbdlbgjeoankjijbmheneoekbghcg/images/on.png
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://my.ny.gov/LoginV4/login.xhtml
Message:
Access to XMLHttpRequest at 'chrome-extension://bjjgbdlbgjeoankjijbmheneoekbghcg/images/rumola48.png' from origin 'https://my.ny.gov' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network error URL: chrome-extension://bjjgbdlbgjeoankjijbmheneoekbghcg/images/rumola48.png
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://my.ny.gov/LoginV4/login.xhtml
Message:
Access to XMLHttpRequest at 'chrome-extension://jnhgnonknehpejjnehehllkliplmbmhn/assets/images/icon16.png' from origin 'https://my.ny.gov' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network error URL: chrome-extension://jnhgnonknehpejjnehehllkliplmbmhn/assets/images/icon16.png
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://my.ny.gov/LoginV4/login.xhtml
Message:
Access to XMLHttpRequest at 'chrome-extension://jnhgnonknehpejjnehehllkliplmbmhn/images/icon16.png' from origin 'https://my.ny.gov' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network error URL: chrome-extension://jnhgnonknehpejjnehehllkliplmbmhn/images/icon16.png
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://my.ny.gov/LoginV4/login.xhtml
Message:
Access to XMLHttpRequest at 'chrome-extension://jnhgnonknehpejjnehehllkliplmbmhn/images/icon48.png' from origin 'https://my.ny.gov' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network error URL: chrome-extension://jnhgnonknehpejjnehehllkliplmbmhn/images/icon48.png
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://my.ny.gov/LoginV4/login.xhtml
Message:
Access to XMLHttpRequest at 'chrome-extension://nndknepjnldbdbepjfgmncbggmopgden/options.html' from origin 'https://my.ny.gov' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network error URL: chrome-extension://nndknepjnldbdbepjfgmncbggmopgden/options.html
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://my.ny.gov/LoginV4/login.xhtml
Message:
Access to XMLHttpRequest at 'chrome-extension://nndknepjnldbdbepjfgmncbggmopgden/img/mining128.png' from origin 'https://my.ny.gov' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network error URL: chrome-extension://nndknepjnldbdbepjfgmncbggmopgden/img/mining128.png
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://my.ny.gov/LoginV4/login.xhtml
Message:
Access to XMLHttpRequest at 'chrome-extension://nndknepjnldbdbepjfgmncbggmopgden/img/mining16.png' from origin 'https://my.ny.gov' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network error URL: chrome-extension://nndknepjnldbdbepjfgmncbggmopgden/img/mining16.png
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://my.ny.gov/LoginV4/login.xhtml
Message:
Access to XMLHttpRequest at 'chrome-extension://nndknepjnldbdbepjfgmncbggmopgden/client/dist/index.html' from origin 'https://my.ny.gov' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network error URL: chrome-extension://nndknepjnldbdbepjfgmncbggmopgden/client/dist/index.html
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://my.ny.gov/LoginV4/login.xhtml
Message:
Access to XMLHttpRequest at 'chrome-extension://gpolcofcjjiooogejfbaamdgmgfehgff/pixel.gif' from origin 'https://my.ny.gov' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network error URL: chrome-extension://gpolcofcjjiooogejfbaamdgmgfehgff/pixel.gif
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://my.ny.gov/LoginV4/login.xhtml
Message:
Access to XMLHttpRequest at 'chrome-extension://gpolcofcjjiooogejfbaamdgmgfehgff/icons/agenty-100.png' from origin 'https://my.ny.gov' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network error URL: chrome-extension://gpolcofcjjiooogejfbaamdgmgfehgff/icons/agenty-100.png
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://my.ny.gov/LoginV4/login.xhtml
Message:
Access to XMLHttpRequest at 'chrome-extension://gpolcofcjjiooogejfbaamdgmgfehgff/icons/agenty-16.png' from origin 'https://my.ny.gov' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network error URL: chrome-extension://gpolcofcjjiooogejfbaamdgmgfehgff/icons/agenty-16.png
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://my.ny.gov/LoginV4/login.xhtml
Message:
Access to XMLHttpRequest at 'chrome-extension://gpolcofcjjiooogejfbaamdgmgfehgff/core/sgplus.css' from origin 'https://my.ny.gov' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network error URL: chrome-extension://gpolcofcjjiooogejfbaamdgmgfehgff/core/sgplus.css
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://my.ny.gov/LoginV4/login.xhtml
Message:
Access to XMLHttpRequest at 'chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png' from origin 'https://my.ny.gov' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network error URL: chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://my.ny.gov/LoginV4/login.xhtml
Message:
Access to XMLHttpRequest at 'chrome-extension://djflhoibgkdhkhhcedjiklpkjnoahfmg/spoofer_cs.js' from origin 'https://my.ny.gov' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network error URL: chrome-extension://djflhoibgkdhkhhcedjiklpkjnoahfmg/spoofer_cs.js
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://my.ny.gov/LoginV4/login.xhtml
Message:
Access to XMLHttpRequest at 'chrome-extension://djflhoibgkdhkhhcedjiklpkjnoahfmg/jquery.js' from origin 'https://my.ny.gov' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network error URL: chrome-extension://djflhoibgkdhkhhcedjiklpkjnoahfmg/jquery.js
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://my.ny.gov/LoginV4/login.xhtml
Message:
Access to XMLHttpRequest at 'chrome-extension://iebpjdmgckacbodjpijphcplhebcmeop/images/icon.addressbar.gif' from origin 'https://my.ny.gov' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network error URL: chrome-extension://iebpjdmgckacbodjpijphcplhebcmeop/images/icon.addressbar.gif
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://my.ny.gov/LoginV4/login.xhtml
Message:
Access to XMLHttpRequest at 'chrome-extension://iebpjdmgckacbodjpijphcplhebcmeop/manifest.json' from origin 'https://my.ny.gov' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network error URL: chrome-extension://iebpjdmgckacbodjpijphcplhebcmeop/manifest.json
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://my.ny.gov/LoginV4/login.xhtml
Message:
Access to XMLHttpRequest at 'chrome-extension://iebpjdmgckacbodjpijphcplhebcmeop/background.html' from origin 'https://my.ny.gov' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network error URL: chrome-extension://iebpjdmgckacbodjpijphcplhebcmeop/background.html
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://my.ny.gov/LoginV4/login.xhtml
Message:
Access to XMLHttpRequest at 'chrome-extension://iebpjdmgckacbodjpijphcplhebcmeop/popup.html' from origin 'https://my.ny.gov' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, https, chrome-untrusted.
network error URL: chrome-extension://iebpjdmgckacbodjpijphcplhebcmeop/popup.html
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' nys.okta.com login.ny.gov *.oktacdn.com; connect-src 'self' nys.okta.com nys-admin.okta.com login.ny.gov *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com *.mtls.okta.com nys.kerberos.okta.com https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' nys.okta.com login.ny.gov *.oktacdn.com; style-src 'unsafe-inline' 'self' nys.okta.com login.ny.gov *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' nys.okta.com nys-admin.okta.com login.ny.gov login.okta.com; img-src 'self' nys.okta.com login.ny.gov *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' nys.okta.com login.ny.gov data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self' https://apps.labor.ny.gov
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bjjgbdlbgjeoankjijbmheneoekbghcg
cplklnmnlbnpmjogncfgfijoopmnlemp
djflhoibgkdhkhhcedjiklpkjnoahfmg
gpolcofcjjiooogejfbaamdgmgfehgff
iebpjdmgckacbodjpijphcplhebcmeop
jnhgnonknehpejjnehehllkliplmbmhn
login.ny.gov
my.ny.gov
nconiknmmhhhffhmbknbplalknajiaef
neodgnejhhhlcdoglifbmioajmagpeci
nndknepjnldbdbepjfgmncbggmopgden
ok5static.oktacdn.com
rumola
bjjgbdlbgjeoankjijbmheneoekbghcg
cplklnmnlbnpmjogncfgfijoopmnlemp
djflhoibgkdhkhhcedjiklpkjnoahfmg
gpolcofcjjiooogejfbaamdgmgfehgff
iebpjdmgckacbodjpijphcplhebcmeop
jnhgnonknehpejjnehehllkliplmbmhn
my.ny.gov
nconiknmmhhhffhmbknbplalknajiaef
neodgnejhhhlcdoglifbmioajmagpeci
nndknepjnldbdbepjfgmncbggmopgden
rumola
161.11.222.92
18.66.147.97
34.223.206.27
19d9f34b9230c01106ce1ac12f2fd5d88f9e90f0e40e3d190922e5ea80128a95
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
3911e7c9d421c5b4435541e78ea1ea99b9975249fe7dc21cddad7418e666be02
43e51f129fb6eb0f52aee5fb4857f14796f9a5b38e66f445658db1ac1fb7298e
483d244f19d7105fd875ee8d01223fb50c32409a0a33e6998b0ab644bbdc4a62
527618cea9061d8b50c06858a76cba5fcfd7af6aa4435b8051fd699f4bbf6dc7
552f179b8856e5355d6d5865abf56d10af6a0e698c3a8ea2b5610c459fbe37a3
60d20c34efdd7103c273f54369cfc42c6d0a39126ce22298f2d31924b4ca5a56
67197e630411bf9f483df595aaf28ecf4da81762a87d581861ab0e4c1a55b51b
740551c7100c7497590a2fbb1c6ac42557bd96cbf3bc896bd2fcf87c3820d5c9
77b5ff765ff7653b7756896e3951eb246f500edea52c79e0c64a6ef085e4c14e
d952fafe2ace405711d16dd5b78225162c199fffc0132fb1d85b612b629c5e22