URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Submission: On June 11 via api from IN — Scanned from DE

Summary

This website contacted 20 IPs in 5 countries across 14 domains to perform 73 HTTP transactions. The main IP is 2a02:26f0:480:d8d::219c, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.hhs.gov. The Cisco Umbrella rank of the primary domain is 97159.
TLS certificate: Issued by GeoTrust RSA CA 2018 on August 19th 2023. Valid for: a year.
This is the only time www.hhs.gov was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
31 hhs.gov
www.hhs.gov — Cisco Umbrella Rank: 97159
301 KB
7 crazyegg.com
script.crazyegg.com — Cisco Umbrella Rank: 3003
pagestates-tracking.crazyegg.com — Cisco Umbrella Rank: 6741
assets-tracking.crazyegg.com — Cisco Umbrella Rank: 6587
tracking.crazyegg.com — Cisco Umbrella Rank: 5463
41 KB
6 qualtrics.com
zn8nyvgbt59q9merx-hhsgovfedramp.gov1.siteintercept.qualtrics.com — Cisco Umbrella Rank: 219946
gov1.siteintercept.qualtrics.com — Cisco Umbrella Rank: 14588
67 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79
496 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 68
region1.google-analytics.com — Cisco Umbrella Rank: 2347
21 KB
4 usa.gov
search.usa.gov — Cisco Umbrella Rank: 23407
46 KB
3 google.de
www.google.de — Cisco Umbrella Rank: 8196
189 B
3 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 132
457 B
3 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3078
www.google.com — Cisco Umbrella Rank: 5
369 B
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 90
15 KB
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 1017
4 KB
1 siteimproveanalytics.io
6282609.global.r2.siteimproveanalytics.io — Cisco Umbrella Rank: 201778
149 B
1 siteimproveanalytics.com
siteimproveanalytics.com — Cisco Umbrella Rank: 4604
17 KB
1 digitalgov.gov
dap.digitalgov.gov — Cisco Umbrella Rank: 5562
9 KB
73 14
Domain Requested by
31 www.hhs.gov www.hhs.gov
5 gov1.siteintercept.qualtrics.com zn8nyvgbt59q9merx-hhsgovfedramp.gov1.siteintercept.qualtrics.com
gov1.siteintercept.qualtrics.com
5 www.googletagmanager.com www.hhs.gov
www.googletagmanager.com
dap.digitalgov.gov
4 search.usa.gov 1 redirects www.hhs.gov
search.usa.gov
4 script.crazyegg.com www.googletagmanager.com
script.crazyegg.com
3 www.google-analytics.com dap.digitalgov.gov
www.google-analytics.com
3 www.google.de www.hhs.gov
3 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 www.youtube.com dap.digitalgov.gov
www.youtube.com
2 region1.analytics.google.com www.googletagmanager.com
2 unpkg.com 1 redirects www.hhs.gov
1 zn8nyvgbt59q9merx-hhsgovfedramp.gov1.siteintercept.qualtrics.com www.hhs.gov
1 tracking.crazyegg.com script.crazyegg.com
1 assets-tracking.crazyegg.com script.crazyegg.com
1 pagestates-tracking.crazyegg.com script.crazyegg.com
1 www.google.com www.hhs.gov
1 region1.google-analytics.com dap.digitalgov.gov
1 6282609.global.r2.siteimproveanalytics.io www.hhs.gov
1 siteimproveanalytics.com www.hhs.gov
1 dap.digitalgov.gov www.googletagmanager.com
73 20
Subject Issuer Validity Valid
www.hhs.gov
GeoTrust RSA CA 2018
2023-08-19 -
2024-08-21
a year crt.sh
*.google-analytics.com
WR2
2024-05-27 -
2024-08-19
3 months crt.sh
script.crazyegg.com
E1
2024-06-03 -
2024-09-01
3 months crt.sh
dap.digitalgov.gov
Amazon RSA 2048 M03
2024-06-06 -
2025-07-05
a year crt.sh
siteimproveanalytics.com
GTS CA 1P5
2024-04-23 -
2024-07-22
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2024-05-21 -
2024-08-13
3 months crt.sh
*.google.de
WR2
2024-05-27 -
2024-08-19
3 months crt.sh
*.google.com
WR2
2024-05-27 -
2024-08-19
3 months crt.sh
*.global.r2.siteimproveanalytics.io
Amazon RSA 2048 M03
2023-10-26 -
2024-11-23
a year crt.sh
crazyegg.com
Amazon RSA 2048 M02
2024-04-28 -
2025-05-27
a year crt.sh
search.usa.gov
R3
2024-05-08 -
2024-08-06
3 months crt.sh
*.qualtrics.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-03-01 -
2025-02-19
a year crt.sh

This page contains 1 frames:

Primary Page: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Frame ID: F8244CA7ADA4431CC2B82BF1136FE3B4
Requests: 73 HTTP requests in this frame

Screenshot

Page Title

Page Not Found | HHS.gov

Detected technologies

Overall confidence: 100%
Detected patterns
  • script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

73
Requests

95 %
HTTPS

53 %
IPv6

14
Domains

20
Subdomains

20
IPs

5
Countries

1017 kB
Transfer

3343 kB
Size

18
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32
  • https://unpkg.com/web-vitals/dist/web-vitals.iife.js HTTP 302
  • https://unpkg.com/web-vitals@4.1.1/dist/web-vitals.iife.js
Request Chain 35
  • https://search.usa.gov/javascripts/remote.loader.js HTTP 301
  • https://search.usa.gov/assets/sayt_loader.js

73 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request 2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
www.hhs.gov/sites/default/files/
33 KB
34 KB
Document
General
Full URL
https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:d8d::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
26d938f65de18518a77e8c1ed9860b91a76d55083e9ef0a98930e14f37a9a4f7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' hhs.gov *.hhs.gov
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
public, max-age=3571
content-language
en
content-length
34263
content-security-policy
frame-ancestors 'self' hhs.gov *.hhs.gov
content-type
text/html; charset=UTF-8
date
Tue, 11 Jun 2024 17:49:44 GMT
etag
"1718128183"
last-modified
Tue, 11 Jun 2024 17:49:43 GMT
server-timing
cdn-cache; desc=MISS edge; dur=116 origin; dur=319 ak_p; desc="1718128183619_34911185_26475027_43372_9028_18_79_255";dur=1
strict-transport-security
max-age=31536000;includeSubDomains;preload
x-content-type-options
nosniff nosniff
x-drupal-cache
MISS
x-frame-options
SAMEORIGIN
x-generator
Drupal 10 (https://www.drupal.org)
css_dq3Wp6mHtrm8Uqz8PVuydRgXv_HeR0n4QyMLsmIVW2U.css
www.hhs.gov/sites/default/files/css/
12 KB
3 KB
Stylesheet
General
Full URL
https://www.hhs.gov/sites/default/files/css/css_dq3Wp6mHtrm8Uqz8PVuydRgXv_HeR0n4QyMLsmIVW2U.css?delta=0&language=en&theme=hhs_uswds&include=eJxNzlEOwiAQBNALUTkS2ZaxbKSFMIu1nt5qE_VrJvMxedxpWPwohEuJoXOL9HMuo-TPMJd76Bpsg9zodamlGWKg7Rl011JsLQb6b3NVmsxNaqKPrVfJl99y6WvtY1YmRMcyqeSwIKq8BTr9EQwPGxqozxNGSJuSP-NADbZXSIIcP2rYNCJIRjOvq9oLEf1VKQ
Requested by
Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:d8d::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
8e94b78e6ef1f03624bce3e8b042876c13fa605d0f27d37399c498d8965da27a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' hhs.gov *.hhs.gov
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
frame-ancestors 'self' hhs.gov *.hhs.gov
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 11 Jun 2024 17:49:44 GMT
last-modified
Thu, 06 Jun 2024 23:01:11 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload
etag
"66623fb7-2ea7"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=266, origin; dur=0, ak_p; desc="1718128184172_34911185_26475775_26596_7505_18_0_255";dur=1
accept-ranges
bytes
content-length
3060
x-request-id
6a268da04c9b671f32c2cc71f0513036
css_u8iLDafwaLCwx-9qX1vh55WmyQb_X0gpnSh3h4YlPts.css
www.hhs.gov/sites/default/files/css/
594 KB
87 KB
Stylesheet
General
Full URL
https://www.hhs.gov/sites/default/files/css/css_u8iLDafwaLCwx-9qX1vh55WmyQb_X0gpnSh3h4YlPts.css?delta=1&language=en&theme=hhs_uswds&include=eJxNzlEOwiAQBNALUTkS2ZaxbKSFMIu1nt5qE_VrJvMxedxpWPwohEuJoXOL9HMuo-TPMJd76Bpsg9zodamlGWKg7Rl011JsLQb6b3NVmsxNaqKPrVfJl99y6WvtY1YmRMcyqeSwIKq8BTr9EQwPGxqozxNGSJuSP-NADbZXSIIcP2rYNCJIRjOvq9oLEf1VKQ
Requested by
Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:d8d::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
d469fd596394ada503bb0d3db7f6b497754a74a0eda9acc4f86eaa8531a441a6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' hhs.gov *.hhs.gov
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
frame-ancestors 'self' hhs.gov *.hhs.gov
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 11 Jun 2024 17:49:44 GMT
last-modified
Thu, 06 Jun 2024 22:59:25 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload
etag
"66623f4d-94873"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=263, origin; dur=0, ak_p; desc="1718128184172_34911185_26475776_26306_7508_18_0_255";dur=1
accept-ranges
bytes
content-length
88968
x-request-id
ddf2f0090b7ae5a4e6c59affe33abeb5
chosen.min.css
www.hhs.gov/themes/custom/hhs_uswds/js/libraries/chosen/
10 KB
3 KB
Stylesheet
General
Full URL
https://www.hhs.gov/themes/custom/hhs_uswds/js/libraries/chosen/chosen.min.css?seol4y
Requested by
Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:d8d::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
107fc2ce0a096cd103fa0660ca6b30b083ab33d5e121b75227a1f0ae8d3d584e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' hhs.gov *.hhs.gov
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
frame-ancestors 'self' hhs.gov *.hhs.gov
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 11 Jun 2024 17:49:44 GMT
last-modified
Thu, 06 Jun 2024 21:56:23 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload
etag
"66623087-27ec"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1718128184172_34911185_26475777_28_6969_18_0_255";dur=1
accept-ranges
bytes
content-length
2273
x-request-id
89858f7ff69ff0a1ef36a69255588164
modernizr.min.js
www.hhs.gov/themes/custom/hhs_uswds/js/libraries/
9 KB
4 KB
Script
General
Full URL
https://www.hhs.gov/themes/custom/hhs_uswds/js/libraries/modernizr.min.js?v=3.11.7
Requested by
Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:d8d::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9239df21ae3e740f16c2fab29d29cb8076e9d724d669044e5f2498e7cf0edd66
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' hhs.gov *.hhs.gov
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
frame-ancestors 'self' hhs.gov *.hhs.gov
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 11 Jun 2024 17:49:44 GMT
last-modified
Thu, 06 Jun 2024 21:56:23 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload
etag
"66623087-22c1"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=43, origin; dur=0, ak_p; desc="1718128184172_34911185_26475778_4356_6605_18_0_219";dur=1
accept-ranges
bytes
content-length
3708
x-request-id
c46587e4fe9947fe34a8e4f33cdbb810
us_flag_small.png
www.hhs.gov/themes/custom/hhs_uswds/images/
135 B
462 B
Image
General
Full URL
https://www.hhs.gov/themes/custom/hhs_uswds/images/us_flag_small.png
Requested by
Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:d8d::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5b0c01b75ef00b470fab45a25688326a108f326e04b14f9ef18ffad7d429f7b6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' hhs.gov *.hhs.gov
Strict-Transport-Security max-age=31536000;includeSubDomains;preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
frame-ancestors 'self' hhs.gov *.hhs.gov
date
Tue, 11 Jun 2024 17:49:44 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload
last-modified
Sat, 13 Apr 2024 00:45:42 GMT
etag
"65fde57d-b0"
content-type
image/gif
cache-control
private, no-transform, max-age=1919425
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1718128184172_34911185_26475779_28_8192_18_0_182";dur=1
content-length
135
icon-dot-gov.svg
www.hhs.gov/themes/custom/hhs_uswds/images/
800 B
848 B
Image
General
Full URL
https://www.hhs.gov/themes/custom/hhs_uswds/images/icon-dot-gov.svg
Requested by
Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:d8d::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
54f6653a149c83b73515cc2ec032a18151b57d3ffe97ef04495ce6623e48d1bb
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' hhs.gov *.hhs.gov
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
frame-ancestors 'self' hhs.gov *.hhs.gov
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 11 Jun 2024 17:49:44 GMT
last-modified
Thu, 06 Jun 2024 21:56:23 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload
etag
"66623087-320"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2592000
server-timing
cdn-cache; desc=HIT, edge; dur=35, origin; dur=0, ak_p; desc="1718128184183_34911185_26475789_3545_6285_18_0_182";dur=1
accept-ranges
bytes
content-length
423
x-request-id
2ac889e7b6c441e36e1b3a3571cb8b7f
icon-https.svg
www.hhs.gov/themes/custom/hhs_uswds/images/
720 B
812 B
Image
General
Full URL
https://www.hhs.gov/themes/custom/hhs_uswds/images/icon-https.svg
Requested by
Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:d8d::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
912daff95ce9cabae7d0195d39aa98d49c4bec3b975d404ac266534c069cee20
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' hhs.gov *.hhs.gov
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
frame-ancestors 'self' hhs.gov *.hhs.gov
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 11 Jun 2024 17:49:44 GMT
last-modified
Thu, 06 Jun 2024 21:56:23 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload
etag
"66623087-2d0"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2592000
server-timing
cdn-cache; desc=HIT, edge; dur=7, origin; dur=0, ak_p; desc="1718128184209_34911185_26475831_754_5638_18_0_182";dur=1
accept-ranges
bytes
content-length
387
x-request-id
1f7c05b009df808b3ff2f5d87983b66d
logo-desktop.svg
www.hhs.gov/themes/custom/hhs_uswds/
42 KB
13 KB
Image
General
Full URL
https://www.hhs.gov/themes/custom/hhs_uswds/logo-desktop.svg
Requested by
Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:d8d::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
d061140563c90833146615532fd0b8226ca97038b74db7ca78c104cad7f68061
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' hhs.gov *.hhs.gov
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
frame-ancestors 'self' hhs.gov *.hhs.gov
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 11 Jun 2024 17:49:44 GMT
last-modified
Thu, 06 Jun 2024 21:56:27 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload
etag
"6662308b-a958"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2592000
server-timing
cdn-cache; desc=HIT, edge; dur=275, origin; dur=0, ak_p; desc="1718128184245_34911185_26475903_27457_5527_22_0_182";dur=1
accept-ranges
bytes
content-length
12746
x-request-id
18cd9e5a9653cb7c0ad0c8f717344b12
close-white-2.svg
www.hhs.gov/themes/custom/hhs_uswds/images/
585 B
825 B
Image
General
Full URL
https://www.hhs.gov/themes/custom/hhs_uswds/images/close-white-2.svg
Requested by
Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:d8d::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
cc9f14c4a9a96125899d0ed2b958d12ce311275bea264f4d191aca6c9ebd0a59
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' hhs.gov *.hhs.gov
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
frame-ancestors 'self' hhs.gov *.hhs.gov
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 11 Jun 2024 17:49:44 GMT
last-modified
Thu, 06 Jun 2024 21:56:23 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload
etag
"66623087-249"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2592000
server-timing
cdn-cache; desc=HIT, edge; dur=270, origin; dur=0, ak_p; desc="1718128184251_34911185_26475911_26962_4915_22_0_182";dur=1
accept-ranges
bytes
content-length
398
x-request-id
523716b18505f473220634ee426e6860
search--blue.svg
www.hhs.gov/themes/custom/hhs_uswds/images/usa-icons-bg/
696 B
888 B
Image
General
Full URL
https://www.hhs.gov/themes/custom/hhs_uswds/images/usa-icons-bg/search--blue.svg
Requested by
Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:d8d::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
0cd8c3832c7dbdea696b8f8b30aab2a2bd07862a597b1b2aeb92f1c0730250ab
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' hhs.gov *.hhs.gov
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
frame-ancestors 'self' hhs.gov *.hhs.gov
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 11 Jun 2024 17:49:44 GMT
last-modified
Thu, 06 Jun 2024 21:56:23 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload
etag
"66623087-2b8"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2592000
server-timing
cdn-cache; desc=HIT, edge; dur=1, origin; dur=0, ak_p; desc="1718128184544_34911185_26476453_156_5984_20_0_219";dur=1
accept-ranges
bytes
content-length
462
x-request-id
b396f08112465c0c27ad4748f0142dac
text-resize.svg
www.hhs.gov/themes/custom/hhs_uswds/images/
703 B
846 B
Image
General
Full URL
https://www.hhs.gov/themes/custom/hhs_uswds/images/text-resize.svg
Requested by
Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:d8d::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
7892953878bab9d973434c986c5c6d4e1f128217d37f88fb0341fdd140429a01
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' hhs.gov *.hhs.gov
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
frame-ancestors 'self' hhs.gov *.hhs.gov
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 11 Jun 2024 17:49:44 GMT
last-modified
Thu, 06 Jun 2024 21:56:23 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload
etag
"66623087-2bf"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2592000
server-timing
cdn-cache; desc=HIT, edge; dur=1, origin; dur=0, ak_p; desc="1718128184544_34911185_26476454_179_5975_19_0_219";dur=1
accept-ranges
bytes
content-length
421
x-request-id
66080d29259d349c3950bfa8a311146d
logo-footer.svg
www.hhs.gov/themes/custom/hhs_uswds/
22 KB
8 KB
Image
General
Full URL
https://www.hhs.gov/themes/custom/hhs_uswds/logo-footer.svg
Requested by
Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:d8d::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
cfda00d655e289b53fa8300e74fb8e681131bf9c61f6dc27e656b9060be1ab60
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' hhs.gov *.hhs.gov
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
frame-ancestors 'self' hhs.gov *.hhs.gov
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 11 Jun 2024 17:49:44 GMT
last-modified
Thu, 06 Jun 2024 21:56:27 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload
etag
"6662308b-58cc"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2592000
server-timing
cdn-cache; desc=HIT, edge; dur=3, origin; dur=0, ak_p; desc="1718128184544_34911185_26476455_317_6043_19_0_146";dur=1
accept-ranges
bytes
content-length
8074
x-request-id
0bdf8dfba1a6ac2797dcd439dd62efdf
js_Vt0RzIH0YFMfeTj-dut8zED3SVtJoaGEO5j_gpDJSqk.js
www.hhs.gov/sites/default/files/js/
92 KB
32 KB
Script
General
Full URL
https://www.hhs.gov/sites/default/files/js/js_Vt0RzIH0YFMfeTj-dut8zED3SVtJoaGEO5j_gpDJSqk.js?scope=footer&delta=0&language=en&theme=hhs_uswds&include=eJxNzlEOwiAQBNALUTkS2ZaxbKSFMIu1nt5qE_VrJvMxedxpWPwohEuJoXOL9HMuo-TPMJd76Bpsg9zodamlGWKg7Rl011JsLQb6b3NVmsxNaqKPrVfJl99y6WvtY1YmRMcyqeSwIKq8BTr9EQwPGxqozxNGSJuSP-NADbZXSIIcP2rYNCJIRjOvq9oLEf1VKQ
Requested by
Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:d8d::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
44331f4bf82ba7af7a4bfe091c90202e9947ac209a4cfb27296c56d92e81191b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' hhs.gov *.hhs.gov
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
frame-ancestors 'self' hhs.gov *.hhs.gov
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 11 Jun 2024 17:49:44 GMT
last-modified
Thu, 06 Jun 2024 22:58:37 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload
etag
"66623f1d-170af"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=91, origin; dur=0, ak_p; desc="1718128184525_34911185_26476418_9169_7257_24_0_219";dur=1
accept-ranges
bytes
content-length
32580
x-request-id
b4b7c7af7a8d9411ca8750980473a655
common.min.js
www.hhs.gov/themes/custom/hhs_uswds/js/dist/
52 KB
17 KB
Script
General
Full URL
https://www.hhs.gov/themes/custom/hhs_uswds/js/dist/common.min.js?v=1.0.1
Requested by
Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:d8d::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
37f592cb61175a163c00876c137b71a8688bd1e7d311dc450a783c7797088629
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' hhs.gov *.hhs.gov
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
frame-ancestors 'self' hhs.gov *.hhs.gov
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 11 Jun 2024 17:49:44 GMT
last-modified
Thu, 06 Jun 2024 21:56:23 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload
etag
"66623087-ce50"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=2, origin; dur=0, ak_p; desc="1718128184526_34911185_26476419_242_6803_22_0_182";dur=1
accept-ranges
bytes
content-length
16940
x-request-id
daf56b7d3f5fb762dc646dbabca14575
uswds-init.min.js
www.hhs.gov/themes/custom/hhs_uswds/js/libraries/
826 B
918 B
Script
General
Full URL
https://www.hhs.gov/themes/custom/hhs_uswds/js/libraries/uswds-init.min.js?v=1.0.2
Requested by
Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:d8d::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
63a2d8f905f0eb3a998f0bfc0bc3520d7a45718248bc72a1ea864bc953b3a111
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' hhs.gov *.hhs.gov
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
frame-ancestors 'self' hhs.gov *.hhs.gov
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 11 Jun 2024 17:49:44 GMT
last-modified
Thu, 06 Jun 2024 21:56:23 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload
etag
"66623087-33a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=2, origin; dur=0, ak_p; desc="1718128184526_34911185_26476420_213_6733_22_0_182";dur=1
accept-ranges
bytes
content-length
487
x-request-id
ee5eacfddbef66bd5dcb63562f52686b
scripts.min.js
www.hhs.gov/themes/custom/hhs_uswds/js/dist/
6 KB
3 KB
Script
General
Full URL
https://www.hhs.gov/themes/custom/hhs_uswds/js/dist/scripts.min.js?v=1.0.2
Requested by
Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:d8d::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ad1db9c84b3859822e50b4c3e4624326167adb0924d0db62d713f0ac626190f6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' hhs.gov *.hhs.gov
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
frame-ancestors 'self' hhs.gov *.hhs.gov
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 11 Jun 2024 17:49:44 GMT
last-modified
Thu, 06 Jun 2024 21:56:23 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload
etag
"66623087-191c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=90, origin; dur=0, ak_p; desc="1718128184526_34911185_26476421_8985_6682_24_0_182";dur=1
accept-ranges
bytes
content-length
2420
x-request-id
657be192b6b6c32468c9ea1368a0236d
js_TKnpDM_92qbhfTosSC1KKcsOV4rI76v9n9Wda5E-Vuc.js
www.hhs.gov/sites/default/files/js/
33 KB
10 KB
Script
General
Full URL
https://www.hhs.gov/sites/default/files/js/js_TKnpDM_92qbhfTosSC1KKcsOV4rI76v9n9Wda5E-Vuc.js?scope=footer&delta=4&language=en&theme=hhs_uswds&include=eJxNzlEOwiAQBNALUTkS2ZaxbKSFMIu1nt5qE_VrJvMxedxpWPwohEuJoXOL9HMuo-TPMJd76Bpsg9zodamlGWKg7Rl011JsLQb6b3NVmsxNaqKPrVfJl99y6WvtY1YmRMcyqeSwIKq8BTr9EQwPGxqozxNGSJuSP-NADbZXSIIcP2rYNCJIRjOvq9oLEf1VKQ
Requested by
Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:d8d::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
127ddb9e1176c8e914af91b54de652b8c1e42964cdaca67c96143b0be7281ba1
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' hhs.gov *.hhs.gov
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
frame-ancestors 'self' hhs.gov *.hhs.gov
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 11 Jun 2024 17:49:44 GMT
last-modified
Thu, 06 Jun 2024 22:58:37 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload
etag
"66623f1d-82d1"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=89, origin; dur=0, ak_p; desc="1718128184526_34911185_26476422_8928_7291_24_0_182";dur=1
accept-ranges
bytes
content-length
10263
x-request-id
68712eed2170a8ccb587bb780ed68c74
chosen.jquery.min.js
www.hhs.gov/themes/custom/hhs_uswds/js/libraries/chosen/
30 KB
7 KB
Script
General
Full URL
https://www.hhs.gov/themes/custom/hhs_uswds/js/libraries/chosen/chosen.jquery.min.js?v=1.0.2
Requested by
Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:d8d::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
cdb66cc1d3d413cde2f396328e482211b433bc15aa9fb1d331b33f67ee059550
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' hhs.gov *.hhs.gov
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
frame-ancestors 'self' hhs.gov *.hhs.gov
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 11 Jun 2024 17:49:44 GMT
last-modified
Thu, 06 Jun 2024 21:56:23 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload
etag
"66623087-76ed"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1718128184526_34911185_26476423_105_6133_22_0_182";dur=1
accept-ranges
bytes
content-length
7005
x-request-id
da6fe35a15256360102232ebdf31eae7
js_WLrbCmnmenWpcSb2v-eF3QweO6Vl2wa_9zOYv2acXr0.js
www.hhs.gov/sites/default/files/js/
3 KB
2 KB
Script
General
Full URL
https://www.hhs.gov/sites/default/files/js/js_WLrbCmnmenWpcSb2v-eF3QweO6Vl2wa_9zOYv2acXr0.js?scope=footer&delta=6&language=en&theme=hhs_uswds&include=eJxNzlEOwiAQBNALUTkS2ZaxbKSFMIu1nt5qE_VrJvMxedxpWPwohEuJoXOL9HMuo-TPMJd76Bpsg9zodamlGWKg7Rl011JsLQb6b3NVmsxNaqKPrVfJl99y6WvtY1YmRMcyqeSwIKq8BTr9EQwPGxqozxNGSJuSP-NADbZXSIIcP2rYNCJIRjOvq9oLEf1VKQ
Requested by
Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:d8d::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5a2046f21693fb7c85966514e6f84c73802a8ef672909d71792c60a515b5b7fe
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' hhs.gov *.hhs.gov
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
frame-ancestors 'self' hhs.gov *.hhs.gov
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 11 Jun 2024 17:49:44 GMT
last-modified
Thu, 06 Jun 2024 22:58:39 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload
etag
"66623f1f-a15"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=262, origin; dur=0, ak_p; desc="1718128184526_34911185_26476424_26165_7255_19_0_182";dur=1
accept-ranges
bytes
content-length
1183
x-request-id
4057ab753ece31b75c31d6b9bd291d9a
searchgov-typeahead.js
www.hhs.gov/modules/hhs/shared/hhs_search/assets/
388 B
680 B
Script
General
Full URL
https://www.hhs.gov/modules/hhs/shared/hhs_search/assets/searchgov-typeahead.js?seol4y
Requested by
Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:d8d::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
30fcc86d3b4c2298f310378a41789083b37e55b58b1fe1cd141be30317c6569d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' hhs.gov *.hhs.gov
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
frame-ancestors 'self' hhs.gov *.hhs.gov
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 11 Jun 2024 17:49:44 GMT
last-modified
Thu, 06 Jun 2024 21:56:26 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload
etag
"6662308a-184"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=2, origin; dur=0, ak_p; desc="1718128184544_34911185_26476456_266_6948_19_0_146";dur=1
accept-ranges
bytes
content-length
250
x-request-id
ceda393b9a09ba83c1c860017157d48b
js_q0Yuz1LRxVDVG3E5opegECHR9wiwY3cS-uYAiCzfx54.js
www.hhs.gov/sites/default/files/js/
5 KB
2 KB
Script
General
Full URL
https://www.hhs.gov/sites/default/files/js/js_q0Yuz1LRxVDVG3E5opegECHR9wiwY3cS-uYAiCzfx54.js?scope=footer&delta=8&language=en&theme=hhs_uswds&include=eJxNzlEOwiAQBNALUTkS2ZaxbKSFMIu1nt5qE_VrJvMxedxpWPwohEuJoXOL9HMuo-TPMJd76Bpsg9zodamlGWKg7Rl011JsLQb6b3NVmsxNaqKPrVfJl99y6WvtY1YmRMcyqeSwIKq8BTr9EQwPGxqozxNGSJuSP-NADbZXSIIcP2rYNCJIRjOvq9oLEf1VKQ
Requested by
Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:d8d::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e914096d5f8a39c7b4a0019e28bdaf3e075496e337050c352fd4c58b48be364b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' hhs.gov *.hhs.gov
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
frame-ancestors 'self' hhs.gov *.hhs.gov
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 11 Jun 2024 17:49:44 GMT
last-modified
Thu, 06 Jun 2024 22:58:39 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload
etag
"66623f1f-1234"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=92, origin; dur=0, ak_p; desc="1718128184526_34911185_26476425_9233_7214_24_0_182";dur=1
accept-ranges
bytes
content-length
1516
x-request-id
fd18aa0b1eac1d1d02ccc21ed8a21430
sourcesanspro-regular-webfont.woff2
www.hhs.gov/themes/custom/hhs_uswds/fonts/source-sans-pro/
20 KB
20 KB
Font
General
Full URL
https://www.hhs.gov/themes/custom/hhs_uswds/fonts/source-sans-pro/sourcesanspro-regular-webfont.woff2
Requested by
Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/css/css_u8iLDafwaLCwx-9qX1vh55WmyQb_X0gpnSh3h4YlPts.css?delta=1&language=en&theme=hhs_uswds&include=eJxNzlEOwiAQBNALUTkS2ZaxbKSFMIu1nt5qE_VrJvMxedxpWPwohEuJoXOL9HMuo-TPMJd76Bpsg9zodamlGWKg7Rl011JsLQb6b3NVmsxNaqKPrVfJl99y6WvtY1YmRMcyqeSwIKq8BTr9EQwPGxqozxNGSJuSP-NADbZXSIIcP2rYNCJIRjOvq9oLEf1VKQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:d8d::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
8792619becd8b285e78f14bfcf1ad66e2adbae0f5ec8ad131246621f806ac535
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hhs.gov/sites/default/files/css/css_u8iLDafwaLCwx-9qX1vh55WmyQb_X0gpnSh3h4YlPts.css?delta=1&language=en&theme=hhs_uswds&include=eJxNzlEOwiAQBNALUTkS2ZaxbKSFMIu1nt5qE_VrJvMxedxpWPwohEuJoXOL9HMuo-TPMJd76Bpsg9zodamlGWKg7Rl011JsLQb6b3NVmsxNaqKPrVfJl99y6WvtY1YmRMcyqeSwIKq8BTr9EQwPGxqozxNGSJuSP-NADbZXSIIcP2rYNCJIRjOvq9oLEf1VKQ
Origin
https://www.hhs.gov
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 17:49:44 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload
last-modified
Thu, 06 Jun 2024 21:56:23 GMT
etag
"66623087-503c"
content-type
application/octet-stream
access-control-allow-origin
*
server-timing
cdn-cache; desc=HIT, edge; dur=96, origin; dur=0, ak_p; desc="1718128184518_34911185_26476401_9627_6985_24_0_255";dur=1
accept-ranges
bytes
content-length
20540
gtm.js
www.googletagmanager.com/
512 KB
120 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-JLFR
Requested by
Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5301a3b2585691f47c7bf8e0f5a29c00211091859fd1877d27c9102ddcd1c679
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hhs.gov/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 17:49:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121985
x-xss-protection
0
last-modified
Tue, 11 Jun 2024 17:03:45 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 11 Jun 2024 17:49:44 GMT
sprite.svg
www.hhs.gov/themes/custom/hhs_uswds/images/
83 KB
22 KB
Other
General
Full URL
https://www.hhs.gov/themes/custom/hhs_uswds/images/sprite.svg
Requested by
Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:d8d::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
2711f20d80d0f69b5056bb95e3093b385f9f56298a98c4d2778ef7c55d432447
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' hhs.gov *.hhs.gov
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
frame-ancestors 'self' hhs.gov *.hhs.gov
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 11 Jun 2024 17:49:44 GMT
last-modified
Thu, 06 Jun 2024 21:56:23 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload
etag
"66623087-14d98"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2592000
server-timing
cdn-cache; desc=HIT, edge; dur=4, origin; dur=0, ak_p; desc="1718128184544_34911185_26476457_399_6871_19_0_146";dur=1
accept-ranges
bytes
content-length
22109
x-request-id
c1beade3d8135d952abce06f8a39c990
sprite.artifact.svg
www.hhs.gov/themes/custom/hhs_uswds/images/
7 KB
3 KB
Other
General
Full URL
https://www.hhs.gov/themes/custom/hhs_uswds/images/sprite.artifact.svg
Requested by
Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:d8d::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
af12198fcbc14f0a22b0adb0b3223b420d0288a8e8f0c1c0c1e758e91361e971
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' hhs.gov *.hhs.gov
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
frame-ancestors 'self' hhs.gov *.hhs.gov
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 11 Jun 2024 17:49:44 GMT
last-modified
Thu, 06 Jun 2024 21:56:23 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload
etag
"66623087-1b64"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2592000
server-timing
cdn-cache; desc=HIT, edge; dur=3, origin; dur=0, ak_p; desc="1718128184544_34911185_26476458_332_6848_19_0_146";dur=1
accept-ranges
bytes
content-length
2772
x-request-id
5cb35bb9003c3fc5ee6d8ab7ce867da2
expand_more.svg
www.hhs.gov/themes/custom/hhs_uswds/images/usa-icons/
182 B
587 B
Image
General
Full URL
https://www.hhs.gov/themes/custom/hhs_uswds/images/usa-icons/expand_more.svg
Requested by
Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/css/css_u8iLDafwaLCwx-9qX1vh55WmyQb_X0gpnSh3h4YlPts.css?delta=1&language=en&theme=hhs_uswds&include=eJxNzlEOwiAQBNALUTkS2ZaxbKSFMIu1nt5qE_VrJvMxedxpWPwohEuJoXOL9HMuo-TPMJd76Bpsg9zodamlGWKg7Rl011JsLQb6b3NVmsxNaqKPrVfJl99y6WvtY1YmRMcyqeSwIKq8BTr9EQwPGxqozxNGSJuSP-NADbZXSIIcP2rYNCJIRjOvq9oLEf1VKQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:d8d::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
fe0ef658114738f046347758fc2f00dddd7e98fadc930048e34675d9153472ac
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' hhs.gov *.hhs.gov
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hhs.gov/sites/default/files/css/css_u8iLDafwaLCwx-9qX1vh55WmyQb_X0gpnSh3h4YlPts.css?delta=1&language=en&theme=hhs_uswds&include=eJxNzlEOwiAQBNALUTkS2ZaxbKSFMIu1nt5qE_VrJvMxedxpWPwohEuJoXOL9HMuo-TPMJd76Bpsg9zodamlGWKg7Rl011JsLQb6b3NVmsxNaqKPrVfJl99y6WvtY1YmRMcyqeSwIKq8BTr9EQwPGxqozxNGSJuSP-NADbZXSIIcP2rYNCJIRjOvq9oLEf1VKQ
Origin
https://www.hhs.gov
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
frame-ancestors 'self' hhs.gov *.hhs.gov
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 11 Jun 2024 17:49:44 GMT
last-modified
Thu, 06 Jun 2024 21:56:23 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload
etag
"66623087-b6"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2592000
server-timing
cdn-cache; desc=HIT, edge; dur=3, origin; dur=0, ak_p; desc="1718128184544_34911185_26476459_291_6868_19_0_219";dur=1
accept-ranges
bytes
content-length
163
x-request-id
a5b32717c2bcacf1e64c8e040be67829
search--white.svg
www.hhs.gov/themes/custom/hhs_uswds/images/usa-icons-bg/
387 B
692 B
Image
General
Full URL
https://www.hhs.gov/themes/custom/hhs_uswds/images/usa-icons-bg/search--white.svg
Requested by
Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/css/css_u8iLDafwaLCwx-9qX1vh55WmyQb_X0gpnSh3h4YlPts.css?delta=1&language=en&theme=hhs_uswds&include=eJxNzlEOwiAQBNALUTkS2ZaxbKSFMIu1nt5qE_VrJvMxedxpWPwohEuJoXOL9HMuo-TPMJd76Bpsg9zodamlGWKg7Rl011JsLQb6b3NVmsxNaqKPrVfJl99y6WvtY1YmRMcyqeSwIKq8BTr9EQwPGxqozxNGSJuSP-NADbZXSIIcP2rYNCJIRjOvq9oLEf1VKQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:d8d::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
85be1f76ce73e5e3a68fc28a6897ad8c910a7d02e057986711264f19ec3f36c6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' hhs.gov *.hhs.gov
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hhs.gov/sites/default/files/css/css_u8iLDafwaLCwx-9qX1vh55WmyQb_X0gpnSh3h4YlPts.css?delta=1&language=en&theme=hhs_uswds&include=eJxNzlEOwiAQBNALUTkS2ZaxbKSFMIu1nt5qE_VrJvMxedxpWPwohEuJoXOL9HMuo-TPMJd76Bpsg9zodamlGWKg7Rl011JsLQb6b3NVmsxNaqKPrVfJl99y6WvtY1YmRMcyqeSwIKq8BTr9EQwPGxqozxNGSJuSP-NADbZXSIIcP2rYNCJIRjOvq9oLEf1VKQ
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
frame-ancestors 'self' hhs.gov *.hhs.gov
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 11 Jun 2024 17:49:44 GMT
last-modified
Thu, 06 Jun 2024 21:56:23 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload
etag
"66623087-183"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2592000
server-timing
cdn-cache; desc=HIT, edge; dur=259, origin; dur=0, ak_p; desc="1718128184544_34911185_26476460_25920_6840_19_0_219";dur=1
accept-ranges
bytes
content-length
263
x-request-id
d98ddb8d92a076a99fb49711c7564933
navigate_next.svg
www.hhs.gov/themes/custom/hhs_uswds/images/usa-icons/
184 B
594 B
Image
General
Full URL
https://www.hhs.gov/themes/custom/hhs_uswds/images/usa-icons/navigate_next.svg
Requested by
Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/css/css_u8iLDafwaLCwx-9qX1vh55WmyQb_X0gpnSh3h4YlPts.css?delta=1&language=en&theme=hhs_uswds&include=eJxNzlEOwiAQBNALUTkS2ZaxbKSFMIu1nt5qE_VrJvMxedxpWPwohEuJoXOL9HMuo-TPMJd76Bpsg9zodamlGWKg7Rl011JsLQb6b3NVmsxNaqKPrVfJl99y6WvtY1YmRMcyqeSwIKq8BTr9EQwPGxqozxNGSJuSP-NADbZXSIIcP2rYNCJIRjOvq9oLEf1VKQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:d8d::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
927f3948559fc75c26f4f84ec09bd1eec1e92f5ddafbea26e4a821d06c2d0dc1
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' hhs.gov *.hhs.gov
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hhs.gov/sites/default/files/css/css_u8iLDafwaLCwx-9qX1vh55WmyQb_X0gpnSh3h4YlPts.css?delta=1&language=en&theme=hhs_uswds&include=eJxNzlEOwiAQBNALUTkS2ZaxbKSFMIu1nt5qE_VrJvMxedxpWPwohEuJoXOL9HMuo-TPMJd76Bpsg9zodamlGWKg7Rl011JsLQb6b3NVmsxNaqKPrVfJl99y6WvtY1YmRMcyqeSwIKq8BTr9EQwPGxqozxNGSJuSP-NADbZXSIIcP2rYNCJIRjOvq9oLEf1VKQ
Origin
https://www.hhs.gov
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
frame-ancestors 'self' hhs.gov *.hhs.gov
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 11 Jun 2024 17:49:44 GMT
last-modified
Thu, 06 Jun 2024 21:56:23 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload
etag
"66623087-b8"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2592000
server-timing
cdn-cache; desc=HIT, edge; dur=264, origin; dur=0, ak_p; desc="1718128184544_34911185_26476461_26426_6788_19_0_219";dur=1
accept-ranges
bytes
content-length
167
x-request-id
33f61b51a32805123dce85f6c25292b1
sourcesanspro-bold-webfont.woff2
www.hhs.gov/themes/custom/hhs_uswds/fonts/source-sans-pro/
20 KB
20 KB
Font
General
Full URL
https://www.hhs.gov/themes/custom/hhs_uswds/fonts/source-sans-pro/sourcesanspro-bold-webfont.woff2
Requested by
Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/css/css_u8iLDafwaLCwx-9qX1vh55WmyQb_X0gpnSh3h4YlPts.css?delta=1&language=en&theme=hhs_uswds&include=eJxNzlEOwiAQBNALUTkS2ZaxbKSFMIu1nt5qE_VrJvMxedxpWPwohEuJoXOL9HMuo-TPMJd76Bpsg9zodamlGWKg7Rl011JsLQb6b3NVmsxNaqKPrVfJl99y6WvtY1YmRMcyqeSwIKq8BTr9EQwPGxqozxNGSJuSP-NADbZXSIIcP2rYNCJIRjOvq9oLEf1VKQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:d8d::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
83f67df68dac5c435d964be278d39f70ad8605265b6b99918a46451b77552e92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hhs.gov/sites/default/files/css/css_u8iLDafwaLCwx-9qX1vh55WmyQb_X0gpnSh3h4YlPts.css?delta=1&language=en&theme=hhs_uswds&include=eJxNzlEOwiAQBNALUTkS2ZaxbKSFMIu1nt5qE_VrJvMxedxpWPwohEuJoXOL9HMuo-TPMJd76Bpsg9zodamlGWKg7Rl011JsLQb6b3NVmsxNaqKPrVfJl99y6WvtY1YmRMcyqeSwIKq8BTr9EQwPGxqozxNGSJuSP-NADbZXSIIcP2rYNCJIRjOvq9oLEf1VKQ
Origin
https://www.hhs.gov
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 17:49:44 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload
last-modified
Thu, 06 Jun 2024 21:56:23 GMT
etag
"66623087-4f90"
content-type
application/octet-stream
access-control-allow-origin
*
server-timing
cdn-cache; desc=HIT, edge; dur=98, origin; dur=0, ak_p; desc="1718128184544_34911185_26476462_9805_5878_21_0_255";dur=1
accept-ranges
bytes
content-length
20368
js
www.googletagmanager.com/gtag/
288 KB
98 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3YLR8EGLBW&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-JLFR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7856a87457de5aa5813ab2c3e8206306ae67797b84a58d9559944c12ead5c763
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hhs.gov/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 17:49:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
100091
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 11 Jun 2024 17:49:44 GMT
js
www.googletagmanager.com/gtag/
271 KB
93 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-8RZ83J1052&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-JLFR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9ea4c3087c548abc4375b302a05189e6b488b703369fa5db32a97d6808e3a6b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hhs.gov/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 17:49:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
95507
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 11 Jun 2024 17:49:44 GMT
7360.js
script.crazyegg.com/pages/scripts/0005/
6 KB
2 KB
Script
General
Full URL
https://script.crazyegg.com/pages/scripts/0005/7360.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-JLFR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4caaf1c29e057c944fbb240c70137f657308a1ebd08e5764c73d31d3c8f4b52e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hhs.gov/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 17:49:44 GMT
content-encoding
gzip
cf-cache-status
HIT
age
38782
cf-polished
origSize=6229
ce-version
11.5.219
cf-bgj
minify
last-modified
Tue, 11 Jun 2024 07:03:22 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
timing-allow-origin
*
cf-ray
892370832f722bb2-FRA
web-vitals.iife.js
unpkg.com/web-vitals@4.1.1/dist/
Redirect Chain
  • https://unpkg.com/web-vitals/dist/web-vitals.iife.js
  • https://unpkg.com/web-vitals@4.1.1/dist/web-vitals.iife.js
7 KB
3 KB
Script
General
Full URL
https://unpkg.com/web-vitals@4.1.1/dist/web-vitals.iife.js
Requested by
Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Protocol
H2
Server
2606:4700::6811:f6cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
adf7f9b0dd938575c72ff1592ea18e7ab9bc53ff8838a38c8484c10f5d9be7fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.hhs.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Tue, 11 Jun 2024 17:49:44 GMT
content-encoding
br
via
1.1 fly.io
cf-cache-status
HIT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
54020
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01J02K6H2G2F2K00RVSZHRGF92-fra
server
cloudflare
etag
"1c0c-hOpjVE2mSiNVJWsLrpc64ergTOY"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
892370835d0d9960-FRA

Redirect headers

date
Tue, 11 Jun 2024 17:49:44 GMT
content-encoding
br
via
1.1 fly.io
cf-cache-status
HIT
fly-request-id
01J046F3TVS1C1MWPWT1HCYXEA-fra
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
261
server
cloudflare
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/web-vitals@4.1.1/dist/web-vitals.iife.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
892370831ccf9960-FRA
Universal-Federated-Analytics-Min.js
dap.digitalgov.gov/
30 KB
9 KB
Script
General
Full URL
https://dap.digitalgov.gov/Universal-Federated-Analytics-Min.js?agency=hhs&subagency=aspa&sitetopic=health&siteplatform=drupal%2010%20&sdor=hhs.gov&dclink=true&yt=true&pua=UA-36351725-9&autotracker=true&sp=sitesearchtracking,q&parallelcd=true&palagencydim=dimension1|1&palsubagencydim=dimension2|2&palversiondim=dimension3|3&paltopicdim=dimension4|4&paltopicdim=dimension5|5&cto=24
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-JLFR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:262a:d200:5:83ea:ba80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
796731c9ec6b19fe8e6c4449b405a6112806b973dc38108a845366e8803aac8c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hhs.gov/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
cS6DDXCx0_0tmD1G79EAkElinAY95t.i
content-encoding
gzip
via
1.1 5e9eaa4dae17f466e627d76765f5de64.cloudfront.net (CloudFront)
date
Tue, 11 Jun 2024 02:10:14 GMT
x-amz-cf-pop
CDG52-P6
age
56371
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Sat, 25 May 2024 00:46:12 GMT
server
AmazonS3
etag
W/"e4cf153a40c6c1fd51f21d602a5abd22"
vary
Accept-Encoding
content-type
application/javascript
x-amz-cf-id
Gm2amut0-NnWOkM98qm0IeGPbbIWCsrx5s4nuHVr3MSknyRpfOBcgQ==
siteanalyze_6282609.js
siteimproveanalytics.com/js/
53 KB
17 KB
Script
General
Full URL
https://siteimproveanalytics.com/js/siteanalyze_6282609.js
Requested by
Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
310739ac565a03829c1bd2eda48370090c215b66e85233be1c8ce85cba475c6b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hhs.gov/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 17:49:44 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
PE8K7W62ZM09VW5K
age
2099
alt-svc
h3=":443"; ma=86400
content-length
16449
x-amz-id-2
YH1+Vux+HRBD8se1FG4gILUYfemj5ssU3B5sA0M45snqAkiKuLcgk5gkcrNRtyTI90aKAUdwpc0=
last-modified
Thu, 23 May 2024 14:33:11 GMT
server
cloudflare
etag
"b384ee7824fbe34a43982043ecf5e8c5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QeEJvCKl91qbcniC5mpZAnEuDik08L3rJsEJfMIkUTTFoEPkdbCS85DRD6GLt16f2M1kRMIIcT%2FVEjJp1vfqMQWkh1Jfs%2BdpBrzU5nNnCDBP9DmFvnrNrQgLUx7BQWmTnSdUzl1BMuRc9N0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=86400, no-transform
accept-ranges
bytes
cf-ray
89237083089c0476-FRA
sayt_loader.js
search.usa.gov/assets/
Redirect Chain
  • https://search.usa.gov/javascripts/remote.loader.js
  • https://search.usa.gov/assets/sayt_loader.js
2 KB
1 KB
Script
General
Full URL
https://search.usa.gov/assets/sayt_loader.js
Requested by
Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Protocol
H2
Server
2600:9000:223d:8800:a:4fc7:79c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
e11bda5b7f71c9b452e912eb2ccbada3fe33e6d1afb7f48e981d23085f982b4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.hhs.gov/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Tue, 11 Jun 2024 17:49:43 GMT
content-encoding
gzip
via
1.1 proxy3.us-east-1.prod.infr.search.usa.gov:8443, 1.1 68eb499493257a6d0620a0f6abdc78ca.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-amz-cf-pop
FRA56-P3
age
2
x-cache
Miss from cloudfront
content-length
954
last-modified
Thu, 23 May 2024 19:27:43 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
p0cI-iqOP6BaZ7eXaedHF48ujZnXue4SBr4jk2E3vKS09_KJJk41rQ==
expires
Tue, 11 Jun 2024 18:49:43 GMT

Redirect headers

date
Tue, 11 Jun 2024 17:49:44 GMT
via
1.1 68eb499493257a6d0620a0f6abdc78ca.cloudfront.net (CloudFront)
server
Apache
x-amz-cf-pop
FRA56-P3
x-cache
Miss from cloudfront
content-type
text/html; charset=iso-8859-1
location
https://search.usa.gov/assets/sayt_loader.js
content-length
252
x-amz-cf-id
0zo4wAmIOvUEDcOiAj_KPXhsUhJj_9e5ChV3aha3qzXxGxhxwRkaQQ==
load
www.hhs.gov/sitewide_alert/
21 B
500 B
Fetch
General
Full URL
https://www.hhs.gov/sitewide_alert/load
Requested by
Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/js/js_q0Yuz1LRxVDVG3E5opegECHR9wiwY3cS-uYAiCzfx54.js?scope=footer&delta=8&language=en&theme=hhs_uswds&include=eJxNzlEOwiAQBNALUTkS2ZaxbKSFMIu1nt5qE_VrJvMxedxpWPwohEuJoXOL9HMuo-TPMJd76Bpsg9zodamlGWKg7Rl011JsLQb6b3NVmsxNaqKPrVfJl99y6WvtY1YmRMcyqeSwIKq8BTr9EQwPGxqozxNGSJuSP-NADbZXSIIcP2rYNCJIRjOvq9oLEf1VKQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:d8d::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
884be02526ba926246005e45c6fd619fb4e0b53265d5d82db187a35a98690d55
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' hhs.gov *.hhs.gov
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
frame-ancestors 'self' hhs.gov *.hhs.gov
date
Tue, 11 Jun 2024 17:49:44 GMT
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000;includeSubDomains;preload
x-frame-options
SAMEORIGIN
content-type
application/json
content-language
en
x-generator
Drupal 10 (https://www.drupal.org)
cache-control
public, max-age=417, s-maxage=600
server-timing
cdn-cache; desc=HIT, edge; dur=108, origin; dur=0, ak_p; desc="1718128184817_34911185_26476961_10780_7858_18_0_219";dur=1
x-drupal-cache
HIT
content-length
21
x-request-id
88b8bc12910a288434fb347222d558d7
collect
region1.analytics.google.com/g/
0
252 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-8RZ83J1052&gtm=45je46a0v9105278010z8548905za200zb548905&_p=1718128184510&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1764285058.1718128185&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1718128184&sct=1&seg=0&dl=https%3A%2F%2Fwww.hhs.gov%2Fsites%2Fdefault%2Ffiles%2F2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf&dt=Page%20Not%20Found%20%7C%20HHS.gov&en=page_view&_fv=1&_nsi=1&_ss=1&ep.site_host=www.hhs.gov&ep.page_date_modified=Not%20Found&ep.page_content_generator=drupal%2010%20&ep.page_date_created=Not%20Found&ep.page_creator=Not%20Found&ep.page_office=aspa&ep.page_content_type=Not%20Found&ep.page_division=dcd&ep.page_audience=content%20creator%20missing&ep.page_author=Not%20Found&ep.page_word_count=%3C200&ep.page_meta_canonical_url=https%3A%2F%2Fwww.hhs.gov%2Fpage-not-found&ep.page_meta_pub_date=2021-05-05T09%3A05%3A45-0400&ep.page_meta_create_date=2021-05-05T09%3A05%3A45-0400&ep.page_meta_mod_date=2023-09-08T18%3A06%3A10-0400&ep.page_last_reviewed=&ep.page_content_creator=&tfd=1396
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8RZ83J1052&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hhs.gov/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 11 Jun 2024 17:49:44 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.hhs.gov
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
252 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-8RZ83J1052&cid=1764285058.1718128185&gtm=45je46a0v9105278010z8548905za200zb548905&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8RZ83J1052&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0d::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hhs.gov/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 11 Jun 2024 17:49:44 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.hhs.gov
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8RZ83J1052&cid=1764285058.1718128185&gtm=45je46a0v9105278010z8548905za200zb548905&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=84583976
Requested by
Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hhs.gov/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 11 Jun 2024 17:49:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/
0
54 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-3YLR8EGLBW&gtm=45je46a0v885882153z8548905za200zb548905&_p=1718128184510&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1764285058.1718128185&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1718128184&sct=1&seg=0&dl=https%3A%2F%2Fwww.hhs.gov%2Fsites%2Fdefault%2Ffiles%2F2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf&dt=Page%20Not%20Found%20%7C%20HHS.gov&en=page_view&_fv=1&_ss=1&ep.site_host=www.hhs.gov&ep.page_date_modified=Not%20Found&ep.page_content_generator=drupal%2010%20&ep.page_date_created=Not%20Found&ep.page_creator=Not%20Found&ep.page_office=aspa&ep.page_content_type=Not%20Found&ep.page_division=dcd&ep.page_audience=content%20creator%20missing&ep.page_author=Not%20Found&ep.page_word_count=%3C200&ep.timestamp=2024-06-11T19%3A49%3A44.750%2B02%3A00&ep.page_meta_canonical_url=https%3A%2F%2Fwww.hhs.gov%2Fpage-not-found&ep.page_meta_pub_date=2021-05-05T09%3A05%3A45-0400&ep.page_meta_create_date=2021-05-05T09%3A05%3A45-0400&ep.page_meta_mod_date=2023-09-08T18%3A06%3A10-0400&ep.page_last_reviewed=&ep.page_content_creator=&tfd=1416
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3YLR8EGLBW&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hhs.gov/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 11 Jun 2024 17:49:44 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.hhs.gov
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
54 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-3YLR8EGLBW&cid=1764285058.1718128185&gtm=45je46a0v885882153z8548905za200zb548905&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3YLR8EGLBW&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0d::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hhs.gov/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 11 Jun 2024 17:49:44 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.hhs.gov
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-3YLR8EGLBW&cid=1764285058.1718128185&gtm=45je46a0v885882153z8548905za200zb548905&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=1012456963
Requested by
Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hhs.gov/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 11 Jun 2024 17:49:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
www.hhs.gov.json
script.crazyegg.com/pages/data-scripts/0005/7360/site/
6 KB
2 KB
XHR
General
Full URL
https://script.crazyegg.com/pages/data-scripts/0005/7360/site/www.hhs.gov.json?t=1
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0005/7360.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6ff0c966e0f1c31fcd344d1a0e176ade8bbac5fdc9e7008786b92b3d0028ebc

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hhs.gov/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 17:49:44 GMT
content-encoding
gzip
cf-cache-status
HIT
age
38781
ce-version
11.5.219
content-length
1903
last-modified
Tue, 11 Jun 2024 07:03:23 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
89237083f8c5974b-FRA
js
www.googletagmanager.com/gtag/
267 KB
93 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-CSLL4ZEK4L
Requested by
Host: dap.digitalgov.gov
URL: https://dap.digitalgov.gov/Universal-Federated-Analytics-Min.js?agency=hhs&subagency=aspa&sitetopic=health&siteplatform=drupal%2010%20&sdor=hhs.gov&dclink=true&yt=true&pua=UA-36351725-9&autotracker=true&sp=sitesearchtracking,q&parallelcd=true&palagencydim=dimension1|1&palsubagencydim=dimension2|2&palversiondim=dimension3|3&paltopicdim=dimension4|4&paltopicdim=dimension5|5&cto=24
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
82e026997f68eacb9421c68140885b89ddc75ad9d4fa341bf9876b45d76852f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hhs.gov/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 17:49:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94756
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 11 Jun 2024 17:49:44 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: dap.digitalgov.gov
URL: https://dap.digitalgov.gov/Universal-Federated-Analytics-Min.js?agency=hhs&subagency=aspa&sitetopic=health&siteplatform=drupal%2010%20&sdor=hhs.gov&dclink=true&yt=true&pua=UA-36351725-9&autotracker=true&sp=sitesearchtracking,q&parallelcd=true&palagencydim=dimension1|1&palsubagencydim=dimension2|2&palversiondim=dimension3|3&paltopicdim=dimension4|4&paltopicdim=dimension5|5&cto=24
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hhs.gov/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 11 Jun 2024 17:41:03 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
521
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 11 Jun 2024 19:41:03 GMT
js
www.googletagmanager.com/gtag/
267 KB
93 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-CSLL4ZEK4L&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-JLFR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
8f1e51cba67ce0e93514e444345a39abf7aacc6b6c384d1f8764b2ea36fecad3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hhs.gov/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 17:49:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94839
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 11 Jun 2024 17:49:44 GMT
iframe_api
www.youtube.com/
993 B
2 KB
Script
General
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: dap.digitalgov.gov
URL: https://dap.digitalgov.gov/Universal-Federated-Analytics-Min.js?agency=hhs&subagency=aspa&sitetopic=health&siteplatform=drupal%2010%20&sdor=hhs.gov&dclink=true&yt=true&pua=UA-36351725-9&autotracker=true&sp=sitesearchtracking,q&parallelcd=true&palagencydim=dimension1|1&palsubagencydim=dimension2|2&palversiondim=dimension3|3&paltopicdim=dimension4|4&paltopicdim=dimension5|5&cto=24
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9ea04bbcb32373fe616a45ebd0f89246420fb1836005dd508bdd24c35deb42d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hhs.gov/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 17:49:44 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Tue, 11 Jun 2024 17:49:44 GMT
image.aspx
6282609.global.r2.siteimproveanalytics.io/
34 B
149 B
Image
General
Full URL
https://6282609.global.r2.siteimproveanalytics.io/image.aspx?url=https%3A%2F%2Fwww.hhs.gov%2Fsites%2Fdefault%2Ffiles%2F2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf&title=Page%20Not%20Found%20%7C%20HHS.gov&res=1600x1200&accountid=6282609&rt=1451&luid=3e6c6756-883a-2706-7583-3520b667cce8&dnt=true&ckl=1&rnd=64853
Requested by
Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.220.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-220-214.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hhs.gov/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
image/gif
date
Tue, 11 Jun 2024 17:49:45 GMT
cache-control
max-age=0
content-length
34
expires
Tue, 11 Jun 2024 17:49:45 UTC
collect
www.google-analytics.com/j/
1 B
204 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1833972093&t=pageview&_s=1&dl=https%3A%2F%2Fwww.hhs.gov%2Fsites%2Fdefault%2Ffiles%2F2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf&dp=%2Fvpv404%2Fsites%2Fdefault%2Ffiles%2F2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf&ul=de-de&de=UTF-8&dt=Page%20Not%20Found%20%7C%20HHS.gov&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAQABAAAAACAGqC~&jid=334723514&gjid=420502479&cid=1764285058.1718128185&tid=UA-33523145-1&_gid=662651360.1718128185&_r=1&cd1=HHS&cd2=ASPA&cd3=20240524%20v7.05%20-%20Dual%20Tracking&cd4=health&cd5=drupal%2010%20&cd6=https%3A%2F%2Fdap.digitalgov.gov%2FUniversal-Federated-Analytics-Min.js&cd7=https%3A&z=1100398461
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://www.hhs.gov/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 11 Jun 2024 17:49:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.hhs.gov
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
2 B
69 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1833972093&t=pageview&_s=1&dl=https%3A%2F%2Fwww.hhs.gov%2Fsites%2Fdefault%2Ffiles%2F2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf&dp=%2Fvpv404%2Fsites%2Fdefault%2Ffiles%2F2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf&ul=de-de&de=UTF-8&dt=Page%20Not%20Found%20%7C%20HHS.gov&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAQABAAAAACAGqCC~&jid=1081132709&gjid=129629916&cid=1764285058.1718128185&tid=UA-36351725-9&_gid=662651360.1718128185&_r=1&cd1=HHS&cd2=ASPA&cd3=20240524%20v7.05%20-%20Dual%20Tracking&cd5=drupal%2010%20&cd6=https%3A%2F%2Fdap.digitalgov.gov%2FUniversal-Federated-Analytics-Min.js&cd7=https%3A&z=2026666859
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://www.hhs.gov/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 11 Jun 2024 17:49:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.hhs.gov
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
c4a0cee38f34af4997358540c52536c0.js
script.crazyegg.com/pages/versioned/common-scripts/
106 KB
35 KB
Script
General
Full URL
https://script.crazyegg.com/pages/versioned/common-scripts/c4a0cee38f34af4997358540c52536c0.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0005/7360.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c92515216a3f37bd03633ec620a700c9dacdbd31eda4782bdd3af9d69db55107

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hhs.gov/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 17:49:45 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 04 Jun 2024 16:56:33 GMT
server
cloudflare
age
87927
cf-polished
origSize=108589
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
timing-allow-origin
*
cf-ray
8923708449462bb2-FRA
www-widgetapi.js
www.youtube.com/s/player/4fc7f9fa/www-widgetapi.vflset/
37 KB
13 KB
Script
General
Full URL
https://www.youtube.com/s/player/4fc7f9fa/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0bf2e9f81fa82f306a38ab2b997ecdbe3e44d8e9468c10b7b5473486a8e4c81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hhs.gov/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 17:21:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
1666
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12617
x-xss-protection
0
last-modified
Mon, 10 Jun 2024 04:18:13 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 11 Jun 2025 17:21:59 GMT
collect
region1.google-analytics.com/g/
0
45 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-CSLL4ZEK4L&gtm=45je46a0v9131934939za200zb548905&_p=1718128184510&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1764285058.1718128185&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&dl=https%3A%2F%2Fwww.hhs.gov%2Fvpv404%2Fsites%2Fdefault%2Ffiles%2F2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf&dt=Page%20Not%20Found%20%7C%20HHS.gov&sid=1718128185&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.agency=HHS&ep.subagency=ASPA&ep.site_topic=health&ep.site_platform=drupal%2010%20&ep.script_source=https%3A%2F%2Fdap.digitalgov.gov%2Funiversal-federated-analytics-min.js&ep.version=20240524%20v7.05%20-%20dual%20tracking&ep.protocol=https%3A&tfd=1548
Requested by
Host: dap.digitalgov.gov
URL: https://dap.digitalgov.gov/Universal-Federated-Analytics-Min.js?agency=hhs&subagency=aspa&sitetopic=health&siteplatform=drupal%2010%20&sdor=hhs.gov&dclink=true&yt=true&pua=UA-36351725-9&autotracker=true&sp=sitesearchtracking,q&parallelcd=true&palagencydim=dimension1|1&palsubagencydim=dimension2|2&palversiondim=dimension3|3&paltopicdim=dimension4|4&paltopicdim=dimension5|5&cto=24
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hhs.gov/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 11 Jun 2024 17:49:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.hhs.gov
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
151 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-36351725-9&cid=1764285058.1718128185&jid=1081132709&gjid=129629916&_gid=662651360.1718128185&_u=YADAAQABAAAAACAGqCC~&z=1796380761
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0d::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://www.hhs.gov/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 11 Jun 2024 17:49:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.hhs.gov
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
www.hhs.gov.json
script.crazyegg.com/pages/data-scripts/0005/7360/sampling/
146 B
256 B
XHR
General
Full URL
https://script.crazyegg.com/pages/data-scripts/0005/7360/sampling/www.hhs.gov.json?t=477257
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/c4a0cee38f34af4997358540c52536c0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7acdfc2dcf05f89ec0a82ebb174f51716277d8bc953575f4917119f4a39cdfe

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hhs.gov/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 17:49:45 GMT
content-encoding
gzip
cf-cache-status
HIT
age
2926
ce-version
11.5.219
content-length
142
last-modified
Tue, 11 Jun 2024 17:00:59 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8923708499a4974b-FRA
ga-audiences
www.google.com/ads/
42 B
63 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-36351725-9&cid=1764285058.1718128185&jid=1081132709&_u=YADAAQABAAAAACAGqCC~&z=1731104534
Requested by
Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hhs.gov/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 11 Jun 2024 17:49:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-36351725-9&cid=1764285058.1718128185&jid=1081132709&_u=YADAAQABAAAAACAGqCC~&z=1731104534
Requested by
Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hhs.gov/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 11 Jun 2024 17:49:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
healthcheck
pagestates-tracking.crazyegg.com/
19 B
460 B
XHR
General
Full URL
https://pagestates-tracking.crazyegg.com/healthcheck
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/c4a0cee38f34af4997358540c52536c0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.94.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-94-57.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hhs.gov/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 20 Sep 2023 01:43:28 GMT
via
1.1 8ac1a27a8fede22f241f081ad0edec42.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-P3
age
22953978
x-cache
Hit from cloudfront
content-length
19
last-modified
Fri, 08 Jul 2022 22:25:51 GMT
server
AmazonS3
etag
"d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age
31536000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
accept-ranges
bytes
x-amz-cf-id
AbdosiKNKVvGSfaG3n1x0QPFspTVuDTZCPKYmQ-cMtacjJ-LnsYM7g==
healthcheck
assets-tracking.crazyegg.com/
19 B
462 B
XHR
General
Full URL
https://assets-tracking.crazyegg.com/healthcheck
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/c4a0cee38f34af4997358540c52536c0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.18.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-18-125.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hhs.gov/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 19 Aug 2023 04:00:49 GMT
via
1.1 a2bbc9a5f1a7ffcf013479d79f036bbc.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P6
age
25710537
x-cache
Hit from cloudfront
content-length
19
last-modified
Fri, 08 Jul 2022 22:25:51 GMT
server
AmazonS3
etag
"d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age
31536000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
accept-ranges
bytes
x-amz-cf-id
H05Pu-4YM6gnpXwnJS3VgpiDz3H448wDcr7KWx6YXcTUa6ivfr5MFw==
be5c283e-4ee2-4353-9910-42983ef9edb9
https://www.hhs.gov/
45 B
0
Other
General
Full URL
blob:https://www.hhs.gov/be5c283e-4ee2-4353-9910-42983ef9edb9
Requested by
Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length
45
Content-Type
text/javascript
clock
tracking.crazyegg.com/
40 B
147 B
XHR
General
Full URL
https://tracking.crazyegg.com/clock?t=1718128185220&tk=6a13f753843cab099ad515b63b57cf54&s=1944&p=%2Fsites%2Fdefault%2Ffiles%2F2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf&u=57360&v=d4c846c2b9e3cac761423c64a2e5058e42dabb00&f=hhs.gov%2Fsites%2Fdefault%2Ffiles%2F*&ul=https%3A%2F%2Fwww.hhs.gov%2Fsites%2Fdefault%2Ffiles%2F2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/c4a0cee38f34af4997358540c52536c0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.94.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-94-5.eu-west-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
f10708dd4ee9eae91a1560951e043dbae33079e510c3527a9d551c9eb9154652

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hhs.gov/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Tue, 11 Jun 2024 17:49:45 GMT
cache-control
no-store
server
awselb/2.0
content-length
40
content-type
text/plain
sayt.css
search.usa.gov/assets/
10 KB
2 KB
Stylesheet
General
Full URL
https://search.usa.gov/assets/sayt.css
Requested by
Host: search.usa.gov
URL: https://search.usa.gov/javascripts/remote.loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:8800:a:4fc7:79c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
091a9401ca251dc57ceec5384488086872fb47de2b4e55b35171e816dad75b68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hhs.gov/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 17:49:44 GMT
content-encoding
gzip
via
1.1 proxy2.us-east-1.prod.infr.search.usa.gov:8443, 1.1 68eb499493257a6d0620a0f6abdc78ca.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-amz-cf-pop
FRA56-P3
age
1
x-cache
Miss from cloudfront
content-length
1738
last-modified
Thu, 23 May 2024 19:20:47 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
BMnEbkU4Xw5Ks-QYalWWi_AHXlosen9w2426rIlmbr5vFooLCLBzLg==
expires
Tue, 11 Jun 2024 18:49:44 GMT
sayt_loader_libs.js
search.usa.gov/assets/
125 KB
42 KB
Script
General
Full URL
https://search.usa.gov/assets/sayt_loader_libs.js
Requested by
Host: search.usa.gov
URL: https://search.usa.gov/javascripts/remote.loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:8800:a:4fc7:79c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
2750954dc9e8dd41f39fc3f3f4ae6d5cd453b285502b876f3ce89c16010952b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hhs.gov/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 17:49:44 GMT
content-encoding
gzip
via
1.1 proxy3.us-east-1.prod.infr.search.usa.gov:8443, 1.1 68eb499493257a6d0620a0f6abdc78ca.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-amz-cf-pop
FRA56-P3
age
1
x-cache
Miss from cloudfront
content-length
42228
last-modified
Thu, 23 May 2024 19:20:32 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
E9U_r8uUoTcFFTm-rdR-Ab6-mmr5sd6UF5UMSlTXkP90PHtsBTqHeg==
expires
Tue, 11 Jun 2024 18:49:44 GMT
f5a45218-e7f5-48d6-bb70-d9b23a8f471a
https://www.hhs.gov/
241 B
0
Other
General
Full URL
blob:https://www.hhs.gov/f5a45218-e7f5-48d6-bb70-d9b23a8f471a
Requested by
Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
19d8257404f833cf06047db9d396516e17f8b7f42736078746ee323df85092db

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length
241
Content-Type
text/javascript
/
zn8nyvgbt59q9merx-hhsgovfedramp.gov1.siteintercept.qualtrics.com/SIE/
10 KB
5 KB
Script
General
Full URL
https://zn8nyvgbt59q9merx-hhsgovfedramp.gov1.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_8nYVgbT59q9mErX
Requested by
Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-119.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ded50805fee446d9403541bf42f55a3010c8b926164ec53d7003364584f78423
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hhs.gov/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 17:49:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://gov1.qualtrics.com/csp-report
cache-tag
cloudjs-orchestratormain, cloudjs-all-modules, cloudjs-orchestrator-brand-hhsgovfedramp, cloudjs-orchestrator-numbered-8
content-length
4099
referrer-policy
strict-origin-when-cross-origin
etag
W/"2673-1eDMyaT/iUX5ZmqdLnsA7YxkKdI"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
favicon.ico
www.hhs.gov/themes/custom/hhs_uswds/
4 KB
2 KB
Other
General
Full URL
https://www.hhs.gov/themes/custom/hhs_uswds/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:d8d::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
56cb5125c5abaa71d8854d131934f74f2a4b3d1aee1b0a34a2897a619678647e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' hhs.gov *.hhs.gov
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
frame-ancestors 'self' hhs.gov *.hhs.gov
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 11 Jun 2024 17:49:45 GMT
last-modified
Thu, 06 Jun 2024 21:56:27 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload
etag
"6662308b-113e"
vary
Accept-Encoding
content-type
image/x-icon
server-timing
cdn-cache; desc=HIT, edge; dur=89, origin; dur=0, ak_p; desc="1718128185439_34911185_26477931_8809_8826_18_0_219";dur=1
accept-ranges
bytes
content-length
1256
x-request-id
61aec260048aae06f1cc135d217b4fc6
12.0be1301d54981f0d910b.chunk.js
gov1.siteintercept.qualtrics.com/dxjsmodule/
74 KB
22 KB
Script
General
Full URL
https://gov1.siteintercept.qualtrics.com/dxjsmodule/12.0be1301d54981f0d910b.chunk.js?Q_CLIENTVERSION=2.6.0&Q_CLIENTTYPE=web&Q_BRANDID=www.hhs.gov
Requested by
Host: zn8nyvgbt59q9merx-hhsgovfedramp.gov1.siteintercept.qualtrics.com
URL: https://zn8nyvgbt59q9merx-hhsgovfedramp.gov1.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_8nYVgbT59q9mErX
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-119.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d33ab27a0d762dd77f0cddbf1c173910a2babad8e246960f296d1c142e10390a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hhs.gov/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 17:49:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://gov1.qualtrics.com/csp-report
cache-tag
cloudjs-12.0be1301d54981f0d910b.chunk, cloudjs-js-modules, cloudjs-all-modules
content-length
21456
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 07 May 2024 21:59:58 GMT
etag
W/"1267d-18f55120f30"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=564909, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
Targeting.php
gov1.siteintercept.qualtrics.com/WRSiteInterceptEngine/
5 KB
2 KB
XHR
General
Full URL
https://gov1.siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_8nYVgbT59q9mErX&Q_CLIENTVERSION=2.6.0&Q_CLIENTTYPE=web
Requested by
Host: gov1.siteintercept.qualtrics.com
URL: https://gov1.siteintercept.qualtrics.com/dxjsmodule/12.0be1301d54981f0d910b.chunk.js?Q_CLIENTVERSION=2.6.0&Q_CLIENTTYPE=web&Q_BRANDID=www.hhs.gov
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-119.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fdc1526861a77ba0eb42f89ceb98af7d027784b08394e46689deb0fcf89237dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://www.hhs.gov/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 11 Jun 2024 17:49:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://gov1.qualtrics.com/csp-report
content-length
1629
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.hhs.gov
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
permissions-policy
camera=(), geolocation=(), microphone=()
trace-id
560660148251b897
timing-allow-origin
*
expires
Tue, 11 Jun 2024 17:49:46 GMT
CoreModule.js
gov1.siteintercept.qualtrics.com/dxjsmodule/
102 KB
30 KB
Script
General
Full URL
https://gov1.siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=2.6.0&Q_CLIENTTYPE=web&Q_BRANDID=hhsgovfedramp
Requested by
Host: gov1.siteintercept.qualtrics.com
URL: https://gov1.siteintercept.qualtrics.com/dxjsmodule/12.0be1301d54981f0d910b.chunk.js?Q_CLIENTVERSION=2.6.0&Q_CLIENTTYPE=web&Q_BRANDID=www.hhs.gov
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-119.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6629ce1123fe7b367448af7d50d3dd4617249c41cecb7ff45f4b887b92a22bf0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hhs.gov/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 17:49:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://gov1.qualtrics.com/csp-report
cache-tag
cloudjs-coremodule, cloudjs-js-modules, cloudjs-all-modules
content-length
30065
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 07 May 2024 21:59:58 GMT
etag
W/"19719-18f55120f30"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=539970, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
7.ad7af24456cfea5f2e92.chunk.js
gov1.siteintercept.qualtrics.com/dxjsmodule/
3 KB
2 KB
Script
General
Full URL
https://gov1.siteintercept.qualtrics.com/dxjsmodule/7.ad7af24456cfea5f2e92.chunk.js?Q_CLIENTVERSION=2.6.0&Q_CLIENTTYPE=web&Q_BRANDID=hhsgovfedramp
Requested by
Host: zn8nyvgbt59q9merx-hhsgovfedramp.gov1.siteintercept.qualtrics.com
URL: https://zn8nyvgbt59q9merx-hhsgovfedramp.gov1.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_8nYVgbT59q9mErX
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-119.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
cd952120f2df7bd15ccf4114a02888d39640daa9296a2126d6db34ab0727b20b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hhs.gov/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 17:49:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://gov1.qualtrics.com/csp-report
cache-tag
cloudjs-7.ad7af24456cfea5f2e92.chunk, cloudjs-js-modules, cloudjs-all-modules
content-length
1352
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 07 May 2024 21:59:58 GMT
etag
W/"b52-18f55120f30"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=540822, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
1.501605ce4477bfa69af3.chunk.js
gov1.siteintercept.qualtrics.com/dxjsmodule/
29 KB
7 KB
Script
General
Full URL
https://gov1.siteintercept.qualtrics.com/dxjsmodule/1.501605ce4477bfa69af3.chunk.js?Q_CLIENTVERSION=2.6.0&Q_CLIENTTYPE=web&Q_BRANDID=hhsgovfedramp
Requested by
Host: zn8nyvgbt59q9merx-hhsgovfedramp.gov1.siteintercept.qualtrics.com
URL: https://zn8nyvgbt59q9merx-hhsgovfedramp.gov1.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_8nYVgbT59q9mErX
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-119.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8b99d6c3d7225971e351d349a3170361a9ea0a3319582e15faaca5d859e36588
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.hhs.gov/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 17:49:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://gov1.qualtrics.com/csp-report
cache-tag
cloudjs-1.501605ce4477bfa69af3.chunk, cloudjs-js-modules, cloudjs-all-modules
content-length
6679
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 07 May 2024 21:59:58 GMT
etag
W/"73f8-18f55120f30"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=540754, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept

Verdicts & Comments Add Verdict or Comment

111 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| Modernizr object| dataLayer function| once undefined| $ function| jQuery object| drupalSettings object| Drupal object| webpackJsonp number| minDesktopWidth string| widgetCSS function| paint object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| clickTarget function| gtag object| Cookies object| usasearch_config boolean| uswdsPresent object| gaGlobal object| _sz boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_SITE_DATA_URL string| CE_USER_DATA_URL string| tObjectCheck object| _allowedQuerystrings boolean| isSearch object| oCONFIG object| head object| GA4Object boolean| trackerFlag function| _onEveryPage function| _defineCookieDomain function| _defineAgencyCDsValues function| _cleanBooleanParam function| _isValidUANum function| _isValidGA4Num function| _cleanDimensionValue function| _updateConfig function| _sendCustomDimensions function| _sendCustomMetrics function| _sendEvent function| _mapGA4toUA function| _sendPageview function| gas function| _URIHandler function| _sendViewSearchResult function| _isExcludedReferrer function| createTracker function| _initAutoTracker object| tag object| firstScriptTag object| videoArray object| playerArray object| _buckets number| _milestoneController object| ytUtils function| _payloadInterceptor function| _piiRedactor function| _initIdAssigner function| _initBannerTracker function| _customTask function| _scrubbedURL function| _setAllowedQS function| _setUpTrackers function| _setUpTrackersIfReady string| GoogleAnalyticsObject function| ga string| _fullParams string| _keyValuePair string| _key string| _value object| pattern boolean| _isRedacted function| onPlayerReady function| onPlayerError number| cCi function| onPlayerStateChange function| youtube_parser function| IsYouTube function| YTUrlHandler function| _initYouTubeTracker object| webVitals object| gaplugins object| gaData function| _ga_originalSendHitTask string| CE_USER_COMMON_SCRIPT_URL string| CE_USER_THIRDPARTY_SCRIPT_URL object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| webpackChunkCE2 object| CE2BH function| CE_URL_FINGERPRINT object| CE_API function| getElementsByClassName object| usasearch object| link object| script string| aid undefined| discoveryScript function| monkeyPatchAutocomplete string| saytUrl object| usasearchSaytStyle object| QSI object| WAFQualtricsWebpackJsonP-cloud-2.6.0 object| _qsie

18 Cookies

Domain/Path Name / Value
.www.hhs.gov/ Name: fontsize
Value: false
.hhs.gov/ Name: _ga_8RZ83J1052
Value: GS1.1.1718128184.1.0.1718128184.60.0.0
.hhs.gov/ Name: _gid
Value: GA1.2.662651360.1718128185
.hhs.gov/ Name: _gat_GSA_ENOR0
Value: 1
.youtube.com/ Name: YSC
Value: 7Z_f7nGZzOM
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: h7pEH53AV3s
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJERRIEEgAgag%3D%3D
.hhs.gov/ Name: _gat_GSA_ENOR1
Value: 1
.hhs.gov/ Name: _ga_CSLL4ZEK4L
Value: GS1.1.1718128185.1.0.1718128185.0.0.0
.hhs.gov/ Name: _ga
Value: GA1.1.1764285058.1718128185
.hhs.gov/ Name: _ce.irv
Value: new
.hhs.gov/ Name: cebs
Value: 1
.hhs.gov/ Name: _ce.clock_event
Value: 1
.hhs.gov/ Name: _ce.clock_data
Value: 37%2C217.114.218.21%2C1%2Cc92baae71318dc81de51a663df2f8b4f%2CChrome%2CDE
.hhs.gov/ Name: cebsp_
Value: 1
.hhs.gov/ Name: _ce.s
Value: v~d4c846c2b9e3cac761423c64a2e5058e42dabb00~lcw~1718128185403~lva~1718128185113~vpv~0~v11.cs~1944~v11.s~fd32f290-281a-11ef-bdb5-b9997c588b62~lcw~1718128185404
.hhs.gov/ Name: _ga_3YLR8EGLBW
Value: GS1.1.1718128184.1.0.1718128185.59.0.0
www.hhs.gov/ Name: QSI_HistorySession
Value: https%3A%2F%2Fwww.hhs.gov%2Fsites%2Fdefault%2Ffiles%2F2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf~1718128186255

1 Console Messages

Source Level URL
Text
network error URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' hhs.gov *.hhs.gov
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6282609.global.r2.siteimproveanalytics.io
assets-tracking.crazyegg.com
dap.digitalgov.gov
gov1.siteintercept.qualtrics.com
pagestates-tracking.crazyegg.com
region1.analytics.google.com
region1.google-analytics.com
script.crazyegg.com
search.usa.gov
siteimproveanalytics.com
stats.g.doubleclick.net
tracking.crazyegg.com
unpkg.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.hhs.gov
www.youtube.com
zn8nyvgbt59q9merx-hhsgovfedramp.gov1.siteintercept.qualtrics.com
142.250.185.163
142.250.185.72
142.250.186.132
18.239.18.125
18.239.94.57
188.114.97.3
2001:4860:4802:32::36
2600:9000:223d:8800:a:4fc7:79c0:93a1
2600:9000:262a:d200:5:83ea:ba80:93a1
2606:4700::6811:f6cb
2606:4700::6813:9408
2a00:1450:4001:809::200e
2a00:1450:4001:80e::2008
2a00:1450:4001:830::200e
2a00:1450:400c:c0d::9b
2a02:26f0:480:d8d::219c
3.65.220.214
34.248.94.5
88.221.169.119
091a9401ca251dc57ceec5384488086872fb47de2b4e55b35171e816dad75b68
0cd8c3832c7dbdea696b8f8b30aab2a2bd07862a597b1b2aeb92f1c0730250ab
107fc2ce0a096cd103fa0660ca6b30b083ab33d5e121b75227a1f0ae8d3d584e
127ddb9e1176c8e914af91b54de652b8c1e42964cdaca67c96143b0be7281ba1
19d8257404f833cf06047db9d396516e17f8b7f42736078746ee323df85092db
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
26d938f65de18518a77e8c1ed9860b91a76d55083e9ef0a98930e14f37a9a4f7
2711f20d80d0f69b5056bb95e3093b385f9f56298a98c4d2778ef7c55d432447
2750954dc9e8dd41f39fc3f3f4ae6d5cd453b285502b876f3ce89c16010952b0
30fcc86d3b4c2298f310378a41789083b37e55b58b1fe1cd141be30317c6569d
310739ac565a03829c1bd2eda48370090c215b66e85233be1c8ce85cba475c6b
37f592cb61175a163c00876c137b71a8688bd1e7d311dc450a783c7797088629
44331f4bf82ba7af7a4bfe091c90202e9947ac209a4cfb27296c56d92e81191b
4caaf1c29e057c944fbb240c70137f657308a1ebd08e5764c73d31d3c8f4b52e
5301a3b2585691f47c7bf8e0f5a29c00211091859fd1877d27c9102ddcd1c679
54f6653a149c83b73515cc2ec032a18151b57d3ffe97ef04495ce6623e48d1bb
56cb5125c5abaa71d8854d131934f74f2a4b3d1aee1b0a34a2897a619678647e
5a2046f21693fb7c85966514e6f84c73802a8ef672909d71792c60a515b5b7fe
5b0c01b75ef00b470fab45a25688326a108f326e04b14f9ef18ffad7d429f7b6
63a2d8f905f0eb3a998f0bfc0bc3520d7a45718248bc72a1ea864bc953b3a111
6629ce1123fe7b367448af7d50d3dd4617249c41cecb7ff45f4b887b92a22bf0
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7856a87457de5aa5813ab2c3e8206306ae67797b84a58d9559944c12ead5c763
7892953878bab9d973434c986c5c6d4e1f128217d37f88fb0341fdd140429a01
796731c9ec6b19fe8e6c4449b405a6112806b973dc38108a845366e8803aac8c
82e026997f68eacb9421c68140885b89ddc75ad9d4fa341bf9876b45d76852f2
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
83f67df68dac5c435d964be278d39f70ad8605265b6b99918a46451b77552e92
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85be1f76ce73e5e3a68fc28a6897ad8c910a7d02e057986711264f19ec3f36c6
86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b
8792619becd8b285e78f14bfcf1ad66e2adbae0f5ec8ad131246621f806ac535
884be02526ba926246005e45c6fd619fb4e0b53265d5d82db187a35a98690d55
8b99d6c3d7225971e351d349a3170361a9ea0a3319582e15faaca5d859e36588
8e94b78e6ef1f03624bce3e8b042876c13fa605d0f27d37399c498d8965da27a
8f1e51cba67ce0e93514e444345a39abf7aacc6b6c384d1f8764b2ea36fecad3
912daff95ce9cabae7d0195d39aa98d49c4bec3b975d404ac266534c069cee20
9239df21ae3e740f16c2fab29d29cb8076e9d724d669044e5f2498e7cf0edd66
927f3948559fc75c26f4f84ec09bd1eec1e92f5ddafbea26e4a821d06c2d0dc1
9ea04bbcb32373fe616a45ebd0f89246420fb1836005dd508bdd24c35deb42d7
9ea4c3087c548abc4375b302a05189e6b488b703369fa5db32a97d6808e3a6b7
a0bf2e9f81fa82f306a38ab2b997ecdbe3e44d8e9468c10b7b5473486a8e4c81
ad1db9c84b3859822e50b4c3e4624326167adb0924d0db62d713f0ac626190f6
adf7f9b0dd938575c72ff1592ea18e7ab9bc53ff8838a38c8484c10f5d9be7fd
af12198fcbc14f0a22b0adb0b3223b420d0288a8e8f0c1c0c1e758e91361e971
c92515216a3f37bd03633ec620a700c9dacdbd31eda4782bdd3af9d69db55107
cc9f14c4a9a96125899d0ed2b958d12ce311275bea264f4d191aca6c9ebd0a59
cd952120f2df7bd15ccf4114a02888d39640daa9296a2126d6db34ab0727b20b
cdb66cc1d3d413cde2f396328e482211b433bc15aa9fb1d331b33f67ee059550
cfda00d655e289b53fa8300e74fb8e681131bf9c61f6dc27e656b9060be1ab60
d061140563c90833146615532fd0b8226ca97038b74db7ca78c104cad7f68061
d33ab27a0d762dd77f0cddbf1c173910a2babad8e246960f296d1c142e10390a
d469fd596394ada503bb0d3db7f6b497754a74a0eda9acc4f86eaa8531a441a6
d6ff0c966e0f1c31fcd344d1a0e176ade8bbac5fdc9e7008786b92b3d0028ebc
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
ded50805fee446d9403541bf42f55a3010c8b926164ec53d7003364584f78423
e11bda5b7f71c9b452e912eb2ccbada3fe33e6d1afb7f48e981d23085f982b4f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7acdfc2dcf05f89ec0a82ebb174f51716277d8bc953575f4917119f4a39cdfe
e914096d5f8a39c7b4a0019e28bdaf3e075496e337050c352fd4c58b48be364b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f10708dd4ee9eae91a1560951e043dbae33079e510c3527a9d551c9eb9154652
fdc1526861a77ba0eb42f89ceb98af7d027784b08394e46689deb0fcf89237dd
fe0ef658114738f046347758fc2f00dddd7e98fadc930048e34675d9153472ac