www.hhs.gov Open in urlscan Pro
2a02:26f0:480:d8d::219c Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Submission: On June 11 via api (June 11th 2024, 5:49:49 pm UTC) from IN — Scanned from DE

Summary HTTP 73 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 20 IPs in 5 countries across 14 domains to perform 73 HTTP transactions. The main IP is 2a02:26f0:480:d8d::219c, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.hhs.gov. The Cisco Umbrella rank of the primary domain is 97159.
TLS certificate: Issued by GeoTrust RSA CA 2018 on August 19th 2023. Valid for: a year.

This is the only time www.hhs.gov was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
31	2a02:26f0:480... 2a02:26f0:480:d8d::219c	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6813:9408	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700::68... 2606:4700::6811:f6cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:262... 2600:9000:262a:d200:5:83ea:ba80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	2600:9000:223... 2600:9000:223d:8800:a:4fc7:79c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c0d::9b	15169 (GOOGLE) (GOOGLE)
3	142.250.185.163 142.250.185.163	15169 (GOOGLE) (GOOGLE)
2	142.250.185.72 142.250.185.72	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	3.65.220.214 3.65.220.214	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.132 142.250.186.132	15169 (GOOGLE) (GOOGLE)
1	18.239.94.57 18.239.94.57	16509 (AMAZON-02) (AMAZON-02)
1	18.239.18.125 18.239.18.125	16509 (AMAZON-02) (AMAZON-02)
1	34.248.94.5 34.248.94.5	16509 (AMAZON-02) (AMAZON-02)
6	88.221.169.119 88.221.169.119	16625 (AKAMAI-AS) (AKAMAI-AS)
73	20

31 2a02:26f0:480:d8d::219c (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.hhs.gov	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:f6cb (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:262a:d200:5:83ea:ba80:93a1 (United States)

ASN16509 (AMAZON-02, US)

dap.digitalgov.gov	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

siteimproveanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:223d:8800:a:4fc7:79c0:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

search.usa.gov	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c0d::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.72 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.65.220.214 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-220-214.eu-central-1.compute.amazonaws.com

6282609.global.r2.siteimproveanalytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.132 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.239.94.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-94-57.ams1.r.cloudfront.net

pagestates-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.239.18.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-18-125.ams58.r.cloudfront.net

assets-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.248.94.5 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-94-5.eu-west-1.compute.amazonaws.com

tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 88.221.169.119 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-169-119.deploy.static.akamaitechnologies.com

zn8nyvgbt59q9merx-hhsgovfedramp.gov1.siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gov1.siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	hhs.gov www.hhs.gov — Cisco Umbrella Rank: 97159	301 KB
7	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 3003 pagestates-tracking.crazyegg.com — Cisco Umbrella Rank: 6741 assets-tracking.crazyegg.com — Cisco Umbrella Rank: 6587 tracking.crazyegg.com — Cisco Umbrella Rank: 5463	41 KB
6	qualtrics.com zn8nyvgbt59q9merx-hhsgovfedramp.gov1.siteintercept.qualtrics.com — Cisco Umbrella Rank: 219946 gov1.siteintercept.qualtrics.com — Cisco Umbrella Rank: 14588	67 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	496 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 68 region1.google-analytics.com — Cisco Umbrella Rank: 2347	21 KB
4	usa.gov 1 redirects search.usa.gov — Cisco Umbrella Rank: 23407	46 KB
3	google.de www.google.de — Cisco Umbrella Rank: 8196	189 B
3	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 132	457 B
3	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3078 www.google.com — Cisco Umbrella Rank: 5	369 B
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 90	15 KB
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 1017	4 KB
1	siteimproveanalytics.io 6282609.global.r2.siteimproveanalytics.io — Cisco Umbrella Rank: 201778	149 B
1	siteimproveanalytics.com siteimproveanalytics.com — Cisco Umbrella Rank: 4604	17 KB
1	digitalgov.gov dap.digitalgov.gov — Cisco Umbrella Rank: 5562	9 KB
73	14

	Domain	Requested by
31	www.hhs.gov	www.hhs.gov
5	gov1.siteintercept.qualtrics.com	zn8nyvgbt59q9merx-hhsgovfedramp.gov1.siteintercept.qualtrics.com gov1.siteintercept.qualtrics.com
5	www.googletagmanager.com	www.hhs.gov www.googletagmanager.com dap.digitalgov.gov
4	search.usa.gov	1 redirects www.hhs.gov search.usa.gov
4	script.crazyegg.com	www.googletagmanager.com script.crazyegg.com
3	www.google-analytics.com	dap.digitalgov.gov www.google-analytics.com
3	www.google.de	www.hhs.gov
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.youtube.com	dap.digitalgov.gov www.youtube.com
2	region1.analytics.google.com	www.googletagmanager.com
2	unpkg.com	1 redirects www.hhs.gov
1	zn8nyvgbt59q9merx-hhsgovfedramp.gov1.siteintercept.qualtrics.com	www.hhs.gov
1	tracking.crazyegg.com	script.crazyegg.com
1	assets-tracking.crazyegg.com	script.crazyegg.com
1	pagestates-tracking.crazyegg.com	script.crazyegg.com
1	www.google.com	www.hhs.gov
1	region1.google-analytics.com	dap.digitalgov.gov
1	6282609.global.r2.siteimproveanalytics.io	www.hhs.gov
1	siteimproveanalytics.com	www.hhs.gov
1	dap.digitalgov.gov	www.googletagmanager.com
73	20

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
x.com
archive.hhs.gov
oig.hhs.gov
www.whitehouse.gov
www.usa.gov
cloud.connect.hhs.gov
hhs.gov
www.youtube.com
www.instagram.com
www.linkedin.com

Subject Issuer	Validity	Valid
www.hhs.gov GeoTrust RSA CA 2018	`2023-08-19` - `2024-08-21`	a year	crt.sh
*.google-analytics.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
script.crazyegg.com E1	`2024-06-03` - `2024-09-01`	3 months	crt.sh
dap.digitalgov.gov Amazon RSA 2048 M03	`2024-06-06` - `2025-07-05`	a year	crt.sh
siteimproveanalytics.com GTS CA 1P5	`2024-04-23` - `2024-07-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.google.de WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.google.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.global.r2.siteimproveanalytics.io Amazon RSA 2048 M03	`2023-10-26` - `2024-11-23`	a year	crt.sh
crazyegg.com Amazon RSA 2048 M02	`2024-04-28` - `2025-05-27`	a year	crt.sh
search.usa.gov R3	`2024-05-08` - `2024-08-06`	3 months	crt.sh
*.qualtrics.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-01` - `2025-02-19`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Frame ID: F8244CA7ADA4431CC2B82BF1136FE3B4
Requests: 73 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Page Not Found | HHS.gov

Detected technologies

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

73
Requests

95 %
HTTPS

53 %
IPv6

14
Domains

20
Subdomains

20
IPs

5
Countries

1017 kB
Transfer

3343 kB
Size

18
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: http://www.facebook.com/share.php?u=https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf&title=Page%20Not%20Found
Title: - PDF

Search URL Search Domain Scan URL

URL: https://x.com/intent/tweet?url=https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf&status=Page%20Not%20Found+https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Title: - PDF

Search URL Search Domain Scan URL

URL: https://archive.hhs.gov/
Title: HHS Archive

Search URL Search Domain Scan URL

URL: https://oig.hhs.gov/
Title: Inspector General

Search URL Search Domain Scan URL

URL: https://www.whitehouse.gov/
Title: The White House

Search URL Search Domain Scan URL

URL: https://www.usa.gov/
Title: USA.gov

Search URL Search Domain Scan URL

URL: https://cloud.connect.hhs.gov/subscriptioncenter
Title: Sign Up

Search URL Search Domain Scan URL

URL: https://hhs.gov/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/HHS

Search URL Search Domain Scan URL

URL: https://x.com/hhsgov

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/USGOVHHS?sub_confirmation=1

Search URL Search Domain Scan URL

URL: https://www.instagram.com/hhsgov/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/hhsgov

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://unpkg.com/web-vitals/dist/web-vitals.iife.js HTTP 302
https://unpkg.com/web-vitals@4.1.1/dist/web-vitals.iife.js

Request Chain 35

https://search.usa.gov/javascripts/remote.loader.js HTTP 301
https://search.usa.gov/assets/sayt_loader.js

73 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 404 Primary Request 2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf Show response
www.hhs.gov/sites/default/files/ 33 KB
34 KB 677ms
462ms Document
text/html 2a02:26f0:480:d8d::219c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:d8d::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

26d938f65de18518a77e8c1ed9860b91a76d55083e9ef0a98930e14f37a9a4f7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' hhs.gov *.hhs.gov
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: public, max-age=3571
content-language: en
content-length: 34263
content-security-policy: frame-ancestors 'self' hhs.gov *.hhs.gov
content-type: text/html; charset=UTF-8
date: Tue, 11 Jun 2024 17:49:44 GMT
etag: "1718128183"
last-modified: Tue, 11 Jun 2024 17:49:43 GMT
server-timing: cdn-cache; desc=MISS edge; dur=116 origin; dur=319 ak_p; desc="1718128183619_34911185_26475027_43372_9028_18_79_255";dur=1
strict-transport-security: max-age=31536000;includeSubDomains;preload
x-content-type-options: nosniff nosniff
x-drupal-cache: MISS
x-frame-options: SAMEORIGIN
x-generator: Drupal 10 (https://www.drupal.org)

GET
H2 200 css_dq3Wp6mHtrm8Uqz8PVuydRgXv_HeR0n4QyMLsmIVW2U.css
www.hhs.gov/sites/default/files/css/ 12 KB
3 KB 312ms
312ms Stylesheet
text/css 2a02:26f0:480:d8d::219c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hhs.gov/sites/default/files/css/css_dq3Wp6mHtrm8Uqz8PVuydRgXv_HeR0n4QyMLsmIVW2U.css?delta=0&language=en&theme=hhs_uswds&include=eJxNzlEOwiAQBNALUTkS2ZaxbKSFMIu1nt5qE_VrJvMxedxpWPwohEuJoXOL9HMuo-TPMJd76Bpsg9zodamlGWKg7Rl011JsLQb6b3NVmsxNaqKPrVfJl99y6WvtY1YmRMcyqeSwIKq8BTr9EQwPGxqozxNGSJuSP-NADbZXSIIcP2rYNCJIRjOvq9oLEf1VKQ

Requested by

Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:d8d::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8e94b78e6ef1f03624bce3e8b042876c13fa605d0f27d37399c498d8965da27a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' hhs.gov *.hhs.gov
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: frame-ancestors 'self' hhs.gov *.hhs.gov
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 11 Jun 2024 17:49:44 GMT
last-modified: Thu, 06 Jun 2024 23:01:11 GMT
strict-transport-security: max-age=31536000;includeSubDomains;preload
etag: "66623fb7-2ea7"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=266, origin; dur=0, ak_p; desc="1718128184172_34911185_26475775_26596_7505_18_0_255";dur=1
accept-ranges: bytes
content-length: 3060
x-request-id: 6a268da04c9b671f32c2cc71f0513036

GET
H2 200 css_u8iLDafwaLCwx-9qX1vh55WmyQb_X0gpnSh3h4YlPts.css
www.hhs.gov/sites/default/files/css/ 594 KB
87 KB 290ms
289ms Stylesheet
text/css 2a02:26f0:480:d8d::219c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hhs.gov/sites/default/files/css/css_u8iLDafwaLCwx-9qX1vh55WmyQb_X0gpnSh3h4YlPts.css?delta=1&language=en&theme=hhs_uswds&include=eJxNzlEOwiAQBNALUTkS2ZaxbKSFMIu1nt5qE_VrJvMxedxpWPwohEuJoXOL9HMuo-TPMJd76Bpsg9zodamlGWKg7Rl011JsLQb6b3NVmsxNaqKPrVfJl99y6WvtY1YmRMcyqeSwIKq8BTr9EQwPGxqozxNGSJuSP-NADbZXSIIcP2rYNCJIRjOvq9oLEf1VKQ

Requested by

Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:d8d::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d469fd596394ada503bb0d3db7f6b497754a74a0eda9acc4f86eaa8531a441a6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' hhs.gov *.hhs.gov
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: frame-ancestors 'self' hhs.gov *.hhs.gov
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 11 Jun 2024 17:49:44 GMT
last-modified: Thu, 06 Jun 2024 22:59:25 GMT
strict-transport-security: max-age=31536000;includeSubDomains;preload
etag: "66623f4d-94873"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=263, origin; dur=0, ak_p; desc="1718128184172_34911185_26475776_26306_7508_18_0_255";dur=1
accept-ranges: bytes
content-length: 88968
x-request-id: ddf2f0090b7ae5a4e6c59affe33abeb5

GET
H2 200 chosen.min.css
www.hhs.gov/themes/custom/hhs_uswds/js/libraries/chosen/ 10 KB
3 KB 30ms
30ms Stylesheet
text/css 2a02:26f0:480:d8d::219c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hhs.gov/themes/custom/hhs_uswds/js/libraries/chosen/chosen.min.css?seol4y

Requested by

Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:d8d::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

107fc2ce0a096cd103fa0660ca6b30b083ab33d5e121b75227a1f0ae8d3d584e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' hhs.gov *.hhs.gov
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: frame-ancestors 'self' hhs.gov *.hhs.gov
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 11 Jun 2024 17:49:44 GMT
last-modified: Thu, 06 Jun 2024 21:56:23 GMT
strict-transport-security: max-age=31536000;includeSubDomains;preload
etag: "66623087-27ec"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1718128184172_34911185_26475777_28_6969_18_0_255";dur=1
accept-ranges: bytes
content-length: 2273
x-request-id: 89858f7ff69ff0a1ef36a69255588164

GET
H2 200 modernizr.min.js Show response
www.hhs.gov/themes/custom/hhs_uswds/js/libraries/ 9 KB
4 KB 71ms
70ms Script
application/javascript 2a02:26f0:480:d8d::219c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hhs.gov/themes/custom/hhs_uswds/js/libraries/modernizr.min.js?v=3.11.7

Requested by

Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:d8d::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

9239df21ae3e740f16c2fab29d29cb8076e9d724d669044e5f2498e7cf0edd66

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' hhs.gov *.hhs.gov
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: frame-ancestors 'self' hhs.gov *.hhs.gov
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 11 Jun 2024 17:49:44 GMT
last-modified: Thu, 06 Jun 2024 21:56:23 GMT
strict-transport-security: max-age=31536000;includeSubDomains;preload
etag: "66623087-22c1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=43, origin; dur=0, ak_p; desc="1718128184172_34911185_26475778_4356_6605_18_0_219";dur=1
accept-ranges: bytes
content-length: 3708
x-request-id: c46587e4fe9947fe34a8e4f33cdbb810

GET
H2 200 us_flag_small.png
www.hhs.gov/themes/custom/hhs_uswds/images/ 135 B
462 B 31ms
31ms Image
image/gif 2a02:26f0:480:d8d::219c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hhs.gov/themes/custom/hhs_uswds/images/us_flag_small.png

Requested by

Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:d8d::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5b0c01b75ef00b470fab45a25688326a108f326e04b14f9ef18ffad7d429f7b6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' hhs.gov *.hhs.gov
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: frame-ancestors 'self' hhs.gov *.hhs.gov
date: Tue, 11 Jun 2024 17:49:44 GMT
strict-transport-security: max-age=31536000;includeSubDomains;preload
last-modified: Sat, 13 Apr 2024 00:45:42 GMT
etag: "65fde57d-b0"
content-type: image/gif
cache-control: private, no-transform, max-age=1919425
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1718128184172_34911185_26475779_28_8192_18_0_182";dur=1
content-length: 135

GET
H2 200 icon-dot-gov.svg
www.hhs.gov/themes/custom/hhs_uswds/images/ 800 B
848 B 72ms
71ms Image
image/svg+xml 2a02:26f0:480:d8d::219c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hhs.gov/themes/custom/hhs_uswds/images/icon-dot-gov.svg

Requested by

Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:d8d::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

54f6653a149c83b73515cc2ec032a18151b57d3ffe97ef04495ce6623e48d1bb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' hhs.gov *.hhs.gov
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: frame-ancestors 'self' hhs.gov *.hhs.gov
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 11 Jun 2024 17:49:44 GMT
last-modified: Thu, 06 Jun 2024 21:56:23 GMT
strict-transport-security: max-age=31536000;includeSubDomains;preload
etag: "66623087-320"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=35, origin; dur=0, ak_p; desc="1718128184183_34911185_26475789_3545_6285_18_0_182";dur=1
accept-ranges: bytes
content-length: 423
x-request-id: 2ac889e7b6c441e36e1b3a3571cb8b7f

GET
H2 200 icon-https.svg
www.hhs.gov/themes/custom/hhs_uswds/images/ 720 B
812 B 32ms
32ms Image
image/svg+xml 2a02:26f0:480:d8d::219c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hhs.gov/themes/custom/hhs_uswds/images/icon-https.svg

Requested by

Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:d8d::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

912daff95ce9cabae7d0195d39aa98d49c4bec3b975d404ac266534c069cee20

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' hhs.gov *.hhs.gov
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: frame-ancestors 'self' hhs.gov *.hhs.gov
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 11 Jun 2024 17:49:44 GMT
last-modified: Thu, 06 Jun 2024 21:56:23 GMT
strict-transport-security: max-age=31536000;includeSubDomains;preload
etag: "66623087-2d0"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=7, origin; dur=0, ak_p; desc="1718128184209_34911185_26475831_754_5638_18_0_182";dur=1
accept-ranges: bytes
content-length: 387
x-request-id: 1f7c05b009df808b3ff2f5d87983b66d

GET
H2 200 logo-desktop.svg
www.hhs.gov/themes/custom/hhs_uswds/ 42 KB
13 KB 300ms
300ms Image
image/svg+xml 2a02:26f0:480:d8d::219c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hhs.gov/themes/custom/hhs_uswds/logo-desktop.svg

Requested by

Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:d8d::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d061140563c90833146615532fd0b8226ca97038b74db7ca78c104cad7f68061

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' hhs.gov *.hhs.gov
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: frame-ancestors 'self' hhs.gov *.hhs.gov
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 11 Jun 2024 17:49:44 GMT
last-modified: Thu, 06 Jun 2024 21:56:27 GMT
strict-transport-security: max-age=31536000;includeSubDomains;preload
etag: "6662308b-a958"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=275, origin; dur=0, ak_p; desc="1718128184245_34911185_26475903_27457_5527_22_0_182";dur=1
accept-ranges: bytes
content-length: 12746
x-request-id: 18cd9e5a9653cb7c0ad0c8f717344b12

GET
H2 200 close-white-2.svg
www.hhs.gov/themes/custom/hhs_uswds/images/ 585 B
825 B 300ms
300ms Image
image/svg+xml 2a02:26f0:480:d8d::219c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hhs.gov/themes/custom/hhs_uswds/images/close-white-2.svg

Requested by

Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:d8d::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

cc9f14c4a9a96125899d0ed2b958d12ce311275bea264f4d191aca6c9ebd0a59

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' hhs.gov *.hhs.gov
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: frame-ancestors 'self' hhs.gov *.hhs.gov
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 11 Jun 2024 17:49:44 GMT
last-modified: Thu, 06 Jun 2024 21:56:23 GMT
strict-transport-security: max-age=31536000;includeSubDomains;preload
etag: "66623087-249"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=270, origin; dur=0, ak_p; desc="1718128184251_34911185_26475911_26962_4915_22_0_182";dur=1
accept-ranges: bytes
content-length: 398
x-request-id: 523716b18505f473220634ee426e6860

GET
H2 200 search--blue.svg
www.hhs.gov/themes/custom/hhs_uswds/images/usa-icons-bg/ 696 B
888 B 53ms
51ms Image
image/svg+xml 2a02:26f0:480:d8d::219c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hhs.gov/themes/custom/hhs_uswds/images/usa-icons-bg/search--blue.svg

Requested by

Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:d8d::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

0cd8c3832c7dbdea696b8f8b30aab2a2bd07862a597b1b2aeb92f1c0730250ab

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' hhs.gov *.hhs.gov
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: frame-ancestors 'self' hhs.gov *.hhs.gov
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 11 Jun 2024 17:49:44 GMT
last-modified: Thu, 06 Jun 2024 21:56:23 GMT
strict-transport-security: max-age=31536000;includeSubDomains;preload
etag: "66623087-2b8"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=1, origin; dur=0, ak_p; desc="1718128184544_34911185_26476453_156_5984_20_0_219";dur=1
accept-ranges: bytes
content-length: 462
x-request-id: b396f08112465c0c27ad4748f0142dac

GET
H2 200 text-resize.svg
www.hhs.gov/themes/custom/hhs_uswds/images/ 703 B
846 B 51ms
50ms Image
image/svg+xml 2a02:26f0:480:d8d::219c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hhs.gov/themes/custom/hhs_uswds/images/text-resize.svg

Requested by

Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:d8d::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7892953878bab9d973434c986c5c6d4e1f128217d37f88fb0341fdd140429a01

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' hhs.gov *.hhs.gov
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: frame-ancestors 'self' hhs.gov *.hhs.gov
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 11 Jun 2024 17:49:44 GMT
last-modified: Thu, 06 Jun 2024 21:56:23 GMT
strict-transport-security: max-age=31536000;includeSubDomains;preload
etag: "66623087-2bf"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=1, origin; dur=0, ak_p; desc="1718128184544_34911185_26476454_179_5975_19_0_219";dur=1
accept-ranges: bytes
content-length: 421
x-request-id: 66080d29259d349c3950bfa8a311146d

GET
H2 200 logo-footer.svg
www.hhs.gov/themes/custom/hhs_uswds/ 22 KB
8 KB 53ms
52ms Image
image/svg+xml 2a02:26f0:480:d8d::219c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hhs.gov/themes/custom/hhs_uswds/logo-footer.svg

Requested by

Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:d8d::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

cfda00d655e289b53fa8300e74fb8e681131bf9c61f6dc27e656b9060be1ab60

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' hhs.gov *.hhs.gov
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: frame-ancestors 'self' hhs.gov *.hhs.gov
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 11 Jun 2024 17:49:44 GMT
last-modified: Thu, 06 Jun 2024 21:56:27 GMT
strict-transport-security: max-age=31536000;includeSubDomains;preload
etag: "6662308b-58cc"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=3, origin; dur=0, ak_p; desc="1718128184544_34911185_26476455_317_6043_19_0_146";dur=1
accept-ranges: bytes
content-length: 8074
x-request-id: 0bdf8dfba1a6ac2797dcd439dd62efdf

GET
H2 200 js_Vt0RzIH0YFMfeTj-dut8zED3SVtJoaGEO5j_gpDJSqk.js Show response
www.hhs.gov/sites/default/files/js/ 92 KB
32 KB 129ms
127ms Script
application/javascript 2a02:26f0:480:d8d::219c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hhs.gov/sites/default/files/js/js_Vt0RzIH0YFMfeTj-dut8zED3SVtJoaGEO5j_gpDJSqk.js?scope=footer&delta=0&language=en&theme=hhs_uswds&include=eJxNzlEOwiAQBNALUTkS2ZaxbKSFMIu1nt5qE_VrJvMxedxpWPwohEuJoXOL9HMuo-TPMJd76Bpsg9zodamlGWKg7Rl011JsLQb6b3NVmsxNaqKPrVfJl99y6WvtY1YmRMcyqeSwIKq8BTr9EQwPGxqozxNGSJuSP-NADbZXSIIcP2rYNCJIRjOvq9oLEf1VKQ

Requested by

Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:d8d::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

44331f4bf82ba7af7a4bfe091c90202e9947ac209a4cfb27296c56d92e81191b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' hhs.gov *.hhs.gov
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: frame-ancestors 'self' hhs.gov *.hhs.gov
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 11 Jun 2024 17:49:44 GMT
last-modified: Thu, 06 Jun 2024 22:58:37 GMT
strict-transport-security: max-age=31536000;includeSubDomains;preload
etag: "66623f1d-170af"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=91, origin; dur=0, ak_p; desc="1718128184525_34911185_26476418_9169_7257_24_0_219";dur=1
accept-ranges: bytes
content-length: 32580
x-request-id: b4b7c7af7a8d9411ca8750980473a655

GET
H2 200 common.min.js Show response
www.hhs.gov/themes/custom/hhs_uswds/js/dist/ 52 KB
17 KB 36ms
34ms Script
application/javascript 2a02:26f0:480:d8d::219c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hhs.gov/themes/custom/hhs_uswds/js/dist/common.min.js?v=1.0.1

Requested by

Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:d8d::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

37f592cb61175a163c00876c137b71a8688bd1e7d311dc450a783c7797088629

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' hhs.gov *.hhs.gov
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: frame-ancestors 'self' hhs.gov *.hhs.gov
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 11 Jun 2024 17:49:44 GMT
last-modified: Thu, 06 Jun 2024 21:56:23 GMT
strict-transport-security: max-age=31536000;includeSubDomains;preload
etag: "66623087-ce50"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=2, origin; dur=0, ak_p; desc="1718128184526_34911185_26476419_242_6803_22_0_182";dur=1
accept-ranges: bytes
content-length: 16940
x-request-id: daf56b7d3f5fb762dc646dbabca14575

GET
H2 200 uswds-init.min.js Show response
www.hhs.gov/themes/custom/hhs_uswds/js/libraries/ 826 B
918 B 35ms
33ms Script
application/javascript 2a02:26f0:480:d8d::219c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hhs.gov/themes/custom/hhs_uswds/js/libraries/uswds-init.min.js?v=1.0.2

Requested by

Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:d8d::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

63a2d8f905f0eb3a998f0bfc0bc3520d7a45718248bc72a1ea864bc953b3a111

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' hhs.gov *.hhs.gov
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: frame-ancestors 'self' hhs.gov *.hhs.gov
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 11 Jun 2024 17:49:44 GMT
last-modified: Thu, 06 Jun 2024 21:56:23 GMT
strict-transport-security: max-age=31536000;includeSubDomains;preload
etag: "66623087-33a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=2, origin; dur=0, ak_p; desc="1718128184526_34911185_26476420_213_6733_22_0_182";dur=1
accept-ranges: bytes
content-length: 487
x-request-id: ee5eacfddbef66bd5dcb63562f52686b

GET
H2 200 scripts.min.js Show response
www.hhs.gov/themes/custom/hhs_uswds/js/dist/ 6 KB
3 KB 126ms
125ms Script
application/javascript 2a02:26f0:480:d8d::219c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hhs.gov/themes/custom/hhs_uswds/js/dist/scripts.min.js?v=1.0.2

Requested by

Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:d8d::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ad1db9c84b3859822e50b4c3e4624326167adb0924d0db62d713f0ac626190f6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' hhs.gov *.hhs.gov
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: frame-ancestors 'self' hhs.gov *.hhs.gov
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 11 Jun 2024 17:49:44 GMT
last-modified: Thu, 06 Jun 2024 21:56:23 GMT
strict-transport-security: max-age=31536000;includeSubDomains;preload
etag: "66623087-191c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=90, origin; dur=0, ak_p; desc="1718128184526_34911185_26476421_8985_6682_24_0_182";dur=1
accept-ranges: bytes
content-length: 2420
x-request-id: 657be192b6b6c32468c9ea1368a0236d

GET
H2 200 js_TKnpDM_92qbhfTosSC1KKcsOV4rI76v9n9Wda5E-Vuc.js Show response
www.hhs.gov/sites/default/files/js/ 33 KB
10 KB 127ms
126ms Script
application/javascript 2a02:26f0:480:d8d::219c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hhs.gov/sites/default/files/js/js_TKnpDM_92qbhfTosSC1KKcsOV4rI76v9n9Wda5E-Vuc.js?scope=footer&delta=4&language=en&theme=hhs_uswds&include=eJxNzlEOwiAQBNALUTkS2ZaxbKSFMIu1nt5qE_VrJvMxedxpWPwohEuJoXOL9HMuo-TPMJd76Bpsg9zodamlGWKg7Rl011JsLQb6b3NVmsxNaqKPrVfJl99y6WvtY1YmRMcyqeSwIKq8BTr9EQwPGxqozxNGSJuSP-NADbZXSIIcP2rYNCJIRjOvq9oLEf1VKQ

Requested by

Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:d8d::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

127ddb9e1176c8e914af91b54de652b8c1e42964cdaca67c96143b0be7281ba1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' hhs.gov *.hhs.gov
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: frame-ancestors 'self' hhs.gov *.hhs.gov
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 11 Jun 2024 17:49:44 GMT
last-modified: Thu, 06 Jun 2024 22:58:37 GMT
strict-transport-security: max-age=31536000;includeSubDomains;preload
etag: "66623f1d-82d1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=89, origin; dur=0, ak_p; desc="1718128184526_34911185_26476422_8928_7291_24_0_182";dur=1
accept-ranges: bytes
content-length: 10263
x-request-id: 68712eed2170a8ccb587bb780ed68c74

GET
H2 200 chosen.jquery.min.js Show response
www.hhs.gov/themes/custom/hhs_uswds/js/libraries/chosen/ 30 KB
7 KB 33ms
31ms Script
application/javascript 2a02:26f0:480:d8d::219c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hhs.gov/themes/custom/hhs_uswds/js/libraries/chosen/chosen.jquery.min.js?v=1.0.2

Requested by

Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:d8d::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

cdb66cc1d3d413cde2f396328e482211b433bc15aa9fb1d331b33f67ee059550

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' hhs.gov *.hhs.gov
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: frame-ancestors 'self' hhs.gov *.hhs.gov
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 11 Jun 2024 17:49:44 GMT
last-modified: Thu, 06 Jun 2024 21:56:23 GMT
strict-transport-security: max-age=31536000;includeSubDomains;preload
etag: "66623087-76ed"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1718128184526_34911185_26476423_105_6133_22_0_182";dur=1
accept-ranges: bytes
content-length: 7005
x-request-id: da6fe35a15256360102232ebdf31eae7

GET
H2 200 js_WLrbCmnmenWpcSb2v-eF3QweO6Vl2wa_9zOYv2acXr0.js Show response
www.hhs.gov/sites/default/files/js/ 3 KB
2 KB 295ms
294ms Script
application/javascript 2a02:26f0:480:d8d::219c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hhs.gov/sites/default/files/js/js_WLrbCmnmenWpcSb2v-eF3QweO6Vl2wa_9zOYv2acXr0.js?scope=footer&delta=6&language=en&theme=hhs_uswds&include=eJxNzlEOwiAQBNALUTkS2ZaxbKSFMIu1nt5qE_VrJvMxedxpWPwohEuJoXOL9HMuo-TPMJd76Bpsg9zodamlGWKg7Rl011JsLQb6b3NVmsxNaqKPrVfJl99y6WvtY1YmRMcyqeSwIKq8BTr9EQwPGxqozxNGSJuSP-NADbZXSIIcP2rYNCJIRjOvq9oLEf1VKQ

Requested by

Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:d8d::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5a2046f21693fb7c85966514e6f84c73802a8ef672909d71792c60a515b5b7fe

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' hhs.gov *.hhs.gov
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: frame-ancestors 'self' hhs.gov *.hhs.gov
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 11 Jun 2024 17:49:44 GMT
last-modified: Thu, 06 Jun 2024 22:58:39 GMT
strict-transport-security: max-age=31536000;includeSubDomains;preload
etag: "66623f1f-a15"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=262, origin; dur=0, ak_p; desc="1718128184526_34911185_26476424_26165_7255_19_0_182";dur=1
accept-ranges: bytes
content-length: 1183
x-request-id: 4057ab753ece31b75c31d6b9bd291d9a

GET
H2 200 searchgov-typeahead.js Show response
www.hhs.gov/modules/hhs/shared/hhs_search/assets/ 388 B
680 B 54ms
53ms Script
application/javascript 2a02:26f0:480:d8d::219c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hhs.gov/modules/hhs/shared/hhs_search/assets/searchgov-typeahead.js?seol4y

Requested by

Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:d8d::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

30fcc86d3b4c2298f310378a41789083b37e55b58b1fe1cd141be30317c6569d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' hhs.gov *.hhs.gov
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: frame-ancestors 'self' hhs.gov *.hhs.gov
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 11 Jun 2024 17:49:44 GMT
last-modified: Thu, 06 Jun 2024 21:56:26 GMT
strict-transport-security: max-age=31536000;includeSubDomains;preload
etag: "6662308a-184"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=2, origin; dur=0, ak_p; desc="1718128184544_34911185_26476456_266_6948_19_0_146";dur=1
accept-ranges: bytes
content-length: 250
x-request-id: ceda393b9a09ba83c1c860017157d48b

GET
H2 200 js_q0Yuz1LRxVDVG3E5opegECHR9wiwY3cS-uYAiCzfx54.js Show response
www.hhs.gov/sites/default/files/js/ 5 KB
2 KB 130ms
129ms Script
application/javascript 2a02:26f0:480:d8d::219c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hhs.gov/sites/default/files/js/js_q0Yuz1LRxVDVG3E5opegECHR9wiwY3cS-uYAiCzfx54.js?scope=footer&delta=8&language=en&theme=hhs_uswds&include=eJxNzlEOwiAQBNALUTkS2ZaxbKSFMIu1nt5qE_VrJvMxedxpWPwohEuJoXOL9HMuo-TPMJd76Bpsg9zodamlGWKg7Rl011JsLQb6b3NVmsxNaqKPrVfJl99y6WvtY1YmRMcyqeSwIKq8BTr9EQwPGxqozxNGSJuSP-NADbZXSIIcP2rYNCJIRjOvq9oLEf1VKQ

Requested by

Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:d8d::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e914096d5f8a39c7b4a0019e28bdaf3e075496e337050c352fd4c58b48be364b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' hhs.gov *.hhs.gov
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: frame-ancestors 'self' hhs.gov *.hhs.gov
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 11 Jun 2024 17:49:44 GMT
last-modified: Thu, 06 Jun 2024 22:58:39 GMT
strict-transport-security: max-age=31536000;includeSubDomains;preload
etag: "66623f1f-1234"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=92, origin; dur=0, ak_p; desc="1718128184526_34911185_26476425_9233_7214_24_0_182";dur=1
accept-ranges: bytes
content-length: 1516
x-request-id: fd18aa0b1eac1d1d02ccc21ed8a21430

GET
H2 200 sourcesanspro-regular-webfont.woff2
www.hhs.gov/themes/custom/hhs_uswds/fonts/source-sans-pro/ 20 KB
20 KB 125ms
125ms Font
application/octet-stream 2a02:26f0:480:d8d::219c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hhs.gov/themes/custom/hhs_uswds/fonts/source-sans-pro/sourcesanspro-regular-webfont.woff2

Requested by

Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/css/css_u8iLDafwaLCwx-9qX1vh55WmyQb_X0gpnSh3h4YlPts.css?delta=1&language=en&theme=hhs_uswds&include=eJxNzlEOwiAQBNALUTkS2ZaxbKSFMIu1nt5qE_VrJvMxedxpWPwohEuJoXOL9HMuo-TPMJd76Bpsg9zodamlGWKg7Rl011JsLQb6b3NVmsxNaqKPrVfJl99y6WvtY1YmRMcyqeSwIKq8BTr9EQwPGxqozxNGSJuSP-NADbZXSIIcP2rYNCJIRjOvq9oLEf1VKQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:d8d::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8792619becd8b285e78f14bfcf1ad66e2adbae0f5ec8ad131246621f806ac535

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.hhs.gov/sites/default/files/css/css_u8iLDafwaLCwx-9qX1vh55WmyQb_X0gpnSh3h4YlPts.css?delta=1&language=en&theme=hhs_uswds&include=eJxNzlEOwiAQBNALUTkS2ZaxbKSFMIu1nt5qE_VrJvMxedxpWPwohEuJoXOL9HMuo-TPMJd76Bpsg9zodamlGWKg7Rl011JsLQb6b3NVmsxNaqKPrVfJl99y6WvtY1YmRMcyqeSwIKq8BTr9EQwPGxqozxNGSJuSP-NADbZXSIIcP2rYNCJIRjOvq9oLEf1VKQ
Origin: https://www.hhs.gov
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 17:49:44 GMT
strict-transport-security: max-age=31536000;includeSubDomains;preload
last-modified: Thu, 06 Jun 2024 21:56:23 GMT
etag: "66623087-503c"
content-type: application/octet-stream
access-control-allow-origin: *
server-timing: cdn-cache; desc=HIT, edge; dur=96, origin; dur=0, ak_p; desc="1718128184518_34911185_26476401_9627_6985_24_0_255";dur=1
accept-ranges: bytes
content-length: 20540

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 512 KB
120 KB 135ms
76ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-JLFR

Requested by

Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5301a3b2585691f47c7bf8e0f5a29c00211091859fd1877d27c9102ddcd1c679

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.hhs.gov/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 17:49:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121985
x-xss-protection: 0
last-modified: Tue, 11 Jun 2024 17:03:45 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 11 Jun 2024 17:49:44 GMT

GET
H2 200 sprite.svg
www.hhs.gov/themes/custom/hhs_uswds/images/ 83 KB
22 KB 56ms
55ms Other
image/svg+xml 2a02:26f0:480:d8d::219c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hhs.gov/themes/custom/hhs_uswds/images/sprite.svg

Requested by

Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:d8d::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

2711f20d80d0f69b5056bb95e3093b385f9f56298a98c4d2778ef7c55d432447

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' hhs.gov *.hhs.gov
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: frame-ancestors 'self' hhs.gov *.hhs.gov
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 11 Jun 2024 17:49:44 GMT
last-modified: Thu, 06 Jun 2024 21:56:23 GMT
strict-transport-security: max-age=31536000;includeSubDomains;preload
etag: "66623087-14d98"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=4, origin; dur=0, ak_p; desc="1718128184544_34911185_26476457_399_6871_19_0_146";dur=1
accept-ranges: bytes
content-length: 22109
x-request-id: c1beade3d8135d952abce06f8a39c990

GET
H2 200 sprite.artifact.svg
www.hhs.gov/themes/custom/hhs_uswds/images/ 7 KB
3 KB 55ms
54ms Other
image/svg+xml 2a02:26f0:480:d8d::219c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hhs.gov/themes/custom/hhs_uswds/images/sprite.artifact.svg

Requested by

Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:d8d::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

af12198fcbc14f0a22b0adb0b3223b420d0288a8e8f0c1c0c1e758e91361e971

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' hhs.gov *.hhs.gov
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: frame-ancestors 'self' hhs.gov *.hhs.gov
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 11 Jun 2024 17:49:44 GMT
last-modified: Thu, 06 Jun 2024 21:56:23 GMT
strict-transport-security: max-age=31536000;includeSubDomains;preload
etag: "66623087-1b64"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=3, origin; dur=0, ak_p; desc="1718128184544_34911185_26476458_332_6848_19_0_146";dur=1
accept-ranges: bytes
content-length: 2772
x-request-id: 5cb35bb9003c3fc5ee6d8ab7ce867da2

GET
H2 200 expand_more.svg
www.hhs.gov/themes/custom/hhs_uswds/images/usa-icons/ 182 B
587 B 54ms
54ms Image
image/svg+xml 2a02:26f0:480:d8d::219c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hhs.gov/themes/custom/hhs_uswds/images/usa-icons/expand_more.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:d8d::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fe0ef658114738f046347758fc2f00dddd7e98fadc930048e34675d9153472ac

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' hhs.gov *.hhs.gov
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.hhs.gov/sites/default/files/css/css_u8iLDafwaLCwx-9qX1vh55WmyQb_X0gpnSh3h4YlPts.css?delta=1&language=en&theme=hhs_uswds&include=eJxNzlEOwiAQBNALUTkS2ZaxbKSFMIu1nt5qE_VrJvMxedxpWPwohEuJoXOL9HMuo-TPMJd76Bpsg9zodamlGWKg7Rl011JsLQb6b3NVmsxNaqKPrVfJl99y6WvtY1YmRMcyqeSwIKq8BTr9EQwPGxqozxNGSJuSP-NADbZXSIIcP2rYNCJIRjOvq9oLEf1VKQ
Origin: https://www.hhs.gov
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: frame-ancestors 'self' hhs.gov *.hhs.gov
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 11 Jun 2024 17:49:44 GMT
last-modified: Thu, 06 Jun 2024 21:56:23 GMT
strict-transport-security: max-age=31536000;includeSubDomains;preload
etag: "66623087-b6"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=3, origin; dur=0, ak_p; desc="1718128184544_34911185_26476459_291_6868_19_0_219";dur=1
accept-ranges: bytes
content-length: 163
x-request-id: a5b32717c2bcacf1e64c8e040be67829

GET
H2 200 search--white.svg
www.hhs.gov/themes/custom/hhs_uswds/images/usa-icons-bg/ 387 B
692 B 307ms
307ms Image
image/svg+xml 2a02:26f0:480:d8d::219c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hhs.gov/themes/custom/hhs_uswds/images/usa-icons-bg/search--white.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:d8d::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

85be1f76ce73e5e3a68fc28a6897ad8c910a7d02e057986711264f19ec3f36c6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' hhs.gov *.hhs.gov
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.hhs.gov/sites/default/files/css/css_u8iLDafwaLCwx-9qX1vh55WmyQb_X0gpnSh3h4YlPts.css?delta=1&language=en&theme=hhs_uswds&include=eJxNzlEOwiAQBNALUTkS2ZaxbKSFMIu1nt5qE_VrJvMxedxpWPwohEuJoXOL9HMuo-TPMJd76Bpsg9zodamlGWKg7Rl011JsLQb6b3NVmsxNaqKPrVfJl99y6WvtY1YmRMcyqeSwIKq8BTr9EQwPGxqozxNGSJuSP-NADbZXSIIcP2rYNCJIRjOvq9oLEf1VKQ
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: frame-ancestors 'self' hhs.gov *.hhs.gov
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 11 Jun 2024 17:49:44 GMT
last-modified: Thu, 06 Jun 2024 21:56:23 GMT
strict-transport-security: max-age=31536000;includeSubDomains;preload
etag: "66623087-183"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=259, origin; dur=0, ak_p; desc="1718128184544_34911185_26476460_25920_6840_19_0_219";dur=1
accept-ranges: bytes
content-length: 263
x-request-id: d98ddb8d92a076a99fb49711c7564933

GET
H2 200 navigate_next.svg
www.hhs.gov/themes/custom/hhs_uswds/images/usa-icons/ 184 B
594 B 312ms
312ms Image
image/svg+xml 2a02:26f0:480:d8d::219c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hhs.gov/themes/custom/hhs_uswds/images/usa-icons/navigate_next.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:d8d::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

927f3948559fc75c26f4f84ec09bd1eec1e92f5ddafbea26e4a821d06c2d0dc1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' hhs.gov *.hhs.gov
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.hhs.gov/sites/default/files/css/css_u8iLDafwaLCwx-9qX1vh55WmyQb_X0gpnSh3h4YlPts.css?delta=1&language=en&theme=hhs_uswds&include=eJxNzlEOwiAQBNALUTkS2ZaxbKSFMIu1nt5qE_VrJvMxedxpWPwohEuJoXOL9HMuo-TPMJd76Bpsg9zodamlGWKg7Rl011JsLQb6b3NVmsxNaqKPrVfJl99y6WvtY1YmRMcyqeSwIKq8BTr9EQwPGxqozxNGSJuSP-NADbZXSIIcP2rYNCJIRjOvq9oLEf1VKQ
Origin: https://www.hhs.gov
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: frame-ancestors 'self' hhs.gov *.hhs.gov
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 11 Jun 2024 17:49:44 GMT
last-modified: Thu, 06 Jun 2024 21:56:23 GMT
strict-transport-security: max-age=31536000;includeSubDomains;preload
etag: "66623087-b8"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=264, origin; dur=0, ak_p; desc="1718128184544_34911185_26476461_26426_6788_19_0_219";dur=1
accept-ranges: bytes
content-length: 167
x-request-id: 33f61b51a32805123dce85f6c25292b1

GET
H2 200 sourcesanspro-bold-webfont.woff2
www.hhs.gov/themes/custom/hhs_uswds/fonts/source-sans-pro/ 20 KB
20 KB 136ms
135ms Font
application/octet-stream 2a02:26f0:480:d8d::219c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hhs.gov/themes/custom/hhs_uswds/fonts/source-sans-pro/sourcesanspro-bold-webfont.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:d8d::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

83f67df68dac5c435d964be278d39f70ad8605265b6b99918a46451b77552e92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.hhs.gov/sites/default/files/css/css_u8iLDafwaLCwx-9qX1vh55WmyQb_X0gpnSh3h4YlPts.css?delta=1&language=en&theme=hhs_uswds&include=eJxNzlEOwiAQBNALUTkS2ZaxbKSFMIu1nt5qE_VrJvMxedxpWPwohEuJoXOL9HMuo-TPMJd76Bpsg9zodamlGWKg7Rl011JsLQb6b3NVmsxNaqKPrVfJl99y6WvtY1YmRMcyqeSwIKq8BTr9EQwPGxqozxNGSJuSP-NADbZXSIIcP2rYNCJIRjOvq9oLEf1VKQ
Origin: https://www.hhs.gov
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 17:49:44 GMT
strict-transport-security: max-age=31536000;includeSubDomains;preload
last-modified: Thu, 06 Jun 2024 21:56:23 GMT
etag: "66623087-4f90"
content-type: application/octet-stream
access-control-allow-origin: *
server-timing: cdn-cache; desc=HIT, edge; dur=98, origin; dur=0, ak_p; desc="1718128184544_34911185_26476462_9805_5878_21_0_255";dur=1
accept-ranges: bytes
content-length: 20368

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 288 KB
98 KB 52ms
52ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3YLR8EGLBW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-JLFR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7856a87457de5aa5813ab2c3e8206306ae67797b84a58d9559944c12ead5c763

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.hhs.gov/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 17:49:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 100091
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 11 Jun 2024 17:49:44 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 271 KB
93 KB 55ms
54ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8RZ83J1052&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-JLFR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9ea4c3087c548abc4375b302a05189e6b488b703369fa5db32a97d6808e3a6b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.hhs.gov/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 17:49:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95507
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 11 Jun 2024 17:49:44 GMT

GET
H2 200 7360.js Show response
script.crazyegg.com/pages/scripts/0005/ 6 KB
2 KB 107ms
47ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0005/7360.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-JLFR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4caaf1c29e057c944fbb240c70137f657308a1ebd08e5764c73d31d3c8f4b52e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.hhs.gov/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 17:49:44 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 38782
cf-polished: origSize=6229
ce-version: 11.5.219
cf-bgj: minify
last-modified: Tue, 11 Jun 2024 07:03:22 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-ray: 892370832f722bb2-FRA

GET
H2

200

web-vitals.iife.js Show response
unpkg.com/web-vitals@4.1.1/dist/
Redirect Chain

https://unpkg.com/web-vitals/dist/web-vitals.iife.js
https://unpkg.com/web-vitals@4.1.1/dist/web-vitals.iife.js

7 KB
3 KB

47ms
46ms

Script
application/javascript

2606:4700::6811:f6cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@4.1.1/dist/web-vitals.iife.js

Requested by

Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf

Protocol

Server

2606:4700::6811:f6cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

adf7f9b0dd938575c72ff1592ea18e7ab9bc53ff8838a38c8484c10f5d9be7fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.hhs.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Tue, 11 Jun 2024 17:49:44 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 54020
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01J02K6H2G2F2K00RVSZHRGF92-fra
server: cloudflare
etag: "1c0c-hOpjVE2mSiNVJWsLrpc64ergTOY"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 892370835d0d9960-FRA

Redirect headers

date: Tue, 11 Jun 2024 17:49:44 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
fly-request-id: 01J046F3TVS1C1MWPWT1HCYXEA-fra
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 261
server: cloudflare
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /web-vitals@4.1.1/dist/web-vitals.iife.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 892370831ccf9960-FRA

GET
H2 200 Universal-Federated-Analytics-Min.js Show response
dap.digitalgov.gov/ 30 KB
9 KB 95ms
30ms Script
application/javascript 2600:9000:262a:d200:5:83ea:ba80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dap.digitalgov.gov/Universal-Federated-Analytics-Min.js?agency=hhs&subagency=aspa&sitetopic=health&siteplatform=drupal%2010%20&sdor=hhs.gov&dclink=true&yt=true&pua=UA-36351725-9&autotracker=true&sp=sitesearchtracking,q&parallelcd=true&palagencydim=dimension1|1&palsubagencydim=dimension2|2&palversiondim=dimension3|3&paltopicdim=dimension4|4&paltopicdim=dimension5|5&cto=24
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-JLFR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:262a:d200:5:83ea:ba80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 796731c9ec6b19fe8e6c4449b405a6112806b973dc38108a845366e8803aac8c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.hhs.gov/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: cS6DDXCx0_0tmD1G79EAkElinAY95t.i
content-encoding: gzip
via: 1.1 5e9eaa4dae17f466e627d76765f5de64.cloudfront.net (CloudFront)
date: Tue, 11 Jun 2024 02:10:14 GMT
x-amz-cf-pop: CDG52-P6
age: 56371
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 25 May 2024 00:46:12 GMT
server: AmazonS3
etag: W/"e4cf153a40c6c1fd51f21d602a5abd22"
vary: Accept-Encoding
content-type: application/javascript
x-amz-cf-id: Gm2amut0-NnWOkM98qm0IeGPbbIWCsrx5s4nuHVr3MSknyRpfOBcgQ==

GET
H3 200 siteanalyze_6282609.js Show response
siteimproveanalytics.com/js/ 53 KB
17 KB 67ms
36ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://siteimproveanalytics.com/js/siteanalyze_6282609.js
Requested by: Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 310739ac565a03829c1bd2eda48370090c215b66e85233be1c8ce85cba475c6b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.hhs.gov/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 17:49:44 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: PE8K7W62ZM09VW5K
age: 2099
alt-svc: h3=":443"; ma=86400
content-length: 16449
x-amz-id-2: YH1+Vux+HRBD8se1FG4gILUYfemj5ssU3B5sA0M45snqAkiKuLcgk5gkcrNRtyTI90aKAUdwpc0=
last-modified: Thu, 23 May 2024 14:33:11 GMT
server: cloudflare
etag: "b384ee7824fbe34a43982043ecf5e8c5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QeEJvCKl91qbcniC5mpZAnEuDik08L3rJsEJfMIkUTTFoEPkdbCS85DRD6GLt16f2M1kRMIIcT%2FVEjJp1vfqMQWkh1Jfs%2BdpBrzU5nNnCDBP9DmFvnrNrQgLUx7BQWmTnSdUzl1BMuRc9N0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400, no-transform
accept-ranges: bytes
cf-ray: 89237083089c0476-FRA

GET
H2

200

sayt_loader.js Show response
search.usa.gov/assets/
Redirect Chain

https://search.usa.gov/javascripts/remote.loader.js
https://search.usa.gov/assets/sayt_loader.js

2 KB
1 KB

296ms
295ms

Script
application/javascript

2600:9000:223d:8800:a:4fc7:79c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://search.usa.gov/assets/sayt_loader.js

Requested by

Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf

Protocol

Server

2600:9000:223d:8800:a:4fc7:79c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

e11bda5b7f71c9b452e912eb2ccbada3fe33e6d1afb7f48e981d23085f982b4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.hhs.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Tue, 11 Jun 2024 17:49:43 GMT
content-encoding: gzip
via: 1.1 proxy3.us-east-1.prod.infr.search.usa.gov:8443, 1.1 68eb499493257a6d0620a0f6abdc78ca.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-amz-cf-pop: FRA56-P3
age: 2
x-cache: Miss from cloudfront
content-length: 954
last-modified: Thu, 23 May 2024 19:27:43 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: p0cI-iqOP6BaZ7eXaedHF48ujZnXue4SBr4jk2E3vKS09_KJJk41rQ==
expires: Tue, 11 Jun 2024 18:49:43 GMT

Redirect headers

date: Tue, 11 Jun 2024 17:49:44 GMT
via: 1.1 68eb499493257a6d0620a0f6abdc78ca.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: FRA56-P3
x-cache: Miss from cloudfront
content-type: text/html; charset=iso-8859-1
location: https://search.usa.gov/assets/sayt_loader.js
content-length: 252
x-amz-cf-id: 0zo4wAmIOvUEDcOiAj_KPXhsUhJj_9e5ChV3aha3qzXxGxhxwRkaQQ==

GET
H2 200 load Show response
www.hhs.gov/sitewide_alert/ 21 B
500 B 134ms
134ms Fetch
application/json 2a02:26f0:480:d8d::219c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hhs.gov/sitewide_alert/load

Requested by

Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/js/js_q0Yuz1LRxVDVG3E5opegECHR9wiwY3cS-uYAiCzfx54.js?scope=footer&delta=8&language=en&theme=hhs_uswds&include=eJxNzlEOwiAQBNALUTkS2ZaxbKSFMIu1nt5qE_VrJvMxedxpWPwohEuJoXOL9HMuo-TPMJd76Bpsg9zodamlGWKg7Rl011JsLQb6b3NVmsxNaqKPrVfJl99y6WvtY1YmRMcyqeSwIKq8BTr9EQwPGxqozxNGSJuSP-NADbZXSIIcP2rYNCJIRjOvq9oLEf1VKQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:d8d::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

884be02526ba926246005e45c6fd619fb4e0b53265d5d82db187a35a98690d55

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' hhs.gov *.hhs.gov
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: frame-ancestors 'self' hhs.gov *.hhs.gov
date: Tue, 11 Jun 2024 17:49:44 GMT
x-content-type-options: nosniff, nosniff
strict-transport-security: max-age=31536000;includeSubDomains;preload
x-frame-options: SAMEORIGIN
content-type: application/json
content-language: en
x-generator: Drupal 10 (https://www.drupal.org)
cache-control: public, max-age=417, s-maxage=600
server-timing: cdn-cache; desc=HIT, edge; dur=108, origin; dur=0, ak_p; desc="1718128184817_34911185_26476961_10780_7858_18_0_219";dur=1
x-drupal-cache: HIT
content-length: 21
x-request-id: 88b8bc12910a288434fb347222d558d7

POST
H2 204 collect
region1.analytics.google.com/g/ 0
252 B 88ms
28ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-8RZ83J1052&gtm=45je46a0v9105278010z8548905za200zb548905&_p=1718128184510&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1764285058.1718128185&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1718128184&sct=1&seg=0&dl=https%3A%2F%2Fwww.hhs.gov%2Fsites%2Fdefault%2Ffiles%2F2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf&dt=Page%20Not%20Found%20%7C%20HHS.gov&en=page_view&_fv=1&_nsi=1&_ss=1&ep.site_host=www.hhs.gov&ep.page_date_modified=Not%20Found&ep.page_content_generator=drupal%2010%20&ep.page_date_created=Not%20Found&ep.page_creator=Not%20Found&ep.page_office=aspa&ep.page_content_type=Not%20Found&ep.page_division=dcd&ep.page_audience=content%20creator%20missing&ep.page_author=Not%20Found&ep.page_word_count=%3C200&ep.page_meta_canonical_url=https%3A%2F%2Fwww.hhs.gov%2Fpage-not-found&ep.page_meta_pub_date=2021-05-05T09%3A05%3A45-0400&ep.page_meta_create_date=2021-05-05T09%3A05%3A45-0400&ep.page_meta_mod_date=2023-09-08T18%3A06%3A10-0400&ep.page_last_reviewed=&ep.page_content_creator=&tfd=1396
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8RZ83J1052&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.hhs.gov/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 17:49:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.hhs.gov
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
252 B 93ms
27ms Ping
text/plain 2a00:1450:400c:c0d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-8RZ83J1052&cid=1764285058.1718128185&gtm=45je46a0v9105278010z8548905za200zb548905&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8RZ83J1052&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0d::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.hhs.gov/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 17:49:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.hhs.gov
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 113ms
85ms Image
image/gif 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8RZ83J1052&cid=1764285058.1718128185&gtm=45je46a0v9105278010z8548905za200zb548905&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=84583976

Requested by

Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.hhs.gov/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 17:49:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 69ms
28ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-3YLR8EGLBW&gtm=45je46a0v885882153z8548905za200zb548905&_p=1718128184510&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1764285058.1718128185&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1718128184&sct=1&seg=0&dl=https%3A%2F%2Fwww.hhs.gov%2Fsites%2Fdefault%2Ffiles%2F2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf&dt=Page%20Not%20Found%20%7C%20HHS.gov&en=page_view&_fv=1&_ss=1&ep.site_host=www.hhs.gov&ep.page_date_modified=Not%20Found&ep.page_content_generator=drupal%2010%20&ep.page_date_created=Not%20Found&ep.page_creator=Not%20Found&ep.page_office=aspa&ep.page_content_type=Not%20Found&ep.page_division=dcd&ep.page_audience=content%20creator%20missing&ep.page_author=Not%20Found&ep.page_word_count=%3C200&ep.timestamp=2024-06-11T19%3A49%3A44.750%2B02%3A00&ep.page_meta_canonical_url=https%3A%2F%2Fwww.hhs.gov%2Fpage-not-found&ep.page_meta_pub_date=2021-05-05T09%3A05%3A45-0400&ep.page_meta_create_date=2021-05-05T09%3A05%3A45-0400&ep.page_meta_mod_date=2023-09-08T18%3A06%3A10-0400&ep.page_last_reviewed=&ep.page_content_creator=&tfd=1416
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3YLR8EGLBW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.hhs.gov/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 17:49:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.hhs.gov
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
54 B 73ms
27ms Ping
text/plain 2a00:1450:400c:c0d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-3YLR8EGLBW&cid=1764285058.1718128185&gtm=45je46a0v885882153z8548905za200zb548905&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3YLR8EGLBW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0d::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.hhs.gov/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 17:49:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.hhs.gov
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 63ms
55ms Image
image/gif 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-3YLR8EGLBW&cid=1764285058.1718128185&gtm=45je46a0v885882153z8548905za200zb548905&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=1012456963

Requested by

Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.hhs.gov/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 17:49:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 www.hhs.gov.json Show response
script.crazyegg.com/pages/data-scripts/0005/7360/site/ 6 KB
2 KB 92ms
44ms XHR
application/json 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0005/7360/site/www.hhs.gov.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0005/7360.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6ff0c966e0f1c31fcd344d1a0e176ade8bbac5fdc9e7008786b92b3d0028ebc

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.hhs.gov/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 17:49:44 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 38781
ce-version: 11.5.219
content-length: 1903
last-modified: Tue, 11 Jun 2024 07:03:23 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 89237083f8c5974b-FRA

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 267 KB
93 KB 43ms
43ms Script
application/javascript 142.250.185.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CSLL4ZEK4L

Requested by

Host: dap.digitalgov.gov
URL: https://dap.digitalgov.gov/Universal-Federated-Analytics-Min.js?agency=hhs&subagency=aspa&sitetopic=health&siteplatform=drupal%2010%20&sdor=hhs.gov&dclink=true&yt=true&pua=UA-36351725-9&autotracker=true&sp=sitesearchtracking,q&parallelcd=true&palagencydim=dimension1|1&palsubagencydim=dimension2|2&palversiondim=dimension3|3&paltopicdim=dimension4|4&paltopicdim=dimension5|5&cto=24

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

82e026997f68eacb9421c68140885b89ddc75ad9d4fa341bf9876b45d76852f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.hhs.gov/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 17:49:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94756
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 11 Jun 2024 17:49:44 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 79ms
19ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.hhs.gov/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 11 Jun 2024 17:41:03 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 521
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 11 Jun 2024 19:41:03 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 267 KB
93 KB 52ms
52ms Script
application/javascript 142.250.185.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CSLL4ZEK4L&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-JLFR

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

8f1e51cba67ce0e93514e444345a39abf7aacc6b6c384d1f8764b2ea36fecad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.hhs.gov/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 17:49:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94839
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 11 Jun 2024 17:49:44 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 91ms
42ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9ea04bbcb32373fe616a45ebd0f89246420fb1836005dd508bdd24c35deb42d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.hhs.gov/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 17:49:44 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Tue, 11 Jun 2024 17:49:44 GMT

GET
H2 200 image.aspx
6282609.global.r2.siteimproveanalytics.io/ 34 B
149 B 116ms
20ms Image
image/gif 3.65.220.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6282609.global.r2.siteimproveanalytics.io/image.aspx?url=https%3A%2F%2Fwww.hhs.gov%2Fsites%2Fdefault%2Ffiles%2F2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf&title=Page%20Not%20Found%20%7C%20HHS.gov&res=1600x1200&accountid=6282609&rt=1451&luid=3e6c6756-883a-2706-7583-3520b667cce8&dnt=true&ckl=1&rnd=64853
Requested by: Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.65.220.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-65-220-214.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.hhs.gov/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-type: image/gif
date: Tue, 11 Jun 2024 17:49:45 GMT
cache-control: max-age=0
content-length: 34
expires: Tue, 11 Jun 2024 17:49:45 UTC

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
204 B 27ms
26ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1833972093&t=pageview&_s=1&dl=https%3A%2F%2Fwww.hhs.gov%2Fsites%2Fdefault%2Ffiles%2F2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf&dp=%2Fvpv404%2Fsites%2Fdefault%2Ffiles%2F2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf&ul=de-de&de=UTF-8&dt=Page%20Not%20Found%20%7C%20HHS.gov&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAQABAAAAACAGqC~&jid=334723514&gjid=420502479&cid=1764285058.1718128185&tid=UA-33523145-1&_gid=662651360.1718128185&_r=1&cd1=HHS&cd2=ASPA&cd3=20240524%20v7.05%20-%20Dual%20Tracking&cd4=health&cd5=drupal%2010%20&cd6=https%3A%2F%2Fdap.digitalgov.gov%2FUniversal-Federated-Analytics-Min.js&cd7=https%3A&z=1100398461

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.hhs.gov/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 17:49:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.hhs.gov
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
69 B 26ms
26ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1833972093&t=pageview&_s=1&dl=https%3A%2F%2Fwww.hhs.gov%2Fsites%2Fdefault%2Ffiles%2F2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf&dp=%2Fvpv404%2Fsites%2Fdefault%2Ffiles%2F2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf&ul=de-de&de=UTF-8&dt=Page%20Not%20Found%20%7C%20HHS.gov&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAQABAAAAACAGqCC~&jid=1081132709&gjid=129629916&cid=1764285058.1718128185&tid=UA-36351725-9&_gid=662651360.1718128185&_r=1&cd1=HHS&cd2=ASPA&cd3=20240524%20v7.05%20-%20Dual%20Tracking&cd5=drupal%2010%20&cd6=https%3A%2F%2Fdap.digitalgov.gov%2FUniversal-Federated-Analytics-Min.js&cd7=https%3A&z=2026666859

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.hhs.gov/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 17:49:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.hhs.gov
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 c4a0cee38f34af4997358540c52536c0.js Show response
script.crazyegg.com/pages/versioned/common-scripts/ 106 KB
35 KB 43ms
42ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/common-scripts/c4a0cee38f34af4997358540c52536c0.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0005/7360.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c92515216a3f37bd03633ec620a700c9dacdbd31eda4782bdd3af9d69db55107

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.hhs.gov/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 17:49:45 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 04 Jun 2024 16:56:33 GMT
server: cloudflare
age: 87927
cf-polished: origSize=108589
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
timing-allow-origin: *
cf-ray: 8923708449462bb2-FRA

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/4fc7f9fa/www-widgetapi.vflset/ 37 KB
13 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4fc7f9fa/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0bf2e9f81fa82f306a38ab2b997ecdbe3e44d8e9468c10b7b5473486a8e4c81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.hhs.gov/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 17:21:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1666
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12617
x-xss-protection: 0
last-modified: Mon, 10 Jun 2024 04:18:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 11 Jun 2025 17:21:59 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 37ms
31ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-CSLL4ZEK4L&gtm=45je46a0v9131934939za200zb548905&_p=1718128184510&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1764285058.1718128185&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&dl=https%3A%2F%2Fwww.hhs.gov%2Fvpv404%2Fsites%2Fdefault%2Ffiles%2F2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf&dt=Page%20Not%20Found%20%7C%20HHS.gov&sid=1718128185&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.agency=HHS&ep.subagency=ASPA&ep.site_topic=health&ep.site_platform=drupal%2010%20&ep.script_source=https%3A%2F%2Fdap.digitalgov.gov%2Funiversal-federated-analytics-min.js&ep.version=20240524%20v7.05%20-%20dual%20tracking&ep.protocol=https%3A&tfd=1548
Requested by: Host: dap.digitalgov.gov
URL: https://dap.digitalgov.gov/Universal-Federated-Analytics-Min.js?agency=hhs&subagency=aspa&sitetopic=health&siteplatform=drupal%2010%20&sdor=hhs.gov&dclink=true&yt=true&pua=UA-36351725-9&autotracker=true&sp=sitesearchtracking,q&parallelcd=true&palagencydim=dimension1|1&palsubagencydim=dimension2|2&palversiondim=dimension3|3&paltopicdim=dimension4|4&paltopicdim=dimension5|5&cto=24
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.hhs.gov/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 17:49:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.hhs.gov
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 30ms
29ms XHR
text/plain 2a00:1450:400c:c0d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-36351725-9&cid=1764285058.1718128185&jid=1081132709&gjid=129629916&_gid=662651360.1718128185&_u=YADAAQABAAAAACAGqCC~&z=1796380761

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0d::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.hhs.gov/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 11 Jun 2024 17:49:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.hhs.gov
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 www.hhs.gov.json Show response
script.crazyegg.com/pages/data-scripts/0005/7360/sampling/ 146 B
256 B 38ms
38ms XHR
application/json 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0005/7360/sampling/www.hhs.gov.json?t=477257
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/c4a0cee38f34af4997358540c52536c0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7acdfc2dcf05f89ec0a82ebb174f51716277d8bc953575f4917119f4a39cdfe

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.hhs.gov/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 17:49:45 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2926
ce-version: 11.5.219
content-length: 142
last-modified: Tue, 11 Jun 2024 17:00:59 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8923708499a4974b-FRA

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 128ms
87ms Image
image/gif 142.250.186.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-36351725-9&cid=1764285058.1718128185&jid=1081132709&_u=YADAAQABAAAAACAGqCC~&z=1731104534

Requested by

Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.hhs.gov/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 17:49:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 54ms
54ms Image
image/gif 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-36351725-9&cid=1764285058.1718128185&jid=1081132709&_u=YADAAQABAAAAACAGqCC~&z=1731104534

Requested by

Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.hhs.gov/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 17:49:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 healthcheck Show response
pagestates-tracking.crazyegg.com/ 19 B
460 B 85ms
25ms XHR
application/json 18.239.94.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pagestates-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/c4a0cee38f34af4997358540c52536c0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.94.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-94-57.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.hhs.gov/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 20 Sep 2023 01:43:28 GMT
via: 1.1 8ac1a27a8fede22f241f081ad0edec42.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P3
age: 22953978
x-cache: Hit from cloudfront
content-length: 19
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
server: AmazonS3
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
accept-ranges: bytes
x-amz-cf-id: AbdosiKNKVvGSfaG3n1x0QPFspTVuDTZCPKYmQ-cMtacjJ-LnsYM7g==

GET
H2 200 healthcheck Show response
assets-tracking.crazyegg.com/ 19 B
462 B 103ms
26ms XHR
application/json 18.239.18.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/c4a0cee38f34af4997358540c52536c0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.18.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-18-125.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.hhs.gov/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 19 Aug 2023 04:00:49 GMT
via: 1.1 a2bbc9a5f1a7ffcf013479d79f036bbc.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P6
age: 25710537
x-cache: Hit from cloudfront
content-length: 19
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
server: AmazonS3
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
accept-ranges: bytes
x-amz-cf-id: H05Pu-4YM6gnpXwnJS3VgpiDz3H448wDcr7KWx6YXcTUa6ivfr5MFw==

GET
BLOB 200
OK be5c283e-4ee2-4353-9910-42983ef9edb9
https://www.hhs.gov/ 45 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.hhs.gov/be5c283e-4ee2-4353-9910-42983ef9edb9
Requested by: Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length: 45
Content-Type: text/javascript

GET
H2 200 clock Show response
tracking.crazyegg.com/ 40 B
147 B 176ms
75ms XHR
text/plain 34.248.94.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.crazyegg.com/clock?t=1718128185220&tk=6a13f753843cab099ad515b63b57cf54&s=1944&p=%2Fsites%2Fdefault%2Ffiles%2F2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf&u=57360&v=d4c846c2b9e3cac761423c64a2e5058e42dabb00&f=hhs.gov%2Fsites%2Fdefault%2Ffiles%2F*&ul=https%3A%2F%2Fwww.hhs.gov%2Fsites%2Fdefault%2Ffiles%2F2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/c4a0cee38f34af4997358540c52536c0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.94.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-94-5.eu-west-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: f10708dd4ee9eae91a1560951e043dbae33079e510c3527a9d551c9eb9154652

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.hhs.gov/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Tue, 11 Jun 2024 17:49:45 GMT
cache-control: no-store
server: awselb/2.0
content-length: 40
content-type: text/plain

GET
H2 200 sayt.css
search.usa.gov/assets/ 10 KB
2 KB 136ms
136ms Stylesheet
text/css 2600:9000:223d:8800:a:4fc7:79c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://search.usa.gov/assets/sayt.css

Requested by

Host: search.usa.gov
URL: https://search.usa.gov/javascripts/remote.loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:8800:a:4fc7:79c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

091a9401ca251dc57ceec5384488086872fb47de2b4e55b35171e816dad75b68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.hhs.gov/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 17:49:44 GMT
content-encoding: gzip
via: 1.1 proxy2.us-east-1.prod.infr.search.usa.gov:8443, 1.1 68eb499493257a6d0620a0f6abdc78ca.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-amz-cf-pop: FRA56-P3
age: 1
x-cache: Miss from cloudfront
content-length: 1738
last-modified: Thu, 23 May 2024 19:20:47 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: BMnEbkU4Xw5Ks-QYalWWi_AHXlosen9w2426rIlmbr5vFooLCLBzLg==
expires: Tue, 11 Jun 2024 18:49:44 GMT

GET
H2 200 sayt_loader_libs.js Show response
search.usa.gov/assets/ 125 KB
42 KB 118ms
118ms Script
application/javascript 2600:9000:223d:8800:a:4fc7:79c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://search.usa.gov/assets/sayt_loader_libs.js

Requested by

Host: search.usa.gov
URL: https://search.usa.gov/javascripts/remote.loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:8800:a:4fc7:79c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

2750954dc9e8dd41f39fc3f3f4ae6d5cd453b285502b876f3ce89c16010952b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.hhs.gov/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 17:49:44 GMT
content-encoding: gzip
via: 1.1 proxy3.us-east-1.prod.infr.search.usa.gov:8443, 1.1 68eb499493257a6d0620a0f6abdc78ca.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-amz-cf-pop: FRA56-P3
age: 1
x-cache: Miss from cloudfront
content-length: 42228
last-modified: Thu, 23 May 2024 19:20:32 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: E9U_r8uUoTcFFTm-rdR-Ab6-mmr5sd6UF5UMSlTXkP90PHtsBTqHeg==
expires: Tue, 11 Jun 2024 18:49:44 GMT

GET
BLOB 200
OK f5a45218-e7f5-48d6-bb70-d9b23a8f471a
https://www.hhs.gov/ 241 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.hhs.gov/f5a45218-e7f5-48d6-bb70-d9b23a8f471a
Requested by: Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 19d8257404f833cf06047db9d396516e17f8b7f42736078746ee323df85092db

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length: 241
Content-Type: text/javascript

GET
H2 200 / Show response
zn8nyvgbt59q9merx-hhsgovfedramp.gov1.siteintercept.qualtrics.com/SIE/ 10 KB
5 KB 390ms
32ms Script
application/javascript 88.221.169.119
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://zn8nyvgbt59q9merx-hhsgovfedramp.gov1.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_8nYVgbT59q9mErX

Requested by

Host: www.hhs.gov
URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.221.169.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a88-221-169-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

ded50805fee446d9403541bf42f55a3010c8b926164ec53d7003364584f78423

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.hhs.gov/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 17:49:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://gov1.qualtrics.com/csp-report
cache-tag: cloudjs-orchestratormain, cloudjs-all-modules, cloudjs-orchestrator-brand-hhsgovfedramp, cloudjs-orchestrator-numbered-8
content-length: 4099
referrer-policy: strict-origin-when-cross-origin
etag: W/"2673-1eDMyaT/iUX5ZmqdLnsA7YxkKdI"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 favicon.ico
www.hhs.gov/themes/custom/hhs_uswds/ 4 KB
2 KB 342ms
342ms Other
image/x-icon 2a02:26f0:480:d8d::219c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hhs.gov/themes/custom/hhs_uswds/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:d8d::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

56cb5125c5abaa71d8854d131934f74f2a4b3d1aee1b0a34a2897a619678647e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' hhs.gov *.hhs.gov
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: frame-ancestors 'self' hhs.gov *.hhs.gov
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 11 Jun 2024 17:49:45 GMT
last-modified: Thu, 06 Jun 2024 21:56:27 GMT
strict-transport-security: max-age=31536000;includeSubDomains;preload
etag: "6662308b-113e"
vary: Accept-Encoding
content-type: image/x-icon
server-timing: cdn-cache; desc=HIT, edge; dur=89, origin; dur=0, ak_p; desc="1718128185439_34911185_26477931_8809_8826_18_0_219";dur=1
accept-ranges: bytes
content-length: 1256
x-request-id: 61aec260048aae06f1cc135d217b4fc6

GET
H2 200 12.0be1301d54981f0d910b.chunk.js Show response
gov1.siteintercept.qualtrics.com/dxjsmodule/ 74 KB
22 KB 41ms
27ms Script
application/javascript 88.221.169.119
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://gov1.siteintercept.qualtrics.com/dxjsmodule/12.0be1301d54981f0d910b.chunk.js?Q_CLIENTVERSION=2.6.0&Q_CLIENTTYPE=web&Q_BRANDID=www.hhs.gov

Requested by

Host: zn8nyvgbt59q9merx-hhsgovfedramp.gov1.siteintercept.qualtrics.com
URL: https://zn8nyvgbt59q9merx-hhsgovfedramp.gov1.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_8nYVgbT59q9mErX

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.221.169.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a88-221-169-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

d33ab27a0d762dd77f0cddbf1c173910a2babad8e246960f296d1c142e10390a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.hhs.gov/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 17:49:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://gov1.qualtrics.com/csp-report
cache-tag: cloudjs-12.0be1301d54981f0d910b.chunk, cloudjs-js-modules, cloudjs-all-modules
content-length: 21456
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 07 May 2024 21:59:58 GMT
etag: W/"1267d-18f55120f30"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=564909, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

POST
H2 200 Targeting.php Show response
gov1.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 5 KB
2 KB 377ms
377ms XHR
application/json 88.221.169.119
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://gov1.siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_8nYVgbT59q9mErX&Q_CLIENTVERSION=2.6.0&Q_CLIENTTYPE=web

Requested by

Host: gov1.siteintercept.qualtrics.com
URL: https://gov1.siteintercept.qualtrics.com/dxjsmodule/12.0be1301d54981f0d910b.chunk.js?Q_CLIENTVERSION=2.6.0&Q_CLIENTTYPE=web&Q_BRANDID=www.hhs.gov

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.221.169.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a88-221-169-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

fdc1526861a77ba0eb42f89ceb98af7d027784b08394e46689deb0fcf89237dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.hhs.gov/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 11 Jun 2024 17:49:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://gov1.qualtrics.com/csp-report
content-length: 1629
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.hhs.gov
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
trace-id: 560660148251b897
timing-allow-origin: *
expires: Tue, 11 Jun 2024 17:49:46 GMT

GET
H2 200 CoreModule.js Show response
gov1.siteintercept.qualtrics.com/dxjsmodule/ 102 KB
30 KB 31ms
27ms Script
application/javascript 88.221.169.119
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://gov1.siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=2.6.0&Q_CLIENTTYPE=web&Q_BRANDID=hhsgovfedramp

Requested by

Host: gov1.siteintercept.qualtrics.com
URL: https://gov1.siteintercept.qualtrics.com/dxjsmodule/12.0be1301d54981f0d910b.chunk.js?Q_CLIENTVERSION=2.6.0&Q_CLIENTTYPE=web&Q_BRANDID=www.hhs.gov

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.221.169.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a88-221-169-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

6629ce1123fe7b367448af7d50d3dd4617249c41cecb7ff45f4b887b92a22bf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.hhs.gov/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 17:49:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://gov1.qualtrics.com/csp-report
cache-tag: cloudjs-coremodule, cloudjs-js-modules, cloudjs-all-modules
content-length: 30065
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 07 May 2024 21:59:58 GMT
etag: W/"19719-18f55120f30"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=539970, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 7.ad7af24456cfea5f2e92.chunk.js Show response
gov1.siteintercept.qualtrics.com/dxjsmodule/ 3 KB
2 KB 31ms
31ms Script
application/javascript 88.221.169.119
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://gov1.siteintercept.qualtrics.com/dxjsmodule/7.ad7af24456cfea5f2e92.chunk.js?Q_CLIENTVERSION=2.6.0&Q_CLIENTTYPE=web&Q_BRANDID=hhsgovfedramp

Requested by

Host: zn8nyvgbt59q9merx-hhsgovfedramp.gov1.siteintercept.qualtrics.com
URL: https://zn8nyvgbt59q9merx-hhsgovfedramp.gov1.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_8nYVgbT59q9mErX

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.221.169.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a88-221-169-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

cd952120f2df7bd15ccf4114a02888d39640daa9296a2126d6db34ab0727b20b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.hhs.gov/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 17:49:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://gov1.qualtrics.com/csp-report
cache-tag: cloudjs-7.ad7af24456cfea5f2e92.chunk, cloudjs-js-modules, cloudjs-all-modules
content-length: 1352
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 07 May 2024 21:59:58 GMT
etag: W/"b52-18f55120f30"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=540822, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 1.501605ce4477bfa69af3.chunk.js Show response
gov1.siteintercept.qualtrics.com/dxjsmodule/ 29 KB
7 KB 32ms
32ms Script
application/javascript 88.221.169.119
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://gov1.siteintercept.qualtrics.com/dxjsmodule/1.501605ce4477bfa69af3.chunk.js?Q_CLIENTVERSION=2.6.0&Q_CLIENTTYPE=web&Q_BRANDID=hhsgovfedramp

Requested by

Host: zn8nyvgbt59q9merx-hhsgovfedramp.gov1.siteintercept.qualtrics.com
URL: https://zn8nyvgbt59q9merx-hhsgovfedramp.gov1.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_8nYVgbT59q9mErX

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.221.169.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a88-221-169-119.deploy.static.akamaitechnologies.com

Software

Resource Hash

8b99d6c3d7225971e351d349a3170361a9ea0a3319582e15faaca5d859e36588

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.hhs.gov/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 17:49:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://gov1.qualtrics.com/csp-report
cache-tag: cloudjs-1.501605ce4477bfa69af3.chunk, cloudjs-js-modules, cloudjs-all-modules
content-length: 6679
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 07 May 2024 21:59:58 GMT
etag: W/"73f8-18f55120f30"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=540754, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

Verdicts & Comments Add Verdict or Comment

111 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.hhs.gov/	1969-12-31 23:59:59	Name: fontsize Value: false
.hhs.gov/	1970-01-21 06:51:28	Name: _ga_8RZ83J1052 Value: GS1.1.1718128184.1.0.1718128184.60.0.0
.hhs.gov/	1970-01-20 21:16:54	Name: _gid Value: GA1.2.662651360.1718128185
.hhs.gov/	1970-01-20 21:15:28	Name: _gat_GSA_ENOR0 Value: 1
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 7Z_f7nGZzOM
.youtube.com/	1970-01-21 01:34:40	Name: VISITOR_INFO1_LIVE Value: h7pEH53AV3s
.youtube.com/	1970-01-21 01:34:40	Name: VISITOR_PRIVACY_METADATA Value: CgJERRIEEgAgag%3D%3D
.hhs.gov/	1970-01-20 21:15:28	Name: _gat_GSA_ENOR1 Value: 1
.hhs.gov/	1970-01-21 06:51:28	Name: _ga_CSLL4ZEK4L Value: GS1.1.1718128185.1.0.1718128185.0.0.0
.hhs.gov/	1970-01-21 06:51:28	Name: _ga Value: GA1.1.1764285058.1718128185
.hhs.gov/	1969-12-31 23:59:59	Name: _ce.irv Value: new
.hhs.gov/	1969-12-31 23:59:59	Name: cebs Value: 1
.hhs.gov/	1970-01-20 21:16:54	Name: _ce.clock_event Value: 1
.hhs.gov/	1970-01-20 21:16:54	Name: _ce.clock_data Value: 37%2C217.114.218.21%2C1%2Cc92baae71318dc81de51a663df2f8b4f%2CChrome%2CDE
.hhs.gov/	1969-12-31 23:59:59	Name: cebsp_ Value: 1
.hhs.gov/	1970-01-21 06:01:04	Name: _ce.s Value: v~d4c846c2b9e3cac761423c64a2e5058e42dabb00~lcw~1718128185403~lva~1718128185113~vpv~0~v11.cs~1944~v11.s~fd32f290-281a-11ef-bdb5-b9997c588b62~lcw~1718128185404
.hhs.gov/	1970-01-21 06:51:28	Name: _ga_3YLR8EGLBW Value: GS1.1.1718128184.1.0.1718128185.59.0.0
www.hhs.gov/	1969-12-31 23:59:59	Name: QSI_HistorySession Value: https%3A%2F%2Fwww.hhs.gov%2Fsites%2Fdefault%2Ffiles%2F2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf~1718128186255

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' hhs.gov *.hhs.gov
Strict-Transport-Security	max-age=31536000;includeSubDomains;preload
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6282609.global.r2.siteimproveanalytics.io
assets-tracking.crazyegg.com
dap.digitalgov.gov
gov1.siteintercept.qualtrics.com
pagestates-tracking.crazyegg.com
region1.analytics.google.com
region1.google-analytics.com
script.crazyegg.com
search.usa.gov
siteimproveanalytics.com
stats.g.doubleclick.net
tracking.crazyegg.com
unpkg.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.hhs.gov
www.youtube.com
zn8nyvgbt59q9merx-hhsgovfedramp.gov1.siteintercept.qualtrics.com
142.250.185.163
142.250.185.72
142.250.186.132
18.239.18.125
18.239.94.57
188.114.97.3
2001:4860:4802:32::36
2600:9000:223d:8800:a:4fc7:79c0:93a1
2600:9000:262a:d200:5:83ea:ba80:93a1
2606:4700::6811:f6cb
2606:4700::6813:9408
2a00:1450:4001:809::200e
2a00:1450:4001:80e::2008
2a00:1450:4001:830::200e
2a00:1450:400c:c0d::9b
2a02:26f0:480:d8d::219c
3.65.220.214
34.248.94.5
88.221.169.119
091a9401ca251dc57ceec5384488086872fb47de2b4e55b35171e816dad75b68
0cd8c3832c7dbdea696b8f8b30aab2a2bd07862a597b1b2aeb92f1c0730250ab
107fc2ce0a096cd103fa0660ca6b30b083ab33d5e121b75227a1f0ae8d3d584e
127ddb9e1176c8e914af91b54de652b8c1e42964cdaca67c96143b0be7281ba1
19d8257404f833cf06047db9d396516e17f8b7f42736078746ee323df85092db
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
26d938f65de18518a77e8c1ed9860b91a76d55083e9ef0a98930e14f37a9a4f7
2711f20d80d0f69b5056bb95e3093b385f9f56298a98c4d2778ef7c55d432447
2750954dc9e8dd41f39fc3f3f4ae6d5cd453b285502b876f3ce89c16010952b0
30fcc86d3b4c2298f310378a41789083b37e55b58b1fe1cd141be30317c6569d
310739ac565a03829c1bd2eda48370090c215b66e85233be1c8ce85cba475c6b
37f592cb61175a163c00876c137b71a8688bd1e7d311dc450a783c7797088629
44331f4bf82ba7af7a4bfe091c90202e9947ac209a4cfb27296c56d92e81191b
4caaf1c29e057c944fbb240c70137f657308a1ebd08e5764c73d31d3c8f4b52e
5301a3b2585691f47c7bf8e0f5a29c00211091859fd1877d27c9102ddcd1c679
54f6653a149c83b73515cc2ec032a18151b57d3ffe97ef04495ce6623e48d1bb
56cb5125c5abaa71d8854d131934f74f2a4b3d1aee1b0a34a2897a619678647e
5a2046f21693fb7c85966514e6f84c73802a8ef672909d71792c60a515b5b7fe
5b0c01b75ef00b470fab45a25688326a108f326e04b14f9ef18ffad7d429f7b6
63a2d8f905f0eb3a998f0bfc0bc3520d7a45718248bc72a1ea864bc953b3a111
6629ce1123fe7b367448af7d50d3dd4617249c41cecb7ff45f4b887b92a22bf0
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7856a87457de5aa5813ab2c3e8206306ae67797b84a58d9559944c12ead5c763
7892953878bab9d973434c986c5c6d4e1f128217d37f88fb0341fdd140429a01
796731c9ec6b19fe8e6c4449b405a6112806b973dc38108a845366e8803aac8c
82e026997f68eacb9421c68140885b89ddc75ad9d4fa341bf9876b45d76852f2
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
83f67df68dac5c435d964be278d39f70ad8605265b6b99918a46451b77552e92
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85be1f76ce73e5e3a68fc28a6897ad8c910a7d02e057986711264f19ec3f36c6
86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b
8792619becd8b285e78f14bfcf1ad66e2adbae0f5ec8ad131246621f806ac535
884be02526ba926246005e45c6fd619fb4e0b53265d5d82db187a35a98690d55
8b99d6c3d7225971e351d349a3170361a9ea0a3319582e15faaca5d859e36588
8e94b78e6ef1f03624bce3e8b042876c13fa605d0f27d37399c498d8965da27a
8f1e51cba67ce0e93514e444345a39abf7aacc6b6c384d1f8764b2ea36fecad3
912daff95ce9cabae7d0195d39aa98d49c4bec3b975d404ac266534c069cee20
9239df21ae3e740f16c2fab29d29cb8076e9d724d669044e5f2498e7cf0edd66
927f3948559fc75c26f4f84ec09bd1eec1e92f5ddafbea26e4a821d06c2d0dc1
9ea04bbcb32373fe616a45ebd0f89246420fb1836005dd508bdd24c35deb42d7
9ea4c3087c548abc4375b302a05189e6b488b703369fa5db32a97d6808e3a6b7
a0bf2e9f81fa82f306a38ab2b997ecdbe3e44d8e9468c10b7b5473486a8e4c81
ad1db9c84b3859822e50b4c3e4624326167adb0924d0db62d713f0ac626190f6
adf7f9b0dd938575c72ff1592ea18e7ab9bc53ff8838a38c8484c10f5d9be7fd
af12198fcbc14f0a22b0adb0b3223b420d0288a8e8f0c1c0c1e758e91361e971
c92515216a3f37bd03633ec620a700c9dacdbd31eda4782bdd3af9d69db55107
cc9f14c4a9a96125899d0ed2b958d12ce311275bea264f4d191aca6c9ebd0a59
cd952120f2df7bd15ccf4114a02888d39640daa9296a2126d6db34ab0727b20b
cdb66cc1d3d413cde2f396328e482211b433bc15aa9fb1d331b33f67ee059550
cfda00d655e289b53fa8300e74fb8e681131bf9c61f6dc27e656b9060be1ab60
d061140563c90833146615532fd0b8226ca97038b74db7ca78c104cad7f68061
d33ab27a0d762dd77f0cddbf1c173910a2babad8e246960f296d1c142e10390a
d469fd596394ada503bb0d3db7f6b497754a74a0eda9acc4f86eaa8531a441a6
d6ff0c966e0f1c31fcd344d1a0e176ade8bbac5fdc9e7008786b92b3d0028ebc
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
ded50805fee446d9403541bf42f55a3010c8b926164ec53d7003364584f78423
e11bda5b7f71c9b452e912eb2ccbada3fe33e6d1afb7f48e981d23085f982b4f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7acdfc2dcf05f89ec0a82ebb174f51716277d8bc953575f4917119f4a39cdfe
e914096d5f8a39c7b4a0019e28bdaf3e075496e337050c352fd4c58b48be364b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f10708dd4ee9eae91a1560951e043dbae33079e510c3527a9d551c9eb9154652
fdc1526861a77ba0eb42f89ceb98af7d027784b08394e46689deb0fcf89237dd
fe0ef658114738f046347758fc2f00dddd7e98fadc930048e34675d9153472ac

www.hhs.gov Open in urlscan Pro 2a02:26f0:480:d8d::219c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

73 Requests

95 %HTTPS

53 %IPv6

14 Domains

20 Subdomains

20 IPs

5 Countries

1017 kBTransfer

3343 kBSize

18 Cookies

13 Outgoing links

Redirected requests

73 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.hhs.gov Open in urlscan Pro
2a02:26f0:480:d8d::219c Public Scan

Screenshot
Live screenshot

Full Image

73
Requests

95 %
HTTPS

53 %
IPv6

14
Domains

20
Subdomains

20
IPs

5
Countries

1017 kB
Transfer

3343 kB
Size

18
Cookies

73 HTTP transactions
0 data transactions