urlscan.io logo urlscan.io
SecurityTrails logo

caia.treasury.gov Open in urlscan Pro
2610:108:3100:100c::9:15  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.asap.gov/
Effective URL: https://caia.treasury.gov/as/authorization.oauth2?scope=openid&response_type=code&redirect_uri=https%3A%2F%2Fwww.asap.gov%...
Submission: On March 26 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 15 HTTP transactions. The main IP is 2610:108:3100:100c::9:15, located in United States and belongs to US-DEPARTMENT-OF-THE-TREASURY, US. The main domain is caia.treasury.gov. The Cisco Umbrella rank of the primary domain is 347884.
TLS certificate: Issued by Entrust Certification Authority - L1K on February 28th 2024. Valid for: a year.
This is the only time caia.treasury.gov was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 4 2605:3100:fff... 22906 (TWAI)
13 2610:108:3100... 13506 (US-DEPART...)
15 2
Apex Domain
Subdomains		 Transfer
13 treasury.gov
caia.treasury.gov — Cisco Umbrella Rank: 347884
414 KB
4 asap.gov
www.asap.gov
4 KB
15 2
Domain Requested by
13 caia.treasury.gov caia.treasury.gov
4 www.asap.gov 2 redirects
15 2

This site contains links to these domains. Also see Links.

Domain
www.id.me
help.id.me
fiscal.treasury.gov
Subject Issuer Validity Valid
www.asap.gov
Entrust Certification Authority - L1K		 2023-10-24 -
2024-11-24		 a year crt.sh
*.treasury.gov
Entrust Certification Authority - L1K		 2024-02-28 -
2025-03-28		 a year crt.sh

This page contains 1 frames:

Primary Page: https://caia.treasury.gov/as/authorization.oauth2?scope=openid&response_type=code&redirect_uri=https%3A%2F%2Fwww.asap.gov%2FASAPGov%2Foidc-callback&state=1JpOabCJE-5DRvrHtMJVvOi_TN3x7YBYY_Q614vKTAw&code_challenge_method=S256&client_id=cd4a049e-a956-4c7b-a73a-dc84bf559a95&code_challenge=PC_gzCdUtYzQmOZCXFH1dxMT3hcEZMhBpmvKQizK6e8
Frame ID: 5E2431FA7527A2E634BB20A65CF5A2D1
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ASAP Production

Page URL History Show full URLs

  1. http://www.asap.gov/ HTTP 307
    https://www.asap.gov/ Page URL
  2. https://www.asap.gov/ASAPGov/ HTTP 302
    https://www.asap.gov/ASAPGov/oidc-login HTTP 302
    https://caia.treasury.gov/as/authorization.oauth2?scope=openid&response_type=code&redirect_uri=https%3... Page URL

Page Statistics

15
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

416 kB
Transfer

409 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.asap.gov/ HTTP 307
    https://www.asap.gov/ Page URL
  2. https://www.asap.gov/ASAPGov/ HTTP 302
    https://www.asap.gov/ASAPGov/oidc-login HTTP 302
    https://caia.treasury.gov/as/authorization.oauth2?scope=openid&response_type=code&redirect_uri=https%3A%2F%2Fwww.asap.gov%2FASAPGov%2Foidc-callback&state=1JpOabCJE-5DRvrHtMJVvOi_TN3x7YBYY_Q614vKTAw&code_challenge_method=S256&client_id=cd4a049e-a956-4c7b-a73a-dc84bf559a95&code_challenge=PC_gzCdUtYzQmOZCXFH1dxMT3hcEZMhBpmvKQizK6e8 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://www.asap.gov/ HTTP 307
  • https://www.asap.gov/

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
www.asap.gov/
Redirect Chain
  • http://www.asap.gov/
  • https://www.asap.gov/
160 B
677 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.asap.gov/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2605:3100:fffd:100::22 , United States, ASN22906 (TWAI, US),
Reverse DNS
Software
/
Resource Hash
fa65ac018c38ee8e00c09592c6eb43468584de14a8ed07833b404efc8aed4d39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy default-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
private
Connection
Keep-Alive
Content-Length
160
Content-Type
text/html
Date
Tue, 26 Mar 2024 15:58:20 GMT
ETag
"42682-a0-60b7dfe728700"
Keep-Alive
timeout=10, max=100
Last-Modified
Sat, 02 Dec 2023 02:53:48 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy
default-src 'self';
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
pragma
no-cache

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://www.asap.gov/
Non-Authoritative-Reason
HSTS
Primary Request authorization.oauth2
caia.treasury.gov/as/
Redirect Chain
  • https://www.asap.gov/ASAPGov/
  • https://www.asap.gov/ASAPGov/oidc-login
  • https://caia.treasury.gov/as/authorization.oauth2?scope=openid&response_type=code&redirect_uri=https%3A%2F%2Fwww.asap.gov%2FASAPGov%2Foidc-callback&state=1JpOabCJE-5DRvrHtMJVvOi_TN3x7YBYY_Q614vKTAw...
13 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://caia.treasury.gov/as/authorization.oauth2?scope=openid&response_type=code&redirect_uri=https%3A%2F%2Fwww.asap.gov%2FASAPGov%2Foidc-callback&state=1JpOabCJE-5DRvrHtMJVvOi_TN3x7YBYY_Q614vKTAw&code_challenge_method=S256&client_id=cd4a049e-a956-4c7b-a73a-dc84bf559a95&code_challenge=PC_gzCdUtYzQmOZCXFH1dxMT3hcEZMhBpmvKQizK6e8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2610:108:3100:100c::9:15 , United States, ASN13506 (US-DEPARTMENT-OF-THE-TREASURY, US),
Reverse DNS
Software
/
Resource Hash
6b72c9d84940a1acd081056ed89ca473c2ab0ae00e088f18aeba51f8a91b98af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.asap.gov/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-cache, no-store
Content-Length
12935
Content-Type
text/html;charset=utf-8
Date
Tue, 26 Mar 2024 15:58:21 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Referrer-Policy
origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block

Redirect headers

Cache-Control
private no-cache="set-cookie, set-cookie2"
Connection
Keep-Alive
Content-Language
en-US
Content-Length
0
Date
Tue, 26 Mar 2024 15:58:21 GMT
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Keep-Alive
timeout=10, max=100
Location
https://caia.treasury.gov/as/authorization.oauth2?scope=openid&response_type=code&redirect_uri=https%3A%2F%2Fwww.asap.gov%2FASAPGov%2Foidc-callback&state=1JpOabCJE-5DRvrHtMJVvOi_TN3x7YBYY_Q614vKTAw&code_challenge_method=S256&client_id=cd4a049e-a956-4c7b-a73a-dc84bf559a95&code_challenge=PC_gzCdUtYzQmOZCXFH1dxMT3hcEZMhBpmvKQizK6e8
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy
default-src 'self';
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
pragma
no-cache
favicon.ico
www.asap.gov/ 		822 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.asap.gov/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2605:3100:fffd:100::22 , United States, ASN22906 (TWAI, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy default-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.asap.gov/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
Date
Tue, 26 Mar 2024 15:58:21 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Sat, 02 Dec 2023 02:53:48 GMT
ETag
"42681-336-60b7dfe728700"
X-Frame-Options
SAMEORIGIN
Content-Type
image/x-icon
Cache-Control
private
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=98
Content-Length
822
X-XSS-Protection
1; mode=block
X-Content-Security-Policy
default-src 'self';
uswds.min.css
caia.treasury.gov/assets/caia/uswds-2.4.0/css/ 		264 KB
264 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://caia.treasury.gov/assets/caia/uswds-2.4.0/css/uswds.min.css
Requested by
Host: caia.treasury.gov
URL: https://caia.treasury.gov/as/authorization.oauth2?scope=openid&response_type=code&redirect_uri=https%3A%2F%2Fwww.asap.gov%2FASAPGov%2Foidc-callback&state=1JpOabCJE-5DRvrHtMJVvOi_TN3x7YBYY_Q614vKTAw&code_challenge_method=S256&client_id=cd4a049e-a956-4c7b-a73a-dc84bf559a95&code_challenge=PC_gzCdUtYzQmOZCXFH1dxMT3hcEZMhBpmvKQizK6e8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2610:108:3100:100c::9:15 , United States, ASN13506 (US-DEPARTMENT-OF-THE-TREASURY, US),
Reverse DNS
Software
/
Resource Hash
7d11e8e7259cf88b672ceb6fa02f8fd37a0be4225153ea2376524b562fa0d140
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://caia.treasury.gov/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 26 Mar 2024 15:58:21 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
origin
X-Content-Type-Options
nosniff
Last-Modified
Tue, 05 Mar 2024 21:19:22 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
max-age=0, must-revalidate
Content-Length
270356
X-XSS-Protection
1; mode=block
fedconnect.css
caia.treasury.gov/assets/caia/css/ 		339 B
713 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://caia.treasury.gov/assets/caia/css/fedconnect.css
Requested by
Host: caia.treasury.gov
URL: https://caia.treasury.gov/as/authorization.oauth2?scope=openid&response_type=code&redirect_uri=https%3A%2F%2Fwww.asap.gov%2FASAPGov%2Foidc-callback&state=1JpOabCJE-5DRvrHtMJVvOi_TN3x7YBYY_Q614vKTAw&code_challenge_method=S256&client_id=cd4a049e-a956-4c7b-a73a-dc84bf559a95&code_challenge=PC_gzCdUtYzQmOZCXFH1dxMT3hcEZMhBpmvKQizK6e8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2610:108:3100:100c::9:15 , United States, ASN13506 (US-DEPARTMENT-OF-THE-TREASURY, US),
Reverse DNS
Software
/
Resource Hash
b440b3d1feed057bc7aadc05d13b6f2391aecaff498c48ccb2df2b7b79301f83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://caia.treasury.gov/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 26 Mar 2024 15:58:22 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
origin
X-Content-Type-Options
nosniff
Last-Modified
Tue, 05 Mar 2024 21:19:22 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
max-age=0, must-revalidate
Content-Length
339
X-XSS-Protection
1; mode=block
uswds.min.js
caia.treasury.gov/assets/caia/uswds-2.4.0/js/ 		25 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://caia.treasury.gov/assets/caia/uswds-2.4.0/js/uswds.min.js
Requested by
Host: caia.treasury.gov
URL: https://caia.treasury.gov/as/authorization.oauth2?scope=openid&response_type=code&redirect_uri=https%3A%2F%2Fwww.asap.gov%2FASAPGov%2Foidc-callback&state=1JpOabCJE-5DRvrHtMJVvOi_TN3x7YBYY_Q614vKTAw&code_challenge_method=S256&client_id=cd4a049e-a956-4c7b-a73a-dc84bf559a95&code_challenge=PC_gzCdUtYzQmOZCXFH1dxMT3hcEZMhBpmvKQizK6e8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2610:108:3100:100c::9:15 , United States, ASN13506 (US-DEPARTMENT-OF-THE-TREASURY, US),
Reverse DNS
Software
/
Resource Hash
67c9d2a96f90d319d3320d76302c9e8349c62d38fa0b8a1aef8b41b7ae04b05a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://caia.treasury.gov/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 26 Mar 2024 15:58:22 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
origin
X-Content-Type-Options
nosniff
Last-Modified
Tue, 05 Mar 2024 21:19:22 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
25208
X-XSS-Protection
1; mode=block
us_flag_small.png
caia.treasury.gov/assets/caia/uswds-2.4.0/img/ 		176 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://caia.treasury.gov/assets/caia/uswds-2.4.0/img/us_flag_small.png
Requested by
Host: caia.treasury.gov
URL: https://caia.treasury.gov/as/authorization.oauth2?scope=openid&response_type=code&redirect_uri=https%3A%2F%2Fwww.asap.gov%2FASAPGov%2Foidc-callback&state=1JpOabCJE-5DRvrHtMJVvOi_TN3x7YBYY_Q614vKTAw&code_challenge_method=S256&client_id=cd4a049e-a956-4c7b-a73a-dc84bf559a95&code_challenge=PC_gzCdUtYzQmOZCXFH1dxMT3hcEZMhBpmvKQizK6e8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2610:108:3100:100c::9:15 , United States, ASN13506 (US-DEPARTMENT-OF-THE-TREASURY, US),
Reverse DNS
Software
/
Resource Hash
8a6f68dd8703ce4cb475c92fc1eefa84c41f4741ec4c6ca8403ef99b74b94d20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://caia.treasury.gov/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 26 Mar 2024 15:58:22 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
origin
X-Content-Type-Options
nosniff
Last-Modified
Tue, 05 Mar 2024 21:19:22 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
max-age=0, must-revalidate
Content-Length
176
X-XSS-Protection
1; mode=block
favicon.png
caia.treasury.gov/assets/caia/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://caia.treasury.gov/assets/caia/images/favicon.png
Requested by
Host: caia.treasury.gov
URL: https://caia.treasury.gov/as/authorization.oauth2?scope=openid&response_type=code&redirect_uri=https%3A%2F%2Fwww.asap.gov%2FASAPGov%2Foidc-callback&state=1JpOabCJE-5DRvrHtMJVvOi_TN3x7YBYY_Q614vKTAw&code_challenge_method=S256&client_id=cd4a049e-a956-4c7b-a73a-dc84bf559a95&code_challenge=PC_gzCdUtYzQmOZCXFH1dxMT3hcEZMhBpmvKQizK6e8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2610:108:3100:100c::9:15 , United States, ASN13506 (US-DEPARTMENT-OF-THE-TREASURY, US),
Reverse DNS
Software
/
Resource Hash
a2276c429ae1904c38bb24c8b52ecd06d55b4d775900f39ca217a629c5f500f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://caia.treasury.gov/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 26 Mar 2024 15:58:22 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
origin
X-Content-Type-Options
nosniff
Last-Modified
Tue, 05 Mar 2024 21:19:22 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
max-age=0, must-revalidate
Content-Length
3661
X-XSS-Protection
1; mode=block
cert2.svg
caia.treasury.gov/assets/caia/images/idp/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://caia.treasury.gov/assets/caia/images/idp/cert2.svg
Requested by
Host: caia.treasury.gov
URL: https://caia.treasury.gov/as/authorization.oauth2?scope=openid&response_type=code&redirect_uri=https%3A%2F%2Fwww.asap.gov%2FASAPGov%2Foidc-callback&state=1JpOabCJE-5DRvrHtMJVvOi_TN3x7YBYY_Q614vKTAw&code_challenge_method=S256&client_id=cd4a049e-a956-4c7b-a73a-dc84bf559a95&code_challenge=PC_gzCdUtYzQmOZCXFH1dxMT3hcEZMhBpmvKQizK6e8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2610:108:3100:100c::9:15 , United States, ASN13506 (US-DEPARTMENT-OF-THE-TREASURY, US),
Reverse DNS
Software
/
Resource Hash
57c3f635c7858d34f328fe4bcf2f036e8fc79e9c9ae5bf7cd5311912d8fdee6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://caia.treasury.gov/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 26 Mar 2024 15:58:22 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
origin
X-Content-Type-Options
nosniff
Last-Modified
Tue, 05 Mar 2024 21:19:22 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Cache-Control
max-age=0, must-revalidate
Content-Length
14754
X-XSS-Protection
1; mode=block
id.me.svg
caia.treasury.gov/assets/caia/images/idp/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://caia.treasury.gov/assets/caia/images/idp/id.me.svg
Requested by
Host: caia.treasury.gov
URL: https://caia.treasury.gov/as/authorization.oauth2?scope=openid&response_type=code&redirect_uri=https%3A%2F%2Fwww.asap.gov%2FASAPGov%2Foidc-callback&state=1JpOabCJE-5DRvrHtMJVvOi_TN3x7YBYY_Q614vKTAw&code_challenge_method=S256&client_id=cd4a049e-a956-4c7b-a73a-dc84bf559a95&code_challenge=PC_gzCdUtYzQmOZCXFH1dxMT3hcEZMhBpmvKQizK6e8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2610:108:3100:100c::9:15 , United States, ASN13506 (US-DEPARTMENT-OF-THE-TREASURY, US),
Reverse DNS
Software
/
Resource Hash
bce90d44754d245e810ee0d28932392b32454715a81081437a02fe32e4ab2bc9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://caia.treasury.gov/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 26 Mar 2024 15:58:22 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
origin
X-Content-Type-Options
nosniff
Last-Modified
Tue, 05 Mar 2024 21:19:22 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Cache-Control
max-age=0, must-revalidate
Content-Length
2803
X-XSS-Protection
1; mode=block
sourcesanspro-regular-webfont.woff2
caia.treasury.gov/assets/caia/uswds-2.4.0/fonts/source-sans-pro/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://caia.treasury.gov/assets/caia/uswds-2.4.0/fonts/source-sans-pro/sourcesanspro-regular-webfont.woff2
Requested by
Host: caia.treasury.gov
URL: https://caia.treasury.gov/assets/caia/uswds-2.4.0/css/uswds.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2610:108:3100:100c::9:15 , United States, ASN13506 (US-DEPARTMENT-OF-THE-TREASURY, US),
Reverse DNS
Software
/
Resource Hash
8792619becd8b285e78f14bfcf1ad66e2adbae0f5ec8ad131246621f806ac535
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://caia.treasury.gov/
Origin
https://caia.treasury.gov
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 26 Mar 2024 15:58:22 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
origin
X-Content-Type-Options
nosniff
Last-Modified
Tue, 05 Mar 2024 21:19:22 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
font/woff2
Cache-Control
max-age=0, must-revalidate
Content-Length
20540
X-XSS-Protection
1; mode=block
Latin-Merriweather-Regular.woff2
caia.treasury.gov/assets/caia/uswds-2.4.0/fonts/merriweather/ 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://caia.treasury.gov/assets/caia/uswds-2.4.0/fonts/merriweather/Latin-Merriweather-Regular.woff2
Requested by
Host: caia.treasury.gov
URL: https://caia.treasury.gov/assets/caia/uswds-2.4.0/css/uswds.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2610:108:3100:100c::9:15 , United States, ASN13506 (US-DEPARTMENT-OF-THE-TREASURY, US),
Reverse DNS
Software
/
Resource Hash
928176d961dffa8369643f8f09728083e21d46492f65383a28b4822d342d13ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://caia.treasury.gov/
Origin
https://caia.treasury.gov
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 26 Mar 2024 15:58:22 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
origin
X-Content-Type-Options
nosniff
Last-Modified
Tue, 05 Mar 2024 21:19:22 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
font/woff2
Cache-Control
max-age=0, must-revalidate
Content-Length
21692
X-XSS-Protection
1; mode=block
sourcesanspro-bold-webfont.woff2
caia.treasury.gov/assets/caia/uswds-2.4.0/fonts/source-sans-pro/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://caia.treasury.gov/assets/caia/uswds-2.4.0/fonts/source-sans-pro/sourcesanspro-bold-webfont.woff2
Requested by
Host: caia.treasury.gov
URL: https://caia.treasury.gov/assets/caia/uswds-2.4.0/css/uswds.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2610:108:3100:100c::9:15 , United States, ASN13506 (US-DEPARTMENT-OF-THE-TREASURY, US),
Reverse DNS
Software
/
Resource Hash
83f67df68dac5c435d964be278d39f70ad8605265b6b99918a46451b77552e92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://caia.treasury.gov/
Origin
https://caia.treasury.gov
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 26 Mar 2024 15:58:22 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
origin
X-Content-Type-Options
nosniff
Last-Modified
Tue, 05 Mar 2024 21:19:22 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
font/woff2
Cache-Control
max-age=0, must-revalidate
Content-Length
20368
X-XSS-Protection
1; mode=block
Latin-Merriweather-Bold.woff2
caia.treasury.gov/assets/caia/uswds-2.4.0/fonts/merriweather/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://caia.treasury.gov/assets/caia/uswds-2.4.0/fonts/merriweather/Latin-Merriweather-Bold.woff2
Requested by
Host: caia.treasury.gov
URL: https://caia.treasury.gov/assets/caia/uswds-2.4.0/css/uswds.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2610:108:3100:100c::9:15 , United States, ASN13506 (US-DEPARTMENT-OF-THE-TREASURY, US),
Reverse DNS
Software
/
Resource Hash
398a409837c168a3682ce84a232d851bcb0b0163adfbead86f465e81f397169c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://caia.treasury.gov/
Origin
https://caia.treasury.gov
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 26 Mar 2024 15:58:22 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
origin
X-Content-Type-Options
nosniff
Last-Modified
Tue, 05 Mar 2024 21:19:22 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
font/woff2
Cache-Control
max-age=0, must-revalidate
Content-Length
21308
X-XSS-Protection
1; mode=block
favicon.png
caia.treasury.gov/assets/caia/images/ 		4 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://caia.treasury.gov/assets/caia/images/favicon.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2610:108:3100:100c::9:15 , United States, ASN13506 (US-DEPARTMENT-OF-THE-TREASURY, US),
Reverse DNS
Software
/
Resource Hash
a2276c429ae1904c38bb24c8b52ecd06d55b4d775900f39ca217a629c5f500f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://caia.treasury.gov/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 26 Mar 2024 15:58:22 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
origin
X-Content-Type-Options
nosniff
Last-Modified
Tue, 05 Mar 2024 21:19:22 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
max-age=0, must-revalidate
Content-Length
3661
X-XSS-Protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onpagereveal function| handler function| align_footer

6 Cookies

Domain/Path Name / Value
www.asap.gov/ASAPGov/ Name: JSESSIONID
Value: 0000q9i7_ZtBL4KM9nhV8FAXc-Z:15cihkeiu
.treasury.gov/ Name: PF
Value: Sw3j6DnS5hoapOhsv5fg7A
.treasury.gov/ Name: CAPTMPL
Value: cGFnZVRpdGxlPUFTQVAgUHJvZHVjdGlvbixhcHBEaXNwbGF5TmFtZT1BU0FQIFByb2R1Y3Rpb24sYXBwSW1hZ2U9Li4vZmF2aWNvbi5wbmcsaWFsPTIsYWFsPTIsdGVsZXBob25lSHJlZj04NTUuODY4LjAxNTEsZW1haWxIcmVmPWFzYXBoZWxwZGVza0BmaXNjYWwudHJlYXN1cnkuZ292LGNvbnRhY3RMYWJlbD0sY29udGFjdFVybD0sbWVzc2FnZUh0bWw9LHBhcnRuZXI9QkZTLGhpZGVFeHRlcm5hbENzcD1mYWxzZQ==
caia.treasury.gov/ Name: BIGipServerovE6Jp267Aa0ryesyzjjKg
Value: !L81Avt4e4WdgnaWLQ5fKLEedHTIdaCJ3QEVRcWaXolREZE35wcjszrwWD+cFQj3xEHKuibMjQkeUi3g=
caia.treasury.gov/ Name: TS01d03ef2
Value: 01f6e3b1e9c6971f7a7d86992fe3141fe8cbc091c9225cabd73f857f520efad6c5feb0ac9246ee44c09f03754d71a64ebac1ea37573cbfe0f25047a18acc758707d0111fc5
.treasury.gov/ Name: TS01cf397a
Value: 01f6e3b1e9902d9114a4dc6ec2aa313767296991f2225cabd73f857f520efad6c5feb0ac92201c225fe7e844207034e3f85ae843b385954912d5ea691fd6c03f126c0f59d488640604cad0682066c3f3faddbd10fc

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy default-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block