www.hhs.gov Open in urlscan Pro
2a02:26f0:1700:382::219c  Public Scan

13 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

• https://www.hhs.gov/sitewide_alert/load HTTP 301
• https://www.hhs.gov/sitewide_alert/load/index.html

Request Chain 30

• https://search.usa.gov/javascripts/remote.loader.js HTTP 301
• https://search.usa.gov/assets/sayt_loader.js

Request Chain 35

• https://unpkg.com/web-vitals/dist/web-vitals.iife.js HTTP 302
• https://unpkg.com/web-vitals@3.5.0/dist/web-vitals.iife.js

Request Chain 99

• https://gov1.siteintercept.qualtrics.com/static/q-siteintercept/~/img/bwc_close.png HTTP 307
• https://gov1.siteintercept.qualtrics.com/static/q-siteintercept/bf5c7228cc270fd497b4e93d0385f07f2562decd/img/bwc_close.png HTTP 301
• https://gov1.siteintercept.qualtrics.com/static/q-siteintercept/.blob/682dc4f97164a28012f56e9148461f906fe25db9_bwc_close.png

120 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	404	Primary Request 2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf Show response www.hhs.gov/sites/default/files/	33 KB 34 KB	510ms 29ms	Document text/html	2a02:26f0:1700:382::219c AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:1700:382::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash f96daf3f56b490a42081721afd99bf8bda93031a15c53e35ff4530612525f2fa Security Headers Name Value Content-Security-Policy frame-ancestors 'self' hhs.gov *.hhs.gov Strict-Transport-Security max-age=31536000;includeSubDomains;preload X-Content-Type-Options nosniff nosniff X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control public, max-age=3595 content-language en content-length 34251 content-security-policy frame-ancestors 'self' hhs.gov *.hhs.gov content-type text/html; charset=UTF-8 date Wed, 06 Dec 2023 09:23:22 GMT etag "1701854597" last-modified Wed, 06 Dec 2023 09:23:17 GMT server-timing cdn-cache; desc=HIT edge; dur=1 ak_p; desc="1701854602480_3092669958_2186111627_32_9288_18_432_255";dur=1 strict-transport-security max-age=31536000;includeSubDomains;preload x-content-type-options nosniff nosniff x-drupal-cache MISS x-frame-options SAMEORIGIN x-generator Drupal 10 (https://www.drupal.org)
GET H2	200	css_znZi6uRDtmhMDcjZr59S8JM6SIPJV98f-naad73lxaY.css www.hhs.gov/sites/default/files/css/	6 KB 2 KB	28ms 27ms	Stylesheet text/css	2a02:26f0:1700:382::219c AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.hhs.gov/sites/default/files/css/css_znZi6uRDtmhMDcjZr59S8JM6SIPJV98f-naad73lxaY.css?delta=0&language=en&theme=hhs_uswds&include=eJxNjlEOwyAMQy9Ey5GqFLySDQgiYV13-mmqtPXL1vt4th5qKH4lhUtJl6F7VB-kFKkXsGVZKbubiFUxqP8116jT1qkl9bGPRnn-k3nUNtbMmhCdSmDKS0Fk-g5ycEE6_F2nIPLg6wHDy6YO5fdJFdRD8mds8pzsaKAEiqdDaoBTNuwcsVBGN8-V7QNXTVc7 Requested by Host: www.hhs.gov URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:1700:382::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash e7c4a91fe438fdb49800c31fe0ac1316d389a9826a5864331d9e56db4804eb24 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' hhs.gov *.hhs.gov Strict-Transport-Security max-age=31536000;includeSubDomains;preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers content-security-policy frame-ancestors 'self' hhs.gov *.hhs.gov content-encoding gzip x-content-type-options nosniff date Wed, 06 Dec 2023 09:23:22 GMT last-modified Wed, 06 Dec 2023 07:45:46 GMT strict-transport-security max-age=31536000;includeSubDomains;preload etag "657026aa-16ec" vary Accept-Encoding content-type text/css cache-control max-age=31536000 server-timing cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1701854602955_3092669958_2186111648_23_7383_19_0_255";dur=1 accept-ranges bytes content-length 1763 x-request-id f0334dc5b5e7306e523de753d624dba9
GET H2	200	css_u8iLDafwaLCwx-9qX1vh55WmyQb_X0gpnSh3h4YlPts.css www.hhs.gov/sites/default/files/css/	869 KB 105 KB	29ms 28ms	Stylesheet text/css	2a02:26f0:1700:382::219c AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.hhs.gov/sites/default/files/css/css_u8iLDafwaLCwx-9qX1vh55WmyQb_X0gpnSh3h4YlPts.css?delta=1&language=en&theme=hhs_uswds&include=eJxNjlEOwyAMQy9Ey5GqFLySDQgiYV13-mmqtPXL1vt4th5qKH4lhUtJl6F7VB-kFKkXsGVZKbubiFUxqP8116jT1qkl9bGPRnn-k3nUNtbMmhCdSmDKS0Fk-g5ycEE6_F2nIPLg6wHDy6YO5fdJFdRD8mds8pzsaKAEiqdDaoBTNuwcsVBGN8-V7QNXTVc7 Requested by Host: www.hhs.gov URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:1700:382::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash c9b905803034f9bd0fb4bcf8020d62ff84bced95750d569776ba2dda58afc31c Security Headers Name Value Content-Security-Policy frame-ancestors 'self' hhs.gov *.hhs.gov Strict-Transport-Security max-age=31536000;includeSubDomains;preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers content-security-policy frame-ancestors 'self' hhs.gov *.hhs.gov content-encoding gzip x-content-type-options nosniff date Wed, 06 Dec 2023 09:23:22 GMT last-modified Wed, 06 Dec 2023 07:43:27 GMT strict-transport-security max-age=31536000;includeSubDomains;preload etag "6570261f-d92c8" vary Accept-Encoding content-type text/css cache-control max-age=31536000 server-timing cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1701854602955_3092669958_2186111649_28_7292_19_0_255";dur=1 accept-ranges bytes content-length 107345 x-request-id 573921bf1d982c6cf814f06a40570130
GET H2	200	chosen.min.css www.hhs.gov/themes/custom/hhs_uswds/js/libraries/chosen/	10 KB 3 KB	59ms 58ms	Stylesheet text/css	2a02:26f0:1700:382::219c AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.hhs.gov/themes/custom/hhs_uswds/js/libraries/chosen/chosen.min.css?s58iqi Requested by Host: www.hhs.gov URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:1700:382::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 107fc2ce0a096cd103fa0660ca6b30b083ab33d5e121b75227a1f0ae8d3d584e Security Headers Name Value Content-Security-Policy frame-ancestors 'self' hhs.gov *.hhs.gov Strict-Transport-Security max-age=31536000;includeSubDomains;preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers content-security-policy frame-ancestors 'self' hhs.gov *.hhs.gov content-encoding gzip x-content-type-options nosniff date Wed, 06 Dec 2023 09:23:22 GMT last-modified Mon, 04 Dec 2023 21:12:15 GMT strict-transport-security max-age=31536000;includeSubDomains;preload etag "656e40af-27ec" vary Accept-Encoding content-type text/css cache-control max-age=31536000 server-timing cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1701854602955_3092669958_2186111650_34_6396_19_0_255";dur=1 accept-ranges bytes content-length 2273 x-request-id 4de0f577d108e4f42794b5a4e76ad33f
GET H2	200	modernizr.min.js Show response www.hhs.gov/themes/custom/hhs_uswds/js/libraries/	9 KB 4 KB	60ms 59ms	Script application/javascript	2a02:26f0:1700:382::219c AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.hhs.gov/themes/custom/hhs_uswds/js/libraries/modernizr.min.js?v=3.11.7 Requested by Host: www.hhs.gov URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:1700:382::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 9239df21ae3e740f16c2fab29d29cb8076e9d724d669044e5f2498e7cf0edd66 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' hhs.gov *.hhs.gov Strict-Transport-Security max-age=31536000;includeSubDomains;preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers content-security-policy frame-ancestors 'self' hhs.gov *.hhs.gov content-encoding gzip x-content-type-options nosniff date Wed, 06 Dec 2023 09:23:22 GMT last-modified Mon, 04 Dec 2023 21:12:15 GMT strict-transport-security max-age=31536000;includeSubDomains;preload etag "656e40af-22c1" vary Accept-Encoding content-type application/javascript cache-control max-age=31536000 server-timing cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1701854602955_3092669958_2186111651_29_6296_19_0_219";dur=1 accept-ranges bytes content-length 3708 x-request-id a6c66198c4ffa9f8cac8c30eff5a5dea
GET H2	200	us_flag_small.png www.hhs.gov/themes/custom/hhs_uswds/images/	135 B 465 B	60ms 60ms	Image image/gif	2a02:26f0:1700:382::219c AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.hhs.gov/themes/custom/hhs_uswds/images/us_flag_small.png Requested by Host: www.hhs.gov URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:1700:382::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 5b0c01b75ef00b470fab45a25688326a108f326e04b14f9ef18ffad7d429f7b6 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' hhs.gov *.hhs.gov Strict-Transport-Security max-age=31536000;includeSubDomains;preload Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers content-security-policy frame-ancestors 'self' hhs.gov *.hhs.gov date Wed, 06 Dec 2023 09:23:22 GMT strict-transport-security max-age=31536000;includeSubDomains;preload last-modified Wed, 16 Aug 2023 19:20:52 GMT etag "64dbe5cf-b0" content-type image/gif cache-control private, no-transform, max-age=1861954 server-timing cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1701854602955_3092669958_2186111652_32_7105_19_0_182";dur=1 content-length 135
GET H2	200	icon-dot-gov.svg www.hhs.gov/themes/custom/hhs_uswds/images/	800 B 828 B	61ms 61ms	Image image/svg+xml	2a02:26f0:1700:382::219c AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.hhs.gov/themes/custom/hhs_uswds/images/icon-dot-gov.svg Requested by Host: www.hhs.gov URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:1700:382::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 54f6653a149c83b73515cc2ec032a18151b57d3ffe97ef04495ce6623e48d1bb Security Headers Name Value Content-Security-Policy frame-ancestors 'self' hhs.gov *.hhs.gov Strict-Transport-Security max-age=31536000;includeSubDomains;preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers content-security-policy frame-ancestors 'self' hhs.gov *.hhs.gov content-encoding gzip x-content-type-options nosniff date Wed, 06 Dec 2023 09:23:22 GMT last-modified Mon, 04 Dec 2023 21:12:15 GMT strict-transport-security max-age=31536000;includeSubDomains;preload etag "656e40af-320" vary Accept-Encoding content-type image/svg+xml cache-control max-age=2592000 server-timing cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1701854602985_3092669958_2186111686_1459_5442_19_0_182";dur=1 accept-ranges bytes content-length 423 x-request-id 5891455abfd39b874e0eee382b97742f
GET H2	200	icon-https.svg www.hhs.gov/themes/custom/hhs_uswds/images/	720 B 790 B	26ms 25ms	Image image/svg+xml	2a02:26f0:1700:382::219c AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.hhs.gov/themes/custom/hhs_uswds/images/icon-https.svg Requested by Host: www.hhs.gov URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:1700:382::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 912daff95ce9cabae7d0195d39aa98d49c4bec3b975d404ac266534c069cee20 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' hhs.gov *.hhs.gov Strict-Transport-Security max-age=31536000;includeSubDomains;preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers content-security-policy frame-ancestors 'self' hhs.gov *.hhs.gov content-encoding gzip x-content-type-options nosniff date Wed, 06 Dec 2023 09:23:23 GMT last-modified Mon, 04 Dec 2023 21:12:15 GMT strict-transport-security max-age=31536000;includeSubDomains;preload etag "656e40af-2d0" vary Accept-Encoding content-type image/svg+xml cache-control max-age=2592000 server-timing cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1701854603026_3092669958_2186111710_22_5515_19_0_182";dur=1 accept-ranges bytes content-length 387 x-request-id 30309ae0ab78254fa3f4e9f8518fa738
GET H2	200	logo-desktop.svg www.hhs.gov/themes/custom/hhs_uswds/	42 KB 13 KB	26ms 26ms	Image image/svg+xml	2a02:26f0:1700:382::219c AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.hhs.gov/themes/custom/hhs_uswds/logo-desktop.svg Requested by Host: www.hhs.gov URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:1700:382::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash d061140563c90833146615532fd0b8226ca97038b74db7ca78c104cad7f68061 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' hhs.gov *.hhs.gov Strict-Transport-Security max-age=31536000;includeSubDomains;preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers content-security-policy frame-ancestors 'self' hhs.gov *.hhs.gov content-encoding gzip x-content-type-options nosniff date Wed, 06 Dec 2023 09:23:23 GMT last-modified Mon, 04 Dec 2023 21:12:18 GMT strict-transport-security max-age=31536000;includeSubDomains;preload etag "656e40b2-a958" vary Accept-Encoding content-type image/svg+xml cache-control max-age=2592000 server-timing cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1701854603026_3092669958_2186111711_19_5523_19_0_182";dur=1 accept-ranges bytes content-length 12746 x-request-id b2fdaa795ebe094c77c69e6c126c4693
GET H2	200	close-white-2.svg www.hhs.gov/themes/custom/hhs_uswds/images/	585 B 802 B	31ms 29ms	Image image/svg+xml	2a02:26f0:1700:382::219c AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.hhs.gov/themes/custom/hhs_uswds/images/close-white-2.svg Requested by Host: www.hhs.gov URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:1700:382::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash cc9f14c4a9a96125899d0ed2b958d12ce311275bea264f4d191aca6c9ebd0a59 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' hhs.gov *.hhs.gov Strict-Transport-Security max-age=31536000;includeSubDomains;preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers content-security-policy frame-ancestors 'self' hhs.gov *.hhs.gov content-encoding gzip x-content-type-options nosniff date Wed, 06 Dec 2023 09:23:23 GMT last-modified Mon, 04 Dec 2023 21:12:15 GMT strict-transport-security max-age=31536000;includeSubDomains;preload etag "656e40af-249" vary Accept-Encoding content-type image/svg+xml cache-control max-age=2592000 server-timing cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1701854603045_3092669958_2186111735_77_6692_19_0_182";dur=1 accept-ranges bytes content-length 398 x-request-id e30485870e99fed4c6471f923ede9f2c
GET H2	200	search--blue.svg www.hhs.gov/themes/custom/hhs_uswds/images/usa-icons-bg/	696 B 866 B	37ms 36ms	Image image/svg+xml	2a02:26f0:1700:382::219c AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.hhs.gov/themes/custom/hhs_uswds/images/usa-icons-bg/search--blue.svg Requested by Host: www.hhs.gov URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:1700:382::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 0cd8c3832c7dbdea696b8f8b30aab2a2bd07862a597b1b2aeb92f1c0730250ab Security Headers Name Value Content-Security-Policy frame-ancestors 'self' hhs.gov *.hhs.gov Strict-Transport-Security max-age=31536000;includeSubDomains;preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers content-security-policy frame-ancestors 'self' hhs.gov *.hhs.gov content-encoding gzip x-content-type-options nosniff date Wed, 06 Dec 2023 09:23:23 GMT last-modified Mon, 04 Dec 2023 21:12:15 GMT strict-transport-security max-age=31536000;includeSubDomains;preload etag "656e40af-2b8" vary Accept-Encoding content-type image/svg+xml cache-control max-age=2592000 server-timing cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1701854603045_3092669958_2186111745_102_6587_19_0_146";dur=1 accept-ranges bytes content-length 462 x-request-id 72d5623b6b5be59c3f01ba1fe027cd39
GET H2	200	text-resize.svg www.hhs.gov/themes/custom/hhs_uswds/images/	703 B 823 B	38ms 37ms	Image image/svg+xml	2a02:26f0:1700:382::219c AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.hhs.gov/themes/custom/hhs_uswds/images/text-resize.svg Requested by Host: www.hhs.gov URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:1700:382::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 7892953878bab9d973434c986c5c6d4e1f128217d37f88fb0341fdd140429a01 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' hhs.gov *.hhs.gov Strict-Transport-Security max-age=31536000;includeSubDomains;preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers content-security-policy frame-ancestors 'self' hhs.gov *.hhs.gov content-encoding gzip x-content-type-options nosniff date Wed, 06 Dec 2023 09:23:23 GMT last-modified Mon, 04 Dec 2023 21:12:15 GMT strict-transport-security max-age=31536000;includeSubDomains;preload etag "656e40af-2bf" vary Accept-Encoding content-type image/svg+xml cache-control max-age=2592000 server-timing cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1701854603045_3092669958_2186111746_100_6540_19_0_146";dur=1 accept-ranges bytes content-length 421 x-request-id 966fe271542e9811ebaeacaf034baed9
GET H2	200	logo-footer.svg www.hhs.gov/themes/custom/hhs_uswds/	22 KB 8 KB	39ms 38ms	Image image/svg+xml	2a02:26f0:1700:382::219c AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.hhs.gov/themes/custom/hhs_uswds/logo-footer.svg Requested by Host: www.hhs.gov URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:1700:382::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash cfda00d655e289b53fa8300e74fb8e681131bf9c61f6dc27e656b9060be1ab60 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' hhs.gov *.hhs.gov Strict-Transport-Security max-age=31536000;includeSubDomains;preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers content-security-policy frame-ancestors 'self' hhs.gov *.hhs.gov content-encoding gzip x-content-type-options nosniff date Wed, 06 Dec 2023 09:23:23 GMT last-modified Mon, 04 Dec 2023 21:12:18 GMT strict-transport-security max-age=31536000;includeSubDomains;preload etag "656e40b2-58cc" vary Accept-Encoding content-type image/svg+xml cache-control max-age=2592000 server-timing cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1701854603045_3092669958_2186111747_104_6618_19_0_146";dur=1 accept-ranges bytes content-length 8074 x-request-id 321ff37ec32de6aa007b362c1a0c1898
GET H2	200	js_g-7AZdYpP-jOOsQfc-HOSWrzHrPw03Y4O7b2qG9B7SM.js Show response www.hhs.gov/sites/default/files/js/	92 KB 32 KB	51ms 49ms	Script application/javascript	2a02:26f0:1700:382::219c AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.hhs.gov/sites/default/files/js/js_g-7AZdYpP-jOOsQfc-HOSWrzHrPw03Y4O7b2qG9B7SM.js?scope=footer&delta=0&language=en&theme=hhs_uswds&include=eJxNjlEOwyAMQy9Ey5GqFLySDQgiYV13-mmqtPXL1vt4th5qKH4lhUtJl6F7VB-kFKkXsGVZKbubiFUxqP8116jT1qkl9bGPRnn-k3nUNtbMmhCdSmDKS0Fk-g5ycEE6_F2nIPLg6wHDy6YO5fdJFdRD8mds8pzsaKAEiqdDaoBTNuwcsVBGN8-V7QNXTVc7 Requested by Host: www.hhs.gov URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:1700:382::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 705462e4d9fa0b777a11e522e4bfba8a3080e0d1f4d67208bd11dd6d0021f46f Security Headers Name Value Content-Security-Policy frame-ancestors 'self' hhs.gov *.hhs.gov Strict-Transport-Security max-age=31536000;includeSubDomains;preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers content-security-policy frame-ancestors 'self' hhs.gov *.hhs.gov content-encoding gzip x-content-type-options nosniff date Wed, 06 Dec 2023 09:23:23 GMT last-modified Wed, 06 Dec 2023 07:43:00 GMT strict-transport-security max-age=31536000;includeSubDomains;preload etag "65702604-16fa4" vary Accept-Encoding content-type application/javascript cache-control max-age=31536000 server-timing cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1701854603045_3092669958_2186111734_76_7828_19_0_219";dur=1 accept-ranges bytes content-length 32512 x-request-id c220831350c5c9d55ba34a976988d353
GET H2	200	common.min.js Show response www.hhs.gov/themes/custom/hhs_uswds/js/dist/	62 KB 21 KB	32ms 31ms	Script application/javascript	2a02:26f0:1700:382::219c AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.hhs.gov/themes/custom/hhs_uswds/js/dist/common.min.js?v=1.0.1 Requested by Host: www.hhs.gov URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:1700:382::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash ef8f7763c262df02e8cf489b9094140828442e0009422e203f0d09b89568601c Security Headers Name Value Content-Security-Policy frame-ancestors 'self' hhs.gov *.hhs.gov Strict-Transport-Security max-age=31536000;includeSubDomains;preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers content-security-policy frame-ancestors 'self' hhs.gov *.hhs.gov content-encoding gzip x-content-type-options nosniff date Wed, 06 Dec 2023 09:23:23 GMT last-modified Mon, 04 Dec 2023 21:12:15 GMT strict-transport-security max-age=31536000;includeSubDomains;preload etag "656e40af-f84f" vary Accept-Encoding content-type application/javascript cache-control max-age=31536000 server-timing cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1701854603045_3092669958_2186111736_79_6719_19_0_182";dur=1 accept-ranges bytes content-length 20665 x-request-id 7c3a323b7eb921d9308e5c9009c199e0
GET H2	200	uswds-init.min.js Show response www.hhs.gov/themes/custom/hhs_uswds/js/libraries/	826 B 897 B	34ms 32ms	Script application/javascript	2a02:26f0:1700:382::219c AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.hhs.gov/themes/custom/hhs_uswds/js/libraries/uswds-init.min.js?v=1.0.2 Requested by Host: www.hhs.gov URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:1700:382::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 63a2d8f905f0eb3a998f0bfc0bc3520d7a45718248bc72a1ea864bc953b3a111 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' hhs.gov *.hhs.gov Strict-Transport-Security max-age=31536000;includeSubDomains;preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers content-security-policy frame-ancestors 'self' hhs.gov *.hhs.gov content-encoding gzip x-content-type-options nosniff date Wed, 06 Dec 2023 09:23:23 GMT last-modified Mon, 04 Dec 2023 21:12:15 GMT strict-transport-security max-age=31536000;includeSubDomains;preload etag "656e40af-33a" vary Accept-Encoding content-type application/javascript cache-control max-age=31536000 server-timing cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1701854603045_3092669958_2186111737_93_6770_19_0_182";dur=1 accept-ranges bytes content-length 487 x-request-id 3d7463de33394bc8f54e15cc8ceacb23
GET H2	200	scripts.min.js Show response www.hhs.gov/themes/custom/hhs_uswds/js/dist/	5 KB 2 KB	35ms 34ms	Script application/javascript	2a02:26f0:1700:382::219c AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.hhs.gov/themes/custom/hhs_uswds/js/dist/scripts.min.js?v=1.0.2 Requested by Host: www.hhs.gov URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:1700:382::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 471361e69bf48243bf20d7f024d51e6a2eab0a10b971a4a533e06dad2e41a38c Security Headers Name Value Content-Security-Policy frame-ancestors 'self' hhs.gov *.hhs.gov Strict-Transport-Security max-age=31536000;includeSubDomains;preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers content-security-policy frame-ancestors 'self' hhs.gov *.hhs.gov content-encoding gzip x-content-type-options nosniff date Wed, 06 Dec 2023 09:23:23 GMT last-modified Mon, 04 Dec 2023 21:12:15 GMT strict-transport-security max-age=31536000;includeSubDomains;preload etag "656e40af-13e5" vary Accept-Encoding content-type application/javascript cache-control max-age=31536000 server-timing cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1701854603045_3092669958_2186111739_84_6699_19_0_182";dur=1 accept-ranges bytes content-length 1968 x-request-id 759c703bd8faa6792c60986c4b868094
GET H2	200	js_TKnpDM_92qbhfTosSC1KKcsOV4rI76v9n9Wda5E-Vuc.js Show response www.hhs.gov/sites/default/files/js/	33 KB 10 KB	55ms 53ms	Script application/javascript	2a02:26f0:1700:382::219c AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.hhs.gov/sites/default/files/js/js_TKnpDM_92qbhfTosSC1KKcsOV4rI76v9n9Wda5E-Vuc.js?scope=footer&delta=4&language=en&theme=hhs_uswds&include=eJxNjlEOwyAMQy9Ey5GqFLySDQgiYV13-mmqtPXL1vt4th5qKH4lhUtJl6F7VB-kFKkXsGVZKbubiFUxqP8116jT1qkl9bGPRnn-k3nUNtbMmhCdSmDKS0Fk-g5ycEE6_F2nIPLg6wHDy6YO5fdJFdRD8mds8pzsaKAEiqdDaoBTNuwcsVBGN8-V7QNXTVc7 Requested by Host: www.hhs.gov URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:1700:382::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash ea04ab0a2005987382c42b3478d5b454611e2bc0a13a69840987b0436d4233d3 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' hhs.gov *.hhs.gov Strict-Transport-Security max-age=31536000;includeSubDomains;preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers content-security-policy frame-ancestors 'self' hhs.gov *.hhs.gov content-encoding gzip x-content-type-options nosniff date Wed, 06 Dec 2023 09:23:23 GMT last-modified Wed, 06 Dec 2023 07:43:02 GMT strict-transport-security max-age=31536000;includeSubDomains;preload etag "65702606-83f1" vary Accept-Encoding content-type application/javascript cache-control max-age=31536000 server-timing cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1701854603045_3092669958_2186111740_87_7777_19_0_182";dur=1 accept-ranges bytes content-length 10333 x-request-id 1036bf951b181ca6a7b00dcd917f5e04
GET H2	200	chosen.jquery.min.js Show response www.hhs.gov/themes/custom/hhs_uswds/js/libraries/chosen/	30 KB 7 KB	36ms 35ms	Script application/javascript	2a02:26f0:1700:382::219c AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.hhs.gov/themes/custom/hhs_uswds/js/libraries/chosen/chosen.jquery.min.js?v=1.0.2 Requested by Host: www.hhs.gov URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:1700:382::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash cdb66cc1d3d413cde2f396328e482211b433bc15aa9fb1d331b33f67ee059550 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' hhs.gov *.hhs.gov Strict-Transport-Security max-age=31536000;includeSubDomains;preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers content-security-policy frame-ancestors 'self' hhs.gov *.hhs.gov content-encoding gzip x-content-type-options nosniff date Wed, 06 Dec 2023 09:23:23 GMT last-modified Mon, 04 Dec 2023 21:12:15 GMT strict-transport-security max-age=31536000;includeSubDomains;preload etag "656e40af-76ed" vary Accept-Encoding content-type application/javascript cache-control max-age=31536000 server-timing cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1701854603045_3092669958_2186111741_89_6851_19_0_182";dur=1 accept-ranges bytes content-length 7005 x-request-id 186e9eb0796917480f57acbd563f53d7
GET H2	200	js_WLrbCmnmenWpcSb2v-eF3QweO6Vl2wa_9zOYv2acXr0.js Show response www.hhs.gov/sites/default/files/js/	3 KB 2 KB	59ms 57ms	Script application/javascript	2a02:26f0:1700:382::219c AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.hhs.gov/sites/default/files/js/js_WLrbCmnmenWpcSb2v-eF3QweO6Vl2wa_9zOYv2acXr0.js?scope=footer&delta=6&language=en&theme=hhs_uswds&include=eJxNjlEOwyAMQy9Ey5GqFLySDQgiYV13-mmqtPXL1vt4th5qKH4lhUtJl6F7VB-kFKkXsGVZKbubiFUxqP8116jT1qkl9bGPRnn-k3nUNtbMmhCdSmDKS0Fk-g5ycEE6_F2nIPLg6wHDy6YO5fdJFdRD8mds8pzsaKAEiqdDaoBTNuwcsVBGN8-V7QNXTVc7 Requested by Host: www.hhs.gov URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:1700:382::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 5a2046f21693fb7c85966514e6f84c73802a8ef672909d71792c60a515b5b7fe Security Headers Name Value Content-Security-Policy frame-ancestors 'self' hhs.gov *.hhs.gov Strict-Transport-Security max-age=31536000;includeSubDomains;preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers content-security-policy frame-ancestors 'self' hhs.gov *.hhs.gov content-encoding gzip x-content-type-options nosniff date Wed, 06 Dec 2023 09:23:23 GMT last-modified Wed, 06 Dec 2023 07:42:57 GMT strict-transport-security max-age=31536000;includeSubDomains;preload etag "65702601-a15" vary Accept-Encoding content-type application/javascript cache-control max-age=31536000 server-timing cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1701854603067_3092669958_2186111742_2956_9096_19_0_182";dur=1 accept-ranges bytes content-length 1183 x-request-id 95462835277b059c98877a29735844ee
GET H2	200	searchgov-typeahead.js Show response www.hhs.gov/modules/hhs/shared/hhs_search/assets/	388 B 660 B	40ms 39ms	Script application/javascript	2a02:26f0:1700:382::219c AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.hhs.gov/modules/hhs/shared/hhs_search/assets/searchgov-typeahead.js?s58iqi Requested by Host: www.hhs.gov URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:1700:382::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 30fcc86d3b4c2298f310378a41789083b37e55b58b1fe1cd141be30317c6569d Security Headers Name Value Content-Security-Policy frame-ancestors 'self' hhs.gov *.hhs.gov Strict-Transport-Security max-age=31536000;includeSubDomains;preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers content-security-policy frame-ancestors 'self' hhs.gov *.hhs.gov content-encoding gzip x-content-type-options nosniff date Wed, 06 Dec 2023 09:23:23 GMT last-modified Mon, 04 Dec 2023 21:12:18 GMT strict-transport-security max-age=31536000;includeSubDomains;preload etag "656e40b2-184" vary Accept-Encoding content-type application/javascript cache-control max-age=31536000 server-timing cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1701854603045_3092669958_2186111748_111_6481_19_0_146";dur=1 accept-ranges bytes content-length 250 x-request-id 7f1948634da7911d7d044596f4d3e778
GET H2	200	js_Qd2Vjh6Cf-xBiat07m6xbTPvP725u4mvutZg5kLLfgw.js Show response www.hhs.gov/sites/default/files/js/	5 KB 2 KB	58ms 56ms	Script application/javascript	2a02:26f0:1700:382::219c AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.hhs.gov/sites/default/files/js/js_Qd2Vjh6Cf-xBiat07m6xbTPvP725u4mvutZg5kLLfgw.js?scope=footer&delta=8&language=en&theme=hhs_uswds&include=eJxNjlEOwyAMQy9Ey5GqFLySDQgiYV13-mmqtPXL1vt4th5qKH4lhUtJl6F7VB-kFKkXsGVZKbubiFUxqP8116jT1qkl9bGPRnn-k3nUNtbMmhCdSmDKS0Fk-g5ycEE6_F2nIPLg6wHDy6YO5fdJFdRD8mds8pzsaKAEiqdDaoBTNuwcsVBGN8-V7QNXTVc7 Requested by Host: www.hhs.gov URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:1700:382::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 8246132e674c75f7a16fd2bb9e43a8add8cfc8de89dce68fb5736b39bf57438c Security Headers Name Value Content-Security-Policy frame-ancestors 'self' hhs.gov *.hhs.gov Strict-Transport-Security max-age=31536000;includeSubDomains;preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers content-security-policy frame-ancestors 'self' hhs.gov *.hhs.gov content-encoding gzip x-content-type-options nosniff date Wed, 06 Dec 2023 09:23:23 GMT last-modified Wed, 06 Dec 2023 07:43:02 GMT strict-transport-security max-age=31536000;includeSubDomains;preload etag "65702606-1240" vary Accept-Encoding content-type application/javascript cache-control max-age=31536000 server-timing cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1701854603045_3092669958_2186111743_100_7644_19_0_182";dur=1 accept-ranges bytes content-length 1524 x-request-id 3a570416f4fc1eb403840d9f79d099ab
GET H2	200	sourcesanspro-regular-webfont.woff2 www.hhs.gov/themes/custom/hhs_uswds/fonts/source-sans-pro/	20 KB 20 KB	32ms 32ms	Font application/octet-stream	2a02:26f0:1700:382::219c AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.hhs.gov/themes/custom/hhs_uswds/fonts/source-sans-pro/sourcesanspro-regular-webfont.woff2 Requested by Host: www.hhs.gov URL: https://www.hhs.gov/sites/default/files/css/css_u8iLDafwaLCwx-9qX1vh55WmyQb_X0gpnSh3h4YlPts.css?delta=1&language=en&theme=hhs_uswds&include=eJxNjlEOwyAMQy9Ey5GqFLySDQgiYV13-mmqtPXL1vt4th5qKH4lhUtJl6F7VB-kFKkXsGVZKbubiFUxqP8116jT1qkl9bGPRnn-k3nUNtbMmhCdSmDKS0Fk-g5ycEE6_F2nIPLg6wHDy6YO5fdJFdRD8mds8pzsaKAEiqdDaoBTNuwcsVBGN8-V7QNXTVc7 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:1700:382::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 8792619becd8b285e78f14bfcf1ad66e2adbae0f5ec8ad131246621f806ac535 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubDomains;preload Request headers Referer https://www.hhs.gov/sites/default/files/css/css_u8iLDafwaLCwx-9qX1vh55WmyQb_X0gpnSh3h4YlPts.css?delta=1&language=en&theme=hhs_uswds&include=eJxNjlEOwyAMQy9Ey5GqFLySDQgiYV13-mmqtPXL1vt4th5qKH4lhUtJl6F7VB-kFKkXsGVZKbubiFUxqP8116jT1qkl9bGPRnn-k3nUNtbMmhCdSmDKS0Fk-g5ycEE6_F2nIPLg6wHDy6YO5fdJFdRD8mds8pzsaKAEiqdDaoBTNuwcsVBGN8-V7QNXTVc7 Origin https://www.hhs.gov accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 06 Dec 2023 09:23:23 GMT strict-transport-security max-age=31536000;includeSubDomains;preload last-modified Mon, 04 Dec 2023 21:12:15 GMT etag "656e40af-503c" content-type application/octet-stream access-control-allow-origin * server-timing cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1701854603038_3092669958_2186111729_20_5870_19_0_255";dur=1 accept-ranges bytes content-length 20540
GET H2	200	gtm.js Show response www.googletagmanager.com/	469 KB 110 KB	128ms 67ms	Script application/javascript	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-JLFR Requested by Host: www.hhs.gov URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 5858345c2a8c5f31f795ef82d9aeee88385a4a00fc0369337d334501a58ced91 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 06 Dec 2023 09:23:23 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 111872 x-xss-protection 0 last-modified Wed, 06 Dec 2023 09:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 06 Dec 2023 09:23:23 GMT
GET H2	200	sprite.svg www.hhs.gov/themes/custom/hhs_uswds/images/	83 KB 22 KB	41ms 40ms	Other image/svg+xml	2a02:26f0:1700:382::219c AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.hhs.gov/themes/custom/hhs_uswds/images/sprite.svg Requested by Host: www.hhs.gov URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:1700:382::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 2711f20d80d0f69b5056bb95e3093b385f9f56298a98c4d2778ef7c55d432447 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' hhs.gov *.hhs.gov Strict-Transport-Security max-age=31536000;includeSubDomains;preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers content-security-policy frame-ancestors 'self' hhs.gov *.hhs.gov content-encoding gzip x-content-type-options nosniff date Wed, 06 Dec 2023 09:23:23 GMT last-modified Mon, 04 Dec 2023 21:12:15 GMT strict-transport-security max-age=31536000;includeSubDomains;preload etag "656e40af-14d98" vary Accept-Encoding content-type image/svg+xml cache-control max-age=2592000 server-timing cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1701854603045_3092669958_2186111749_112_6434_19_0_146";dur=1 accept-ranges bytes content-length 22109 x-request-id 25117fa015edbc56f8e81151617c8494
GET H2	200	sprite.artifact.svg www.hhs.gov/themes/custom/hhs_uswds/images/	7 KB 3 KB	42ms 41ms	Other image/svg+xml	2a02:26f0:1700:382::219c AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.hhs.gov/themes/custom/hhs_uswds/images/sprite.artifact.svg Requested by Host: www.hhs.gov URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:1700:382::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash af12198fcbc14f0a22b0adb0b3223b420d0288a8e8f0c1c0c1e758e91361e971 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' hhs.gov *.hhs.gov Strict-Transport-Security max-age=31536000;includeSubDomains;preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers content-security-policy frame-ancestors 'self' hhs.gov *.hhs.gov content-encoding gzip x-content-type-options nosniff date Wed, 06 Dec 2023 09:23:23 GMT last-modified Mon, 04 Dec 2023 21:12:15 GMT strict-transport-security max-age=31536000;includeSubDomains;preload etag "656e40af-1b64" vary Accept-Encoding content-type image/svg+xml cache-control max-age=2592000 server-timing cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1701854603045_3092669958_2186111750_116_6447_19_0_146";dur=1 accept-ranges bytes content-length 2772 x-request-id 396fc65a8c3549e55002244519db8655
GET H2	200	expand_more.svg www.hhs.gov/themes/custom/hhs_uswds/images/usa-icons/	182 B 566 B	42ms 42ms	Image image/svg+xml	2a02:26f0:1700:382::219c AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.hhs.gov/themes/custom/hhs_uswds/images/usa-icons/expand_more.svg Requested by Host: www.hhs.gov URL: https://www.hhs.gov/sites/default/files/css/css_u8iLDafwaLCwx-9qX1vh55WmyQb_X0gpnSh3h4YlPts.css?delta=1&language=en&theme=hhs_uswds&include=eJxNjlEOwyAMQy9Ey5GqFLySDQgiYV13-mmqtPXL1vt4th5qKH4lhUtJl6F7VB-kFKkXsGVZKbubiFUxqP8116jT1qkl9bGPRnn-k3nUNtbMmhCdSmDKS0Fk-g5ycEE6_F2nIPLg6wHDy6YO5fdJFdRD8mds8pzsaKAEiqdDaoBTNuwcsVBGN8-V7QNXTVc7 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:1700:382::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash fe0ef658114738f046347758fc2f00dddd7e98fadc930048e34675d9153472ac Security Headers Name Value Content-Security-Policy frame-ancestors 'self' hhs.gov *.hhs.gov Strict-Transport-Security max-age=31536000;includeSubDomains;preload X-Content-Type-Options nosniff Request headers Referer https://www.hhs.gov/sites/default/files/css/css_u8iLDafwaLCwx-9qX1vh55WmyQb_X0gpnSh3h4YlPts.css?delta=1&language=en&theme=hhs_uswds&include=eJxNjlEOwyAMQy9Ey5GqFLySDQgiYV13-mmqtPXL1vt4th5qKH4lhUtJl6F7VB-kFKkXsGVZKbubiFUxqP8116jT1qkl9bGPRnn-k3nUNtbMmhCdSmDKS0Fk-g5ycEE6_F2nIPLg6wHDy6YO5fdJFdRD8mds8pzsaKAEiqdDaoBTNuwcsVBGN8-V7QNXTVc7 Origin https://www.hhs.gov accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers content-security-policy frame-ancestors 'self' hhs.gov *.hhs.gov content-encoding gzip x-content-type-options nosniff date Wed, 06 Dec 2023 09:23:23 GMT last-modified Mon, 04 Dec 2023 21:12:15 GMT strict-transport-security max-age=31536000;includeSubDomains;preload etag "656e40af-b6" vary Accept-Encoding content-type image/svg+xml cache-control max-age=2592000 server-timing cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1701854603045_3092669958_2186111751_127_6418_19_0_146";dur=1 accept-ranges bytes content-length 163 x-request-id c698d4a6e218aa78afcc39264f211e70
GET H2	200	search--white.svg www.hhs.gov/themes/custom/hhs_uswds/images/usa-icons-bg/	387 B 667 B	41ms 41ms	Image image/svg+xml	2a02:26f0:1700:382::219c AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.hhs.gov/themes/custom/hhs_uswds/images/usa-icons-bg/search--white.svg Requested by Host: www.hhs.gov URL: https://www.hhs.gov/sites/default/files/css/css_u8iLDafwaLCwx-9qX1vh55WmyQb_X0gpnSh3h4YlPts.css?delta=1&language=en&theme=hhs_uswds&include=eJxNjlEOwyAMQy9Ey5GqFLySDQgiYV13-mmqtPXL1vt4th5qKH4lhUtJl6F7VB-kFKkXsGVZKbubiFUxqP8116jT1qkl9bGPRnn-k3nUNtbMmhCdSmDKS0Fk-g5ycEE6_F2nIPLg6wHDy6YO5fdJFdRD8mds8pzsaKAEiqdDaoBTNuwcsVBGN8-V7QNXTVc7 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:1700:382::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 85be1f76ce73e5e3a68fc28a6897ad8c910a7d02e057986711264f19ec3f36c6 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' hhs.gov *.hhs.gov Strict-Transport-Security max-age=31536000;includeSubDomains;preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/sites/default/files/css/css_u8iLDafwaLCwx-9qX1vh55WmyQb_X0gpnSh3h4YlPts.css?delta=1&language=en&theme=hhs_uswds&include=eJxNjlEOwyAMQy9Ey5GqFLySDQgiYV13-mmqtPXL1vt4th5qKH4lhUtJl6F7VB-kFKkXsGVZKbubiFUxqP8116jT1qkl9bGPRnn-k3nUNtbMmhCdSmDKS0Fk-g5ycEE6_F2nIPLg6wHDy6YO5fdJFdRD8mds8pzsaKAEiqdDaoBTNuwcsVBGN8-V7QNXTVc7 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers content-security-policy frame-ancestors 'self' hhs.gov *.hhs.gov content-encoding gzip x-content-type-options nosniff date Wed, 06 Dec 2023 09:23:23 GMT last-modified Mon, 04 Dec 2023 21:12:15 GMT strict-transport-security max-age=31536000;includeSubDomains;preload etag "656e40af-183" vary Accept-Encoding content-type image/svg+xml cache-control max-age=2592000 server-timing cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1701854603045_3092669958_2186111752_119_6506_19_0_146";dur=1 accept-ranges bytes content-length 263 x-request-id 49ae2b903d9d594286ab951aa8dbd751
GET H2	200	navigate_next.svg www.hhs.gov/themes/custom/hhs_uswds/images/usa-icons/	184 B 571 B	42ms 42ms	Image image/svg+xml	2a02:26f0:1700:382::219c AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.hhs.gov/themes/custom/hhs_uswds/images/usa-icons/navigate_next.svg Requested by Host: www.hhs.gov URL: https://www.hhs.gov/sites/default/files/css/css_u8iLDafwaLCwx-9qX1vh55WmyQb_X0gpnSh3h4YlPts.css?delta=1&language=en&theme=hhs_uswds&include=eJxNjlEOwyAMQy9Ey5GqFLySDQgiYV13-mmqtPXL1vt4th5qKH4lhUtJl6F7VB-kFKkXsGVZKbubiFUxqP8116jT1qkl9bGPRnn-k3nUNtbMmhCdSmDKS0Fk-g5ycEE6_F2nIPLg6wHDy6YO5fdJFdRD8mds8pzsaKAEiqdDaoBTNuwcsVBGN8-V7QNXTVc7 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:1700:382::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 927f3948559fc75c26f4f84ec09bd1eec1e92f5ddafbea26e4a821d06c2d0dc1 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' hhs.gov *.hhs.gov Strict-Transport-Security max-age=31536000;includeSubDomains;preload X-Content-Type-Options nosniff Request headers Referer https://www.hhs.gov/sites/default/files/css/css_u8iLDafwaLCwx-9qX1vh55WmyQb_X0gpnSh3h4YlPts.css?delta=1&language=en&theme=hhs_uswds&include=eJxNjlEOwyAMQy9Ey5GqFLySDQgiYV13-mmqtPXL1vt4th5qKH4lhUtJl6F7VB-kFKkXsGVZKbubiFUxqP8116jT1qkl9bGPRnn-k3nUNtbMmhCdSmDKS0Fk-g5ycEE6_F2nIPLg6wHDy6YO5fdJFdRD8mds8pzsaKAEiqdDaoBTNuwcsVBGN8-V7QNXTVc7 Origin https://www.hhs.gov accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers content-security-policy frame-ancestors 'self' hhs.gov *.hhs.gov content-encoding gzip x-content-type-options nosniff date Wed, 06 Dec 2023 09:23:23 GMT last-modified Mon, 04 Dec 2023 21:12:15 GMT strict-transport-security max-age=31536000;includeSubDomains;preload etag "656e40af-b8" vary Accept-Encoding content-type image/svg+xml cache-control max-age=2592000 server-timing cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1701854603045_3092669958_2186111753_120_6416_19_0_146";dur=1 accept-ranges bytes content-length 167 x-request-id 98c459d721206a32b171872198b3d256
GET H2	200	sourcesanspro-bold-webfont.woff2 www.hhs.gov/themes/custom/hhs_uswds/fonts/source-sans-pro/	20 KB 20 KB	43ms 43ms	Font application/octet-stream	2a02:26f0:1700:382::219c AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.hhs.gov/themes/custom/hhs_uswds/fonts/source-sans-pro/sourcesanspro-bold-webfont.woff2 Requested by Host: www.hhs.gov URL: https://www.hhs.gov/sites/default/files/css/css_u8iLDafwaLCwx-9qX1vh55WmyQb_X0gpnSh3h4YlPts.css?delta=1&language=en&theme=hhs_uswds&include=eJxNjlEOwyAMQy9Ey5GqFLySDQgiYV13-mmqtPXL1vt4th5qKH4lhUtJl6F7VB-kFKkXsGVZKbubiFUxqP8116jT1qkl9bGPRnn-k3nUNtbMmhCdSmDKS0Fk-g5ycEE6_F2nIPLg6wHDy6YO5fdJFdRD8mds8pzsaKAEiqdDaoBTNuwcsVBGN8-V7QNXTVc7 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:1700:382::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 83f67df68dac5c435d964be278d39f70ad8605265b6b99918a46451b77552e92 Security Headers Name Value Strict-Transport-Security max-age=31536000;includeSubDomains;preload Request headers Referer https://www.hhs.gov/sites/default/files/css/css_u8iLDafwaLCwx-9qX1vh55WmyQb_X0gpnSh3h4YlPts.css?delta=1&language=en&theme=hhs_uswds&include=eJxNjlEOwyAMQy9Ey5GqFLySDQgiYV13-mmqtPXL1vt4th5qKH4lhUtJl6F7VB-kFKkXsGVZKbubiFUxqP8116jT1qkl9bGPRnn-k3nUNtbMmhCdSmDKS0Fk-g5ycEE6_F2nIPLg6wHDy6YO5fdJFdRD8mds8pzsaKAEiqdDaoBTNuwcsVBGN8-V7QNXTVc7 Origin https://www.hhs.gov accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 06 Dec 2023 09:23:23 GMT strict-transport-security max-age=31536000;includeSubDomains;preload last-modified Mon, 04 Dec 2023 21:12:15 GMT etag "656e40af-4f90" content-type application/octet-stream access-control-allow-origin * server-timing cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1701854603062_3092669958_2186111772_620_7107_19_0_255";dur=1 accept-ranges bytes content-length 20368
GET H2	404	index.html Show response www.hhs.gov/sitewide_alert/load/ Redirect Chain https://www.hhs.gov/sitewide_alert/load https://www.hhs.gov/sitewide_alert/load/index.html	33 KB 33 KB	149ms 147ms	Fetch text/html	2a02:26f0:1700:382::219c AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.hhs.gov/sitewide_alert/load/index.html Requested by Host: www.hhs.gov URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf Protocol H2 Server 2a02:26f0:1700:382::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash a4cd26a5758d0e964112d76f1ad89551b5ff9e83d80b6e090c6ff06975fe2ff9 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' hhs.gov *.hhs.gov Strict-Transport-Security max-age=31536000;includeSubDomains;preload X-Content-Type-Options nosniff, nosniff X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers content-security-policy frame-ancestors 'self' hhs.gov *.hhs.gov date Wed, 06 Dec 2023 09:23:23 GMT x-content-type-options nosniff, nosniff strict-transport-security max-age=31536000;includeSubDomains;preload last-modified Wed, 06 Dec 2023 08:43:42 GMT etag "1701852222" x-frame-options SAMEORIGIN content-type text/html; charset=UTF-8 content-language en x-generator Drupal 10 (https://www.drupal.org) cache-control public, max-age=3600 server-timing cdn-cache; desc=MISS, edge; dur=100, origin; dur=21, ak_p; desc="1701854603151_3092669958_2186111827_12109_7009_19_0_219";dur=1 x-drupal-cache HIT content-length 33562 Redirect headers location https://www.hhs.gov/sitewide_alert/load/index.html date Wed, 06 Dec 2023 09:23:23 GMT strict-transport-security max-age=31536000;includeSubDomains;preload server-timing cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1701854603122_3092669958_2186111812_15_7516_19_0_219";dur=1 content-length 0
GET H2	200	sayt_loader.js Show response search.usa.gov/assets/ Redirect Chain https://search.usa.gov/javascripts/remote.loader.js https://search.usa.gov/assets/sayt_loader.js	2 KB 1 KB	323ms 323ms	Script application/javascript	2600:9000:20ab:f000:a:4fc7:79c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://search.usa.gov/assets/sayt_loader.js Requested by Host: www.hhs.gov URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf Protocol H2 Server 2600:9000:20ab:f000:a:4fc7:79c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache / Resource Hash e11bda5b7f71c9b452e912eb2ccbada3fe33e6d1afb7f48e981d23085f982b4f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 06 Dec 2023 09:23:23 GMT content-encoding gzip via 1.1 proxy3.us-east-1.prod.infr.search.usa.gov:8443, 1.1 3201e5fb77f9faaa881f4f324226564a.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubdomains; preload x-amz-cf-pop AMS58-P3 x-cache Miss from cloudfront content-length 954 last-modified Tue, 21 Nov 2023 21:13:38 GMT server Apache vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes x-amz-cf-id jmThdaQ-K0r-SveatxA9NhLEoKabUuDIhfpNgRRZra7tiFgkwce_FA== expires Wed, 06 Dec 2023 10:23:23 GMT Redirect headers date Wed, 06 Dec 2023 09:23:23 GMT via 1.1 3201e5fb77f9faaa881f4f324226564a.cloudfront.net (CloudFront) server Apache x-amz-cf-pop AMS58-P3 x-cache Miss from cloudfront content-type text/html; charset=iso-8859-1 location https://search.usa.gov/assets/sayt_loader.js content-length 252 x-amz-cf-id PQ9GJV5yC5PbQjfPSXiLEJb0gYAWN6mOicwk436qSwaSFtf_pK1rYQ==
GET H2	200	js Show response www.googletagmanager.com/gtag/	261 KB 88 KB	36ms 35ms	Script application/javascript	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-3YLR8EGLBW&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-JLFR Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 81589eb64d4bf9f9b7383d908db0c563d6c28d769495a3c7acf7e14302527b9c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 06 Dec 2023 09:23:23 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 90376 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Wed, 06 Dec 2023 09:23:23 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	246 KB 85 KB	36ms 36ms	Script application/javascript	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-8RZ83J1052&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-JLFR Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 1864558b2ad8a8a628990afccdbfc9361230c662fc4179800440248469fd4054 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 06 Dec 2023 09:23:23 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 86535 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Wed, 06 Dec 2023 09:23:23 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	133ms 19ms	Script text/javascript	2a00:1450:4001:82a::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-JLFR Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Wed, 06 Dec 2023 07:41:49 GMT last-modified Mon, 12 Jun 2023 18:23:07 GMT server Golfe2 age 6094 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Wed, 06 Dec 2023 09:41:49 GMT
GET H2	200	7360.js Show response script.crazyegg.com/pages/scripts/0005/	6 KB 2 KB	148ms 34ms	Script text/javascript	2606:4700::6813:9408 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.crazyegg.com/pages/scripts/0005/7360.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-JLFR Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a7c09ef9951f2efdc7da9d2967826412e94588ec2ed2b80319f02a7b41a092f3 Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 06 Dec 2023 09:23:23 GMT content-encoding gzip cf-cache-status HIT age 30911 cf-polished origSize=5984 ce-version 11.5.153 cf-bgj minify last-modified Wed, 06 Dec 2023 00:48:12 GMT server cloudflare vary Accept-Encoding content-type text/javascript access-control-allow-origin * access-control-expose-headers CE-Version cache-control public, max-age=300, s-maxage=1209600 timing-allow-origin * cf-ray 831378471a8d3639-FRA
GET H2	200	web-vitals.iife.js Show response unpkg.com/web-vitals@3.5.0/dist/ Redirect Chain https://unpkg.com/web-vitals/dist/web-vitals.iife.js https://unpkg.com/web-vitals@3.5.0/dist/web-vitals.iife.js	7 KB 3 KB	29ms 29ms	Script application/javascript	2606:4700::6810:7aaf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unpkg.com/web-vitals@3.5.0/dist/web-vitals.iife.js Requested by Host: www.hhs.gov URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf Protocol H2 Server 2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7688a97a3cf3ee4a4f04f8b3596ca5c89d63f4e57280907e688dcdd8dd52b49f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 06 Dec 2023 09:23:23 GMT via 1.1 fly.io x-content-type-options nosniff cf-cache-status HIT content-encoding br strict-transport-security max-age=31536000; includeSubDomains; preload age 2000389 last-modified Sat, 26 Oct 1985 08:15:00 GMT fly-request-id 01HF3K9RNV4K8MEAJD3Q8TRX3W-fra server cloudflare etag W/"1c0d-zW8RvTlYH7YAF4tIT+4z8RfNaCg" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 8313784748176ae7-FRA Redirect headers date Wed, 06 Dec 2023 09:23:23 GMT via 1.1 fly.io x-content-type-options nosniff cf-cache-status HIT fly-request-id 01HGZ70D1NB1MK4C04V4DQYQ9G-fra server cloudflare strict-transport-security max-age=31536000; includeSubDomains; preload age 13 vary Accept, Accept-Encoding content-type text/plain; charset=utf-8 access-control-allow-origin * location /web-vitals@3.5.0/dist/web-vitals.iife.js cache-control public, s-maxage=600, max-age=60 cf-ray 831378471fe36ae7-FRA
GET H2	200	Universal-Federated-Analytics-Min.js Show response dap.digitalgov.gov/	24 KB 7 KB	135ms 27ms	Script application/javascript	2600:9000:2394:a00:5:83ea:ba80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dap.digitalgov.gov/Universal-Federated-Analytics-Min.js?agency=hhs&subagency=aspa&sitetopic=health&siteplatform=drupal%2010%20&sdor=hhs.gov&dclink=true&yt=true&pua=UA-36351725-9&autotracker=true&sp=sitesearchtracking,q&parallelcd=true&palagencydim=dimension1|1&palsubagencydim=dimension2|2&palversiondim=dimension3|3&paltopicdim=dimension4|4&paltopicdim=dimension5|5&cto=24 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-JLFR Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2394:a00:5:83ea:ba80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 5aa160ad964402d622c0032f2a12db80a9fa54808305e6ccacf3b4e0db562251 Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers x-amz-version-id zyZrzqhK15RgOdA9RDCbP8yYgwnv7CPf content-encoding gzip via 1.1 4a3271596b4750a635e84d92a47448bc.cloudfront.net (CloudFront) date Wed, 06 Dec 2023 06:58:40 GMT x-amz-cf-pop AMS1-P2 age 8708 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED alt-svc h3=":443"; ma=86400 last-modified Thu, 21 Sep 2023 01:19:04 GMT server AmazonS3 etag W/"36612be2a6ccaefd48af22240f0c4f35" vary Accept-Encoding content-type application/javascript x-amz-cf-id AP-NWIoF5MjVDTTxVFuryuAf0KrsrLiikQLVYSqfyfsPR2duBfgqLQ==
GET H2	200	web-vitals.umd.js Show response unpkg.com/web-vitals@1.1.1/dist/	4 KB 2 KB	137ms 35ms	Script application/javascript	2606:4700::6810:7aaf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unpkg.com/web-vitals@1.1.1/dist/web-vitals.umd.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-JLFR Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6c5e6c7274105cf173a95a2610a07c20b05c766f91dbaa665d8ca4eb7bd78e8b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 06 Dec 2023 09:23:23 GMT via 1.1 fly.io x-content-type-options nosniff cf-cache-status HIT content-encoding br strict-transport-security max-age=31536000; includeSubDomains; preload age 631369 last-modified Sat, 26 Oct 1985 08:15:00 GMT fly-request-id 01HGCCWZ5ZQ9AK34NJY2V6ZEBE-fra server cloudflare etag W/"1061-Lg/hc9+R+8jAR7NYymzfENgFcZM" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 831378471fe56ae7-FRA
GET H2	200	siteanalyze_6282609.js Show response siteimproveanalytics.com/js/	27 KB 10 KB	146ms 39ms	Script application/javascript	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteimproveanalytics.com/js/siteanalyze_6282609.js Requested by Host: www.hhs.gov URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3433585029338aa9fdb72ca839ff590c266ae58bad844415bf26faa472f5772f Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 06 Dec 2023 09:23:23 GMT content-encoding gzip cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id V0HPSX360H2JD1M8 age 2310 alt-svc h3=":443"; ma=86400 content-length 9111 x-amz-id-2 ScU4oeA0iOfFrj3uzmpKK2htPWkEuajeOdlvnrd7WKGN84nnTfsEsIZ9lfKv+XqEOeLXZn2nm8U= last-modified Mon, 25 Sep 2023 18:17:28 GMT server cloudflare etag "7fdb77dd8e7ab0d09e8f953bd83439b1" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UH%2F7p5OmUwZpiwvTfl5rrDVP%2BQoNnqiO%2FhaiD3AC%2FMoaemJ3OsiU5kwWB0IrVvltgqq3usIIwOH6rAJpW5zQyihG9slBr%2BUp0EB%2B%2BKZPQQc34lYCDeIc26Aj%2F%2BNH6thq3X%2BQu5XlpRb8KKiAP7nnW8iMvmBMk%2Bo%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control max-age=86400, no-transform accept-ranges bytes cf-ray 831378472bf70638-CDG
POST H2	204	collect region1.analytics.google.com/g/	0 243 B	83ms 31ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-3YLR8EGLBW&gtm=45je3bt0v885882153z8548905&_p=1701854603034&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=417974232.1701854603&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701854603&sct=1&seg=0&dl=https%3A%2F%2Fwww.hhs.gov%2Fsites%2Fdefault%2Ffiles%2F2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf&dt=Page%20Not%20Found%20%7C%20HHS.gov&en=page_view&_fv=1&_nsi=1&_ss=1&ep.site_host=www.hhs.gov&ep.page_date_modified=Not%20Found&ep.page_content_generator=drupal%2010%20&ep.page_date_created=Not%20Found&ep.page_creator=Not%20Found&ep.page_office=aspa&ep.page_content_type=Not%20Found&ep.page_division=dcd&ep.page_audience=content%20creator%20missing&ep.page_author=Not%20Found&ep.page_word_count=%3C200&ep.timestamp=2023-12-06T10%3A23%3A23.232%2B01%3A00&tfd=890 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-3YLR8EGLBW&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers pragma no-cache date Wed, 06 Dec 2023 09:23:23 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.hhs.gov cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 252 B	81ms 27ms	Ping text/plain	2a00:1450:400c:c00::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-3YLR8EGLBW&cid=417974232.1701854603&gtm=45je3bt0v885882153z8548905&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-3YLR8EGLBW&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers pragma no-cache date Wed, 06 Dec 2023 09:23:23 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.hhs.gov cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 408 B	93ms 43ms	Image image/gif	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-3YLR8EGLBW&cid=417974232.1701854603&gtm=45je3bt0v885882153z8548905&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1574127928 Requested by Host: www.hhs.gov URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers pragma no-cache date Wed, 06 Dec 2023 09:23:23 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect region1.analytics.google.com/g/	0 54 B	28ms 28ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-8RZ83J1052&gtm=45je3bt0v9105278010z8548905&_p=1701854603034&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=417974232.1701854603&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701854603&sct=1&seg=0&dl=https%3A%2F%2Fwww.hhs.gov%2Fsites%2Fdefault%2Ffiles%2F2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf&dt=Page%20Not%20Found%20%7C%20HHS.gov&en=page_view&_fv=1&_ss=1&ep.site_host=www.hhs.gov&ep.page_date_modified=Not%20Found&ep.page_content_generator=drupal%2010%20&ep.page_date_created=Not%20Found&ep.page_creator=Not%20Found&ep.page_office=aspa&ep.page_content_type=Not%20Found&ep.page_division=dcd&ep.page_audience=content%20creator%20missing&ep.page_author=Not%20Found&ep.page_word_count=%3C200&tfd=913 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-8RZ83J1052&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers pragma no-cache date Wed, 06 Dec 2023 09:23:23 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.hhs.gov cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 54 B	28ms 27ms	Ping text/plain	2a00:1450:400c:c00::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-8RZ83J1052&cid=417974232.1701854603&gtm=45je3bt0v9105278010z8548905&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-8RZ83J1052&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers pragma no-cache date Wed, 06 Dec 2023 09:23:23 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.hhs.gov cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 107 B	45ms 44ms	Image image/gif	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8RZ83J1052&cid=417974232.1701854603&gtm=45je3bt0v9105278010z8548905&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=495515766 Requested by Host: www.hhs.gov URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers pragma no-cache date Wed, 06 Dec 2023 09:23:23 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	234 KB 82 KB	27ms 26ms	Script application/javascript	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-CSLL4ZEK4L Requested by Host: dap.digitalgov.gov URL: https://dap.digitalgov.gov/Universal-Federated-Analytics-Min.js?agency=hhs&subagency=aspa&sitetopic=health&siteplatform=drupal%2010%20&sdor=hhs.gov&dclink=true&yt=true&pua=UA-36351725-9&autotracker=true&sp=sitesearchtracking,q&parallelcd=true&palagencydim=dimension1|1&palsubagencydim=dimension2|2&palversiondim=dimension3|3&paltopicdim=dimension4|4&paltopicdim=dimension5|5&cto=24 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash ab9b1fdfb16b8af3b5e8aa6d37eeb73cdb6f2a94e1503aae5da12cdba6ad9013 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 06 Dec 2023 09:23:23 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 83620 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Wed, 06 Dec 2023 09:23:23 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	234 KB 82 KB	41ms 41ms	Script application/javascript	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-CSLL4ZEK4L&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-JLFR Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash a2f94d4356d35221e2e413a8fb59d7d0a8191b147d808ef47f48cd20152ee559 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 06 Dec 2023 09:23:23 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 83631 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Wed, 06 Dec 2023 09:23:23 GMT
GET H2	200	iframe_api Show response www.youtube.com/	993 B 2 KB	95ms 44ms	Script text/javascript	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/iframe_api Requested by Host: dap.digitalgov.gov URL: https://dap.digitalgov.gov/Universal-Federated-Analytics-Min.js?agency=hhs&subagency=aspa&sitetopic=health&siteplatform=drupal%2010%20&sdor=hhs.gov&dclink=true&yt=true&pua=UA-36351725-9&autotracker=true&sp=sitesearchtracking,q&parallelcd=true&palagencydim=dimension1|1&palsubagencydim=dimension2|2&palversiondim=dimension3|3&paltopicdim=dimension4|4&paltopicdim=dimension5|5&cto=24 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash a63f486f5b05184dc0708669c9c1823de00295dd74b090557b77268118ecc0dd Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 06 Dec 2023 09:23:23 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff content-encoding br p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info." cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version server ESF x-frame-options SAMEORIGIN report-to {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]} content-type text/javascript; charset=utf-8 vary Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cache-control private, max-age=0 origin-trial AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9 permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* cross-origin-opener-policy-report-only same-origin; report-to="youtube_main" expires Wed, 06 Dec 2023 09:23:23 GMT
GET H2	200	www.hhs.gov.json Show response script.crazyegg.com/pages/data-scripts/0005/7360/site/	10 KB 2 KB	74ms 29ms	XHR application/json	2606:4700::6813:9408 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.crazyegg.com/pages/data-scripts/0005/7360/site/www.hhs.gov.json?t=1 Requested by Host: script.crazyegg.com URL: https://script.crazyegg.com/pages/scripts/0005/7360.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dd9e809b02a534b960ced947977956821534003b99b5375c69e68b36eea0b310 Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 06 Dec 2023 09:23:23 GMT content-encoding gzip cf-cache-status HIT age 35106 ce-version 11.5.153 content-length 2261 last-modified Tue, 05 Dec 2023 23:38:17 GMT server cloudflare vary Accept-Encoding content-type application/json access-control-allow-origin * access-control-expose-headers CE-Version cache-control public, max-age=300, s-maxage=1209600 accept-ranges bytes timing-allow-origin * cf-ray 83137847a9864d54-FRA
GET H2	200	linkid.js Show response www.google-analytics.com/plugins/ua/	2 KB 1 KB	20ms 19ms	Script text/javascript	2a00:1450:4001:82a::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/plugins/ua/linkid.js Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 06 Dec 2023 08:51:32 GMT content-encoding br x-content-type-options nosniff age 1911 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 697 x-xss-protection 0 last-modified Fri, 30 Jun 2023 18:58:00 GMT server sffe vary Accept-Encoding report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type text/javascript cache-control public, max-age=3600 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Wed, 06 Dec 2023 09:51:32 GMT
POST H2	200	publisher:getClientId Show response ampcid.google.com/v1/	74 B 437 B	91ms 29ms	XHR application/json	2a00:1450:4001:828::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.hhs.gov/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Content-Type text/plain Response headers date Wed, 06 Dec 2023 09:23:23 GMT content-encoding gzip x-content-type-options nosniff server ESF vary Origin, X-Origin, Referer x-frame-options SAMEORIGIN content-type application/json; charset=UTF-8 access-control-allow-origin https://www.hhs.gov access-control-expose-headers vary,vary,vary,content-encoding,date,server,content-length cache-control private access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 94 x-xss-protection 0
GET H2	200	image.aspx 6282609.global.r2.siteimproveanalytics.io/	34 B 479 B	162ms 23ms	Image image/gif	35.156.88.115 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://6282609.global.r2.siteimproveanalytics.io/image.aspx?url=https%3A%2F%2Fwww.hhs.gov%2Fsites%2Fdefault%2Ffiles%2F2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf&title=Page%20Not%20Found%20%7C%20HHS.gov&res=1600x1200&accountid=6282609&rt=1041&prev=0a1eff42-2c73-42ed-7790-ba323b56cb57&luid=4a56ee38-ee5b-eb22-8016-b33cec47b2df&dnt=true&rnd=45383 Requested by Host: www.hhs.gov URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.156.88.115 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-156-88-115.eu-central-1.compute.amazonaws.com Software / Resource Hash 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8 Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers content-type image/gif date Wed, 06 Dec 2023 09:23:23 GMT cache-control max-age=0 content-length 34 expires Wed, 06 Dec 2023 09:23:23 UTC
POST H2	204	collect region1.google-analytics.com/g/	0 45 B	29ms 28ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-CSLL4ZEK4L&gtm=45je3bt0v9131934939&_p=1701854603034&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&ir=0&cid=417974232.1701854603&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dl=https%3A%2F%2Fwww.hhs.gov%2Fvpv404%2Fsites%2Fdefault%2Ffiles%2F2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf&sid=1701854603&sct=1&seg=0&dt=Page%20Not%20Found%20%7C%20HHS.gov&en=page_view&_fv=1&_ss=1&_ee=1&ep.agency=HHS&ep.subagency=ASPA&ep.site_topic=health&ep.site_platform=drupal%2010%20&ep.script_source=https%3A%2F%2Fdap.digitalgov.gov%2Funiversal-federated-analytics-min.js&ep.version=20230920%20v6.8%20-%20dual%20tracking&ep.protocol=https%3A&tfd=1065 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-CSLL4ZEK4L Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers pragma no-cache date Wed, 06 Dec 2023 09:23:23 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.hhs.gov cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	9df44f40c781bed54449cd8b7788ab5b.js Show response script.crazyegg.com/pages/versioned/common-scripts/	95 KB 31 KB	28ms 28ms	Script text/javascript	2606:4700::6813:9408 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.crazyegg.com/pages/versioned/common-scripts/9df44f40c781bed54449cd8b7788ab5b.js Requested by Host: script.crazyegg.com URL: https://script.crazyegg.com/pages/scripts/0005/7360.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6f167fb91dda50241e3efeb657237e636519103b823204f7f127701bf20c8ecf Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 06 Dec 2023 09:23:23 GMT content-encoding gzip cf-cache-status HIT last-modified Fri, 01 Dec 2023 10:29:22 GMT server cloudflare age 397496 vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000, s-maxage=31536000 accept-ranges bytes timing-allow-origin * cf-ray 83137847ebdd3639-FRA content-length 31878
POST H2	200	publisher:getClientId Show response ampcid.google.de/v1/	3 B 366 B	85ms 27ms	XHR application/json	2a00:1450:4001:81c::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.hhs.gov/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Content-Type text/plain Response headers date Wed, 06 Dec 2023 09:23:23 GMT content-encoding gzip x-content-type-options nosniff server ESF vary Origin, X-Origin, Referer x-frame-options SAMEORIGIN content-type application/json; charset=UTF-8 access-control-allow-origin https://www.hhs.gov access-control-expose-headers vary,vary,vary,content-encoding,date,server,content-length cache-control private access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 23 x-xss-protection 0
GET H2	200	www-widgetapi.js Show response www.youtube.com/s/player/31e0b6d9/www-widgetapi.vflset/	215 KB 67 KB	20ms 19ms	Script text/javascript	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/31e0b6d9/www-widgetapi.vflset/www-widgetapi.js Requested by Host: www.youtube.com URL: https://www.youtube.com/iframe_api Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8f7d6f6139d786232c30733c242672145a2ed59e41423520f4dc4dc611e2bd8c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 06 Dec 2023 08:53:15 GMT content-encoding br x-content-type-options nosniff age 1808 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 68329 x-xss-protection 0 last-modified Thu, 30 Nov 2023 03:10:29 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Thu, 05 Dec 2024 08:53:15 GMT
GET H2	200	www.hhs.gov.json Show response script.crazyegg.com/pages/data-scripts/0005/7360/sampling/	146 B 233 B	32ms 31ms	XHR application/json	2606:4700::6813:9408 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.crazyegg.com/pages/data-scripts/0005/7360/sampling/www.hhs.gov.json?t=472737 Requested by Host: script.crazyegg.com URL: https://script.crazyegg.com/pages/versioned/common-scripts/9df44f40c781bed54449cd8b7788ab5b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 27ccd9cb21fc97838c6c3fc9e698bda56dfab20b4c18e15de9c0bc81d24b7846 Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 06 Dec 2023 09:23:23 GMT content-encoding gzip cf-cache-status HIT age 23034 ce-version 11.5.153 content-length 141 last-modified Wed, 06 Dec 2023 02:59:29 GMT server cloudflare vary Accept-Encoding content-type application/json access-control-allow-origin * access-control-expose-headers CE-Version cache-control public, max-age=300, s-maxage=1209600 accept-ranges bytes timing-allow-origin * cf-ray 831378483a734d54-FRA
GET H2	200	healthcheck Show response pagestates-tracking.crazyegg.com/	19 B 463 B	117ms 18ms	XHR application/json	13.32.27.24 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://pagestates-tracking.crazyegg.com/healthcheck Requested by Host: script.crazyegg.com URL: https://script.crazyegg.com/pages/versioned/common-scripts/9df44f40c781bed54449cd8b7788ab5b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.24 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-24.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375 Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 20 Sep 2023 01:43:28 GMT via 1.1 6c7a5d26be7fb35284e54d321f16b6f6.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-C2 age 6680396 x-cache Hit from cloudfront content-length 19 last-modified Fri, 08 Jul 2022 22:25:51 GMT server AmazonS3 etag "d06f04fccf68d0b228a5923187ce1afd" access-control-max-age 31536000 access-control-allow-methods GET, HEAD content-type application/json access-control-allow-origin * access-control-expose-headers Access-Control-Allow-Origin accept-ranges bytes x-amz-cf-id 4BnCek1Ez7KJ2rwQXufSRvt86cBrp3DEHIS-_UcgVYLfXQij0YZvYw==
GET H2	200	healthcheck Show response assets-tracking.crazyegg.com/	19 B 462 B	80ms 21ms	XHR application/json	18.66.122.72 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets-tracking.crazyegg.com/healthcheck Requested by Host: script.crazyegg.com URL: https://script.crazyegg.com/pages/versioned/common-scripts/9df44f40c781bed54449cd8b7788ab5b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.122.72 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-122-72.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375 Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sat, 19 Aug 2023 04:00:49 GMT via 1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P2 age 9436955 x-cache Hit from cloudfront content-length 19 last-modified Fri, 08 Jul 2022 22:25:51 GMT server AmazonS3 etag "d06f04fccf68d0b228a5923187ce1afd" access-control-max-age 31536000 access-control-allow-methods GET, HEAD content-type application/json access-control-allow-origin * access-control-expose-headers Access-Control-Allow-Origin accept-ranges bytes x-amz-cf-id H6z_Ia4Ba4HXzMjNoaxSFszM1GVqvhq1R_zLsbq5Fv4XtjL270J2qQ==
GET BLOB	200 OK	c5a5cd3c-a2a2-4a77-ac73-f1baf9c7c6f5 https://www.hhs.gov/	45 B 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://www.hhs.gov/c5a5cd3c-a2a2-4a77-ac73-f1baf9c7c6f5 Requested by Host: www.hhs.gov URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Content-Length 45 Content-Type text/javascript
POST H3	200	collect Show response www.google-analytics.com/j/	3 B 23 B	27ms 27ms	XHR text/plain	2a00:1450:4001:82a::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=467132498&t=pageview&_s=1&dl=https%3A%2F%2Fwww.hhs.gov%2Fsites%2Fdefault%2Ffiles%2F2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf&ul=en-us&de=UTF-8&dt=Page%20Not%20Found%20%7C%20HHS.gov&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAgUAjAAQCACAEKC~&jid=1208084468&gjid=383658461&cid=417974232.1701854603&tid=UA-36351725-1&_gid=915049938.1701854604&_slc=1&gtm=45He3bt0n51JLFRv548905&cg1=drupal%2010%20&cg2=%3C200&cg3=Not%20Found&cg4=aspa&cg5=dcd&cd2=dcd&cd3=content%20creator%20missing&cd4=Not%20Found&cd5=drupal%2010%20&cd6=Not%20Found&cd7=Not%20Found&cd8=aspa&cd10=Not%20Found&cd12=1701854603251.iw9bnr2n&cd13=2023-12-06T10%3A23%3A23.251%2B01%3A00&cd16=Not%20Found&cd18=&cd20=not%20set&cm1=0&cm2=0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cd11=417974232.1701854603&z=885656803 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.hhs.gov/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 06 Dec 2023 09:23:23 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.hhs.gov cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	200	collect Show response stats.g.doubleclick.net/j/	4 B 25 B	28ms 27ms	XHR text/plain	2a00:1450:400c:c00::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-36351725-1&cid=417974232.1701854603&jid=1208084468&gjid=383658461&_gid=915049938.1701854604&_u=aCDAgUAjAAQCAGAEKC~&z=1566871303 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.hhs.gov/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Wed, 06 Dec 2023 09:23:23 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.hhs.gov cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	15 B 35 B	30ms 30ms	XHR text/plain	2a00:1450:4001:82a::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=467132498&t=pageview&_s=1&dl=https%3A%2F%2Fwww.hhs.gov%2Fsites%2Fdefault%2Ffiles%2F2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf&ul=en-us&de=UTF-8&dt=Page%20Not%20Found%20%7C%20HHS.gov&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAgUAjAAQCAGAEKC~&jid=682847847&gjid=1113234803&cid=417974232.1701854603&tid=UA-36351725-10&_gid=915049938.1701854604&_slc=1&gtm=45He3bt0n51JLFRv548905&cg1=drupal%2010%20&cg2=%3C200&cg3=Not%20Found&cg4=missing%20template%20group&cd2=dcd&cd3=content%20creator%20missing&cd4=Not%20Found&cd5=drupal%2010%20&cd6=Not%20Found&cd7=Not%20Found&cd8=aspa&cd10=Not%20Found&cd12=1701854603258.qaiy8jr8&cd13=2023-12-06T10%3A23%3A23.258%2B01%3A00&cd15=inactive&cd16=Not%20Found&cd18=inactive&cm1=0&cm2=0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cd11=417974232.1701854603&cd9=content%20id%20missing&cm3=0&z=1747309485 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 3449c73f3a33af4a715a8e105abdd6b7cb8c2d647214012a869963f746f97a4e Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.hhs.gov/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 06 Dec 2023 09:23:23 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.hhs.gov cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	200	collect Show response stats.g.doubleclick.net/j/	4 B 25 B	27ms 27ms	XHR text/plain	2a00:1450:400c:c00::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-36351725-10&cid=417974232.1701854603&jid=682847847&gjid=1113234803&_gid=915049938.1701854604&_u=aCDAgUAjAAQCAGAEKC~&z=762871439 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.hhs.gov/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Wed, 06 Dec 2023 09:23:23 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.hhs.gov cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	3 B 23 B	30ms 30ms	XHR text/plain	2a00:1450:4001:82a::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=467132498&t=pageview&_s=1&dl=https%3A%2F%2Fwww.hhs.gov%2Fsites%2Fdefault%2Ffiles%2F2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf&dp=%2Fvpv404%2Fsites%2Fdefault%2Ffiles%2F2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf&ul=en-us&de=UTF-8&dt=Page%20Not%20Found%20%7C%20HHS.gov&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAAUAjAAQCAGAEqC~&jid=1474941276&gjid=1538370736&cid=417974232.1701854603&tid=UA-33523145-1&_gid=915049938.1701854604&_r=1&_slc=1&cd2=ASPA&cd3=20230920%20v6.8%20-%20Dual%20Tracking&cd4=health&cd5=drupal%2010%20&cd6=https%3A%2F%2Fdap.digitalgov.gov%2FUniversal-Federated-Analytics-Min.js&cd7=https%3A&cd1=HHS&z=594086423 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.hhs.gov/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 06 Dec 2023 09:23:23 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.hhs.gov cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	16 B 36 B	31ms 31ms	XHR text/plain	2a00:1450:4001:82a::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=467132498&t=pageview&_s=1&dl=https%3A%2F%2Fwww.hhs.gov%2Fsites%2Fdefault%2Ffiles%2F2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf&dp=%2Fvpv404%2Fsites%2Fdefault%2Ffiles%2F2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf&ul=en-us&de=UTF-8&dt=Page%20Not%20Found%20%7C%20HHS.gov&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAAUAjAAQCAGAEqC~&jid=2027737374&gjid=310068362&cid=417974232.1701854603&tid=UA-36351725-9&_gid=915049938.1701854604&_r=1&_slc=1&cd2=ASPA&cd3=20230920%20v6.8%20-%20Dual%20Tracking&cd5=drupal%2010%20&cd6=https%3A%2F%2Fdap.digitalgov.gov%2FUniversal-Federated-Analytics-Min.js&cd7=https%3A&cd1=HHS&z=11986479 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 1d6b3a89a9c4df246ed4693d197488a27393889a5951434c9c425a23563dbe22 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.hhs.gov/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 06 Dec 2023 09:23:23 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.hhs.gov cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 107 B	105ms 46ms	Image image/gif	2a00:1450:4001:829::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-36351725-1&cid=417974232.1701854603&jid=1208084468&_u=aCDAgUAjAAQCAGAEKC~&z=1069502952 Requested by Host: www.hhs.gov URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers pragma no-cache date Wed, 06 Dec 2023 09:23:23 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 107 B	52ms 46ms	Image image/gif	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-36351725-1&cid=417974232.1701854603&jid=1208084468&_u=aCDAgUAjAAQCAGAEKC~&z=1069502952 Requested by Host: www.hhs.gov URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers pragma no-cache date Wed, 06 Dec 2023 09:23:23 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 107 B	104ms 47ms	Image image/gif	2a00:1450:4001:829::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-36351725-10&cid=417974232.1701854603&jid=682847847&_u=aCDAgUAjAAQCAGAEKC~&z=1423346039 Requested by Host: www.hhs.gov URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers pragma no-cache date Wed, 06 Dec 2023 09:23:23 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 107 B	51ms 47ms	Image image/gif	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-36351725-10&cid=417974232.1701854603&jid=682847847&_u=aCDAgUAjAAQCAGAEKC~&z=1423346039 Requested by Host: www.hhs.gov URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers pragma no-cache date Wed, 06 Dec 2023 09:23:23 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	243 KB 85 KB	40ms 39ms	Script application/javascript	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-DSR8G6T9HL&cx=c&_slc=1 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash e12bcbdf5b2f6d466c0e4deaa826e20510b3cd3f31e0ad9baecc48b695cb8f2d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 06 Dec 2023 09:23:23 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 86580 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Wed, 06 Dec 2023 09:23:23 GMT
POST H3	200	collect Show response stats.g.doubleclick.net/j/	4 B 25 B	27ms 27ms	XHR text/plain	2a00:1450:400c:c00::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-36351725-9&cid=417974232.1701854603&jid=2027737374&gjid=310068362&_gid=915049938.1701854604&_u=aCDAAUAjAAQCAGAEqC~&z=995395235 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.hhs.gov/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Wed, 06 Dec 2023 09:23:23 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.hhs.gov cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	231 KB 82 KB	32ms 31ms	Script application/javascript	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-17XWNPZDWQ&cx=c&_slc=1 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 1d8c290541b2ff92497033ee9fdbd3b47654e8b2c4abc056f5b591af2bc0f0e6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 06 Dec 2023 09:23:23 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 83779 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Wed, 06 Dec 2023 09:23:23 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 408 B	66ms 43ms	Image image/gif	2a00:1450:4001:829::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-36351725-9&cid=417974232.1701854603&jid=2027737374&_u=aCDAAUAjAAQCAGAEqC~&z=619020315 Requested by Host: www.hhs.gov URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers pragma no-cache date Wed, 06 Dec 2023 09:23:23 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 107 B	44ms 43ms	Image image/gif	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-36351725-9&cid=417974232.1701854603&jid=2027737374&_u=aCDAAUAjAAQCAGAEqC~&z=619020315 Requested by Host: www.hhs.gov URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers pragma no-cache date Wed, 06 Dec 2023 09:23:23 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	collect region1.analytics.google.com/g/	0 17 B	28ms 28ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-17XWNPZDWQ&gtm=45je3bt0v9125774759&_p=1701854603034&_gaz=1&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=417974232.1701854603&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Fwww.hhs.gov%2Fsites%2Fdefault%2Ffiles%2F2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf&dp=%2Fvpv404%2Fsites%2Fdefault%2Ffiles%2F2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf&dt=Page%20Not%20Found%20%7C%20HHS.gov&sid=1701854603&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.ua_dimension_2=ASPA&ep.ua_dimension_3=20230920%20v6.8%20-%20Dual%20Tracking&ep.ua_dimension_5=drupal%2010%20&ep.ua_dimension_6=https%3A%2F%2Fdap.digitalgov.gov%2FUniversal-Federated-Analytics-Min.js&ep.ua_dimension_7=https%3A&ep.ua_dimension_1=HHS&tfd=1290 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-17XWNPZDWQ&cx=c&_slc=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers pragma no-cache date Wed, 06 Dec 2023 09:23:23 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.hhs.gov cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	collect stats.g.doubleclick.net/g/	0 17 B	27ms 27ms	Ping text/plain	2a00:1450:400c:c00::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-17XWNPZDWQ&cid=417974232.1701854603&gtm=45je3bt0v9125774759&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-17XWNPZDWQ&cx=c&_slc=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers pragma no-cache date Wed, 06 Dec 2023 09:23:23 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.hhs.gov cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ga-audiences www.google.de/ads/	42 B 63 B	44ms 44ms	Image image/gif	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-17XWNPZDWQ&cid=417974232.1701854603&gtm=45je3bt0v9125774759&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2&z=1573494014 Requested by Host: www.hhs.gov URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers pragma no-cache date Wed, 06 Dec 2023 09:23:23 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	clock Show response tracking.crazyegg.com/	31 B 138 B	164ms 61ms	XHR text/plain	54.220.211.176 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tracking.crazyegg.com/clock?t=1701854603719&tk=6a13f753843cab099ad515b63b57cf54&s=1944&p=%2Fsites%2Fdefault%2Ffiles%2F2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf&u=57360&v=8326b4ecb6832d13f044906697469c9a24420cf1&f=hhs.gov%2Fsites%2Fdefault%2Ffiles%2F*&ul=https%3A%2F%2Fwww.hhs.gov%2Fsites%2Fdefault%2Ffiles%2F2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf Requested by Host: script.crazyegg.com URL: https://script.crazyegg.com/pages/versioned/common-scripts/9df44f40c781bed54449cd8b7788ab5b.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.220.211.176 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-220-211-176.eu-west-1.compute.amazonaws.com Software awselb/2.0 / Resource Hash 831a47b98e1f342c3bd11b3fd08d6499b273f988061ff997ae69dc458d2854cd Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers access-control-allow-origin * date Wed, 06 Dec 2023 09:23:23 GMT cache-control no-store server awselb/2.0 content-length 31 content-type text/plain
POST H3	204	collect region1.analytics.google.com/g/	0 17 B	26ms 26ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-DSR8G6T9HL&gtm=45je3bt0v9125584048&_p=1701854603034&_gaz=1&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=417974232.1701854603&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.hhs.gov%2Fsites%2Fdefault%2Ffiles%2F2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf&dt=Page%20Not%20Found%20%7C%20HHS.gov&sid=1701854603&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.ua_content_group_1=drupal%2010%20&ep.ua_content_group_2=%3C200&ep.ua_content_group_3=Not%20Found&ep.ua_content_group_4=missing%20template%20group&ep.ua_dimension_2=dcd&ep.ua_dimension_3=content%20creator%20missing&ep.ua_dimension_4=Not%20Found&ep.ua_dimension_5=drupal%2010%20&ep.ua_dimension_6=Not%20Found&ep.ua_dimension_7=Not%20Found&ep.ua_dimension_8=aspa&ep.ua_dimension_10=Not%20Found&ep.ua_dimension_12=1701854603258.qaiy8jr8&ep.ua_dimension_13=2023-12-06T10%3A23%3A23.258%2B01%3A00&ep.ua_dimension_15=inactive&ep.ua_dimension_16=Not%20Found&ep.ua_dimension_18=inactive&ep.ua_metric_1=0&ep.ua_metric_2=0&ep.ua_dimension_11=417974232.1701854603&ep.ua_dimension_9=content%20id%20missing&ep.ua_metric_3=0&tfd=1310 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-DSR8G6T9HL&cx=c&_slc=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers pragma no-cache date Wed, 06 Dec 2023 09:23:23 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.hhs.gov cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	collect stats.g.doubleclick.net/g/	0 17 B	27ms 26ms	Ping text/plain	2a00:1450:400c:c00::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-DSR8G6T9HL&cid=417974232.1701854603&gtm=45je3bt0v9125584048&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-DSR8G6T9HL&cx=c&_slc=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers pragma no-cache date Wed, 06 Dec 2023 09:23:23 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.hhs.gov cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ga-audiences www.google.de/ads/	42 B 63 B	44ms 44ms	Image image/gif	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-DSR8G6T9HL&cid=417974232.1701854603&gtm=45je3bt0v9125584048&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2&z=1298935637 Requested by Host: www.hhs.gov URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers pragma no-cache date Wed, 06 Dec 2023 09:23:23 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	sayt.css search.usa.gov/assets/	11 KB 3 KB	319ms 318ms	Stylesheet text/css	2600:9000:20ab:f000:a:4fc7:79c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://search.usa.gov/assets/sayt.css Requested by Host: search.usa.gov URL: https://search.usa.gov/javascripts/remote.loader.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20ab:f000:a:4fc7:79c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache / Resource Hash 534077bc4d6d705981e9e1fa6dd42f01ae3fbc20136060814214098d3754b542 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 06 Dec 2023 09:23:24 GMT content-encoding gzip via 1.1 proxy2.us-east-1.prod.infr.search.usa.gov:8443, 1.1 3201e5fb77f9faaa881f4f324226564a.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubdomains; preload x-amz-cf-pop AMS58-P3 x-cache Miss from cloudfront content-length 2749 last-modified Tue, 21 Nov 2023 21:05:45 GMT server Apache vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes x-amz-cf-id ASOe09MrG0L_7BfAzhoTUAEiW1EMVBTxQXsE-QHuzMsXAS0inZ8WpQ== expires Wed, 06 Dec 2023 10:23:24 GMT
GET H2	200	sayt_loader_libs.js Show response search.usa.gov/assets/	125 KB 42 KB	416ms 416ms	Script application/javascript	2600:9000:20ab:f000:a:4fc7:79c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://search.usa.gov/assets/sayt_loader_libs.js Requested by Host: search.usa.gov URL: https://search.usa.gov/javascripts/remote.loader.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20ab:f000:a:4fc7:79c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache / Resource Hash 2750954dc9e8dd41f39fc3f3f4ae6d5cd453b285502b876f3ce89c16010952b0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 06 Dec 2023 09:23:24 GMT content-encoding gzip via 1.1 proxy1.us-east-1.prod.infr.search.usa.gov:8443, 1.1 3201e5fb77f9faaa881f4f324226564a.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubdomains; preload x-amz-cf-pop AMS58-P3 x-cache Miss from cloudfront content-length 42228 last-modified Tue, 21 Nov 2023 20:58:42 GMT server Apache vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes x-amz-cf-id VYpAh8gqHxXz27mvAjxtO3pscwpD8DKgb-JtHa9bVyfppQrs2Q3uuA== expires Wed, 06 Dec 2023 10:23:24 GMT
GET BLOB	200 OK	714b43a5-a34c-4839-a059-6dc76d3911f5 https://www.hhs.gov/	241 B 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://www.hhs.gov/714b43a5-a34c-4839-a059-6dc76d3911f5 Requested by Host: www.hhs.gov URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash aefdf31931594229896ca362daf058be2dc6d0fa7ee98e08cb0825440b9005d5 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Content-Length 241 Content-Type text/javascript
GET H2	200	/ Show response zn8nyvgbt59q9merx-hhsgovfedramp.gov1.siteintercept.qualtrics.com/SIE/	9 KB 4 KB	176ms 38ms	Script application/javascript	88.221.125.111 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://zn8nyvgbt59q9merx-hhsgovfedramp.gov1.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_8nYVgbT59q9mErX Requested by Host: www.hhs.gov URL: https://www.hhs.gov/sites/default/files/2023oct12-noescape-ransomware-analyst-note-tlpclear.pdf Protocol H2 Security TLS 1.3, , AES_256_GCM Server 88.221.125.111 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a88-221-125-111.deploy.static.akamaitechnologies.com Software / Resource Hash 70e44f33480da7c02fb2da2a85faaba9fece4639a9d7abde788891d24e599830 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 06 Dec 2023 09:23:24 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload content-security-policy-report-only frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://gov1.qualtrics.com/csp-report cache-tag cloudjs-orchestratormain, cloudjs-all-modules, cloudjs-orchestrator-brand-hhsgovfedramp, cloudjs-orchestrator-numbered-8 content-length 3951 referrer-policy strict-origin-when-cross-origin etag W/"23c6-n49h9Yc9eSqlgTj+xRwJI7xgqng" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=3600, s-maxage=604800 permissions-policy camera=(), geolocation=(), microphone=() timing-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept
GET H2	200	12.20b1d36d36c1dfbe70fa.chunk.js Show response gov1.siteintercept.qualtrics.com/dxjsmodule/	71 KB 21 KB	56ms 38ms	Script application/javascript	88.221.125.111 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://gov1.siteintercept.qualtrics.com/dxjsmodule/12.20b1d36d36c1dfbe70fa.chunk.js?Q_CLIENTVERSION=1.103.0&Q_CLIENTTYPE=web&Q_BRANDID=www.hhs.gov Requested by Host: zn8nyvgbt59q9merx-hhsgovfedramp.gov1.siteintercept.qualtrics.com URL: https://zn8nyvgbt59q9merx-hhsgovfedramp.gov1.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_8nYVgbT59q9mErX Protocol H2 Security TLS 1.3, , AES_256_GCM Server 88.221.125.111 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a88-221-125-111.deploy.static.akamaitechnologies.com Software / Resource Hash a5e2d83a440947306e4fab83c72c738d85f85747ea012e1b8a2a658d64cf7eed Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 06 Dec 2023 09:23:24 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload content-security-policy-report-only frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://gov1.qualtrics.com/csp-report cache-tag cloudjs-12.20b1d36d36c1dfbe70fa.chunk, cloudjs-js-modules, cloudjs-all-modules content-length 20737 referrer-policy strict-origin-when-cross-origin last-modified Wed, 08 Nov 2023 02:23:30 GMT etag W/"11ceb-18bacbdecd0" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=490321, s-maxage=604800 permissions-policy camera=(), geolocation=(), microphone=() accept-ranges bytes timing-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept
POST H2	200	Targeting.php Show response gov1.siteintercept.qualtrics.com/WRSiteInterceptEngine/	9 KB 2 KB	256ms 256ms	XHR application/json	88.221.125.111 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://gov1.siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_8nYVgbT59q9mErX&Q_CLIENTVERSION=1.103.0&Q_CLIENTTYPE=web Requested by Host: gov1.siteintercept.qualtrics.com URL: https://gov1.siteintercept.qualtrics.com/dxjsmodule/12.20b1d36d36c1dfbe70fa.chunk.js?Q_CLIENTVERSION=1.103.0&Q_CLIENTTYPE=web&Q_BRANDID=www.hhs.gov Protocol H2 Security TLS 1.3, , AES_256_GCM Server 88.221.125.111 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a88-221-125-111.deploy.static.akamaitechnologies.com Software / Resource Hash b4d35f7fa86eca8dc4e7aeb3e6dc325bd6ac91e2f12cdde0191312470b6de14e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.hhs.gov/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Wed, 06 Dec 2023 09:23:24 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload content-security-policy-report-only frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://gov1.qualtrics.com/csp-report content-length 1783 pragma no-cache referrer-policy strict-origin-when-cross-origin vary Accept-Encoding content-type application/json access-control-allow-origin https://www.hhs.gov cache-control max-age=0, no-cache, no-store access-control-allow-credentials true permissions-policy camera=(), geolocation=(), microphone=() trace-id 0e330f7ca556ea82 timing-allow-origin * expires Wed, 06 Dec 2023 09:23:24 GMT
GET H2	200	CoreModule.js Show response gov1.siteintercept.qualtrics.com/dxjsmodule/	100 KB 29 KB	39ms 39ms	Script application/javascript	88.221.125.111 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://gov1.siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.103.0&Q_CLIENTTYPE=web&Q_BRANDID=hhsgovfedramp Requested by Host: gov1.siteintercept.qualtrics.com URL: https://gov1.siteintercept.qualtrics.com/dxjsmodule/12.20b1d36d36c1dfbe70fa.chunk.js?Q_CLIENTVERSION=1.103.0&Q_CLIENTTYPE=web&Q_BRANDID=www.hhs.gov Protocol H2 Security TLS 1.3, , AES_256_GCM Server 88.221.125.111 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a88-221-125-111.deploy.static.akamaitechnologies.com Software / Resource Hash 9696482e24774a22696b15fbeca3900761e761c1b84952d6881b5885223beece Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 06 Dec 2023 09:23:24 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload content-security-policy-report-only frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://gov1.qualtrics.com/csp-report cache-tag cloudjs-coremodule, cloudjs-js-modules, cloudjs-all-modules content-length 29596 referrer-policy strict-origin-when-cross-origin last-modified Wed, 08 Nov 2023 02:23:30 GMT etag W/"190ae-18bacbdecd0" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=490452, s-maxage=604800 permissions-policy camera=(), geolocation=(), microphone=() accept-ranges bytes timing-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept
GET H2	200	7.61eadfb61701cbba3995.chunk.js Show response gov1.siteintercept.qualtrics.com/dxjsmodule/	3 KB 2 KB	38ms 38ms	Script application/javascript	88.221.125.111 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://gov1.siteintercept.qualtrics.com/dxjsmodule/7.61eadfb61701cbba3995.chunk.js?Q_CLIENTVERSION=1.103.0&Q_CLIENTTYPE=web&Q_BRANDID=hhsgovfedramp Requested by Host: zn8nyvgbt59q9merx-hhsgovfedramp.gov1.siteintercept.qualtrics.com URL: https://zn8nyvgbt59q9merx-hhsgovfedramp.gov1.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_8nYVgbT59q9mErX Protocol H2 Security TLS 1.3, , AES_256_GCM Server 88.221.125.111 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a88-221-125-111.deploy.static.akamaitechnologies.com Software / Resource Hash 7639624ffd821016da0f85fdb1024759ff9ab3481e13ceedc12f72590afec13f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 06 Dec 2023 09:23:24 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload content-security-policy-report-only frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://gov1.qualtrics.com/csp-report cache-tag cloudjs-7.61eadfb61701cbba3995.chunk, cloudjs-js-modules, cloudjs-all-modules content-length 1353 referrer-policy strict-origin-when-cross-origin last-modified Wed, 08 Nov 2023 02:23:30 GMT etag W/"b58-18bacbdecd0" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=490353, s-maxage=604800 permissions-policy camera=(), geolocation=(), microphone=() accept-ranges bytes timing-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept
GET H2	200	1.b6ed8c4fe4b3f457815a.chunk.js Show response gov1.siteintercept.qualtrics.com/dxjsmodule/	29 KB 7 KB	50ms 50ms	Script application/javascript	88.221.125.111 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://gov1.siteintercept.qualtrics.com/dxjsmodule/1.b6ed8c4fe4b3f457815a.chunk.js?Q_CLIENTVERSION=1.103.0&Q_CLIENTTYPE=web&Q_BRANDID=hhsgovfedramp Requested by Host: zn8nyvgbt59q9merx-hhsgovfedramp.gov1.siteintercept.qualtrics.com URL: https://zn8nyvgbt59q9merx-hhsgovfedramp.gov1.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_8nYVgbT59q9mErX Protocol H2 Security TLS 1.3, , AES_256_GCM Server 88.221.125.111 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a88-221-125-111.deploy.static.akamaitechnologies.com Software / Resource Hash a1892229e375dac0b869a17315a067c7e9aaea3eeb64a01e05182a97aa07601e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 06 Dec 2023 09:23:24 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload content-security-policy-report-only frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://gov1.qualtrics.com/csp-report cache-tag cloudjs-1.b6ed8c4fe4b3f457815a.chunk, cloudjs-js-modules, cloudjs-all-modules content-length 6556 referrer-policy strict-origin-when-cross-origin last-modified Wed, 08 Nov 2023 02:23:30 GMT etag W/"72da-18bacbdecd0" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=490299, s-maxage=604800 permissions-policy camera=(), geolocation=(), microphone=() accept-ranges bytes timing-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept
GET H2	200	EmbeddedTargetModule.js Show response gov1.siteintercept.qualtrics.com/dxjsmodule/	8 KB 4 KB	43ms 43ms	Script application/javascript	88.221.125.111 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://gov1.siteintercept.qualtrics.com/dxjsmodule/EmbeddedTargetModule.js?Q_CLIENTVERSION=1.103.0&Q_CLIENTTYPE=web&Q_BRANDID=hhsgovfedramp Requested by Host: gov1.siteintercept.qualtrics.com URL: https://gov1.siteintercept.qualtrics.com/dxjsmodule/12.20b1d36d36c1dfbe70fa.chunk.js?Q_CLIENTVERSION=1.103.0&Q_CLIENTTYPE=web&Q_BRANDID=www.hhs.gov Protocol H2 Security TLS 1.3, , AES_256_GCM Server 88.221.125.111 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a88-221-125-111.deploy.static.akamaitechnologies.com Software / Resource Hash b770226155deb025ac17551fc902efb6dbfa368f8c3badec1e82b6eba79dc79d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 06 Dec 2023 09:23:24 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload content-security-policy-report-only frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://gov1.qualtrics.com/csp-report cache-tag cloudjs-embeddedtargetmodule, cloudjs-js-modules, cloudjs-all-modules content-length 2980 referrer-policy strict-origin-when-cross-origin last-modified Wed, 08 Nov 2023 02:23:30 GMT etag W/"2112-18bacbdecd0" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=496105, s-maxage=604800 permissions-policy camera=(), geolocation=(), microphone=() accept-ranges bytes timing-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept
GET H2	200	SliderModule.js Show response gov1.siteintercept.qualtrics.com/dxjsmodule/	14 KB 5 KB	45ms 45ms	Script application/javascript	88.221.125.111 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://gov1.siteintercept.qualtrics.com/dxjsmodule/SliderModule.js?Q_CLIENTVERSION=1.103.0&Q_CLIENTTYPE=web&Q_BRANDID=hhsgovfedramp Requested by Host: gov1.siteintercept.qualtrics.com URL: https://gov1.siteintercept.qualtrics.com/dxjsmodule/12.20b1d36d36c1dfbe70fa.chunk.js?Q_CLIENTVERSION=1.103.0&Q_CLIENTTYPE=web&Q_BRANDID=www.hhs.gov Protocol H2 Security TLS 1.3, , AES_256_GCM Server 88.221.125.111 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a88-221-125-111.deploy.static.akamaitechnologies.com Software / Resource Hash d0fd5e9614e48faf797ef0acab111f2a44b8ba4c906545e1e4609bb61ea14ce5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 06 Dec 2023 09:23:24 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload content-security-policy-report-only frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://gov1.qualtrics.com/csp-report cache-tag cloudjs-slidermodule, cloudjs-js-modules, cloudjs-all-modules content-length 4307 referrer-policy strict-origin-when-cross-origin last-modified Wed, 08 Nov 2023 02:23:30 GMT etag W/"391b-18bacbdecd0" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=496423, s-maxage=604800 permissions-policy camera=(), geolocation=(), microphone=() accept-ranges bytes timing-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept
GET H2	200	UserDefinedHTMLModule.js Show response gov1.siteintercept.qualtrics.com/dxjsmodule/	8 KB 3 KB	47ms 47ms	Script application/javascript	88.221.125.111 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://gov1.siteintercept.qualtrics.com/dxjsmodule/UserDefinedHTMLModule.js?Q_CLIENTVERSION=1.103.0&Q_CLIENTTYPE=web&Q_BRANDID=hhsgovfedramp Requested by Host: gov1.siteintercept.qualtrics.com URL: https://gov1.siteintercept.qualtrics.com/dxjsmodule/12.20b1d36d36c1dfbe70fa.chunk.js?Q_CLIENTVERSION=1.103.0&Q_CLIENTTYPE=web&Q_BRANDID=www.hhs.gov Protocol H2 Security TLS 1.3, , AES_256_GCM Server 88.221.125.111 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a88-221-125-111.deploy.static.akamaitechnologies.com Software / Resource Hash 7b579054bee877c2d4ccba400e824b88203b2eba49fedc7f8d3908953be32709 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 06 Dec 2023 09:23:24 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload content-security-policy-report-only frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://gov1.qualtrics.com/csp-report cache-tag cloudjs-userdefinedhtmlmodule, cloudjs-js-modules, cloudjs-all-modules content-length 2543 referrer-policy strict-origin-when-cross-origin last-modified Wed, 08 Nov 2023 02:23:30 GMT etag W/"1e4f-18bacbdecd0" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=492371, s-maxage=604800 permissions-policy camera=(), geolocation=(), microphone=() accept-ranges bytes timing-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept
GET H2	200	Asset.php Show response gov1.siteintercept.qualtrics.com/WRSiteInterceptEngine/	4 KB 2 KB	136ms 39ms	XHR application/json	88.221.125.111 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://gov1.siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_3L4uBkHs5Pyzfca&Version=16&Q_ORIGIN=https://www.hhs.gov&Q_CLIENTVERSION=1.103.0&Q_CLIENTTYPE=web Requested by Host: gov1.siteintercept.qualtrics.com URL: https://gov1.siteintercept.qualtrics.com/dxjsmodule/12.20b1d36d36c1dfbe70fa.chunk.js?Q_CLIENTVERSION=1.103.0&Q_CLIENTTYPE=web&Q_BRANDID=www.hhs.gov Protocol H2 Security TLS 1.3, , AES_256_GCM Server 88.221.125.111 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a88-221-125-111.deploy.static.akamaitechnologies.com Software / Resource Hash a5a0fb21bf60d1b8c26f9348a973ee27f7841af9f1dd0a59925f01efd69479de Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers expires Tue, 12 Dec 2023 01:37:36 GMT date Wed, 06 Dec 2023 09:23:25 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload content-security-policy-report-only frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://gov1.qualtrics.com/csp-report p3p CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE" content-length 1690 referrer-policy strict-origin-when-cross-origin vary Accept-Encoding content-type application/json access-control-allow-origin https://www.hhs.gov cache-control public, max-age=490451, s-maxage=604800 access-control-allow-credentials true permissions-policy camera=(), geolocation=(), microphone=() servershortname
GET H2	200	Asset.php Show response gov1.siteintercept.qualtrics.com/WRSiteInterceptEngine/	3 KB 2 KB	135ms 38ms	XHR application/json	88.221.125.111 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://gov1.siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_5nykLkbdISfLfaS&Version=4&Q_InterceptID=SI_3L4uBkHs5Pyzfca&Q_ORIGIN=https://www.hhs.gov&Q_CLIENTVERSION=1.103.0&Q_CLIENTTYPE=web Requested by Host: gov1.siteintercept.qualtrics.com URL: https://gov1.siteintercept.qualtrics.com/dxjsmodule/12.20b1d36d36c1dfbe70fa.chunk.js?Q_CLIENTVERSION=1.103.0&Q_CLIENTTYPE=web&Q_BRANDID=www.hhs.gov Protocol H2 Security TLS 1.3, , AES_256_GCM Server 88.221.125.111 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a88-221-125-111.deploy.static.akamaitechnologies.com Software / Resource Hash 27f7b28fa4f49691338c20b44797cc401536d17ebddf8fdcdd6ffa1b735e67fc Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers expires Tue, 12 Dec 2023 01:37:36 GMT date Wed, 06 Dec 2023 09:23:25 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload content-security-policy-report-only frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://gov1.qualtrics.com/csp-report p3p CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE" content-length 1021 referrer-policy strict-origin-when-cross-origin vary Accept-Encoding content-type application/json access-control-allow-origin https://www.hhs.gov cache-control public, max-age=490451, s-maxage=604800 access-control-allow-credentials true permissions-policy camera=(), geolocation=(), microphone=() servershortname
GET H2	200	Asset.php Show response gov1.siteintercept.qualtrics.com/WRSiteInterceptEngine/	15 KB 15 KB	138ms 40ms	XHR application/json	88.221.125.111 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://gov1.siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_6hZviM7sWzSbL7L&Version=21&Q_ORIGIN=https://www.hhs.gov&Q_CLIENTVERSION=1.103.0&Q_CLIENTTYPE=web Requested by Host: gov1.siteintercept.qualtrics.com URL: https://gov1.siteintercept.qualtrics.com/dxjsmodule/12.20b1d36d36c1dfbe70fa.chunk.js?Q_CLIENTVERSION=1.103.0&Q_CLIENTTYPE=web&Q_BRANDID=www.hhs.gov Protocol H2 Security TLS 1.3, , AES_256_GCM Server 88.221.125.111 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a88-221-125-111.deploy.static.akamaitechnologies.com Software / Resource Hash e655658ebc25312f9608180b2ac23f2c223b505d18e5b8d778f446217b7a95c8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers servershortname date Wed, 06 Dec 2023 09:23:25 GMT strict-transport-security max-age=31536000; includeSubDomains; preload referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff content-security-policy-report-only frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://gov1.qualtrics.com/csp-report content-type application/json access-control-allow-origin https://www.hhs.gov p3p CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE" cache-control public, max-age=490488, s-maxage=604800 access-control-allow-credentials true permissions-policy camera=(), geolocation=(), microphone=() content-length 14875 expires Tue, 12 Dec 2023 01:38:13 GMT
GET H2	200	Asset.php Show response gov1.siteintercept.qualtrics.com/WRSiteInterceptEngine/	1 KB 1 KB	137ms 40ms	XHR application/json	88.221.125.111 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://gov1.siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_4TxtP6q4iag2LbL&Version=2&Q_InterceptID=SI_6hZviM7sWzSbL7L&Q_ORIGIN=https://www.hhs.gov&Q_CLIENTVERSION=1.103.0&Q_CLIENTTYPE=web Requested by Host: gov1.siteintercept.qualtrics.com URL: https://gov1.siteintercept.qualtrics.com/dxjsmodule/12.20b1d36d36c1dfbe70fa.chunk.js?Q_CLIENTVERSION=1.103.0&Q_CLIENTTYPE=web&Q_BRANDID=www.hhs.gov Protocol H2 Security TLS 1.3, , AES_256_GCM Server 88.221.125.111 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a88-221-125-111.deploy.static.akamaitechnologies.com Software / Resource Hash 8ae912611e89d2e1225779454faa4c3c7a39dea88eaffa62da8b5593dbd65924 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers expires Tue, 12 Dec 2023 01:36:39 GMT date Wed, 06 Dec 2023 09:23:25 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload content-security-policy-report-only frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://gov1.qualtrics.com/csp-report p3p CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE" content-length 665 referrer-policy strict-origin-when-cross-origin vary Accept-Encoding content-type application/json access-control-allow-origin https://www.hhs.gov cache-control public, max-age=490394, s-maxage=604800 access-control-allow-credentials true permissions-policy camera=(), geolocation=(), microphone=() servershortname
POST H2	200	/ Show response gov1.siteintercept.qualtrics.com/WRSiteInterceptEngine/	45 B 539 B	254ms 254ms	XHR text/plain	88.221.125.111 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://gov1.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_Impress=1&Q_CID=CR_4TxtP6q4iag2LbL&Q_SIID=SI_6hZviM7sWzSbL7L&Q_ASID=AS_47292189&Q_CLIENTVERSION=1.103.0&Q_CLIENTTYPE=web&r=1701854605142 Requested by Host: gov1.siteintercept.qualtrics.com URL: https://gov1.siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.103.0&Q_CLIENTTYPE=web&Q_BRANDID=hhsgovfedramp Protocol H2 Security TLS 1.3, , AES_256_GCM Server 88.221.125.111 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a88-221-125-111.deploy.static.akamaitechnologies.com Software / Resource Hash f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.hhs.gov/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers pragma no-cache date Wed, 06 Dec 2023 09:23:25 GMT strict-transport-security max-age=31536000; includeSubDomains; preload referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff content-security-policy-report-only frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://gov1.qualtrics.com/csp-report content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.hhs.gov cache-control max-age=0, no-cache, no-store access-control-allow-credentials true permissions-policy camera=(), geolocation=(), microphone=() trace-id 0a32e4c04c03d7b7 content-length 45 expires Wed, 06 Dec 2023 09:23:25 GMT
GET H2	200	682dc4f97164a28012f56e9148461f906fe25db9_bwc_close.png gov1.siteintercept.qualtrics.com/static/q-siteintercept/.blob/ Redirect Chain https://gov1.siteintercept.qualtrics.com/static/q-siteintercept/~/img/bwc_close.png https://gov1.siteintercept.qualtrics.com/static/q-siteintercept/bf5c7228cc270fd497b4e93d0385f07f2562decd/img/bwc_close.png https://gov1.siteintercept.qualtrics.com/static/q-siteintercept/.blob/682dc4f97164a28012f56e9148461f906fe25db9_bwc_close.png	1 KB 2 KB	37ms 37ms	Image image/png	88.221.125.111 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://gov1.siteintercept.qualtrics.com/static/q-siteintercept/.blob/682dc4f97164a28012f56e9148461f906fe25db9_bwc_close.png Protocol H2 Server 88.221.125.111 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a88-221-125-111.deploy.static.akamaitechnologies.com Software / Resource Hash 4d030b24672b9abf7b1d9ba05ee6f7cd0b74d3137df10043cdb09c35e6ec4f51 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 06 Dec 2023 09:23:25 GMT strict-transport-security max-age=31536000; includeSubDomains; preload referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff static-digest 682dc4f97164a28012f56e9148461f906fe25db9 content-security-policy-report-only frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://gov1.qualtrics.com/csp-report content-type image/png x-transaction-id 531292e6-ffec-4f40-933a-f73bfbab03ce cache-control public, max-age=31421605 permissions-policy camera=(), geolocation=(), microphone=() content-length 1253 x-request-id 81fbeffe-baf3-45fe-9d46-fc60886729c0 Redirect headers date Wed, 06 Dec 2023 09:23:25 GMT strict-transport-security max-age=31536000; includeSubDomains; preload referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff content-security-policy-report-only frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://gov1.qualtrics.com/csp-report content-type text/html; charset=utf-8 location /static/q-siteintercept/.blob/682dc4f97164a28012f56e9148461f906fe25db9_bwc_close.png x-transaction-id 08c6b550-15fa-41e1-9e9f-aeea7e7a95c7 cache-control public, max-age=31496691 permissions-policy camera=(), geolocation=(), microphone=() content-length 119 x-request-id 2aab144a-4f2c-48dd-8177-d2bd54515a80
GET H2	200	Graphic.php gov1.qualtrics.com/WRQualtricsSiteIntercept/	3 KB 5 KB	52ms 43ms	Image image/png	88.221.125.111 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://gov1.qualtrics.com/WRQualtricsSiteIntercept/Graphic.php?IM=IM_egnSxo7k8HuL1o9 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 88.221.125.111 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a88-221-125-111.deploy.static.akamaitechnologies.com Software / Resource Hash 88d85b71cdeddee111568e1c5413783069b0da540ef4799824948f1dc4ebd028 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 06 Dec 2023 09:23:25 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff content-security-policy-report-only frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://gov1.qualtrics.com/csp-report content-disposition inline; filename=Feedback content-length 3349 x-request-id fedf0b78-36da-4788-9596-7fa8eed54250 referrer-policy strict-origin-when-cross-origin etag "4f0828361d146ea7650c980f327c4244" content-type image/png access-control-allow-origin * x-transaction-id 1437f36b-8ade-4b95-91a9-84d9efa326c5 cache-control public, max-age=1 permissions-policy camera=(), geolocation=(), microphone=() x-robots-tag noindex expires Wed, 06 Dec 2023 09:23:26 GMT
POST H2	200	/ Show response gov1.siteintercept.qualtrics.com/WRSiteInterceptEngine/	45 B 540 B	383ms 383ms	XHR text/plain	88.221.125.111 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://gov1.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_Impress=1&Q_CID=CR_5nykLkbdISfLfaS&Q_SIID=SI_3L4uBkHs5Pyzfca&Q_ASID=AS_1G1UPKuYx81Q9SK&Q_CLIENTVERSION=1.103.0&Q_CLIENTTYPE=web&r=1701854605149 Requested by Host: gov1.siteintercept.qualtrics.com URL: https://gov1.siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.103.0&Q_CLIENTTYPE=web&Q_BRANDID=hhsgovfedramp Protocol H2 Security TLS 1.3, , AES_256_GCM Server 88.221.125.111 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a88-221-125-111.deploy.static.akamaitechnologies.com Software / Resource Hash f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.hhs.gov/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers pragma no-cache date Wed, 06 Dec 2023 09:23:25 GMT strict-transport-security max-age=31536000; includeSubDomains; preload referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff content-security-policy-report-only frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://gov1.qualtrics.com/csp-report content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.hhs.gov cache-control max-age=0, no-cache, no-store access-control-allow-credentials true permissions-policy camera=(), geolocation=(), microphone=() trace-id 9a312afdb8b8cd51 content-length 45 expires Wed, 06 Dec 2023 09:23:25 GMT
POST H2	200	SV_3Jyxvg4zv8sPGrH Show response hhsgovfedramp.gov1.qualtrics.com/jfe/form/ Frame 4F24	35 KB 19 KB	217ms 202ms	Document text/html	88.221.125.111 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://hhsgovfedramp.gov1.qualtrics.com/jfe/form/SV_3Jyxvg4zv8sPGrH?Q_CHL=si&Q_CanScreenCapture=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 88.221.125.111 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a88-221-125-111.deploy.static.akamaitechnologies.com Software / Resource Hash d90bf9c3665df22a737db147dd0004c883acf0d157a74854e60a433a3ebf57d0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Content-Type application/x-www-form-urlencoded Origin https://www.hhs.gov Referer https://www.hhs.gov/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-cache, no-store, must-revalidate content-encoding gzip content-security-policy-report-only frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://gov1.qualtrics.com/csp-report content-type text/html; charset=utf-8 date Wed, 06 Dec 2023 09:23:25 GMT expires 0 pragma no-cache referrer-policy strict-origin-when-cross-origin strict-transport-security max-age=31536000; includeSubDomains; preload vary Accept-Encoding x-content-type-options nosniff x-host-id 70726f642e676f76312d3137322e31372e302e33 x-request-id 8e5a24af-7935-48be-a157-ad455b13bdef x-spoke-id gov1 x-transaction-id 110c9880-cce7-4b10-b205-429adc628e18 x-ua-compatible IE=edge
POST		csp-report gov1.qualtrics.com/	0 0
GET H2	200	vendor.50397b8d9ede0752e9a7.js Show response hhsgovfedramp.gov1.qualtrics.com/jfe/static/dist/ Frame 4F24	261 KB 82 KB	46ms 46ms	Script application/javascript	88.221.125.111 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://hhsgovfedramp.gov1.qualtrics.com/jfe/static/dist/vendor.50397b8d9ede0752e9a7.js Requested by Host: hhsgovfedramp.gov1.qualtrics.com URL: https://hhsgovfedramp.gov1.qualtrics.com/jfe/form/SV_3Jyxvg4zv8sPGrH?Q_CHL=si&Q_CanScreenCapture=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 88.221.125.111 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a88-221-125-111.deploy.static.akamaitechnologies.com Software / Resource Hash ccd378b2c62c3e103bd3f41f125180deb9922b8c9814a5b1c63ddf3e883dfd3b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://hhsgovfedramp.gov1.qualtrics.com/jfe/form/SV_3Jyxvg4zv8sPGrH?Q_CHL=si&Q_CanScreenCapture=1 Origin https://hhsgovfedramp.gov1.qualtrics.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 06 Dec 2023 09:23:25 GMT content-encoding gzip referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff last-modified Tue, 17 Oct 2023 15:27:25 GMT x-spoke-id gov1 strict-transport-security max-age=31536000; includeSubDomains; preload etag W/"412ba-18b3e3fb748" content-security-policy-report-only frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://gov1.qualtrics.com/csp-report vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31486414 x-host-id 70726f642e676f76312d3137322e31372e302e33 accept-ranges bytes content-length 83126
GET H2	200	jfe.c5acd07ee1a957aa2ab9.js Show response hhsgovfedramp.gov1.qualtrics.com/jfe/static/dist/ Frame 4F24	257 KB 66 KB	90ms 90ms	Script application/javascript	88.221.125.111 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://hhsgovfedramp.gov1.qualtrics.com/jfe/static/dist/jfe.c5acd07ee1a957aa2ab9.js Requested by Host: hhsgovfedramp.gov1.qualtrics.com URL: https://hhsgovfedramp.gov1.qualtrics.com/jfe/form/SV_3Jyxvg4zv8sPGrH?Q_CHL=si&Q_CanScreenCapture=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 88.221.125.111 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a88-221-125-111.deploy.static.akamaitechnologies.com Software / Resource Hash d9113c5c7bc4285d5b93aef28a8a4edc03a3ff5b734086a898aa2fd5836465ab Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://hhsgovfedramp.gov1.qualtrics.com/jfe/form/SV_3Jyxvg4zv8sPGrH?Q_CHL=si&Q_CanScreenCapture=1 Origin https://hhsgovfedramp.gov1.qualtrics.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 06 Dec 2023 09:23:25 GMT content-encoding gzip referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff last-modified Wed, 15 Nov 2023 21:03:47 GMT x-spoke-id gov1 strict-transport-security max-age=31536000; includeSubDomains; preload etag W/"4022a-18bd4cc1738" content-security-policy-report-only frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://gov1.qualtrics.com/csp-report vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=29853577 x-host-id 70726f642e676f76312d3137322e31372e302e33 accept-ranges bytes content-length 67165
GET H2	200	stylesheet.css hhsgovfedramp.gov1.qualtrics.com/jfe/themes/templated-skins/qualtrics.base:hhsgovfedramp.1186900199:null/version-1701463160714-784c78/ Frame 4F24	226 KB 226 KB	98ms 96ms	Stylesheet text/css	88.221.125.111 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://hhsgovfedramp.gov1.qualtrics.com/jfe/themes/templated-skins/qualtrics.base:hhsgovfedramp.1186900199:null/version-1701463160714-784c78/stylesheet.css Requested by Host: hhsgovfedramp.gov1.qualtrics.com URL: https://hhsgovfedramp.gov1.qualtrics.com/jfe/form/SV_3Jyxvg4zv8sPGrH?Q_CHL=si&Q_CanScreenCapture=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 88.221.125.111 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a88-221-125-111.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash 352f0b2b0db3ebf87cc29821708ec88b52d92f586cff3676a385bc904506a66a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://hhsgovfedramp.gov1.qualtrics.com/jfe/form/SV_3Jyxvg4zv8sPGrH?Q_CHL=si&Q_CanScreenCapture=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers x-amz-version-id l56SFP8Mt_534PL5w7hdFmguhdB_98Kf date Wed, 06 Dec 2023 09:23:25 GMT strict-transport-security max-age=31536000; includeSubDomains; preload last-modified Fri, 01 Dec 2023 20:39:22 GMT server AmazonS3 x-amz-request-id 2CDYMRS4AXM1WGV0 etag "b155b7cc3b28e9e22822e601a6bc2499" x-amz-server-side-encryption AES256 content-type text/css cache-control public, max-age=2545627 x-amz-replication-status COMPLETED accept-ranges bytes content-length 231336 x-amz-id-2 uLfeXjLB1NnN4y/ij+QBQvEpIyRCbCunJH7hz13JzX5QUQAlY9A7zkyX5Z2M4BVJZt3VcVrchJs=
GET H2	200	css_injector_7.css www.hhs.gov/sites/default/files/css_injector/ Frame 4F24	0 377 B	32ms 30ms	Stylesheet text/css	2a02:26f0:1700:382::219c AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.hhs.gov/sites/default/files/css_injector/css_injector_7.css Requested by Host: hhsgovfedramp.gov1.qualtrics.com URL: https://hhsgovfedramp.gov1.qualtrics.com/jfe/form/SV_3Jyxvg4zv8sPGrH?Q_CHL=si&Q_CanScreenCapture=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:1700:382::219c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' hhs.gov *.hhs.gov Strict-Transport-Security max-age=31536000;includeSubDomains;preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://hhsgovfedramp.gov1.qualtrics.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers content-security-policy frame-ancestors 'self' hhs.gov *.hhs.gov date Wed, 06 Dec 2023 09:23:25 GMT x-content-type-options nosniff strict-transport-security max-age=31536000;includeSubDomains;preload last-modified Wed, 18 Oct 2023 14:25:43 GMT etag "652feae7-0" content-type text/css cache-control max-age=31536000 server-timing cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1701854605415_3092669958_2186113544_23_8456_24_0_255";dur=1 accept-ranges bytes content-length 0 x-request-id 430980683e2e7a35840659e3166c35c3
GET H2	200	mc.de4c55e84d3768edc024.js Show response hhsgovfedramp.gov1.qualtrics.com/jfe/static/dist/c/ Frame 4F24	39 KB 6 KB	42ms 41ms	Script application/javascript	88.221.125.111 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://hhsgovfedramp.gov1.qualtrics.com/jfe/static/dist/c/mc.de4c55e84d3768edc024.js Requested by Host: hhsgovfedramp.gov1.qualtrics.com URL: https://hhsgovfedramp.gov1.qualtrics.com/jfe/form/SV_3Jyxvg4zv8sPGrH?Q_CHL=si&Q_CanScreenCapture=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 88.221.125.111 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a88-221-125-111.deploy.static.akamaitechnologies.com Software / Resource Hash 07eb068b7803df415aa19669cb2ab787d6c725d9f3e317147423270186822ba9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://hhsgovfedramp.gov1.qualtrics.com/jfe/form/SV_3Jyxvg4zv8sPGrH?Q_CHL=si&Q_CanScreenCapture=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 06 Dec 2023 09:23:25 GMT content-encoding gzip referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff last-modified Thu, 30 Nov 2023 16:11:02 GMT x-spoke-id gov1 strict-transport-security max-age=31536000; includeSubDomains; preload etag W/"9a85-18c20ff75f0" content-security-policy-report-only frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://gov1.qualtrics.com/csp-report vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31485228 x-host-id 70726f642e676f76312d3137322e31372e302e33 accept-ranges bytes content-length 5790
GET H2	200	meta.09fbdc3892a56cdd7400.js Show response hhsgovfedramp.gov1.qualtrics.com/jfe/static/dist/c/ Frame 4F24	2 KB 1 KB	43ms 43ms	Script application/javascript	88.221.125.111 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://hhsgovfedramp.gov1.qualtrics.com/jfe/static/dist/c/meta.09fbdc3892a56cdd7400.js Requested by Host: hhsgovfedramp.gov1.qualtrics.com URL: https://hhsgovfedramp.gov1.qualtrics.com/jfe/form/SV_3Jyxvg4zv8sPGrH?Q_CHL=si&Q_CanScreenCapture=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 88.221.125.111 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a88-221-125-111.deploy.static.akamaitechnologies.com Software / Resource Hash d8bbe57525d169bbf4df6db02a44ea96dc302fbcef13ddccc519de0aff6fd9ce Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://hhsgovfedramp.gov1.qualtrics.com/jfe/form/SV_3Jyxvg4zv8sPGrH?Q_CHL=si&Q_CanScreenCapture=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 06 Dec 2023 09:23:25 GMT content-encoding gzip referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff last-modified Thu, 30 Nov 2023 16:11:02 GMT x-spoke-id gov1 strict-transport-security max-age=31536000; includeSubDomains; preload etag W/"993-18c20ff75f0" content-security-policy-report-only frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://gov1.qualtrics.com/csp-report vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31486215 x-host-id 70726f642e676f76312d3137322e31372e302e33 accept-ranges bytes content-length 954
GET H2	200	jsApi.20cd89c833fdac8ea3d2.js Show response hhsgovfedramp.gov1.qualtrics.com/jfe/static/dist/c/ Frame 4F24	14 KB 4 KB	42ms 42ms	Script application/javascript	88.221.125.111 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://hhsgovfedramp.gov1.qualtrics.com/jfe/static/dist/c/jsApi.20cd89c833fdac8ea3d2.js Requested by Host: hhsgovfedramp.gov1.qualtrics.com URL: https://hhsgovfedramp.gov1.qualtrics.com/jfe/form/SV_3Jyxvg4zv8sPGrH?Q_CHL=si&Q_CanScreenCapture=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 88.221.125.111 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a88-221-125-111.deploy.static.akamaitechnologies.com Software / Resource Hash 0e64b7ff67d7d8342f315a8b1195cee6d6f20b1666d6facb2d08479e922ad79e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://hhsgovfedramp.gov1.qualtrics.com/jfe/form/SV_3Jyxvg4zv8sPGrH?Q_CHL=si&Q_CanScreenCapture=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 06 Dec 2023 09:23:25 GMT content-encoding gzip referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff last-modified Tue, 08 Aug 2023 17:04:15 GMT x-spoke-id gov1 strict-transport-security max-age=31536000; includeSubDomains; preload etag W/"396f-189d61b3698" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31485229 x-host-id 70726f642e676f76312d3137322e31372e302e33 accept-ranges bytes content-length 4009
GET H2	200	Graphic.php hhsgovfedramp.gov1.qualtrics.com/CP/ Frame 4F24	93 KB 94 KB	44ms 44ms	Image image/png	88.221.125.111 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://hhsgovfedramp.gov1.qualtrics.com/CP/Graphic.php?IM=IM_a5JekuzJ0SLcmCp Protocol H2 Security TLS 1.3, , AES_256_GCM Server 88.221.125.111 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a88-221-125-111.deploy.static.akamaitechnologies.com Software / Resource Hash a7e6c54f2d885ffeefac41e63e8da778717330d9606d51a3d94a48ef00a36c1b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://hhsgovfedramp.gov1.qualtrics.com/jfe/form/SV_3Jyxvg4zv8sPGrH?Q_CHL=si&Q_CanScreenCapture=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 06 Dec 2023 09:23:25 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff content-security-policy-report-only frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://gov1.qualtrics.com/csp-report content-disposition inline; filename=Hhs+logo content-length 94761 x-request-id ba68a2f7-19ed-4966-98ce-9b4e15f32805 referrer-policy strict-origin-when-cross-origin etag "2dcd044aca66ef96af35b9af2eadb2ef" content-type image/png access-control-allow-origin * x-transaction-id 9985b6d1-db81-472a-b29d-2ab997b2c9b6 cache-control public, max-age=17 permissions-policy camera=(), geolocation=(), microphone=() x-robots-tag noindex expires Wed, 06 Dec 2023 09:23:42 GMT
GET H2	200	external-link-icon.woff hhsgovfedramp.gov1.qualtrics.com/jfe/themes/base-css/basestyles-lfe/version-1678899357872-bbfdc9/files/ Frame 4F24	1004 B 1 KB	54ms 53ms	Font font/woff	88.221.125.111 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://hhsgovfedramp.gov1.qualtrics.com/jfe/themes/base-css/basestyles-lfe/version-1678899357872-bbfdc9/files/external-link-icon.woff Requested by Host: hhsgovfedramp.gov1.qualtrics.com URL: https://hhsgovfedramp.gov1.qualtrics.com/jfe/themes/templated-skins/qualtrics.base:hhsgovfedramp.1186900199:null/version-1701463160714-784c78/stylesheet.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 88.221.125.111 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a88-221-125-111.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash c5550d7f8cc83561c801d3cdc4bb3c1784672cf0413ea79b5b32e890b1558c38 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://hhsgovfedramp.gov1.qualtrics.com/jfe/themes/templated-skins/qualtrics.base:hhsgovfedramp.1186900199:null/version-1701463160714-784c78/stylesheet.css Origin https://hhsgovfedramp.gov1.qualtrics.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers x-amz-version-id ZpnDL4pi_9gIwlH6CeppBW_zdJUG8hzv date Wed, 06 Dec 2023 09:23:25 GMT strict-transport-security max-age=31536000; includeSubDomains; preload last-modified Wed, 15 Mar 2023 16:56:07 GMT server AmazonS3 x-amz-request-id 4M6H97SMCJQ6JNPQ etag "90cf29ab19dc601f2e5a9f9b3c4898fb" x-amz-server-side-encryption AES256 content-type font/woff x-amz-replication-status COMPLETED accept-ranges bytes content-length 1004 x-amz-id-2 srKriGymqcXgZOl0mDRL46+Ua2pRRXF+0TmrHOxrXjA3hXJMWQgu6Etpg57Mo8VOgiIAINcNe5A=
GET H2	200	prototype.c1de4fe3d0f9532c40d5.js Show response hhsgovfedramp.gov1.qualtrics.com/jfe/static/dist/c/ Frame 4F24	91 KB 28 KB	47ms 47ms	Script application/javascript	88.221.125.111 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://hhsgovfedramp.gov1.qualtrics.com/jfe/static/dist/c/prototype.c1de4fe3d0f9532c40d5.js Requested by Host: hhsgovfedramp.gov1.qualtrics.com URL: https://hhsgovfedramp.gov1.qualtrics.com/jfe/form/SV_3Jyxvg4zv8sPGrH?Q_CHL=si&Q_CanScreenCapture=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 88.221.125.111 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a88-221-125-111.deploy.static.akamaitechnologies.com Software / Resource Hash fef5050fbb3b017e93ab4029d38399cab5d5bcded4f8db8729505ab43b731d61 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://hhsgovfedramp.gov1.qualtrics.com/jfe/form/SV_3Jyxvg4zv8sPGrH?Q_CHL=si&Q_CanScreenCapture=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 06 Dec 2023 09:23:25 GMT content-encoding gzip referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff last-modified Thu, 30 Nov 2023 16:11:02 GMT x-spoke-id gov1 strict-transport-security max-age=31536000; includeSubDomains; preload etag W/"16b16-18c20ff75f0" content-security-policy-report-only frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://gov1.qualtrics.com/csp-report vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31485171 x-host-id 70726f642e676f76312d3137322e31372e302e33 accept-ranges bytes content-length 28661
POST H2	200	rum Show response hhsgovfedramp.gov1.qualtrics.com/jfe/ Frame 4F24	2 B 2 KB	212ms 212ms	XHR text/plain	88.221.125.111 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://hhsgovfedramp.gov1.qualtrics.com/jfe/rum?type=rum Requested by Host: hhsgovfedramp.gov1.qualtrics.com URL: https://hhsgovfedramp.gov1.qualtrics.com/jfe/static/dist/jfe.c5acd07ee1a957aa2ab9.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 88.221.125.111 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a88-221-125-111.deploy.static.akamaitechnologies.com Software / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://hhsgovfedramp.gov1.qualtrics.com/jfe/form/SV_3Jyxvg4zv8sPGrH?Q_CHL=si&Q_CanScreenCapture=1 X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Content-Type application/json Response headers date Wed, 06 Dec 2023 09:23:25 GMT strict-transport-security max-age=31536000; includeSubDomains; preload referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff x-spoke-id gov1 etag W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc" content-security-policy-report-only frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://gov1.qualtrics.com/csp-report content-type text/plain; charset=utf-8 x-transaction-id ee9862a4-5404-43df-ba63-088c74d16a4b x-host-id 70726f642e676f76312d3137322e31372e302e33 content-length 2 x-request-id 073efac7-276d-4cad-98d5-be1d19ffe924
GET H2	200	mp.cb0c9cc3c1c2659410c1.js Show response hhsgovfedramp.gov1.qualtrics.com/jfe/static/dist/c/ Frame 4F24	5 KB 2 KB	56ms 55ms	Script application/javascript	88.221.125.111 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://hhsgovfedramp.gov1.qualtrics.com/jfe/static/dist/c/mp.cb0c9cc3c1c2659410c1.js Requested by Host: hhsgovfedramp.gov1.qualtrics.com URL: https://hhsgovfedramp.gov1.qualtrics.com/jfe/form/SV_3Jyxvg4zv8sPGrH?Q_CHL=si&Q_CanScreenCapture=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 88.221.125.111 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a88-221-125-111.deploy.static.akamaitechnologies.com Software / Resource Hash 7e95930afde9cff977005b988bf30037fae0cd07357345fb26e2f93638127a9a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://hhsgovfedramp.gov1.qualtrics.com/jfe/form/SV_3Jyxvg4zv8sPGrH?Q_CHL=si&Q_CanScreenCapture=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 06 Dec 2023 09:23:25 GMT content-encoding gzip referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff last-modified Tue, 31 Oct 2023 20:51:19 GMT x-spoke-id gov1 strict-transport-security max-age=31536000; includeSubDomains; preload etag W/"13ee-18b87814958" content-security-policy-report-only frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://gov1.qualtrics.com/csp-report vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=30886966 x-host-id 70726f642e676f76312d3137322e31372e302e33 accept-ranges bytes content-length 1695
GET H2	200	ScreenCaptureModule.js Show response gov1.siteintercept.qualtrics.com/dxjsmodule/	26 KB 8 KB	38ms 38ms	Script application/javascript	88.221.125.111 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://gov1.siteintercept.qualtrics.com/dxjsmodule/ScreenCaptureModule.js?Q_CLIENTVERSION=1.103.0&Q_CLIENTTYPE=web&Q_BRANDID=hhsgovfedramp Requested by Host: gov1.siteintercept.qualtrics.com URL: https://gov1.siteintercept.qualtrics.com/dxjsmodule/12.20b1d36d36c1dfbe70fa.chunk.js?Q_CLIENTVERSION=1.103.0&Q_CLIENTTYPE=web&Q_BRANDID=www.hhs.gov Protocol H2 Security TLS 1.3, , AES_256_GCM Server 88.221.125.111 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a88-221-125-111.deploy.static.akamaitechnologies.com Software / Resource Hash 6cbe3595b65c4c1efeee930eaf8ed733649f75b2174eb468511bf3396f20d3d7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 06 Dec 2023 09:23:25 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload content-security-policy-report-only frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://gov1.qualtrics.com/csp-report cache-tag cloudjs-screencapturemodule, cloudjs-js-modules, cloudjs-all-modules content-length 7100 referrer-policy strict-origin-when-cross-origin last-modified Wed, 08 Nov 2023 02:23:30 GMT etag W/"684b-18bacbdecd0" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=492346, s-maxage=604800 permissions-policy camera=(), geolocation=(), microphone=() accept-ranges bytes timing-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept
GET H2	200	building_preview.gif gov1.siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/	17 KB 17 KB	40ms 39ms	Image image/gif	88.221.125.111 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://gov1.siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/building_preview.gif Protocol H2 Security TLS 1.3, , AES_256_GCM Server 88.221.125.111 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a88-221-125-111.deploy.static.akamaitechnologies.com Software / Resource Hash 3dcfd38e295103e966531c3c9fcb76464a7f885934dc536115b21cb0c79ec73a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers servershortname date Wed, 06 Dec 2023 09:23:25 GMT strict-transport-security max-age=31536000; includeSubDomains; preload referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff last-modified Mon, 06 Nov 2023 19:06:31 GMT content-security-policy-report-only frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://gov1.qualtrics.com/csp-report content-type image/gif p3p CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE" cache-control public, max-age=315245621 permissions-policy camera=(), geolocation=(), microphone=() accept-ranges bytes trace-id 2a9e75fc5408c87f content-length 16980 expires Fri, 02 Dec 2033 01:37:06 GMT
GET H2	200	remove_screen_capture.png gov1.siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/	1 KB 2 KB	38ms 38ms	Image image/png	88.221.125.111 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://gov1.siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/remove_screen_capture.png Protocol H2 Security TLS 1.3, , AES_256_GCM Server 88.221.125.111 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a88-221-125-111.deploy.static.akamaitechnologies.com Software / Resource Hash f522a363235dc02916dacd3bb06d0b04a0d5218eb40753ccf67188606101a33c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.hhs.gov/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers servershortname date Wed, 06 Dec 2023 09:23:25 GMT strict-transport-security max-age=31536000; includeSubDomains; preload referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff last-modified Mon, 06 Nov 2023 19:06:31 GMT content-security-policy-report-only frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://gov1.qualtrics.com/csp-report p3p CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE" content-type image/png cache-control public, max-age=315245646 permissions-policy camera=(), geolocation=(), microphone=() accept-ranges bytes trace-id ba2136de56068fc5 content-length 1110 expires Fri, 02 Dec 2033 01:37:31 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

gov1.qualtrics.com

URL

https://gov1.qualtrics.com/csp-report