spars-sts.samhsa.gov Open in urlscan Pro
3.232.160.9 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://spars-lc.samhsa.gov/course/view.php?id=182
Effective URL:
https://spars-sts.samhsa.gov/Identity/login?signin=aca90ea95a17a54c05e53b540249e086
Submission Tags: falconsandbox
Submission: On September 19 via api (September 19th 2022, 8:36:16 pm UTC) from US — Scanned from DE

Summary HTTP 13 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 13 HTTP transactions. The main IP is 3.232.160.9, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is spars-sts.samhsa.gov. The Cisco Umbrella rank of the primary domain is 621214.
TLS certificate: Issued by Entrust Certification Authority - L1K on November 8th 2021. Valid for: a year.

This is the only time spars-sts.samhsa.gov was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
4 17	3.232.160.9 3.232.160.9		14618 (AMAZON-AES) (AMAZON-AES)
13	1

17 3.232.160.9 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-160-9.compute-1.amazonaws.com

spars-lc.samhsa.gov	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
spars-sts.samhsa.gov	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	samhsa.gov 4 redirects spars-lc.samhsa.gov spars-sts.samhsa.gov — Cisco Umbrella Rank: 621214	490 KB
13	1

	Domain	Requested by
14	spars-sts.samhsa.gov	1 redirects spars-sts.samhsa.gov
3	spars-lc.samhsa.gov	3 redirects
13	2

This site contains links to these domains. Also see Links.

Domain
spars.samhsa.gov

Subject Issuer	Validity	Valid
spars-sts.samhsa.gov Entrust Certification Authority - L1K	`2021-11-08` - `2022-11-28`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://spars-sts.samhsa.gov/Identity/login?signin=aca90ea95a17a54c05e53b540249e086
Frame ID: 26E98651D702F65C5972A0093C04BE75
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SPARS

Page URL History Show full URLs

https://spars-lc.samhsa.gov/course/view.php?id=182 HTTP 303
https://spars-lc.samhsa.gov/login/index.php HTTP 303
https://spars-lc.samhsa.gov/auth/oidc/ HTTP 303
https://spars-sts.samhsa.gov/Identity/connect/authorize?response_type=code&client_id=SPARS-LC-GOV&scope=o... HTTP 302
https://spars-sts.samhsa.gov/Identity/login?signin=aca90ea95a17a54c05e53b540249e086 Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

13
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

1
IPs

1
Countries

487 kB
Transfer

480 kB
Size

4
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://spars.samhsa.gov/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://spars-lc.samhsa.gov/course/view.php?id=182 HTTP 303
https://spars-lc.samhsa.gov/login/index.php HTTP 303
https://spars-lc.samhsa.gov/auth/oidc/ HTTP 303
https://spars-sts.samhsa.gov/Identity/connect/authorize?response_type=code&client_id=SPARS-LC-GOV&scope=openid%20profile%20email&nonce=N6328d2ba855af&response_mode=form_post&resource=https%3A%2F%2Fspars-sts.samhsa.gov%2Fidentity%2F.well-known%2Fopenid-configuration&state=bOVIFeWm5C7AQGh&redirect_uri=https%3A%2F%2Fspars-lc.samhsa.gov%2Fauth%2Foidc%2F&ClientId=SPARS-LC-GOV&ClientSecret=%407r%3DuhCNK%2Adhs%60Tz&ClientCredentialType=FormPost&RedirectUri=https%3A%2F%2Fspars-lc.samhsa.gov%2Fauth%2Foidc%2F&ResponseMode=form_post HTTP 302
https://spars-sts.samhsa.gov/Identity/login?signin=aca90ea95a17a54c05e53b540249e086 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
spars-sts.samhsa.gov/Identity/
Redirect Chain

https://spars-lc.samhsa.gov/course/view.php?id=182
https://spars-lc.samhsa.gov/login/index.php
https://spars-lc.samhsa.gov/auth/oidc/
https://spars-sts.samhsa.gov/Identity/connect/authorize?response_type=code&client_id=SPARS-LC-GOV&scope=openid%20profile%20email&nonce=N6328d2ba855af&response_mode=form_post&resource=https%3A%2F%2F...
https://spars-sts.samhsa.gov/Identity/login?signin=aca90ea95a17a54c05e53b540249e086

10 KB
12 KB

148ms
147ms

Document
text/html

3.232.160.9
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://spars-sts.samhsa.gov/Identity/login?signin=aca90ea95a17a54c05e53b540249e086

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.232.160.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-232-160-9.compute-1.amazonaws.com

Software

Resource Hash

8cf1c8fc8deb3c589cee80c941b53a1d941d64366904851d111bdfa1332a1cc9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' https://spars-sts.samhsa.gov; style-src 'self' 'unsafe-inline' https://spars-sts.samhsa.gov; img-src 'self' https://spars-sts.samhsa.gov data:; font-src 'self' https://spars-sts.samhsa.gov data:; report-uri https://spars-sts.samhsa.gov/Identity/csp/report default-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy	default-src 'self'; script-src 'self' https://spars-sts.samhsa.gov; style-src 'self' 'unsafe-inline' https://spars-sts.samhsa.gov; img-src 'self' https://spars-sts.samhsa.gov data:; font-src 'self' https://spars-sts.samhsa.gov data:; report-uri https://spars-sts.samhsa.gov/Identity/csp/report
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, max-age=0, private
content-length: 10740
content-security-policy: default-src 'self'; script-src 'self' https://spars-sts.samhsa.gov; style-src 'self' 'unsafe-inline' https://spars-sts.samhsa.gov; img-src 'self' https://spars-sts.samhsa.gov data:; font-src 'self' https://spars-sts.samhsa.gov data:; report-uri https://spars-sts.samhsa.gov/Identity/csp/report default-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
content-type: text/html; charset=utf-8
date: Mon, 19 Sep 2022 20:36:11 GMT
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-security-policy: default-src 'self'; script-src 'self' https://spars-sts.samhsa.gov; style-src 'self' 'unsafe-inline' https://spars-sts.samhsa.gov; img-src 'self' https://spars-sts.samhsa.gov data:; font-src 'self' https://spars-sts.samhsa.gov data:; report-uri https://spars-sts.samhsa.gov/Identity/csp/report
x-content-type-options: nosniff nosniff
x-frame-options: SAMEORIGIN SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

content-length: 0
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
date: Mon, 19 Sep 2022 20:36:11 GMT
location: https://spars-sts.samhsa.gov/Identity/login?signin=aca90ea95a17a54c05e53b540249e086
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 csp.js Show response
spars-sts.samhsa.gov/Assets/ 96 B
625 B 132ms
126ms Script
application/javascript 3.232.160.9
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://spars-sts.samhsa.gov/Assets/csp.js

Requested by

Host: spars-sts.samhsa.gov
URL: https://spars-sts.samhsa.gov/Identity/login?signin=aca90ea95a17a54c05e53b540249e086

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.232.160.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-232-160-9.compute-1.amazonaws.com

Software

Resource Hash

d6afc0f18ab014fa1fc2756fe4efbb38627125e44006fbffa1a538e7030cf125

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spars-sts.samhsa.gov/Identity/login?signin=aca90ea95a17a54c05e53b540249e086
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 20:36:11 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 19 Apr 2022 21:37:54 GMT
etag: "0a51eba3554d81:0"
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-length: 96
x-xss-protection: 1; mode=block

GET
H2 200 font-awesome.min.css
spars-sts.samhsa.gov/Assets/libs/font-awesome/css/ 26 KB
27 KB 138ms
132ms Stylesheet
text/css 3.232.160.9
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://spars-sts.samhsa.gov/Assets/libs/font-awesome/css/font-awesome.min.css

Requested by

Host: spars-sts.samhsa.gov
URL: https://spars-sts.samhsa.gov/Identity/login?signin=aca90ea95a17a54c05e53b540249e086

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.232.160.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-232-160-9.compute-1.amazonaws.com

Software

Resource Hash

05f592bcb1e46c798cc6d11738bcc37cfbbcf399ae4c3f23a2a98e703fea478e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spars-sts.samhsa.gov/Identity/login?signin=aca90ea95a17a54c05e53b540249e086
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 20:36:11 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 14 May 2021 14:27:46 GMT
etag: "6ddb184fcd48d71:0"
x-frame-options: SAMEORIGIN
content-type: text/css
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-length: 26717
x-xss-protection: 1; mode=block

GET
H2 200 opensans.css
spars-sts.samhsa.gov/Assets/libs/opensans/css/ 2 KB
3 KB 135ms
130ms Stylesheet
text/css 3.232.160.9
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://spars-sts.samhsa.gov/Assets/libs/opensans/css/opensans.css

Requested by

Host: spars-sts.samhsa.gov
URL: https://spars-sts.samhsa.gov/Identity/login?signin=aca90ea95a17a54c05e53b540249e086

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.232.160.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-232-160-9.compute-1.amazonaws.com

Software

Resource Hash

32669bd8680653de160d0c5414fff46be00bf020545de8b93d23eb3beeab6408

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spars-sts.samhsa.gov/Identity/login?signin=aca90ea95a17a54c05e53b540249e086
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 20:36:11 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 14 May 2021 14:27:51 GMT
etag: "47706e52cd48d71:0"
x-frame-options: SAMEORIGIN
content-type: text/css
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-length: 2339
x-xss-protection: 1; mode=block

GET
H2 200 bootstrap.min.css
spars-sts.samhsa.gov/Assets/libs/bootstrap/css/ 97 KB
98 KB 255ms
251ms Stylesheet
text/css 3.232.160.9
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://spars-sts.samhsa.gov/Assets/libs/bootstrap/css/bootstrap.min.css

Requested by

Host: spars-sts.samhsa.gov
URL: https://spars-sts.samhsa.gov/Identity/login?signin=aca90ea95a17a54c05e53b540249e086

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.232.160.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-232-160-9.compute-1.amazonaws.com

Software

Resource Hash

81e40cfd9268d77c245692bfe869d56836f557c91b494785b0cf068e875b9892

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spars-sts.samhsa.gov/Identity/login?signin=aca90ea95a17a54c05e53b540249e086
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 20:36:11 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 14 May 2021 14:27:42 GMT
etag: "af18d4ccd48d71:0"
x-frame-options: SAMEORIGIN
content-type: text/css
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-length: 99554
x-xss-protection: 1; mode=block

GET
H2 200 angular-csp.css
spars-sts.samhsa.gov/Assets/libs/angular/ 276 B
797 B 131ms
128ms Stylesheet
text/css 3.232.160.9
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://spars-sts.samhsa.gov/Assets/libs/angular/angular-csp.css

Requested by

Host: spars-sts.samhsa.gov
URL: https://spars-sts.samhsa.gov/Identity/login?signin=aca90ea95a17a54c05e53b540249e086

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.232.160.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-232-160-9.compute-1.amazonaws.com

Software

Resource Hash

56d45fdc44723e09f569c959158a435a96a7d89c43b52e4bbb4b4dcf99af7ec9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spars-sts.samhsa.gov/Identity/login?signin=aca90ea95a17a54c05e53b540249e086
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 20:36:11 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 14 May 2021 14:27:40 GMT
etag: "e4a8c54bcd48d71:0"
x-frame-options: SAMEORIGIN
content-type: text/css
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-length: 276
x-xss-protection: 1; mode=block

GET
H2 200 app.min.css
spars-sts.samhsa.gov/Assets/app/ 26 KB
26 KB 373ms
370ms Stylesheet
text/css 3.232.160.9
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://spars-sts.samhsa.gov/Assets/app/app.min.css

Requested by

Host: spars-sts.samhsa.gov
URL: https://spars-sts.samhsa.gov/Identity/login?signin=aca90ea95a17a54c05e53b540249e086

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.232.160.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-232-160-9.compute-1.amazonaws.com

Software

Resource Hash

d49355101d0de9614bb6d615cfb55a3f1407302758b836208772e0ec1c1fcba8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spars-sts.samhsa.gov/Identity/login?signin=aca90ea95a17a54c05e53b540249e086
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 20:36:11 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 14 May 2021 14:27:34 GMT
etag: "358b4748cd48d71:0"
x-frame-options: SAMEORIGIN
content-type: text/css
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-length: 26197
x-xss-protection: 1; mode=block

GET
H2 200 spars-logo-blue.svg
spars-sts.samhsa.gov/Assets/images/ 4 KB
4 KB 355ms
354ms Image
image/svg+xml 3.232.160.9
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://spars-sts.samhsa.gov/Assets/images/spars-logo-blue.svg

Requested by

Host: spars-sts.samhsa.gov
URL: https://spars-sts.samhsa.gov/Identity/login?signin=aca90ea95a17a54c05e53b540249e086

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.232.160.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-232-160-9.compute-1.amazonaws.com

Software

Resource Hash

94968712f02f91fff0d844a679de5d15848f6342e4f89401b3d818f6149b4c0c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spars-sts.samhsa.gov/Identity/login?signin=aca90ea95a17a54c05e53b540249e086
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 20:36:11 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 14 May 2021 14:27:40 GMT
etag: "39209d4bcd48d71:0"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-length: 3955
x-xss-protection: 1; mode=block

GET
H2 200 scripts.2.5.0.js Show response
spars-sts.samhsa.gov/Identity/assets/ 253 KB
254 KB 356ms
353ms Script
application/javascript 3.232.160.9
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://spars-sts.samhsa.gov/Identity/assets/scripts.2.5.0.js

Requested by

Host: spars-sts.samhsa.gov
URL: https://spars-sts.samhsa.gov/Identity/login?signin=aca90ea95a17a54c05e53b540249e086

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.232.160.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-232-160-9.compute-1.amazonaws.com

Software

Resource Hash

88a1f47a962ccac948c5830491de8fd87148abb4345bc998dbb63f816e4e6593

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spars-sts.samhsa.gov/Identity/login?signin=aca90ea95a17a54c05e53b540249e086
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 20:36:11 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 14 May 2021 10:28:00 GMT
etag: "1d748cd573c6ca2"
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 259234
x-xss-protection: 1; mode=block

GET
H2 200 app.js Show response
spars-sts.samhsa.gov/Assets/app/ 140 B
671 B 354ms
352ms Script
application/javascript 3.232.160.9
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://spars-sts.samhsa.gov/Assets/app/app.js

Requested by

Host: spars-sts.samhsa.gov
URL: https://spars-sts.samhsa.gov/Identity/login?signin=aca90ea95a17a54c05e53b540249e086

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.232.160.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-232-160-9.compute-1.amazonaws.com

Software

Resource Hash

2156f12b1c67fa52335dda7c8f25c86d022a55a4e3010f74c135321a82fdaf42

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://spars-sts.samhsa.gov/Identity/login?signin=aca90ea95a17a54c05e53b540249e086
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 20:36:11 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 14 May 2021 14:27:34 GMT
etag: "bc284548cd48d71:0"
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-length: 140
x-xss-protection: 1; mode=block

POST
H2 204 report
spars-sts.samhsa.gov/Identity/csp/ 0
419 B 357ms
356ms Other
text/plain 3.232.160.9
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://spars-sts.samhsa.gov/Identity/csp/report

Requested by

Host: spars-sts.samhsa.gov
URL: https://spars-sts.samhsa.gov/Identity/login?signin=aca90ea95a17a54c05e53b540249e086

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.232.160.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-232-160-9.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://spars-sts.samhsa.gov/Identity/login?signin=aca90ea95a17a54c05e53b540249e086
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 19 Sep 2022 20:36:11 GMT
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload

POST
H2 204 report
spars-sts.samhsa.gov/Identity/csp/ 0
419 B 127ms
126ms Other
text/plain 3.232.160.9
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://spars-sts.samhsa.gov/Identity/csp/report

Requested by

Host: spars-sts.samhsa.gov
URL: https://spars-sts.samhsa.gov/Identity/assets/scripts.2.5.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.232.160.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-232-160-9.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://spars-sts.samhsa.gov/Identity/login?signin=aca90ea95a17a54c05e53b540249e086
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 19 Sep 2022 20:36:12 GMT
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload

GET
H2 200 open-sans-v13-cyrillic_greek_latin_cyrillic-ext_vietnamese_latin-ext_greek-ext-regular.woff2
spars-sts.samhsa.gov/Assets/libs/opensans/fonts/ 61 KB
61 KB 128ms
127ms Font
application/font-woff2 3.232.160.9
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://spars-sts.samhsa.gov/Assets/libs/opensans/fonts/open-sans-v13-cyrillic_greek_latin_cyrillic-ext_vietnamese_latin-ext_greek-ext-regular.woff2

Requested by

Host: spars-sts.samhsa.gov
URL: https://spars-sts.samhsa.gov/Assets/libs/opensans/css/opensans.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.232.160.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-232-160-9.compute-1.amazonaws.com

Software

Resource Hash

3cfb28778895d6adca324710b2000c6e15ef5a7b88d461f39b29ff6fb877b778

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://spars-sts.samhsa.gov/Assets/libs/opensans/css/opensans.css
Origin: https://spars-sts.samhsa.gov
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 20:36:12 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 14 May 2021 14:27:55 GMT
etag: "9cfab854cd48d71:0"
x-frame-options: SAMEORIGIN
content-type: application/font-woff2
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
content-length: 61980
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
spars-sts.samhsa.gov/Identity	1969-12-31 23:59:59	Name: SPARS.SecurityServer.SignInMessage.aca90ea95a17a54c05e53b540249e086 Value: XFUtptbO7_oTsY_yxr5Ur5kjLvmWaBNoocxIilXMGG17TcdStOyf6LfHa1ddbdoCA_scoyP6MY-jON4fQ-eVEnavbsA02qWCGp309yA9HbmZYHuGIXFtky67F-bhb03Wv8i0qEfQf-PXnij8KtelXbYR8PYmlKQ2fSmVBGKxxH9SRf9EDOoTW_Nk1R6fMeVN45otul1Iq3kNpvg3KkjIgZNr7AnlkAHQ1uJiOFv7JKCz9u3HCfZd9-bocAlpJratv1OKR3Spo2dFWATnq6d3qav78-IRTqQOaxhWysDJp_7hOgQ3ALpZfsLTho6vi2zsZhU70Z2VqtpX9CIGlQTeiz66UI9KazkBpvrwIZfdGpUs6wel6kv_Vtha-LN6x2IiFHYsBOCzKklKKWN3WbPThFuLRzIc12GfrEeOKIi1SCWSm2a2V9mN0RY52zwiFKZ7zZWcabZ1ewj4E2xwKiBCOaSmJM4NlE3txZNWHUCqTDxXtXxQK4Fozh_Gc37VM4BAvI1AFK4YvNpoIUdVCqMKUt4nzTveyXSBNULBFrcmvXr3UcnjRj9QDIDFAysUJzv8huapw8S6pagDCsXM8fhdaTAsDzGqjHWR2Nb676AmQDhL6QZ4Z0jz0vuHMg-lGU6sTkD9PRfJpFir-jwZrpYN2B3iIF5yDPZyaKVeZIVxI8ZgW0UCEHRPZ_XJNjFfnZ5nFdkVii-1jDqsKWbYDYlNUf3aSJcsd02IevjTBBlQppjIdUF391lqv80oINXRb0rYBCW-GQp5i7sN0GzyFOZDbPzjNcENmW_HQNTNaJgZAGD4gcRhn5GqDHeQiVuCXc6FFWjbEUoWIv2FDfAoIAFaeLd6h_jOuH_UtfhbhZTYcr9zOh1QpPsSYRWbdG6n-tdr
spars-sts.samhsa.gov/Identity	1969-12-31 23:59:59	Name: SPARS.SecurityServer.idsrv.xsrf Value: APiOhrYJmht5TEtNlVALnKOQE_uqF-gPZ92aRwNdhLRYXzNsFK-UoGx0XVfm-3qv11Uz9aTRcr8CCUzsQ67MH0x9_p_EBPXXQsdjbkI1Pqk
spars-lc.samhsa.gov/	1969-12-31 23:59:59	Name: MoodleSession Value: kjenedrk12rc6aujeuffsjrtt3
spars-sts.samhsa.gov/	1970-01-20 07:33:17	Name: BNI_persistence Value: zvmdlnsB6msDWedoTf2nARWK-dcY1f2cOxXyOJMtbg1veFgDKTBEpckmwM-j-VeaiPwv7OCDnl9Gvb5ERuOxqg==

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; script-src 'self' https://spars-sts.samhsa.gov; style-src 'self' 'unsafe-inline' https://spars-sts.samhsa.gov; img-src 'self' https://spars-sts.samhsa.gov data:; font-src 'self' https://spars-sts.samhsa.gov data:; report-uri https://spars-sts.samhsa.gov/Identity/csp/report default-src 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Security-Policy	default-src 'self'; script-src 'self' https://spars-sts.samhsa.gov; style-src 'self' 'unsafe-inline' https://spars-sts.samhsa.gov; img-src 'self' https://spars-sts.samhsa.gov data:; font-src 'self' https://spars-sts.samhsa.gov data:; report-uri https://spars-sts.samhsa.gov/Identity/csp/report
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

spars-lc.samhsa.gov
spars-sts.samhsa.gov
3.232.160.9
05f592bcb1e46c798cc6d11738bcc37cfbbcf399ae4c3f23a2a98e703fea478e
2156f12b1c67fa52335dda7c8f25c86d022a55a4e3010f74c135321a82fdaf42
32669bd8680653de160d0c5414fff46be00bf020545de8b93d23eb3beeab6408
3cfb28778895d6adca324710b2000c6e15ef5a7b88d461f39b29ff6fb877b778
56d45fdc44723e09f569c959158a435a96a7d89c43b52e4bbb4b4dcf99af7ec9
81e40cfd9268d77c245692bfe869d56836f557c91b494785b0cf068e875b9892
88a1f47a962ccac948c5830491de8fd87148abb4345bc998dbb63f816e4e6593
8cf1c8fc8deb3c589cee80c941b53a1d941d64366904851d111bdfa1332a1cc9
94968712f02f91fff0d844a679de5d15848f6342e4f89401b3d818f6149b4c0c
d49355101d0de9614bb6d615cfb55a3f1407302758b836208772e0ec1c1fcba8
d6afc0f18ab014fa1fc2756fe4efbb38627125e44006fbffa1a538e7030cf125
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

spars-sts.samhsa.gov Open in urlscan Pro 3.232.160.9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

0 %IPv6

1 Domains

2 Subdomains

1 IPs

1 Countries

487 kBTransfer

480 kBSize

4 Cookies

1 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

4 Cookies

Security Headers

Indicators

spars-sts.samhsa.gov Open in urlscan Pro
3.232.160.9 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

1
IPs

1
Countries

487 kB
Transfer

480 kB
Size

4
Cookies

13 HTTP transactions
0 data transactions