tips.oig.hhs.gov Open in urlscan Pro
158.70.28.33  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response tips.oig.hhs.gov/	1 KB 1 KB	747ms 117ms	Document text/html	158.70.28.33 RFC2270-UUNET-CUS...
General Check archive.org Show headers Download Go to Full URL https://tips.oig.hhs.gov/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 158.70.28.33 , United States, ASN7046 (RFC2270-UUNET-CUSTOMER, US), Reverse DNS Software Apache/2.4.62 () OpenSSL/1.0.2k-fips mod_wsgi/5.0.1 Python/3.9 / Resource Hash 75c60f95ccf7706364e9c98990ac6c285c30c4ba3bda3c1ee6c9696a0eefb437 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers Cache-Control no-store Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=utf-8 Date Wed, 30 Oct 2024 20:11:05 GMT Referrer-Policy same-origin Server Apache/2.4.62 () OpenSSL/1.0.2k-fips mod_wsgi/5.0.1 Python/3.9 Strict-Transport-Security max-age=31536000; includeSubDomains Transfer-Encoding chunked Upgrade h2,h2c Vary Accept-Encoding X-Content-Type-Options nosniff X-Frame-Options DENY X-XSS-Protection 1; mode=block
GET H2	200	css fonts.googleapis.com/	7 KB 1 KB	52ms 16ms	Stylesheet text/css	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,700 Requested by Host: tips.oig.hhs.gov URL: https://tips.oig.hhs.gov/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 55cb4df4b517a838340cdff1e9c871e2fb97ea1ff0b36490f8f8ba588619083a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers content-encoding gzip x-content-type-options nosniff expires Wed, 30 Oct 2024 20:11:06 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 30 Oct 2024 20:11:06 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Wed, 30 Oct 2024 18:38:14 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H/1.1	200 OK	main.80308bdf.js Show response tips.oig.hhs.gov/static/bundles/js/	1 MB 370 KB	218ms 217ms	Script application/javascript	158.70.28.33 RFC2270-UUNET-CUS...
General Check archive.org Show headers Download Go to Full URL https://tips.oig.hhs.gov/static/bundles/js/main.80308bdf.js Requested by Host: tips.oig.hhs.gov URL: https://tips.oig.hhs.gov/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 158.70.28.33 , United States, ASN7046 (RFC2270-UUNET-CUSTOMER, US), Reverse DNS Software Apache/2.4.62 () OpenSSL/1.0.2k-fips mod_wsgi/5.0.1 Python/3.9 / Resource Hash 4160eaf18d80e799bc85cbb7cfc05b01ac2d42143a293383b437add58109a025 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://tips.oig.hhs.gov/ Response headers Transfer-Encoding chunked Strict-Transport-Security max-age=31536000; includeSubDomains Cache-Control private, max-age=604800 Content-Encoding gzip ETag "15ffc1-62380f26b141d-gzip" Connection keep-alive X-Content-Type-Options nosniff Accept-Ranges bytes Date Wed, 30 Oct 2024 20:11:06 GMT X-XSS-Protection 1; mode=block Content-Type application/javascript Last-Modified Wed, 02 Oct 2024 16:29:50 GMT Server Apache/2.4.62 () OpenSSL/1.0.2k-fips mod_wsgi/5.0.1 Python/3.9 Vary Accept-Encoding
GET H/1.1	200 OK	main.2f674f12.css tips.oig.hhs.gov/static/bundles/css/	7 KB 3 KB	320ms 114ms	Stylesheet text/css	158.70.28.33 RFC2270-UUNET-CUS...
General Check archive.org Show headers Download Go to Full URL https://tips.oig.hhs.gov/static/bundles/css/main.2f674f12.css Requested by Host: tips.oig.hhs.gov URL: https://tips.oig.hhs.gov/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 158.70.28.33 , United States, ASN7046 (RFC2270-UUNET-CUSTOMER, US), Reverse DNS Software Apache/2.4.62 () OpenSSL/1.0.2k-fips mod_wsgi/5.0.1 Python/3.9 / Resource Hash f2cb350d3240e11c117933b680414a8f155c7e110be29fc4ee1378e6e9043608 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://tips.oig.hhs.gov/ Response headers Upgrade h2,h2c Strict-Transport-Security max-age=31536000; includeSubDomains Cache-Control private, max-age=604800 Content-Encoding gzip ETag "1b68-62380f26b529c-gzip" Connection keep-alive X-Content-Type-Options nosniff Accept-Ranges bytes Content-Length 2461 Date Wed, 30 Oct 2024 20:11:06 GMT X-XSS-Protection 1; mode=block Content-Type text/css Last-Modified Wed, 02 Oct 2024 16:29:50 GMT Server Apache/2.4.62 () OpenSSL/1.0.2k-fips mod_wsgi/5.0.1 Python/3.9 Vary Accept-Encoding
GET H2	200	siteanalyze_6283531.js Show response siteimproveanalytics.com/js/	62 KB 19 KB	70ms 28ms	Script application/javascript	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteimproveanalytics.com/js/siteanalyze_6283531.js Requested by Host: tips.oig.hhs.gov URL: https://tips.oig.hhs.gov/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6f2dbe17aebb0836c7637f3c6741b5a96bf9861fe31bed5ff1f52dbd4cfce0fb Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers content-encoding gzip cf-cache-status HIT etag "88f21e91d1948b21e80d3a619ecb75c4" age 3455 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XKxF2swQjqWspPnV7lPGFqqb5mQnvLAK3cM3nz%2FTfN7edY10KUfraOGDLcL0JFDmYjeaTgapVMT5IW%2FqkiaNfS79W1ptY5D%2FdA6AeJGKfuLe7vToaG7UKwfoIj313M04gq1cWgRcLQnH3GGiviXWAVs2iL3DMMA%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=6251&sent=6&recv=12&lost=0&retrans=0&sent_bytes=3918&recv_bytes=2166&delivery_rate=593592&cwnd=253&unsent_bytes=0&cid=d495137470bc8a86&ts=34&x=0" date Wed, 30 Oct 2024 20:11:06 GMT content-type application/javascript; charset=utf-8 last-modified Mon, 30 Sep 2024 04:58:18 GMT vary Accept-Encoding x-amz-id-2 OntdDdz6O0T5yxUC0gxgihlZQjREpBAKfwgC7kuN17q/DNF67WMlGbcDGVqn2DwEilMRtsVQOHk= cache-control max-age=86400, no-transform nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id TD99V76GRA69NBPT cf-ray 8dae0d733e6e5d84-FRA accept-ranges bytes content-length 18796 server cloudflare
GET H2	200	gtm.js Show response www.googletagmanager.com/	482 KB 112 KB	94ms 54ms	Script application/javascript	2a00:1450:4001:811::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-JLFR Requested by Host: tips.oig.hhs.gov URL: https://tips.oig.hhs.gov/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 0e66a7bd2e3263585e876e15a6090bf3f747bbadc9569c54e33e8c69b3008cf8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],} expires Wed, 30 Oct 2024 20:11:06 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 30 Oct 2024 20:11:06 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Wed, 30 Oct 2024 18:00:00 GMT access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 114333 x-xss-protection 0 server Google Tag Manager
GET H2	200	js Show response www.googletagmanager.com/gtag/	308 KB 104 KB	30ms 29ms	Script application/javascript	2a00:1450:4001:811::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-3YLR8EGLBW&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-JLFR Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 915d84869277d6ca467eb695f875a164844a1f7c15b3bc4f570e037f4b6252a8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} expires Wed, 30 Oct 2024 20:11:06 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 30 Oct 2024 20:11:06 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 106384 x-xss-protection 0 server Google Tag Manager
GET H2	200	Universal-Federated-Analytics-Min.js Show response dap.digitalgov.gov/	27 KB 9 KB	30ms 9ms	Script application/javascript	2600:9000:211e:aa00:5:83ea:ba80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dap.digitalgov.gov/Universal-Federated-Analytics-Min.js?agency=hhs&subagency=aspa&sitetopic=health&siteplatform=content%20generator%20missing&sdor=hhs.gov&dclink=true&yt=true&pua=UA-36351725-9&autotracker=true&sp=sitesearchtracking,q&parallelcd=true&palagencydim=dimension1|1&palsubagencydim=dimension2|2&palversiondim=dimension3|3&paltopicdim=dimension4|4&paltopicdim=dimension5|5&cto=24 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-JLFR Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:211e:aa00:5:83ea:ba80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 0353637f69fb4c2399c2fb670fdf8769ebf36fe39bc44222ac241bd5db9e8c07 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers content-encoding gzip x-amz-version-id BFYn5fiooXs0SZNLrHEgbRzkt2bgd2gy etag W/"5e016cc570c152968a32dabca2884e03" age 60646 alt-svc h3=":443"; ma=86400 x-cache Hit from cloudfront x-amz-cf-id s5a0dRgqjfeLTQSfo64X-aNOi1dqAYgialGf5Xo6u88zD23hOJBkMw== date Wed, 30 Oct 2024 03:20:21 GMT content-type application/javascript vary accept-encoding, Origin last-modified Thu, 26 Sep 2024 03:03:52 GMT x-amz-replication-status COMPLETED via 1.1 ef4ff53b101ef123a46ec560b6c94cb8.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-C2 server AmazonS3 x-amz-server-side-encryption AES256
GET H3	200	js Show response www.googletagmanager.com/gtag/	285 KB 98 KB	20ms 18ms	Script application/javascript	142.250.185.200 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-CSLL4ZEK4L Requested by Host: dap.digitalgov.gov URL: https://dap.digitalgov.gov/Universal-Federated-Analytics-Min.js?agency=hhs&subagency=aspa&sitetopic=health&siteplatform=content%20generator%20missing&sdor=hhs.gov&dclink=true&yt=true&pua=UA-36351725-9&autotracker=true&sp=sitesearchtracking,q&parallelcd=true&palagencydim=dimension1|1&palsubagencydim=dimension2|2&palversiondim=dimension3|3&paltopicdim=dimension4|4&paltopicdim=dimension5|5&cto=24 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.200 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f8.1e100.net Software Google Tag Manager / Resource Hash 1ae32de2c3db99ccf1fca126eb05922a0d0f25c811024a274785350543f7066c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} expires Wed, 30 Oct 2024 20:11:06 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 30 Oct 2024 20:11:06 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 100618 x-xss-protection 0 server Google Tag Manager
GET H3	200	js Show response www.googletagmanager.com/gtag/	285 KB 98 KB	19ms 15ms	Script application/javascript	142.250.185.200 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-CSLL4ZEK4L&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-JLFR Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.200 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f8.1e100.net Software Google Tag Manager / Resource Hash e8fe11466a86729148cc9f0882c9010cd66ed5408181065eb22f41d3bafb4d9c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} expires Wed, 30 Oct 2024 20:11:06 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 30 Oct 2024 20:11:06 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 100724 x-xss-protection 0 server Google Tag Manager
GET H2	200	iframe_api Show response www.youtube.com/	993 B 2 KB	75ms 29ms	Script text/javascript	2a00:1450:4001:806::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/iframe_api Requested by Host: dap.digitalgov.gov URL: https://dap.digitalgov.gov/Universal-Federated-Analytics-Min.js?agency=hhs&subagency=aspa&sitetopic=health&siteplatform=content%20generator%20missing&sdor=hhs.gov&dclink=true&yt=true&pua=UA-36351725-9&autotracker=true&sp=sitesearchtracking,q&parallelcd=true&palagencydim=dimension1|1&palsubagencydim=dimension2|2&palversiondim=dimension3|3&paltopicdim=dimension4|4&paltopicdim=dimension5|5&cto=24 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 16fb10cd2b09718cdc2d143b223e15c71cb8890c9a07f85da472bad0c874b99c Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script' Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers content-encoding br report-to {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]} x-content-type-options nosniff origin-trial AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9 expires Wed, 30 Oct 2024 20:11:06 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info." date Wed, 30 Oct 2024 20:11:06 GMT content-type text/javascript; charset=utf-8 vary Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 content-security-policy require-trusted-types-for 'script' cache-control private, max-age=0 accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-resource-policy cross-origin permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=* cross-origin-opener-policy-report-only same-origin; report-to="youtube_main" x-xss-protection 0 server ESF
POST H2	204	collect region1.analytics.google.com/g/	0 0	87ms 21ms	Fetch text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-3YLR8EGLBW&gtm=45je4as0v885882153z8548905za200zb548905&_p=1730319066063&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533422~101823848~101878899~101878944~101925629&cid=527216770.1730319066&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1730319066&sct=1&seg=0&dl=https%3A%2F%2Ftips.oig.hhs.gov%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&ep.site_host=tips.oig.hhs.gov&ep.page_date_modified=Not%20Found&ep.page_content_generator=content%20generator%20missing&ep.page_date_created=Not%20Found&ep.page_creator=Not%20Found&ep.page_office=novalue&ep.page_content_type=Not%20Found&ep.page_division=novalue&ep.page_audience=content%20creator%20missing&ep.page_author=Not%20Found&ep.page_word_count=%3C200&ep.timestamp=2024-10-30T21%3A11%3A06.247%2B01%3A00&ep.page_last_reviewed=&ep.page_content_creator=&ep.page_path_level_1=&tfd=1072 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-3YLR8EGLBW&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://tips.oig.hhs.gov cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 30 Oct 2024 20:11:06 GMT content-type text/plain server Golfe2
POST H2	204	collect stats.g.doubleclick.net/g/	0 554 B	104ms 19ms	Ping text/plain	2a00:1450:400c:c1d::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-3YLR8EGLBW&cid=527216770.1730319066&gtm=45je4as0v885882153z8548905za200zb548905&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101533422~101823848~101878899~101878944~101925629 Requested by Host: dap.digitalgov.gov URL: https://dap.digitalgov.gov/Universal-Federated-Analytics-Min.js?agency=hhs&subagency=aspa&sitetopic=health&siteplatform=content%20generator%20missing&sdor=hhs.gov&dclink=true&yt=true&pua=UA-36351725-9&autotracker=true&sp=sitesearchtracking,q&parallelcd=true&palagencydim=dimension1|1&palsubagencydim=dimension2|2&palversiondim=dimension3|3&paltopicdim=dimension4|4&paltopicdim=dimension5|5&cto=24 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c1d::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://tips.oig.hhs.gov cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 30 Oct 2024 20:11:06 GMT content-type text/plain server Golfe2
GET H3	200	ga-audiences www.google.de/ads/	42 B 63 B	81ms 52ms	Image image/gif	142.250.185.163 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-3YLR8EGLBW&cid=527216770.1730319066&gtm=45je4as0v885882153z8548905za200zb548905&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101533422~101823848~101878899~101878944~101925629&tag_exp=101533422~101823848~101878899~101878944~101925629&z=1780674609 Requested by Host: tips.oig.hhs.gov URL: https://tips.oig.hhs.gov/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.163 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f3.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control no-cache, no-store, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 42 date Wed, 30 Oct 2024 20:11:06 GMT x-xss-protection 0 content-type image/gif server cafe
GET H2	200	www-widgetapi.js Show response www.youtube.com/s/player/78fcc867/www-widgetapi.vflset/	30 KB 10 KB	14ms 11ms	Script text/javascript	2a00:1450:4001:806::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/78fcc867/www-widgetapi.vflset/www-widgetapi.js Requested by Host: www.youtube.com URL: https://www.youtube.com/iframe_api Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 635b2814dbecb78302d05c529bf175ef815ef51e7c344769247896504843b731 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers content-encoding br age 6139 report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} x-content-type-options nosniff expires Thu, 30 Oct 2025 18:28:47 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 30 Oct 2024 18:28:47 GMT last-modified Tue, 29 Oct 2024 04:23:43 GMT content-type text/javascript vary Accept-Encoding, Origin cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" content-length 10143 x-xss-protection 0 server sffe
POST H2	204	collect region1.google-analytics.com/g/	0 0	36ms 14ms	Fetch text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-CSLL4ZEK4L&gtm=45je4as0v9131934939za200zb548905&_p=1730319066063&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533421~101823848~101878899~101878944~101925629&cid=527216770.1730319066&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&dl=https%3A%2F%2Ftips.oig.hhs.gov%2F&dt=&sid=1730319066&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.agency=HHS&ep.subagency=ASPA&ep.site_topic=health&ep.site_platform=content%20generator%20missing&ep.script_source=https%3A%2F%2Fdap.digitalgov.gov%2Funiversal-federated-analytics-min.js&ep.version=20240925%20v8.3%20-%20ga4&ep.protocol=https%3A&ep.using_parallel_tracker=no&tfd=1159 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-CSLL4ZEK4L Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://tips.oig.hhs.gov cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 30 Oct 2024 20:11:06 GMT content-type text/plain server Golfe2
GET H/1.1	200 OK	/ Show response tips.oig.hhs.gov/api/switches/active/	112 B 642 B	155ms 154ms	Fetch application/json	158.70.28.33 RFC2270-UUNET-CUS...
General Check archive.org Show headers Download Go to Full URL https://tips.oig.hhs.gov/api/switches/active/ Requested by Host: tips.oig.hhs.gov URL: https://tips.oig.hhs.gov/static/bundles/js/main.80308bdf.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 158.70.28.33 , United States, ASN7046 (RFC2270-UUNET-CUSTOMER, US), Reverse DNS Software Apache/2.4.62 () OpenSSL/1.0.2k-fips mod_wsgi/5.0.1 Python/3.9 / Resource Hash e83e97b124a711517930f318cc54ea40e23d1e054b0934893059805bf0359758 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 X-CSRFToken undefined Referer https://tips.oig.hhs.gov/ Response headers Transfer-Encoding chunked Strict-Transport-Security max-age=31536000; includeSubDomains Cache-Control no-store Content-Encoding gzip Connection keep-alive X-Content-Type-Options nosniff Allow GET, POST, PUT, PATCH, DELETE, HEAD, OPTIONS Referrer-Policy same-origin Date Wed, 30 Oct 2024 20:11:07 GMT X-XSS-Protection 1; mode=block Content-Type application/json Vary Cookie,Accept-Encoding Server Apache/2.4.62 () OpenSSL/1.0.2k-fips mod_wsgi/5.0.1 Python/3.9 X-Frame-Options DENY
GET H/1.1	200 OK	oig-seal.a9d3256a.png tips.oig.hhs.gov/static/bundles/media/	13 KB 13 KB	209ms 208ms	Image image/png	158.70.28.33 RFC2270-UUNET-CUS...
General Check archive.org Show headers Download Go to Show image Full URL https://tips.oig.hhs.gov/static/bundles/media/oig-seal.a9d3256a.png Requested by Host: tips.oig.hhs.gov URL: https://tips.oig.hhs.gov/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 158.70.28.33 , United States, ASN7046 (RFC2270-UUNET-CUSTOMER, US), Reverse DNS Software Apache/2.4.62 () OpenSSL/1.0.2k-fips mod_wsgi/5.0.1 Python/3.9 / Resource Hash d8d6cbc84ff01d870fa7fc7663ce728802d96db5783a1a948e415e2c05db1b55 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://tips.oig.hhs.gov/ Response headers Strict-Transport-Security max-age=31536000; includeSubDomains Cache-Control private, max-age=604800 ETag "335a-62380f26ac5ff" Connection keep-alive X-Content-Type-Options nosniff Accept-Ranges bytes Content-Length 13146 Date Wed, 30 Oct 2024 20:11:07 GMT X-XSS-Protection 1; mode=block Content-Type image/png Last-Modified Wed, 02 Oct 2024 16:29:50 GMT Server Apache/2.4.62 () OpenSSL/1.0.2k-fips mod_wsgi/5.0.1 Python/3.9
GET H/1.1	200 OK	OpenSans-Bold-webfont.3c4dc405.woff2 tips.oig.hhs.gov/static/bundles/media/	11 KB 12 KB	254ms 108ms	Font text/plain	158.70.28.33 RFC2270-UUNET-CUS...
General Check archive.org Show headers Download Go to Full URL https://tips.oig.hhs.gov/static/bundles/media/OpenSans-Bold-webfont.3c4dc405.woff2 Requested by Host: tips.oig.hhs.gov URL: https://tips.oig.hhs.gov/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 158.70.28.33 , United States, ASN7046 (RFC2270-UUNET-CUSTOMER, US), Reverse DNS Software Apache/2.4.62 () OpenSSL/1.0.2k-fips mod_wsgi/5.0.1 Python/3.9 / Resource Hash fedeb36e18b7b4670af02d02a1aedd1ad10a2d6676c6d94ffb6e57c6ae3faa10 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://tips.oig.hhs.gov Referer https://tips.oig.hhs.gov/ Response headers Strict-Transport-Security max-age=31536000; includeSubDomains Cache-Control private, max-age=604800 Content-Encoding gzip ETag "2d40-62380f26b047e-gzip" Connection keep-alive X-Content-Type-Options nosniff Accept-Ranges bytes Content-Length 11607 Date Wed, 30 Oct 2024 20:11:07 GMT X-XSS-Protection 1; mode=block Last-Modified Wed, 02 Oct 2024 16:29:50 GMT Vary Accept-Encoding Server Apache/2.4.62 () OpenSSL/1.0.2k-fips mod_wsgi/5.0.1 Python/3.9
GET H3	200	6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 fonts.gstatic.com/s/sourcesanspro/v22/	15 KB 15 KB	36ms 14ms	Font font/woff2	142.250.186.163 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,700 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.163 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f3.1e100.net Software sffe / Resource Hash 7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://tips.oig.hhs.gov Referer https://fonts.googleapis.com/ Response headers age 17527 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Thu, 30 Oct 2025 15:19:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 30 Oct 2024 15:19:00 GMT last-modified Thu, 01 Jun 2023 22:52:56 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 14892 x-xss-protection 0 server sffe
GET H3	200	6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2 fonts.gstatic.com/s/sourcesanspro/v22/	14 KB 14 KB	34ms 12ms	Font font/woff2	142.250.186.163 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,700 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.163 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f3.1e100.net Software sffe / Resource Hash 0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://tips.oig.hhs.gov Referer https://fonts.googleapis.com/ Response headers age 17051 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Thu, 30 Oct 2025 15:26:56 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 30 Oct 2024 15:26:56 GMT last-modified Thu, 01 Jun 2023 22:52:57 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 14712 x-xss-protection 0 server sffe
GET H2	200	image.aspx 6283531.global.r2.siteimproveanalytics.io/	34 B 149 B	75ms 13ms	Image image/gif	3.64.170.124 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://6283531.global.r2.siteimproveanalytics.io/image.aspx?url=https%3A%2F%2Ftips.oig.hhs.gov%2F&title=File%20a%20Complaint&res=1600x1200&accountid=6283531&rt=1956&prev=7494e377-6e9a-1c64-e253-d38e1607b553&luid=b05623d9-9a06-2bcc-6406-e2f2cc6c38d8&rnd=37097 Requested by Host: tips.oig.hhs.gov URL: https://tips.oig.hhs.gov/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.64.170.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-64-170-124.eu-central-1.compute.amazonaws.com Software / Resource Hash 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers expires Wed, 30 Oct 2024 20:11:07 UTC cache-control max-age=0 content-length 34 date Wed, 30 Oct 2024 20:11:07 GMT content-type image/gif
GET H3	200	api.js Show response www.google.com/recaptcha/	1 KB 996 B	50ms 19ms	Script text/javascript	172.217.16.196 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js?render=6LdDlnoUAAAAAEwiLpwIZTK_DgZkRHkfGu3G3oTc Requested by Host: tips.oig.hhs.gov URL: https://tips.oig.hhs.gov/static/bundles/js/main.80308bdf.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.16.196 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s08-in-f4.1e100.net Software ESF / Resource Hash 05669a2121f987f96ef85b0a9ab1f5bfcc4eb21fc0184980dbc497f03af2b51b Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control private, max-age=300 content-encoding gzip cross-origin-resource-policy cross-origin report-to {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]} x-content-type-options nosniff expires Wed, 30 Oct 2024 20:11:07 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cross-origin-opener-policy-report-only same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d" date Wed, 30 Oct 2024 20:11:07 GMT x-xss-protection 0 content-type text/javascript; charset=utf-8 server ESF x-frame-options SAMEORIGIN
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/	547 KB 217 KB	30ms 11ms	Script text/javascript	216.58.206.67 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js?render=6LdDlnoUAAAAAEwiLpwIZTK_DgZkRHkfGu3G3oTc Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.206.67 , United States, ASN15169 (GOOGLE, US), Reverse DNS tzfraa-aa-in-f3.1e100.net Software sffe / Resource Hash 5abe2a12140edf2387d5be35225df3caa4f0f0a05d8f5614008c8cc90af4a156 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://tips.oig.hhs.gov Referer Response headers content-encoding gzip age 10981 report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} x-content-type-options nosniff expires Thu, 30 Oct 2025 17:08:06 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 30 Oct 2024 17:08:06 GMT last-modified Tue, 22 Oct 2024 00:01:33 GMT content-type text/javascript vary Accept-Encoding cache-control public, max-age=31536000 cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha accept-ranges bytes access-control-allow-origin * content-length 222594 x-xss-protection 0 server sffe
GET H3	200	anchor www.google.com/recaptcha/api2/ Frame 1568	0 0	69ms 52ms	Document text/html	172.217.16.196 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdDlnoUAAAAAEwiLpwIZTK_DgZkRHkfGu3G3oTc&co=aHR0cHM6Ly90aXBzLm9pZy5oaHMuZ292OjQ0Mw..&hl=de&v=-ZG7BC9TxCVEbzIO2m429usb&size=invisible&cb=llnmou6ahpk9 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.16.196 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s08-in-f4.1e100.net Software ESF / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-zqnC5t2yYT3YoZi3C97PIw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-zqnC5t2yYT3YoZi3C97PIw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-opener-policy-report-only same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d" cross-origin-resource-policy cross-origin date Wed, 30 Oct 2024 20:11:07 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]} server ESF x-content-type-options nosniff x-xss-protection 0
GET H/1.1	200 OK	favicon.ico tips.oig.hhs.gov/	1 KB 1 KB	106ms 105ms	Other text/html	158.70.28.33 RFC2270-UUNET-CUS...
General Check archive.org Show headers Download Go to Full URL https://tips.oig.hhs.gov/favicon.ico Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 158.70.28.33 , United States, ASN7046 (RFC2270-UUNET-CUSTOMER, US), Reverse DNS Software Apache/2.4.62 () OpenSSL/1.0.2k-fips mod_wsgi/5.0.1 Python/3.9 / Resource Hash 75c60f95ccf7706364e9c98990ac6c285c30c4ba3bda3c1ee6c9696a0eefb437 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://tips.oig.hhs.gov/ Response headers Transfer-Encoding chunked Strict-Transport-Security max-age=31536000; includeSubDomains Cache-Control no-store Content-Encoding gzip Connection keep-alive X-Content-Type-Options nosniff Referrer-Policy same-origin Date Wed, 30 Oct 2024 20:11:07 GMT X-XSS-Protection 1; mode=block Content-Type text/html; charset=utf-8 Vary Accept-Encoding Server Apache/2.4.62 () OpenSSL/1.0.2k-fips mod_wsgi/5.0.1 Python/3.9 X-Frame-Options DENY
POST H2	204	collect region1.analytics.google.com/g/	0 0	16ms 15ms	Fetch text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-3YLR8EGLBW&gtm=45je4as0v885882153z8548905za200zb548905&_p=1730319066063&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533422~101823848~101878899~101878944~101925629&cid=527216770.1730319066&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=2&sid=1730319066&sct=1&seg=0&dl=https%3A%2F%2Ftips.oig.hhs.gov%2F&dt=&en=fetch_user_data&ep.site_host=tips.oig.hhs.gov&ep.page_date_modified=Not%20Found&ep.page_content_generator=content%20generator%20missing&ep.page_date_created=Not%20Found&ep.page_creator=Not%20Found&ep.page_office=novalue&ep.page_content_type=Not%20Found&ep.page_division=novalue&ep.page_audience=content%20creator%20missing&ep.page_author=Not%20Found&ep.page_word_count=%3C200&ep.timestamp=2024-10-30T21%3A11%3A06.247%2B01%3A00&ep.page_last_reviewed=&ep.page_content_creator=&ep.page_path_level_1=&_et=7&up.custom_client_id=527216770.1730319066.&up.custom_session_id=1730319066.&tfd=6091 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-3YLR8EGLBW&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://tips.oig.hhs.gov cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 30 Oct 2024 20:11:11 GMT content-type text/plain server Golfe2
POST H3	204	collect region1.google-analytics.com/g/	0 0	15ms 14ms	Fetch text/plain	216.239.34.36
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-CSLL4ZEK4L&gtm=45je4as0v9131934939za200zb548905&_p=1730319066063&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533421~101823848~101878899~101878944~101925629&cid=527216770.1730319066&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&dl=https%3A%2F%2Ftips.oig.hhs.gov%2F&dt=&sid=1730319066&sct=1&seg=0&en=scroll&ep.agency=HHS&ep.subagency=ASPA&ep.site_topic=health&ep.site_platform=content%20generator%20missing&ep.script_source=https%3A%2F%2Fdap.digitalgov.gov%2Funiversal-federated-analytics-min.js&ep.version=20240925%20v8.3%20-%20ga4&ep.protocol=https%3A&ep.using_parallel_tracker=no&epn.percent_scrolled=90&_et=7&tfd=6171 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-CSLL4ZEK4L Protocol H3 Security QUIC, , AES_128_GCM Server 216.239.34.36 -, , ASN (), Reverse DNS Software Golfe2 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://tips.oig.hhs.gov cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 30 Oct 2024 20:11:11 GMT content-type text/plain server Golfe2

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady function| gtag string| _fullParams string| _keyValuePair string| _key string| _value function| gas function| gas4 boolean| _isRedacted function| onPlayerReady function| onPlayerError function| onPlayerStateChange function| youtube_parser function| IsYouTube function| YTUrlHandler function| _initYouTubeTracker object| gaGlobal object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| FontAwesomeConfig object| ___FONT_AWESOME___ function| _ object| __framePainter object| _sz object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_299879

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.hhs.gov/	1970-01-21 10:14:39	Name: _ga Value: GA1.1.527216770.1730319066
			.hhs.gov/	1970-01-21 10:14:39	Name: _ga_3YLR8EGLBW Value: GS1.1.1730319066.1.0.1730319066.60.0.0
			.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 6ehr8f8lSJA
			.youtube.com/	1970-01-21 04:57:51	Name: VISITOR_INFO1_LIVE Value: k2fTR55jHxw
			.youtube.com/	1970-01-21 04:57:51	Name: VISITOR_PRIVACY_METADATA Value: CgJERRIEEgAgWg%3D%3D
			.hhs.gov/	1970-01-21 10:14:39	Name: _ga_CSLL4ZEK4L Value: GS1.1.1730319066.1.0.1730319066.0.0.0
			.hhs.gov/	1970-01-21 10:14:39	Name: nmstat Value: 7494e377-6e9a-1c64-e253-d38e1607b553

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6283531.global.r2.siteimproveanalytics.io
dap.digitalgov.gov
fonts.googleapis.com
fonts.gstatic.com
region1.analytics.google.com
region1.google-analytics.com
siteimproveanalytics.com
stats.g.doubleclick.net
tips.oig.hhs.gov
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.youtube.com
142.250.185.163
142.250.185.200
142.250.186.163
158.70.28.33
172.217.16.196
2001:4860:4802:32::36
216.239.34.36
216.58.206.67
2600:9000:211e:aa00:5:83ea:ba80:93a1
2a00:1450:4001:806::200e
2a00:1450:4001:811::2008
2a00:1450:4001:828::200a
2a00:1450:400c:c1d::9d
2a06:98c1:3121::3
3.64.170.124
0353637f69fb4c2399c2fb670fdf8769ebf36fe39bc44222ac241bd5db9e8c07
05669a2121f987f96ef85b0a9ab1f5bfcc4eb21fc0184980dbc497f03af2b51b
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
0e66a7bd2e3263585e876e15a6090bf3f747bbadc9569c54e33e8c69b3008cf8
16fb10cd2b09718cdc2d143b223e15c71cb8890c9a07f85da472bad0c874b99c
1ae32de2c3db99ccf1fca126eb05922a0d0f25c811024a274785350543f7066c
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
4160eaf18d80e799bc85cbb7cfc05b01ac2d42143a293383b437add58109a025
55cb4df4b517a838340cdff1e9c871e2fb97ea1ff0b36490f8f8ba588619083a
5abe2a12140edf2387d5be35225df3caa4f0f0a05d8f5614008c8cc90af4a156
635b2814dbecb78302d05c529bf175ef815ef51e7c344769247896504843b731
6f2dbe17aebb0836c7637f3c6741b5a96bf9861fe31bed5ff1f52dbd4cfce0fb
75c60f95ccf7706364e9c98990ac6c285c30c4ba3bda3c1ee6c9696a0eefb437
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
915d84869277d6ca467eb695f875a164844a1f7c15b3bc4f570e037f4b6252a8
d8d6cbc84ff01d870fa7fc7663ce728802d96db5783a1a948e415e2c05db1b55
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e83e97b124a711517930f318cc54ea40e23d1e054b0934893059805bf0359758
e8fe11466a86729148cc9f0882c9010cd66ed5408181065eb22f41d3bafb4d9c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2cb350d3240e11c117933b680414a8f155c7e110be29fc4ee1378e6e9043608
fedeb36e18b7b4670af02d02a1aedd1ad10a2d6676c6d94ffb6e57c6ae3faa10