urlscan.io logo urlscan.io
SecurityTrails logo

extlms.gsa.gov Open in urlscan Pro
159.142.115.205  Public Scan

Go To Rescan Add Verdict Report
URL: https://extlms.gsa.gov/Account/ConfirmEmail?userId=2631a515-6cad-4a1a-bcdf-22d71fa93209&code=ce75eb56-d522-46e2-b3c1-9e...
Submission: On February 03 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 11 HTTP transactions. The main IP is 159.142.115.205, located in United States and belongs to GSA-GOV, US. The main domain is extlms.gsa.gov.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 25th 2020. Valid for: a year.
This is the only time extlms.gsa.gov was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 159.142.115.205 2714 (GSA-GOV)
3 2600:9000:206... 16509 (AMAZON-02)
11 2
Apex Domain
Subdomains		 Transfer
11 gsa.gov
extlms.gsa.gov
www.gsa.gov
354 KB
11 1
Domain Requested by
8 extlms.gsa.gov extlms.gsa.gov
3 www.gsa.gov extlms.gsa.gov
11 2

This site contains no links.

Subject Issuer Validity Valid
extlms.gsa.gov
DigiCert SHA2 Secure Server CA		 2020-02-25 -
2021-04-28		 a year crt.sh
*.gsa.gov
Sectigo RSA Domain Validation Secure Server CA		 2019-12-13 -
2022-01-10		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://extlms.gsa.gov/Account/ConfirmEmail?userId=2631a515-6cad-4a1a-bcdf-22d71fa93209&code=ce75eb56-d522-46e2-b3c1-9e402c553ea5
Frame ID: 9AA469862D9D006A1F4AFCB4CDAC634E
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

11
Requests

100 %
HTTPS

50 %
IPv6

1
Domains

2
Subdomains

2
IPs

1
Countries

354 kB
Transfer

349 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ConfirmEmail
extlms.gsa.gov/Account/ 		4 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://extlms.gsa.gov/Account/ConfirmEmail?userId=2631a515-6cad-4a1a-bcdf-22d71fa93209&code=ce75eb56-d522-46e2-b3c1-9e402c553ea5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.142.115.205 , United States, ASN2714 (GSA-GOV, US),
Reverse DNS
host.159-142-115-205.gsa.gov
Software
nginx /
Resource Hash
662183245016c13554fff232e92702cd76ff12b2d3eb5e49443f3057077ee996
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' https://www.gstatic.com/recaptcha/ https://www.gsa.gov/sites/gsa.gov/templates/resources/images/ https://stackpath.bootstrapcdn.com/bootstrap/ https://cdnjs.cloudflare.com/ajax/libs/popper.js/ https://code.jquery.com/ https://www.google.com/ https://ajax.aspnetcdn.com/ajax/
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
extlms.gsa.gov
:scheme
https
:path
/Account/ConfirmEmail?userId=2631a515-6cad-4a1a-bcdf-22d71fa93209&code=ce75eb56-d522-46e2-b3c1-9e402c553ea5
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server
nginx
date
Wed, 03 Feb 2021 13:40:38 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
x-xss-protection
1; mode=block
referrer-policy
no-referrer
content-security-policy
default-src 'self' 'unsafe-inline' https://www.gstatic.com/recaptcha/ https://www.gsa.gov/sites/gsa.gov/templates/resources/images/ https://stackpath.bootstrapcdn.com/bootstrap/ https://cdnjs.cloudflare.com/ajax/libs/popper.js/ https://code.jquery.com/ https://www.google.com/ https://ajax.aspnetcdn.com/ajax/
bootstrap.min.css
extlms.gsa.gov/lib/bootstrap/dist/css/ 		152 KB
153 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://extlms.gsa.gov/lib/bootstrap/dist/css/bootstrap.min.css
Requested by
Host: extlms.gsa.gov
URL: https://extlms.gsa.gov/Account/ConfirmEmail?userId=2631a515-6cad-4a1a-bcdf-22d71fa93209&code=ce75eb56-d522-46e2-b3c1-9e402c553ea5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.142.115.205 , United States, ASN2714 (GSA-GOV, US),
Reverse DNS
host.159-142-115-205.gsa.gov
Software
nginx /
Resource Hash
ae576713bc196098f7438dede6ff1f835a23291c32b745ad7e6fb6db809a719b
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' https://www.gstatic.com/recaptcha/ https://www.gsa.gov/sites/gsa.gov/templates/resources/images/ https://stackpath.bootstrapcdn.com/bootstrap/ https://cdnjs.cloudflare.com/ajax/libs/popper.js/ https://code.jquery.com/ https://www.google.com/ https://ajax.aspnetcdn.com/ajax/
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 13:40:38 GMT
referrer-policy
no-referrer
last-modified
Mon, 31 Aug 2020 12:44:52 GMT
server
nginx
etag
"1d67f94852bda74"
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
content-security-policy
default-src 'self' 'unsafe-inline' https://www.gstatic.com/recaptcha/ https://www.gsa.gov/sites/gsa.gov/templates/resources/images/ https://stackpath.bootstrapcdn.com/bootstrap/ https://cdnjs.cloudflare.com/ajax/libs/popper.js/ https://code.jquery.com/ https://www.google.com/ https://ajax.aspnetcdn.com/ajax/
strict-transport-security
max-age=31536000; includeSubdomains; preload
accept-ranges
bytes
content-length
155764
x-content-type-options
nosniff
site.min.css
extlms.gsa.gov/css/ 		6 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://extlms.gsa.gov/css/site.min.css?v=g-V_tyRshgIctPOKIRm2SNhn6cpvuuWJ_XMmybN-fNE
Requested by
Host: extlms.gsa.gov
URL: https://extlms.gsa.gov/Account/ConfirmEmail?userId=2631a515-6cad-4a1a-bcdf-22d71fa93209&code=ce75eb56-d522-46e2-b3c1-9e402c553ea5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.142.115.205 , United States, ASN2714 (GSA-GOV, US),
Reverse DNS
host.159-142-115-205.gsa.gov
Software
nginx /
Resource Hash
83e57fb7246c86021cb4f38a2119b648d867e9ca6fbae589fd7326c9b37e7cd1
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' https://www.gstatic.com/recaptcha/ https://www.gsa.gov/sites/gsa.gov/templates/resources/images/ https://stackpath.bootstrapcdn.com/bootstrap/ https://cdnjs.cloudflare.com/ajax/libs/popper.js/ https://code.jquery.com/ https://www.google.com/ https://ajax.aspnetcdn.com/ajax/
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 13:40:38 GMT
referrer-policy
no-referrer
last-modified
Wed, 02 Sep 2020 13:48:34 GMT
server
nginx
etag
"1d6812fc014322b"
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
content-security-policy
default-src 'self' 'unsafe-inline' https://www.gstatic.com/recaptcha/ https://www.gsa.gov/sites/gsa.gov/templates/resources/images/ https://stackpath.bootstrapcdn.com/bootstrap/ https://cdnjs.cloudflare.com/ajax/libs/popper.js/ https://code.jquery.com/ https://www.google.com/ https://ajax.aspnetcdn.com/ajax/
strict-transport-security
max-age=31536000; includeSubdomains; preload
accept-ranges
bytes
content-length
5931
x-content-type-options
nosniff
required-field.min.css
extlms.gsa.gov/css/ 		1 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://extlms.gsa.gov/css/required-field.min.css
Requested by
Host: extlms.gsa.gov
URL: https://extlms.gsa.gov/Account/ConfirmEmail?userId=2631a515-6cad-4a1a-bcdf-22d71fa93209&code=ce75eb56-d522-46e2-b3c1-9e402c553ea5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.142.115.205 , United States, ASN2714 (GSA-GOV, US),
Reverse DNS
host.159-142-115-205.gsa.gov
Software
nginx /
Resource Hash
df318e8d3e8829f8e8122f4b7ad14e28748ac40862f96fb3571f2597f2e66be1
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' https://www.gstatic.com/recaptcha/ https://www.gsa.gov/sites/gsa.gov/templates/resources/images/ https://stackpath.bootstrapcdn.com/bootstrap/ https://cdnjs.cloudflare.com/ajax/libs/popper.js/ https://code.jquery.com/ https://www.google.com/ https://ajax.aspnetcdn.com/ajax/
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 13:40:38 GMT
referrer-policy
no-referrer
last-modified
Wed, 02 Sep 2020 13:48:34 GMT
server
nginx
etag
"1d6812fc0142143"
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
content-security-policy
default-src 'self' 'unsafe-inline' https://www.gstatic.com/recaptcha/ https://www.gsa.gov/sites/gsa.gov/templates/resources/images/ https://stackpath.bootstrapcdn.com/bootstrap/ https://cdnjs.cloudflare.com/ajax/libs/popper.js/ https://code.jquery.com/ https://www.google.com/ https://ajax.aspnetcdn.com/ajax/
strict-transport-security
max-age=31536000; includeSubdomains; preload
accept-ranges
bytes
content-length
1091
x-content-type-options
nosniff
nav-logo.png
www.gsa.gov/sites/gsa.gov/templates/resources/images/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gsa.gov/sites/gsa.gov/templates/resources/images/nav-logo.png
Requested by
Host: extlms.gsa.gov
URL: https://extlms.gsa.gov/Account/ConfirmEmail?userId=2631a515-6cad-4a1a-bcdf-22d71fa93209&code=ce75eb56-d522-46e2-b3c1-9e402c553ea5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:7e00:16:a338:edc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
28ba0cf3e650b07e2f57fd8ac6aba77d59dae94bedd9f9f14fff8919055b27d1
Security Headers
Name Value
Public-Key-Pins pin-sha256="1xL8YPVTZM6qofJqJj181/eAOOUQzgWi4Jw+gE8xQ8M="; max-age=3600;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 20:54:39 GMT
via
1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 27 Jan 2021 03:32:52 GMT
server
nginx/1.16.1
age
60359
etag
"6010dee4-24f6"
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
9462
x-amz-cf-id
OwRIgE2AbhkRd05oS750griV5D3u_eSGtTfoPFXzBHDpSEIU6WYjzA==
public-key-pins
pin-sha256="1xL8YPVTZM6qofJqJj181/eAOOUQzgWi4Jw+gE8xQ8M="; max-age=3600;
icn-us-flag-21px.png
www.gsa.gov/sites/gsa.gov/templates/resources/images/ 		512 B
975 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gsa.gov/sites/gsa.gov/templates/resources/images/icn-us-flag-21px.png
Requested by
Host: extlms.gsa.gov
URL: https://extlms.gsa.gov/Account/ConfirmEmail?userId=2631a515-6cad-4a1a-bcdf-22d71fa93209&code=ce75eb56-d522-46e2-b3c1-9e402c553ea5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:7e00:16:a338:edc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
120a81cfe7f279a5860435c662d771c5755199499d9c42f88cf02325bd51507b
Security Headers
Name Value
Public-Key-Pins pin-sha256="1xL8YPVTZM6qofJqJj181/eAOOUQzgWi4Jw+gE8xQ8M="; max-age=3600;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 13:40:38 GMT
via
1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 27 Jan 2021 03:32:52 GMT
server
nginx/1.16.1
x-amz-cf-pop
FRA56-C1
etag
"6010dee4-200"
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
512
x-amz-cf-id
2ILPzanrjKR9inA7nZRhHU5Zu4JNqEWhOjEIULoLYlq_ctNI8a9fUg==
public-key-pins
pin-sha256="1xL8YPVTZM6qofJqJj181/eAOOUQzgWi4Jw+gE8xQ8M="; max-age=3600;
jquery-3.5.0.min.js
extlms.gsa.gov/lib/jquery/dist/ 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://extlms.gsa.gov/lib/jquery/dist/jquery-3.5.0.min.js
Requested by
Host: extlms.gsa.gov
URL: https://extlms.gsa.gov/Account/ConfirmEmail?userId=2631a515-6cad-4a1a-bcdf-22d71fa93209&code=ce75eb56-d522-46e2-b3c1-9e402c553ea5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.142.115.205 , United States, ASN2714 (GSA-GOV, US),
Reverse DNS
host.159-142-115-205.gsa.gov
Software
nginx /
Resource Hash
363054e7d9c05dc3221f89a624387dbb220e1207da6c7ac7499b94b0ef32bb44
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' https://www.gstatic.com/recaptcha/ https://www.gsa.gov/sites/gsa.gov/templates/resources/images/ https://stackpath.bootstrapcdn.com/bootstrap/ https://cdnjs.cloudflare.com/ajax/libs/popper.js/ https://code.jquery.com/ https://www.google.com/ https://ajax.aspnetcdn.com/ajax/
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 13:40:38 GMT
referrer-policy
no-referrer
last-modified
Mon, 31 Aug 2020 12:44:52 GMT
server
nginx
etag
"1d67f948528e795"
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
content-security-policy
default-src 'self' 'unsafe-inline' https://www.gstatic.com/recaptcha/ https://www.gsa.gov/sites/gsa.gov/templates/resources/images/ https://stackpath.bootstrapcdn.com/bootstrap/ https://cdnjs.cloudflare.com/ajax/libs/popper.js/ https://code.jquery.com/ https://www.google.com/ https://ajax.aspnetcdn.com/ajax/
strict-transport-security
max-age=31536000; includeSubdomains; preload
accept-ranges
bytes
content-length
89493
x-content-type-options
nosniff
popper.min.js
extlms.gsa.gov/lib/popper/dist/ 		21 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://extlms.gsa.gov/lib/popper/dist/popper.min.js
Requested by
Host: extlms.gsa.gov
URL: https://extlms.gsa.gov/Account/ConfirmEmail?userId=2631a515-6cad-4a1a-bcdf-22d71fa93209&code=ce75eb56-d522-46e2-b3c1-9e402c553ea5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.142.115.205 , United States, ASN2714 (GSA-GOV, US),
Reverse DNS
host.159-142-115-205.gsa.gov
Software
nginx /
Resource Hash
b43b803d36936e2dad7548992c02dfa7144d50b22624211596347a492bfd2c8b
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' https://www.gstatic.com/recaptcha/ https://www.gsa.gov/sites/gsa.gov/templates/resources/images/ https://stackpath.bootstrapcdn.com/bootstrap/ https://cdnjs.cloudflare.com/ajax/libs/popper.js/ https://code.jquery.com/ https://www.google.com/ https://ajax.aspnetcdn.com/ajax/
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 13:40:38 GMT
referrer-policy
no-referrer
last-modified
Mon, 31 Aug 2020 12:44:52 GMT
server
nginx
etag
"1d67f948529e80f"
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
content-security-policy
default-src 'self' 'unsafe-inline' https://www.gstatic.com/recaptcha/ https://www.gsa.gov/sites/gsa.gov/templates/resources/images/ https://stackpath.bootstrapcdn.com/bootstrap/ https://cdnjs.cloudflare.com/ajax/libs/popper.js/ https://code.jquery.com/ https://www.google.com/ https://ajax.aspnetcdn.com/ajax/
strict-transport-security
max-age=31536000; includeSubdomains; preload
accept-ranges
bytes
content-length
21007
x-content-type-options
nosniff
bootstrap.min.js
extlms.gsa.gov/lib/bootstrap/dist/js/ 		57 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://extlms.gsa.gov/lib/bootstrap/dist/js/bootstrap.min.js
Requested by
Host: extlms.gsa.gov
URL: https://extlms.gsa.gov/Account/ConfirmEmail?userId=2631a515-6cad-4a1a-bcdf-22d71fa93209&code=ce75eb56-d522-46e2-b3c1-9e402c553ea5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.142.115.205 , United States, ASN2714 (GSA-GOV, US),
Reverse DNS
host.159-142-115-205.gsa.gov
Software
nginx /
Resource Hash
3bcd802e9f77849e7c1e93c87279fbbb04d45949d2be79b03566ceacde29b158
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' https://www.gstatic.com/recaptcha/ https://www.gsa.gov/sites/gsa.gov/templates/resources/images/ https://stackpath.bootstrapcdn.com/bootstrap/ https://cdnjs.cloudflare.com/ajax/libs/popper.js/ https://code.jquery.com/ https://www.google.com/ https://ajax.aspnetcdn.com/ajax/
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 13:40:38 GMT
referrer-policy
no-referrer
last-modified
Mon, 31 Aug 2020 12:44:52 GMT
server
nginx
etag
"1d67f94852958de"
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
content-security-policy
default-src 'self' 'unsafe-inline' https://www.gstatic.com/recaptcha/ https://www.gsa.gov/sites/gsa.gov/templates/resources/images/ https://stackpath.bootstrapcdn.com/bootstrap/ https://cdnjs.cloudflare.com/ajax/libs/popper.js/ https://code.jquery.com/ https://www.google.com/ https://ajax.aspnetcdn.com/ajax/
strict-transport-security
max-age=31536000; includeSubdomains; preload
accept-ranges
bytes
content-length
58078
x-content-type-options
nosniff
site.min.js
extlms.gsa.gov/js/ 		0
519 B 		Script
General
Check archive.org
Download Go to
Full URL
https://extlms.gsa.gov/js/site.min.js?v=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU
Requested by
Host: extlms.gsa.gov
URL: https://extlms.gsa.gov/Account/ConfirmEmail?userId=2631a515-6cad-4a1a-bcdf-22d71fa93209&code=ce75eb56-d522-46e2-b3c1-9e402c553ea5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.142.115.205 , United States, ASN2714 (GSA-GOV, US),
Reverse DNS
host.159-142-115-205.gsa.gov
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' https://www.gstatic.com/recaptcha/ https://www.gsa.gov/sites/gsa.gov/templates/resources/images/ https://stackpath.bootstrapcdn.com/bootstrap/ https://cdnjs.cloudflare.com/ajax/libs/popper.js/ https://code.jquery.com/ https://www.google.com/ https://ajax.aspnetcdn.com/ajax/
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 13:40:38 GMT
referrer-policy
no-referrer
last-modified
Wed, 02 Sep 2020 13:48:36 GMT
server
nginx
etag
"1d6812fc1455200"
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
content-security-policy
default-src 'self' 'unsafe-inline' https://www.gstatic.com/recaptcha/ https://www.gsa.gov/sites/gsa.gov/templates/resources/images/ https://stackpath.bootstrapcdn.com/bootstrap/ https://cdnjs.cloudflare.com/ajax/libs/popper.js/ https://code.jquery.com/ https://www.google.com/ https://ajax.aspnetcdn.com/ajax/
strict-transport-security
max-age=31536000; includeSubdomains; preload
accept-ranges
bytes
content-length
0
x-content-type-options
nosniff
footer-logo.png
www.gsa.gov/sites/gsa.gov/templates/resources/images/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gsa.gov/sites/gsa.gov/templates/resources/images/footer-logo.png
Requested by
Host: extlms.gsa.gov
URL: https://extlms.gsa.gov/css/site.min.css?v=g-V_tyRshgIctPOKIRm2SNhn6cpvuuWJ_XMmybN-fNE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:7e00:16:a338:edc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
d84ca8b1223927f9ead8c7c7404ab64f3521b326be15945ab32dfaa99dacf67c
Security Headers
Name Value
Public-Key-Pins pin-sha256="1xL8YPVTZM6qofJqJj181/eAOOUQzgWi4Jw+gE8xQ8M="; max-age=3600;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 03:31:27 GMT
via
1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 27 Jan 2021 03:32:52 GMT
server
nginx/1.16.1
age
36553
etag
"6010dee4-2c6b"
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
11371
x-amz-cf-id
DhF1mGY5dK3n6TSmf-Rk4OmgLRztx55S52bxWy6zn-G87dPF7hqIgw==
public-key-pins
pin-sha256="1xL8YPVTZM6qofJqJj181/eAOOUQzgWi4Jw+gE8xQ8M="; max-age=3600;

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| Popper object| bootstrap

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' 'unsafe-inline' https://www.gstatic.com/recaptcha/ https://www.gsa.gov/sites/gsa.gov/templates/resources/images/ https://stackpath.bootstrapcdn.com/bootstrap/ https://cdnjs.cloudflare.com/ajax/libs/popper.js/ https://code.jquery.com/ https://www.google.com/ https://ajax.aspnetcdn.com/ajax/
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block