mta-sts.sativasecurity.net Open in urlscan Pro
138.197.221.162 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://mta-sts.sativasecurity.net/
Submission: On October 14 via automatic, source certstream-suspicious (October 14th 2021, 11:47:31 am UTC) — Scanned from DE

Summary HTTP 17 Redirects Links 80 Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 17 HTTP transactions. The main IP is 138.197.221.162, located in Santa Clara, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is mta-sts.sativasecurity.net.
TLS certificate: Issued by R3 on July 31st 2021. Valid for: 3 months.

This is the only time mta-sts.sativasecurity.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	138.197.221.162 138.197.221.162	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
6	104.16.148.244 104.16.148.244	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.186.174 142.250.186.174	15169 (GOOGLE) (GOOGLE)
4 4	143.204.98.7 143.204.98.7	16509 (AMAZON-02) (AMAZON-02)
4	143.204.98.55 143.204.98.55	16509 (AMAZON-02) (AMAZON-02)
1	52.202.9.160 52.202.9.160	14618 (AMAZON-AES) (AMAZON-AES)
17	6

1 138.197.221.162 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: my.happyface.space

mta-sts.sativasecurity.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.16.148.244 (None, )

ASN13335 (CLOUDFLARENET, US)

www.fbi.gov	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 143.204.98.7 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-7.fra50.r.cloudfront.net

gateway.answerscloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 143.204.98.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-55.fra50.r.cloudfront.net

gateway.foresee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.202.9.160 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-9-160.compute-1.amazonaws.com

analytics.foresee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	fbi.gov www.fbi.gov	657 KB
5	foresee.com gateway.foresee.com analytics.foresee.com Failed	55 KB
4	answerscloud.com 4 redirects gateway.answerscloud.com	1 KB
2	google-analytics.com www.google-analytics.com	20 KB
1	sativasecurity.net mta-sts.sativasecurity.net	10 KB
17	5

	Domain	Requested by
6	www.fbi.gov	mta-sts.sativasecurity.net www.fbi.gov
4	gateway.foresee.com	mta-sts.sativasecurity.net
4	gateway.answerscloud.com	4 redirects
2	www.google-analytics.com	mta-sts.sativasecurity.net www.google-analytics.com
1	analytics.foresee.com	gateway.answerscloud.com
1	mta-sts.sativasecurity.net
17	6

This site contains links to these domains. Also see Links.

Domain
www.fbi.gov
www.facebook.com
delivery.fbi.gov
twitter.com
www.youtube.com
www.linkedin.com
www.instagram.com
www.fbijobs.gov
ucr.fbi.gov
www.regulations.gov
www.justice.gov
www.usa.gov
www.whitehouse.gov
images.fbi.gov

Subject Issuer	Validity	Valid
mta-sts.sativasecurity.net R3	`2021-07-31` - `2021-10-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-07` - `2022-07-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
foresee.com Amazon	`2021-06-27` - `2022-07-26`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://mta-sts.sativasecurity.net/
Frame ID: D19B931188611DEC022A227A3B62A36F
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Federal Bureau of InvestigationSubmit SearchFacebook IconEmail IconTwitter IconYoutube IconFlickr IconLinkedIn IconInstagram IconSubmit SearchSubmit Search

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

17
Requests

82 %
HTTPS

0 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

742 kB
Transfer

2550 kB
Size

5
Cookies

80 Outgoing links

These are links going to different origins than the main page.

URL: https://www.fbi.gov/@@search
Title: Submit Search.search-icon-link{fill:#FFFFFF;} Search

Search URL Search Domain Scan URL

URL: https://www.fbi.gov/
Title: FBI

Search URL Search Domain Scan URL

URL: https://www.fbi.gov/wanted
Title: Most Wanted

Search URL Search Domain Scan URL

URL: https://www.fbi.gov/news
Title: News

Search URL Search Domain Scan URL

URL: https://www.fbi.gov/investigate
Title: What We Investigate

Search URL Search Domain Scan URL

URL: https://www.fbi.gov/services
Title: Services

Search URL Search Domain Scan URL

URL: https://www.fbi.gov/resources
Title: Resources

Search URL Search Domain Scan URL

URL: https://www.fbi.gov/tips
Title: Submit a Tip

Search URL Search Domain Scan URL

URL: https://www.fbi.gov/about
Title: About

Search URL Search Domain Scan URL

URL: https://www.fbi.gov/contact-us
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.facebook.com/FBI
Title: Facebook Icon.facebook-icon{fill:#FFFFFF;}

Search URL Search Domain Scan URL

URL: https://delivery.fbi.gov/subscribe?utm_source=Email%20Icon%20-%20fbi.gov&utm_medium=Email%20Icon%20-%20fbi.gov&utm_campaign=Email%20Alerts%20Campaign&utm_term=email-alerts&utm_content=Email%20icon%20that%27s%20in%20the%20header%20toolbar%20on%20the%20fbi.gov%20website
Title: Email Icon.email-icon{fill:#FFFFFF;}

Search URL Search Domain Scan URL

URL: https://twitter.com/FBI
Title: Twitter Icon.twitter-icon{fill:#FFFFFF;}

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/fbi
Title: Youtube Icon.youtube-icon{fill:#FFFFFF;}

Search URL Search Domain Scan URL

URL: https://www.fbi.gov/flickr
Title: Flickr Icon.flickr-icon{fill:#FFFFFF;}

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/fbi
Title: LinkedIn Icon.linkedin-icon{fill:#FFFFFF;}

Search URL Search Domain Scan URL

URL: https://www.instagram.com/fbi/
Title: Instagram Icon.instagram-icon{fill:#FFFFFF;}

Search URL Search Domain Scan URL

URL: https://www.fbi.gov/wanted/topten
Title: Ten Most Wanted

Search URL Search Domain Scan URL

URL: https://www.fbi.gov/wanted/fugitives
Title: Fugitives

Search URL Search Domain Scan URL

URL: https://www.fbi.gov/wanted/terrorism
Title: Terrorism

Search URL Search Domain Scan URL

URL: https://www.fbi.gov/wanted/kidnappings-missing-persons
Title: Kidnappings/Missing Persons

Search URL Search Domain Scan URL

URL: https://www.fbi.gov/wanted/seeking-information
Title: Seeking Information

Search URL Search Domain Scan URL

URL: https://www.fbi.gov/wanted/bank-robbers
Title: Bank Robbers

Search URL Search Domain Scan URL

URL: https://www.fbi.gov/wanted/ecap
Title: ECAP

Search URL Search Domain Scan URL

URL: https://www.fbi.gov/wanted/vicap
Title: ViCAP

Search URL Search Domain Scan URL

URL: https://www.fbi.gov/news/stories
Title: Stories

Search URL Search Domain Scan URL

URL: https://www.fbi.gov/news/videos
Title: Videos

Search URL Search Domain Scan URL

URL: https://www.fbi.gov/news/pressrel
Title: Press Releases

Search URL Search Domain Scan URL

URL: https://www.fbi.gov/news/speeches
Title: Speeches

Search URL Search Domain Scan URL

URL: https://www.fbi.gov/news/testimony
Title: Testimony

Search URL Search Domain Scan URL

URL: https://www.fbi.gov/news/podcasts
Title: Podcasts and Radio

Search URL Search Domain Scan URL

URL: https://www.fbi.gov/news/photos
Title: Photos

Search URL Search Domain Scan URL

URL: https://www.fbi.gov/news/espanol
Title: Español

Search URL Search Domain Scan URL

URL: https://www.fbi.gov/news/apps
Title: Apps

Search URL Search Domain Scan URL

URL: https://www.fbi.gov/investigate/terrorism
Title: Terrorism

Search URL Search Domain Scan URL

URL: https://www.fbi.gov/investigate/counterintelligence
Title: Counterintelligence

Search URL Search Domain Scan URL

URL: https://www.fbi.gov/investigate/cyber
Title: Cyber Crime

Search URL Search Domain Scan URL

URL: https://www.fbi.gov/investigate/public-corruption
Title: Public Corruption

Search URL Search Domain Scan URL

URL: https://www.fbi.gov/investigate/civil-rights
Title: Civil Rights

Search URL Search Domain Scan URL

URL: https://www.fbi.gov/investigate/organized-crime
Title: Organized Crime

Search URL Search Domain Scan URL

URL: https://www.fbi.gov/investigate/white-collar-crime
Title: White-Collar Crime

Search URL Search Domain Scan URL

URL: https://www.fbi.gov/investigate/violent-crime
Title: Violent Crime

Search URL Search Domain Scan URL

URL: https://www.fbi.gov/investigate/wmd
Title: WMD

Search URL Search Domain Scan URL

URL: https://www.fbi.gov/services/cjis
Title: CJIS

Search URL Search Domain Scan URL

URL: https://www.fbi.gov/services/cirg
Title: CIRG

Search URL Search Domain Scan URL

URL: https://www.fbi.gov/services/laboratory
Title: Laboratory Services

Search URL Search Domain Scan URL

URL: https://www.fbi.gov/services/training-academy
Title: Training Academy

Search URL Search Domain Scan URL

URL: https://www.fbi.gov/services/operational-technology
Title: Operational Technology

Search URL Search Domain Scan URL

URL: https://www.fbi.gov/services/information-management
Title: Information Management

Search URL Search Domain Scan URL

URL: https://www.fbi.gov/about/mission
Title: Mission & Priorities

Search URL Search Domain Scan URL

URL: https://www.fbi.gov/about/leadership-and-structure
Title: Leadership & Structure

Search URL Search Domain Scan URL

URL: https://www.fbi.gov/about/partnerships
Title: Partnerships

Search URL Search Domain Scan URL

URL: https://www.fbi.gov/about/community-outreach
Title: Community Outreach

Search URL Search Domain Scan URL

URL: https://www.fbi.gov/about/faqs
Title: FAQs

Search URL Search Domain Scan URL

URL: https://www.fbi.gov/resources/law-enforcement
Title: Law Enforcement

Search URL Search Domain Scan URL

URL: https://www.fbi.gov/resources/businesses
Title: Businesses

Search URL Search Domain Scan URL

URL: https://www.fbi.gov/resources/victim-assistance
Title: Victim Assistance

Search URL Search Domain Scan URL

URL: https://www.fbi.gov/resources/library
Title: Reports and Publications

Search URL Search Domain Scan URL

URL: https://www.fbi.gov/contact-us/field-offices
Title: Field Offices

Search URL Search Domain Scan URL

URL: https://www.fbi.gov/contact-us/fbi-headquarters
Title: FBI Headquarters

Search URL Search Domain Scan URL

URL: https://www.fbi.gov/contact-us/legal-attache-offices
Title: Overseas Offices

Search URL Search Domain Scan URL

URL: https://www.fbijobs.gov/
Title: FBI Jobs

Search URL Search Domain Scan URL

URL: https://ucr.fbi.gov/
Title: Crime Statistics

Search URL Search Domain Scan URL

URL: https://www.fbi.gov/history
Title: History

Search URL Search Domain Scan URL

URL: https://www.fbi.gov/scams-and-safety
Title: Scams & Safety

Search URL Search Domain Scan URL

URL: https://www.fbi.gov/fbi-kids
Title: FBI Kids

Search URL Search Domain Scan URL

URL: https://www.fbi.gov/contact-us/fbi-headquarters/the-fbi-experience
Title: FBI Tour

Search URL Search Domain Scan URL

URL: https://www.fbi.gov/accessibility
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.regulations.gov/
Title: eRulemaking

Search URL Search Domain Scan URL

URL: https://www.fbi.gov/services/information-management/foipa
Title: Freedom of Information/Privacy Act

Search URL Search Domain Scan URL

URL: https://www.fbi.gov/legalnotices
Title: Legal Notices

Search URL Search Domain Scan URL

URL: https://www.justice.gov/legalpolicies
Title: Legal Policies and Disclaimers

Search URL Search Domain Scan URL

URL: https://www.fbi.gov/links
Title: Links

Search URL Search Domain Scan URL

URL: https://www.fbi.gov/privacy_policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.usa.gov/
Title: USA.gov

Search URL Search Domain Scan URL

URL: https://www.whitehouse.gov/
Title: White House

Search URL Search Domain Scan URL

URL: https://www.justice.gov/jmd/eeo-program-status-report
Title: No FEAR Act

Search URL Search Domain Scan URL

URL: https://www.justice.gov/
Title: U.S. Department of Justice

Search URL Search Domain Scan URL

URL: https://images.fbi.gov/
Title: Photos

Search URL Search Domain Scan URL

URL: https://www.fbi.gov/services/information-management/foia
Title: FOIA

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://gateway.answerscloud.com/fbi-gov/production/gateway.min.js HTTP 301
https://gateway.foresee.com/sites/fbi-gov/production/gateway.min.js

Request Chain 11

https://gateway.answerscloud.com/code/19.14.1-fs/fs.utils.js HTTP 301
https://gateway.foresee.com/code/19.14.1-fs/fs.utils.js

Request Chain 12

https://gateway.answerscloud.com/code/19.14.1-fs/fs.compress.js HTTP 301
https://gateway.foresee.com/code/19.14.1-fs/fs.compress.js

Request Chain 13

https://gateway.answerscloud.com/code/19.14.1-fs/fs.trigger.js HTTP 301
https://gateway.foresee.com/code/19.14.1-fs/fs.trigger.js

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
mta-sts.sativasecurity.net/ 33 KB
10 KB 794ms
164ms Document
text/html 138.197.221.162
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://mta-sts.sativasecurity.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.197.221.162 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

my.happyface.space

Software

nginx /

Resource Hash

ab127b451ef46e33756c882fc6273c999fb3122dff53f8498ab7b608e4e1cc39

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

:method: GET
:authority: mta-sts.sativasecurity.net
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
date: Thu, 14 Oct 2021 11:47:26 GMT
content-type: text/html
last-modified: Sun, 17 May 2020 16:29:00 GMT
etag: W/"5ec1664c-82cd"
strict-transport-security: max-age=15768000
content-encoding: gzip

GET
H2 200 default.css
www.fbi.gov/++plone++production/++unique++2020-05-11T03:50:21.598276/ 690 KB
218 KB 68ms
43ms Stylesheet
text/css 104.16.148.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fbi.gov/++plone++production/++unique++2020-05-11T03:50:21.598276/default.css

Requested by

Host: mta-sts.sativasecurity.net
URL: https://mta-sts.sativasecurity.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.148.244 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c922ef7cb9062fe383713e5599238cba6012189e2c42601c1659ba4634fecf33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mta-sts.sativasecurity.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 11:47:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 19
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-cache-rule: plone.stableResource
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
expires: Fri, 15 Oct 2021 11:47:26 GMT
cache-control: public, max-age=86400
cf-ray: 69e092ab88748749-DUS
x-cache-operation: plone.app.caching.strongCaching

GET
H2 200 index.css
www.fbi.gov/++theme++fbigov.theme/css/ 163 KB
33 KB 59ms
34ms Stylesheet
text/css 104.16.148.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fbi.gov/++theme++fbigov.theme/css/index.css?v=6

Requested by

Host: mta-sts.sativasecurity.net
URL: https://mta-sts.sativasecurity.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.148.244 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5063982c92805de8e1100808835cbe2eaa6ea83bbc5b07648e45a20669a408b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mta-sts.sativasecurity.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 11:47:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 19
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-cache-rule: plone.resource
x-cache-operation: plone.app.caching.strongCaching
server: cloudflare
x-frame-options: SAMEORIGIN, SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 69e092ab88778749-DUS
expires: Fri, 15 Oct 2021 11:47:26 GMT

GET
H2 200 print.css
www.fbi.gov/++plone++castle/less/public/ 2 KB
920 B 62ms
37ms Stylesheet
text/css 104.16.148.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fbi.gov/++plone++castle/less/public/print.css

Requested by

Host: mta-sts.sativasecurity.net
URL: https://mta-sts.sativasecurity.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.148.244 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f6bddaff8b54d0271d34b7940889a2c24cacf994999ad33cab2c766e064723e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mta-sts.sativasecurity.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 11:47:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 56295
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-cache-rule: plone.resource
x-cache-operation: plone.app.caching.strongCaching
server: cloudflare
x-frame-options: SAMEORIGIN, SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 69e092ab88788749-DUS
expires: Fri, 15 Oct 2021 11:47:26 GMT

GET
H2 200 fbibannerseal.png
www.fbi.gov/++theme++fbigov.theme/images/ 9 KB
10 KB 32ms
32ms Image
image/webp 104.16.148.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fbi.gov/++theme++fbigov.theme/images/fbibannerseal.png

Requested by

Host: mta-sts.sativasecurity.net
URL: https://mta-sts.sativasecurity.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.148.244 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eabf4334c03ab9ada6ea882cdc57fa81cc720bd1651ce19ee3a59ddba4f66d2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mta-sts.sativasecurity.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 11:47:26 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 65492
cf-polished: origFmt=png, origSize=14404
content-disposition: inline; filename="fbibannerseal.webp"
vary: Accept
content-length: 9694
x-xss-protection: 1; mode=block
x-cache-rule: plone.resource
x-cache-operation: plone.app.caching.strongCaching
cf-bgj: imgq:100,h2pri
server: cloudflare
x-frame-options: SAMEORIGIN, SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 69e092ac49868749-DUS
expires: Fri, 15 Oct 2021 11:47:26 GMT

GET
H2 200 default.js Show response
www.fbi.gov/++plone++production/++unique++2020-05-11T03:50:21.598276/ 1 MB
336 KB 40ms
39ms Script
application/javascript 104.16.148.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fbi.gov/++plone++production/++unique++2020-05-11T03:50:21.598276/default.js

Requested by

Host: mta-sts.sativasecurity.net
URL: https://mta-sts.sativasecurity.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.148.244 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b86c8b6d22f33ceedfcd69d4f61de02ccecc67484606dcebf45361830a2b5069

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mta-sts.sativasecurity.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 11:47:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 19
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-cache-rule: plone.stableResource
x-cache-operation: plone.app.caching.strongCaching
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=86400
cf-ray: 69e092ac49898749-DUS
expires: Fri, 15 Oct 2021 11:47:26 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 72ms
23ms Script
text/javascript 142.250.186.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: mta-sts.sativasecurity.net
URL: https://mta-sts.sativasecurity.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mta-sts.sativasecurity.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Oct 2021 16:38:54 GMT
server: Golfe2
age: 6380
date: Thu, 14 Oct 2021 10:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Thu, 14 Oct 2021 12:01:06 GMT

GET
H2

200

gateway.min.js Show response
gateway.foresee.com/sites/fbi-gov/production/
Redirect Chain

https://gateway.answerscloud.com/fbi-gov/production/gateway.min.js
https://gateway.foresee.com/sites/fbi-gov/production/gateway.min.js

38 KB
14 KB

28ms
9ms

Script
application/javascript

143.204.98.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gateway.foresee.com/sites/fbi-gov/production/gateway.min.js
Requested by: Host: mta-sts.sativasecurity.net
URL: https://mta-sts.sativasecurity.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-55.fra50.r.cloudfront.net
Software: nginx/1.18.0 /
Resource Hash: cb3cd3b8d4b30dc3271cde788e19dab847128ad0171d21b0e13eef1123ccdb06

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mta-sts.sativasecurity.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 11:46:23 GMT
content-encoding: gzip
age: 749
x-cache: Hit from cloudfront
status: 200
content-length: 13764
access-control-allow-origin: *
last-modified: Wed, 09 Jun 2021 21:43:25 GMT
server: nginx/1.18.0
etag: W/"9f943fb2ec4344d641a8277a6108f112"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
via: 1.1 bab8148a65b29113f79cf2725076287d.cloudfront.net (CloudFront)
cache-control: public, max-age=14400
x-amz-cf-pop: FRA50-C1
access-control-allow-headers: X-Requested-With
x-amz-cf-id: z8n1StC8QiCls3wIt_HuILiLJrWMZICGy2tLMMaK6psY9Bkj0mRl1g==
expires: Thu, 14 Oct 2021 15:34:57 GMT

Redirect headers

date: Thu, 14 Oct 2021 10:32:28 GMT
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
server: nginx/1.19.0
age: 4498
x-cache: Hit from cloudfront
p3p: CP="ok"
location: https://gateway.foresee.com/sites/fbi-gov/production/gateway.min.js
x-amz-cf-pop: FRA50-C1
content-type: text/html
content-length: 169
x-amz-cf-id: HHuwPmR0bMF0mwtjswI80gRn9HJEYWitgu3LY-PojfNxr5s1VVOMag==

GET plonejsi18n
www.fbi.gov/ 0
0

GET disclaimer
www.fbi.gov/ 0
0

GET
H2 200 audioplayer.js Show response
www.fbi.gov/++plone++castle-advantage/libs/audioplayer/ 254 KB
60 KB 35ms
35ms Script
application/javascript 104.16.148.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fbi.gov/++plone++castle-advantage/libs/audioplayer/audioplayer.js

Requested by

Host: www.fbi.gov
URL: https://www.fbi.gov/++plone++production/++unique++2020-05-11T03:50:21.598276/default.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.148.244 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

076ceb56923ab3139b839a389312dbf8fe32a21481ccccd8d3d295f9cc2759aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mta-sts.sativasecurity.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 11:47:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 55517
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-cache-rule: plone.resource
x-cache-operation: plone.app.caching.strongCaching
server: cloudflare
x-frame-options: SAMEORIGIN, SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 69e092ad7b148749-DUS
expires: Fri, 15 Oct 2021 11:47:26 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
214 B 31ms
31ms XHR
text/plain 142.250.186.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=474449005&t=pageview&_s=1&dl=https%3A%2F%2Fmta-sts.sativasecurity.net%2F&ul=en-us&de=UTF-8&dt=Federal%20Bureau%20of%20Investigation&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=363881134&gjid=358078009&cid=2126033064.1634212047&tid=UA-1603990-1&_gid=1415262025.1634212047&_r=1&_slc=1&z=2024388318

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://mta-sts.sativasecurity.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 11:47:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mta-sts.sativasecurity.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

fs.utils.js Show response
gateway.foresee.com/code/19.14.1-fs/
Redirect Chain

https://gateway.answerscloud.com/code/19.14.1-fs/fs.utils.js
https://gateway.foresee.com/code/19.14.1-fs/fs.utils.js

56 KB
19 KB

9ms
9ms

Script
application/javascript

143.204.98.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gateway.foresee.com/code/19.14.1-fs/fs.utils.js
Requested by: Host: mta-sts.sativasecurity.net
URL: https://mta-sts.sativasecurity.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-55.fra50.r.cloudfront.net
Software: nginx/1.18.0 /
Resource Hash: 696bf481ec5c742bf43af05db4e8387220cffd6329918a421523331f1ba7a2b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mta-sts.sativasecurity.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 23:51:44 GMT
content-encoding: gzip
age: 734143
x-cache: Hit from cloudfront
status: 200
content-length: 18546
access-control-allow-origin: *
last-modified: Tue, 20 Oct 2020 17:22:26 GMT
server: nginx/1.18.0
etag: W/"95849196a22d7892afab30f21864ae6d"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
via: 1.1 bab8148a65b29113f79cf2725076287d.cloudfront.net (CloudFront)
cache-control: public, max-age=2419200
x-amz-cf-pop: FRA50-C1
access-control-allow-headers: X-Requested-With
x-amz-cf-id: 0Sz5bdi5EYix3THcv5ToMbW0Ora63H5c62K8aCoZdkvAK7ldBrRCrQ==
expires: Tue, 02 Nov 2021 23:51:44 GMT

Redirect headers

date: Wed, 13 Oct 2021 15:55:21 GMT
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
server: nginx/1.19.0
age: 71526
x-cache: Hit from cloudfront
p3p: CP="ok"
location: https://gateway.foresee.com/code/19.14.1-fs/fs.utils.js
x-amz-cf-pop: FRA50-C1
content-type: text/html
content-length: 169
x-amz-cf-id: Dp7uV0GOe3tzECFnDYxlNzwE-ru-900ZF68OshhhnjvlUzzjqlCBnA==

GET
H2

200

fs.compress.js Show response
gateway.foresee.com/code/19.14.1-fs/
Redirect Chain

https://gateway.answerscloud.com/code/19.14.1-fs/fs.compress.js
https://gateway.foresee.com/code/19.14.1-fs/fs.compress.js

31 KB
12 KB

8ms
8ms

Script
application/javascript

143.204.98.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gateway.foresee.com/code/19.14.1-fs/fs.compress.js
Requested by: Host: mta-sts.sativasecurity.net
URL: https://mta-sts.sativasecurity.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-55.fra50.r.cloudfront.net
Software: nginx/1.18.0 /
Resource Hash: 3a6653a6360e94f7feb9ccfca527cb6485438d7374dc3967722fdb19287cdec7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mta-sts.sativasecurity.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 00:26:55 GMT
content-encoding: gzip
age: 1941632
x-cache: Hit from cloudfront
status: 200
content-length: 11643
access-control-allow-origin: *
last-modified: Tue, 20 Oct 2020 17:22:26 GMT
server: nginx/1.18.0
etag: W/"4acabaf9a58154798688b83d8ae9065e"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
via: 1.1 bab8148a65b29113f79cf2725076287d.cloudfront.net (CloudFront)
cache-control: public, max-age=2419200
x-amz-cf-pop: FRA50-C1
access-control-allow-headers: X-Requested-With
x-amz-cf-id: GJD9mS1ORZXt33CsyAephXdCwidXDe38rsYf5WJqOFOPMwmwxW5dRQ==
expires: Wed, 20 Oct 2021 00:26:55 GMT

Redirect headers

date: Thu, 14 Oct 2021 08:34:37 GMT
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
server: nginx/1.19.0
age: 11570
x-cache: Hit from cloudfront
p3p: CP="ok"
location: https://gateway.foresee.com/code/19.14.1-fs/fs.compress.js
x-amz-cf-pop: FRA50-C1
content-type: text/html
content-length: 169
x-amz-cf-id: 1FS7ft7YE2AvqksF5YMVN1ENJrr5ljFV8g1yUpRvqKDbXJIV_ICI7A==

GET
H2

200

fs.trigger.js Show response
gateway.foresee.com/code/19.14.1-fs/
Redirect Chain

https://gateway.answerscloud.com/code/19.14.1-fs/fs.trigger.js
https://gateway.foresee.com/code/19.14.1-fs/fs.trigger.js

29 KB
10 KB

12ms
11ms

Script
application/javascript

143.204.98.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gateway.foresee.com/code/19.14.1-fs/fs.trigger.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-55.fra50.r.cloudfront.net
Software: nginx/1.18.0 /
Resource Hash: 2a91468d5d25d7e1c30189eb1cb95b8fc937a1c4867cd22a2c0646e4b4a1cd8b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mta-sts.sativasecurity.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 21:28:20 GMT
content-encoding: gzip
age: 2297947
x-cache: Hit from cloudfront
status: 200
content-length: 9730
access-control-allow-origin: *
last-modified: Tue, 20 Oct 2020 17:22:27 GMT
server: nginx/1.18.0
etag: W/"d59601f0d29a3e4fd9f98c742af3f7a1"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
via: 1.1 bab8148a65b29113f79cf2725076287d.cloudfront.net (CloudFront)
cache-control: public, max-age=2419200
x-amz-cf-pop: FRA50-C1
access-control-allow-headers: X-Requested-With
x-amz-cf-id: co634S_VUMykFpQvqJ-RzPEtHx1NsyG25hLDLIEX_Lzeo0F8v0Jfhw==
expires: Fri, 15 Oct 2021 21:28:20 GMT

Redirect headers

date: Thu, 14 Oct 2021 09:50:36 GMT
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
server: nginx/1.19.0
age: 7010
x-cache: Hit from cloudfront
p3p: CP="ok"
location: https://gateway.foresee.com/code/19.14.1-fs/fs.trigger.js
x-amz-cf-pop: FRA50-C1
content-type: text/html
content-length: 169
x-amz-cf-id: tmZ3tHlOc5r8I8pxNT4-NwpBtewYrN-6HUF72KTZgq4hYxecuPQjgQ==

POST events
analytics.foresee.com/ingest/ 0
0

OPTIONS
H2 204 events
analytics.foresee.com/ingest/ 0
0 278ms
91ms Preflight 52.202.9.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.foresee.com/ingest/events
Protocol: H2
Server: 52.202.9.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-202-9-160.compute-1.amazonaws.com
Software: nginx/1.19.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,request-api-version
Origin: https://mta-sts.sativasecurity.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx/1.19.0
date: Thu, 14 Oct 2021 11:47:27 GMT
access-control-allow-origin: *

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.fbi.gov
URL: https://www.fbi.gov/plonejsi18n?domain=widgets&language=en

Domain: www.fbi.gov
URL: https://www.fbi.gov/disclaimer

Domain: analytics.foresee.com
URL: https://analytics.foresee.com/ingest/events

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
mta-sts.sativasecurity.net/	1969-12-31 23:59:59	Name: __castle_fv__ Value: shown
.sativasecurity.net/	1970-01-20 15:28:04	Name: _ga Value: GA1.2.2126033064.1634212047
.sativasecurity.net/	1970-01-19 21:58:18	Name: _gid Value: GA1.2.1415262025.1634212047
.sativasecurity.net/	1970-01-19 21:56:52	Name: _gat Value: 1
.sativasecurity.net/	1970-01-20 15:27:21	Name: _4c_ Value: %7B%22_4c_s_%22%3A%22dVJBboMwEPxK5XOc2GDAzq1qpaoPqHqMbLMpVhNAtgNNI%2F7edUIUNVW5sDveGQ87nMjYQEvWvMxFxjMmFMurBfmEYyDrE%2FGuTq%2BBrIllWluVFbQURUFFpQ1VoDS1mRFya0yhTEkW5CtpCa6kZKJiIp8WxPazxonYrgbU4mrJxZLTbUBG%2FEaEYdH7rj7YuInHPg2NYB5C%2FYkHNQzOwmZ0dWwSu2TshjbgPpqY4OwC9z41WI2urbvxnjaj9zTjuzFAoj41vtvDg8oR7XAL5P3MSFY9bMH78xR2wcXkM%2BjoBh3AHryLx2ULcT7DJeLx1jj60Q3p%2B4bZ2MHvsGpi7MN6tdpHTUMMy786K5yFNrF6X2O966zepSsxsQV5edy8vT5jh7mVLM9ZiSu9xliRac4CASWFwDgk7jrizbIULD3TxdI5Gv57GpMTf6cHd%2F0ZuMos45xTkRWKCplrKgsOFEpZFSaDSkpBbpI8lyhZqVmSy6viZesU2v%2BNSH5vZJp%2BAA%3D%3D%22%7D

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://mta-sts.sativasecurity.net/ Message: Access to XMLHttpRequest at 'https://www.fbi.gov/plonejsi18n?domain=widgets&language=en' from origin 'https://mta-sts.sativasecurity.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.fbi.gov/plonejsi18n?domain=widgets&language=en Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://mta-sts.sativasecurity.net/ Message: Access to XMLHttpRequest at 'https://www.fbi.gov/disclaimer' from origin 'https://mta-sts.sativasecurity.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.fbi.gov/disclaimer Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://mta-sts.sativasecurity.net/ Message: Access to XMLHttpRequest at 'https://analytics.foresee.com/ingest/events' from origin 'https://mta-sts.sativasecurity.net' has been blocked by CORS policy: Request header field request-api-version is not allowed by Access-Control-Allow-Headers in preflight response.
network	error	URL: https://analytics.foresee.com/ingest/events Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.foresee.com
gateway.answerscloud.com
gateway.foresee.com
mta-sts.sativasecurity.net
www.fbi.gov
www.google-analytics.com
analytics.foresee.com
www.fbi.gov
104.16.148.244
138.197.221.162
142.250.186.174
143.204.98.55
143.204.98.7
52.202.9.160
076ceb56923ab3139b839a389312dbf8fe32a21481ccccd8d3d295f9cc2759aa
2a91468d5d25d7e1c30189eb1cb95b8fc937a1c4867cd22a2c0646e4b4a1cd8b
3a6653a6360e94f7feb9ccfca527cb6485438d7374dc3967722fdb19287cdec7
5f6bddaff8b54d0271d34b7940889a2c24cacf994999ad33cab2c766e064723e
696bf481ec5c742bf43af05db4e8387220cffd6329918a421523331f1ba7a2b7
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
ab127b451ef46e33756c882fc6273c999fb3122dff53f8498ab7b608e4e1cc39
b5063982c92805de8e1100808835cbe2eaa6ea83bbc5b07648e45a20669a408b
b86c8b6d22f33ceedfcd69d4f61de02ccecc67484606dcebf45361830a2b5069
c922ef7cb9062fe383713e5599238cba6012189e2c42601c1659ba4634fecf33
cb3cd3b8d4b30dc3271cde788e19dab847128ad0171d21b0e13eef1123ccdb06
eabf4334c03ab9ada6ea882cdc57fa81cc720bd1651ce19ee3a59ddba4f66d2e
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

mta-sts.sativasecurity.net Open in urlscan Pro 138.197.221.162 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

17 Requests

82 %HTTPS

0 %IPv6

5 Domains

6 Subdomains

6 IPs

2 Countries

742 kBTransfer

2550 kBSize

5 Cookies

80 Outgoing links

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

5 Cookies

6 Console Messages

Security Headers

Indicators

mta-sts.sativasecurity.net Open in urlscan Pro
138.197.221.162 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

82 %
HTTPS

0 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

742 kB
Transfer

2550 kB
Size

5
Cookies

17 HTTP transactions
0 data transactions