verify-demo.navapbc.cloud Open in urlscan Pro
34.235.211.205  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response verify-demo.navapbc.cloud/	5 KB 7 KB	394ms 123ms	Document text/html	34.235.211.205 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://verify-demo.navapbc.cloud/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.235.211.205 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-235-211-205.compute-1.amazonaws.com Software / Resource Hash 1d3716dc2b8dd863b85dcc70e0f520491b0a275a3fbfeba2d83391f26417f6ef Security Headers Name Value Content-Security-Policy default-src 'self'; font-src 'self' https://*.cloudinary.com; form-action 'self'; frame-ancestors 'none'; img-src 'self' data: https://*.cloudinary.com http://*.cloudinary.com https://www.google-analytics.com; object-src 'none'; script-src 'self' https://*.argyle.com https://js-agent.newrelic.com https://*.nr-data.net https://dap.digitalgov.gov https://www.google-analytics.com 'nonce-'; connect-src 'self' https://*.argyle.com https://get.geojs.io https://*.nr-data.net https://dap.digitalgov.gov https://www.google-analytics.com; worker-src 'self' blob:; style-src 'self' 'unsafe-inline' Strict-Transport-Security max-age=631138519 X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers Accept-Language it-IT,it;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers cache-control max-age=0, private, must-revalidate content-security-policy default-src 'self'; font-src 'self' https://*.cloudinary.com; form-action 'self'; frame-ancestors 'none'; img-src 'self' data: https://*.cloudinary.com http://*.cloudinary.com https://www.google-analytics.com; object-src 'none'; script-src 'self' https://*.argyle.com https://js-agent.newrelic.com https://*.nr-data.net https://dap.digitalgov.gov https://www.google-analytics.com 'nonce-'; connect-src 'self' https://*.argyle.com https://get.geojs.io https://*.nr-data.net https://dap.digitalgov.gov https://www.google-analytics.com; worker-src 'self' blob:; style-src 'self' 'unsafe-inline' content-type text/html; charset=utf-8 date Fri, 07 Jun 2024 06:36:58 GMT etag W/"1d3716dc2b8dd863b85dcc70e0f52049" link </assets/application-647455a85d14267f236f0c93c7f901b4ac591cd3ec0e53053ae3459ffb05d7a1.css>; rel=preload; as=style; nopush,</assets/application-bc42f513c916b6fec6f1506d24ef6fbf47729de93579743d039d57df752787dc.js>; rel=modulepreload; as=script; nopush,<https://dap.digitalgov.gov/Universal-Federated-Analytics-Min.js?agency=GSA>; rel=preload; as=script; nopush strict-transport-security max-age=631138519 x-content-type-options nosniff x-download-options noopen x-frame-options sameorigin x-permitted-cross-domain-policies none x-request-id aff94f22-4f74-4c1a-a2f8-908394407498 x-runtime 0.005418 x-xss-protection 1; mode=block
GET H2	200	application-647455a85d14267f236f0c93c7f901b4ac591cd3ec0e53053ae3459ffb05d7a1.css verify-demo.navapbc.cloud/assets/	753 KB 80 KB	119ms 119ms	Stylesheet text/css	34.235.211.205 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://verify-demo.navapbc.cloud/assets/application-647455a85d14267f236f0c93c7f901b4ac591cd3ec0e53053ae3459ffb05d7a1.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.235.211.205 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-235-211-205.compute-1.amazonaws.com Software / Resource Hash 71fae77df9e20061f486232d281697904b1e5a872ca567a95b5506c03a47201c Security Headers Name Value Strict-Transport-Security max-age=631138519 X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://verify-demo.navapbc.cloud/ Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 07 Jun 2024 06:36:59 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=631138519 last-modified Thu, 06 Jun 2024 17:27:40 GMT x-permitted-cross-domain-policies none x-download-options noopen vary accept-encoding x-frame-options sameorigin content-type text/css content-length 81287 x-xss-protection 1; mode=block
GET H2	200	application-bc42f513c916b6fec6f1506d24ef6fbf47729de93579743d039d57df752787dc.js Show response verify-demo.navapbc.cloud/assets/	621 KB 125 KB	305ms 305ms	Script application/javascript	34.235.211.205 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://verify-demo.navapbc.cloud/assets/application-bc42f513c916b6fec6f1506d24ef6fbf47729de93579743d039d57df752787dc.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.235.211.205 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-235-211-205.compute-1.amazonaws.com Software / Resource Hash 6b72220aeb955af892818158393ce08a835adef155db49c39f4a1284e37df094 Security Headers Name Value Strict-Transport-Security max-age=631138519 X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Origin https://verify-demo.navapbc.cloud Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 07 Jun 2024 06:36:59 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=631138519 last-modified Thu, 06 Jun 2024 17:27:40 GMT x-permitted-cross-domain-policies none x-download-options noopen vary accept-encoding x-frame-options sameorigin content-type application/javascript content-length 127163 x-xss-protection 1; mode=block
GET H2	200	Universal-Federated-Analytics-Min.js Show response dap.digitalgov.gov/	30 KB 9 KB	107ms 30ms	Script application/javascript	13.32.27.50 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dap.digitalgov.gov/Universal-Federated-Analytics-Min.js?agency=GSA Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.50 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-50.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 796731c9ec6b19fe8e6c4449b405a6112806b973dc38108a845366e8803aac8c Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://verify-demo.navapbc.cloud/ Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id cS6DDXCx0_0tmD1G79EAkElinAY95t.i content-encoding gzip via 1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront) date Fri, 07 Jun 2024 02:10:13 GMT x-amz-cf-pop FRA56-C2 age 16007 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED alt-svc h3=":443"; ma=86400 last-modified Sat, 25 May 2024 00:46:12 GMT server AmazonS3 etag W/"e4cf153a40c6c1fd51f21d602a5abd22" vary Accept-Encoding content-type application/javascript x-amz-cf-id 84N84eI7v_22U9HOtLsmW11ZP1eXdNwHJ440TH8i1TrVwJORCJYmwQ==
GET H2	200	us_flag_small-3d8e577eb632fcc0938557ec0dda2c1db1406345bd3bf25354c3de6168cfc665.png verify-demo.navapbc.cloud/assets/@uswds/uswds/dist/img/	244 B 498 B	304ms 304ms	Image image/png	34.235.211.205 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://verify-demo.navapbc.cloud/assets/@uswds/uswds/dist/img/us_flag_small-3d8e577eb632fcc0938557ec0dda2c1db1406345bd3bf25354c3de6168cfc665.png Requested by Host: verify-demo.navapbc.cloud URL: https://verify-demo.navapbc.cloud/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.235.211.205 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-235-211-205.compute-1.amazonaws.com Software / Resource Hash 5dcdf93abaf205e8a6cc8dea43c4f493fbc75cd7facb2e3e302a85ef6cf9274d Security Headers Name Value Strict-Transport-Security max-age=631138519 X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://verify-demo.navapbc.cloud/ Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 07 Jun 2024 06:36:59 GMT strict-transport-security max-age=631138519 x-content-type-options nosniff last-modified Thu, 06 Jun 2024 17:27:40 GMT x-permitted-cross-domain-policies none x-download-options noopen x-frame-options sameorigin content-type image/png content-length 244 x-xss-protection 1; mode=block
GET H2	200	icon-dot-gov-8edf00164f075d518fe954291d01344457ee2fc6b4e77ae76a5c632eb78516e8.svg verify-demo.navapbc.cloud/assets/@uswds/uswds/dist/img/	633 B 891 B	304ms 304ms	Image image/svg+xml	34.235.211.205 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://verify-demo.navapbc.cloud/assets/@uswds/uswds/dist/img/icon-dot-gov-8edf00164f075d518fe954291d01344457ee2fc6b4e77ae76a5c632eb78516e8.svg Requested by Host: verify-demo.navapbc.cloud URL: https://verify-demo.navapbc.cloud/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.235.211.205 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-235-211-205.compute-1.amazonaws.com Software / Resource Hash d0228750c35aa8389308c85c3cd6a2175b5fdb950c4f048d731e05d3075cda15 Security Headers Name Value Strict-Transport-Security max-age=631138519 X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://verify-demo.navapbc.cloud/ Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 07 Jun 2024 06:36:59 GMT strict-transport-security max-age=631138519 x-content-type-options nosniff last-modified Thu, 06 Jun 2024 17:27:40 GMT x-permitted-cross-domain-policies none x-download-options noopen x-frame-options sameorigin content-type image/svg+xml content-length 633 x-xss-protection 1; mode=block
GET H2	200	icon-https-c9eb76304db98232bf59e2f0937e2125d228bfb3f3fdd9130800ad93ba376dfb.svg verify-demo.navapbc.cloud/assets/@uswds/uswds/dist/img/	720 B 978 B	304ms 304ms	Image image/svg+xml	34.235.211.205 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://verify-demo.navapbc.cloud/assets/@uswds/uswds/dist/img/icon-https-c9eb76304db98232bf59e2f0937e2125d228bfb3f3fdd9130800ad93ba376dfb.svg Requested by Host: verify-demo.navapbc.cloud URL: https://verify-demo.navapbc.cloud/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.235.211.205 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-235-211-205.compute-1.amazonaws.com Software / Resource Hash 912daff95ce9cabae7d0195d39aa98d49c4bec3b975d404ac266534c069cee20 Security Headers Name Value Strict-Transport-Security max-age=631138519 X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://verify-demo.navapbc.cloud/ Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 07 Jun 2024 06:36:59 GMT strict-transport-security max-age=631138519 x-content-type-options nosniff last-modified Thu, 06 Jun 2024 17:27:40 GMT x-permitted-cross-domain-policies none x-download-options noopen x-frame-options sameorigin content-type image/svg+xml content-length 720 x-xss-protection 1; mode=block
GET H2	200	close-ffbc61caf4be69eb734a7f3e93e96a4e2e3a163291b4ac04fc7c942dff396d27.svg verify-demo.navapbc.cloud/assets/@uswds/uswds/dist/img/usa-icons/	202 B 460 B	404ms 404ms	Image image/svg+xml	34.235.211.205 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://verify-demo.navapbc.cloud/assets/@uswds/uswds/dist/img/usa-icons/close-ffbc61caf4be69eb734a7f3e93e96a4e2e3a163291b4ac04fc7c942dff396d27.svg Requested by Host: verify-demo.navapbc.cloud URL: https://verify-demo.navapbc.cloud/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.235.211.205 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-235-211-205.compute-1.amazonaws.com Software / Resource Hash 1abf0e0aa201160b9c6d6decca211d6b6ae67d73165fc7c57581db42ef274cf9 Security Headers Name Value Strict-Transport-Security max-age=631138519 X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://verify-demo.navapbc.cloud/ Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 07 Jun 2024 06:36:59 GMT strict-transport-security max-age=631138519 x-content-type-options nosniff last-modified Thu, 06 Jun 2024 17:27:40 GMT x-permitted-cross-domain-policies none x-download-options noopen x-frame-options sameorigin content-type image/svg+xml content-length 202 x-xss-protection 1; mode=block
GET		js www.googletagmanager.com/gtag/	0 0
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	88ms 26ms	Script text/javascript	216.58.206.46 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: dap.digitalgov.gov URL: https://dap.digitalgov.gov/Universal-Federated-Analytics-Min.js?agency=GSA Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.206.46 , United States, ASN15169 (GOOGLE, US), Reverse DNS lhr35s10-in-f14.1e100.net Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://verify-demo.navapbc.cloud/ Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Fri, 07 Jun 2024 05:41:03 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 3356 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Fri, 07 Jun 2024 07:41:03 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	1 B 214 B	33ms 33ms	XHR text/plain	216.58.206.46 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1082661448&t=pageview&_s=1&dl=https%3A%2F%2Fverify-demo.navapbc.cloud%2F&dp=%2F&ul=it-it&de=UTF-8&dt=Verify.gov&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAQABAAAAACAGqC~&jid=2137156948&gjid=698937644&cid=2145061318.1717742219&tid=UA-33523145-1&_gid=456250933.1717742219&_r=1&cd1=GSA&cd2=verify-demo.navapbc.cloud&cd3=20240524%20v7.05%20-%20Dual%20Tracking&cd4=unspecified%3Averify-demo.navapbc.cloud&cd5=unspecified%3Averify-demo.navapbc.cloud&cd6=https%3A%2F%2Fdap.digitalgov.gov%2FUniversal-Federated-Analytics-Min.js&cd7=https%3A&z=1382909054 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.206.46 , United States, ASN15169 (GOOGLE, US), Reverse DNS lhr35s10-in-f14.1e100.net Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer https://verify-demo.navapbc.cloud/ Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 07 Jun 2024 06:36:59 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://verify-demo.navapbc.cloud cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	expand_more-ae788fcfa7a4023308f4a908b0afe60747ec2a1f9d8810096e57d87136b86e2d.svg verify-demo.navapbc.cloud/assets/@uswds/uswds/dist/img/usa-icons/	145 B 403 B	117ms 117ms	Image image/svg+xml	34.235.211.205 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://verify-demo.navapbc.cloud/assets/@uswds/uswds/dist/img/usa-icons/expand_more-ae788fcfa7a4023308f4a908b0afe60747ec2a1f9d8810096e57d87136b86e2d.svg Requested by Host: verify-demo.navapbc.cloud URL: https://verify-demo.navapbc.cloud/assets/application-647455a85d14267f236f0c93c7f901b4ac591cd3ec0e53053ae3459ffb05d7a1.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.235.211.205 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-235-211-205.compute-1.amazonaws.com Software / Resource Hash bc1d8378c2d4dabf3610d8a07fddfe50991d9662c991188b6ed0f7e13aaeea0b Security Headers Name Value Strict-Transport-Security max-age=631138519 X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://verify-demo.navapbc.cloud/assets/application-647455a85d14267f236f0c93c7f901b4ac591cd3ec0e53053ae3459ffb05d7a1.css Origin https://verify-demo.navapbc.cloud Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 07 Jun 2024 06:36:59 GMT strict-transport-security max-age=631138519 x-content-type-options nosniff last-modified Thu, 06 Jun 2024 17:27:40 GMT x-permitted-cross-domain-policies none x-download-options noopen x-frame-options sameorigin content-type image/svg+xml content-length 145 x-xss-protection 1; mode=block
GET H2	200	sourcesanspro-regular-webfont-6036e4cba0ddc561d99f1221a689406c336c06c1023e757a704871bf7ab3056a.woff2 verify-demo.navapbc.cloud/assets/@uswds/uswds/dist/fonts/source-sans-pro/	20 KB 20 KB	117ms 117ms	Font application/font-woff2	34.235.211.205 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://verify-demo.navapbc.cloud/assets/@uswds/uswds/dist/fonts/source-sans-pro/sourcesanspro-regular-webfont-6036e4cba0ddc561d99f1221a689406c336c06c1023e757a704871bf7ab3056a.woff2 Requested by Host: verify-demo.navapbc.cloud URL: https://verify-demo.navapbc.cloud/assets/application-647455a85d14267f236f0c93c7f901b4ac591cd3ec0e53053ae3459ffb05d7a1.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.235.211.205 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-235-211-205.compute-1.amazonaws.com Software / Resource Hash 8792619becd8b285e78f14bfcf1ad66e2adbae0f5ec8ad131246621f806ac535 Security Headers Name Value Strict-Transport-Security max-age=631138519 X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://verify-demo.navapbc.cloud/assets/application-647455a85d14267f236f0c93c7f901b4ac591cd3ec0e53053ae3459ffb05d7a1.css Origin https://verify-demo.navapbc.cloud Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 07 Jun 2024 06:36:59 GMT strict-transport-security max-age=631138519 x-content-type-options nosniff last-modified Thu, 06 Jun 2024 17:27:40 GMT x-permitted-cross-domain-policies none x-download-options noopen x-frame-options sameorigin content-type application/font-woff2 content-length 20540 x-xss-protection 1; mode=block
GET H2	200	sourcesanspro-bold-webfont-3f462b4155f418e8489d88338aa39c4ad82909d117c2c87c5e53ae650bf919cc.woff2 verify-demo.navapbc.cloud/assets/@uswds/uswds/dist/fonts/source-sans-pro/	20 KB 20 KB	117ms 117ms	Font application/font-woff2	34.235.211.205 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://verify-demo.navapbc.cloud/assets/@uswds/uswds/dist/fonts/source-sans-pro/sourcesanspro-bold-webfont-3f462b4155f418e8489d88338aa39c4ad82909d117c2c87c5e53ae650bf919cc.woff2 Requested by Host: verify-demo.navapbc.cloud URL: https://verify-demo.navapbc.cloud/assets/application-647455a85d14267f236f0c93c7f901b4ac591cd3ec0e53053ae3459ffb05d7a1.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.235.211.205 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-235-211-205.compute-1.amazonaws.com Software / Resource Hash 83f67df68dac5c435d964be278d39f70ad8605265b6b99918a46451b77552e92 Security Headers Name Value Strict-Transport-Security max-age=631138519 X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://verify-demo.navapbc.cloud/assets/application-647455a85d14267f236f0c93c7f901b4ac591cd3ec0e53053ae3459ffb05d7a1.css Origin https://verify-demo.navapbc.cloud Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 07 Jun 2024 06:36:59 GMT strict-transport-security max-age=631138519 x-content-type-options nosniff last-modified Thu, 06 Jun 2024 17:27:40 GMT x-permitted-cross-domain-policies none x-download-options noopen x-frame-options sameorigin content-type application/font-woff2 content-length 20368 x-xss-protection 1; mode=block
GET H2	200	favicon.ico verify-demo.navapbc.cloud/	0 244 B	116ms 116ms	Other image/vnd.microsoft.icon	34.235.211.205 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://verify-demo.navapbc.cloud/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.235.211.205 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-235-211-205.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=631138519 X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://verify-demo.navapbc.cloud/ Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 07 Jun 2024 06:36:59 GMT strict-transport-security max-age=631138519 x-content-type-options nosniff last-modified Tue, 28 May 2024 18:52:31 GMT x-permitted-cross-domain-policies none x-download-options noopen x-frame-options sameorigin content-type image/vnd.microsoft.icon content-length 0 x-xss-protection 1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

www.googletagmanager.com

URL

https://www.googletagmanager.com/gtag/js?id=G-CSLL4ZEK4L

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| tObjectCheck object| _allowedQuerystrings boolean| isSearch object| oCONFIG object| head object| GA4Object function| gtag boolean| trackerFlag function| _onEveryPage function| _defineCookieDomain function| _defineAgencyCDsValues function| _cleanBooleanParam function| _isValidUANum function| _isValidGA4Num function| _cleanDimensionValue function| _updateConfig function| _sendCustomDimensions function| _sendCustomMetrics function| _sendEvent function| _mapGA4toUA function| _sendPageview function| gas function| _URIHandler function| _sendViewSearchResult function| _isExcludedReferrer function| createTracker function| _initAutoTracker undefined| tag undefined| firstScriptTag undefined| videoArray undefined| playerArray undefined| _buckets undefined| _milestoneController undefined| ytUtils function| _payloadInterceptor function| _piiRedactor function| _initIdAssigner function| _initBannerTracker function| _customTask function| _scrubbedURL function| _setAllowedQS function| _setUpTrackers function| _setUpTrackersIfReady object| dataLayer string| GoogleAnalyticsObject function| ga string| _fullParams string| _keyValuePair string| _key string| _value boolean| _isRedacted object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| _ga_originalSendHitTask object| Turbo object| Stimulus boolean| uswdsPresent

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			verify-demo.navapbc.cloud/	1969-12-31 23:59:59	Name: _iv_cbv_payroll_session Value: FSX%2BWOg0%2B16sATjx3bJaFH%2FZz%2FjIY%2FDOpRWB4LpY7BblyfRSn28GaPuZuLMbFrsKXOfumSuzB2COkAyBVUrNi%2Bn0NjOcii1WsFaU84PFw5iyyqsvQ7hoVL%2BlxzGvZh4UdHBINW%2FtlpabWBYPTsLzHKWX1aYchYns0k%2FV4y1qrzcHCzUiTAQy5QpootU6X15I3bsKa4kwLNRBiUGaAa2%2BbYmSjeiAQL1JBzPtXY3Vdu%2BXf7YqQ4dkPxhA%2FrSlIrj1UCbId2WADWdaTgz7IokXAYIRviEc%2F67BSP5BnZ0KAg%3D%3D--m6fBi7eAHmBUu5zD--c9ICHvOTb6vkaJB%2BesPw2A%3D%3D
			.verify-demo.navapbc.cloud/	1970-01-21 06:45:02	Name: _ga Value: GA1.3.2145061318.1717742219
			.verify-demo.navapbc.cloud/	1970-01-20 21:10:28	Name: _gid Value: GA1.3.456250933.1717742219
			.verify-demo.navapbc.cloud/	1970-01-20 21:09:02	Name: _gat_GSA_ENOR0 Value: 1

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://verify-demo.navapbc.cloud/ Message: The source list for the Content Security Policy directive 'script-src' contains an invalid source: ''nonce-''. It will be ignored.
security	error	URL: https://verify-demo.navapbc.cloud/(Line 47) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' https://*.argyle.com https://js-agent.newrelic.com https://*.nr-data.net https://dap.digitalgov.gov https://www.google-analytics.com 'nonce-'". Either the 'unsafe-inline' keyword, a hash ('sha256-WoboHKs1nMcwYjG4FQcwrkcyItYmQw0MJqsHL2kz+Ms='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: https://dap.digitalgov.gov/Universal-Federated-Analytics-Min.js?agency=GSA(Line 4) Message: Refused to load the script 'https://www.googletagmanager.com/gtag/js?id=G-CSLL4ZEK4L' because it violates the following Content Security Policy directive: "script-src 'self' https://*.argyle.com https://js-agent.newrelic.com https://*.nr-data.net https://dap.digitalgov.gov https://www.google-analytics.com 'nonce-'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; font-src 'self' https://*.cloudinary.com; form-action 'self'; frame-ancestors 'none'; img-src 'self' data: https://*.cloudinary.com http://*.cloudinary.com https://www.google-analytics.com; object-src 'none'; script-src 'self' https://*.argyle.com https://js-agent.newrelic.com https://*.nr-data.net https://dap.digitalgov.gov https://www.google-analytics.com 'nonce-'; connect-src 'self' https://*.argyle.com https://get.geojs.io https://*.nr-data.net https://dap.digitalgov.gov https://www.google-analytics.com; worker-src 'self' blob:; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dap.digitalgov.gov
verify-demo.navapbc.cloud
www.google-analytics.com
www.googletagmanager.com
www.googletagmanager.com
13.32.27.50
216.58.206.46
34.235.211.205
1abf0e0aa201160b9c6d6decca211d6b6ae67d73165fc7c57581db42ef274cf9
1d3716dc2b8dd863b85dcc70e0f520491b0a275a3fbfeba2d83391f26417f6ef
5dcdf93abaf205e8a6cc8dea43c4f493fbc75cd7facb2e3e302a85ef6cf9274d
6b72220aeb955af892818158393ce08a835adef155db49c39f4a1284e37df094
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
71fae77df9e20061f486232d281697904b1e5a872ca567a95b5506c03a47201c
796731c9ec6b19fe8e6c4449b405a6112806b973dc38108a845366e8803aac8c
83f67df68dac5c435d964be278d39f70ad8605265b6b99918a46451b77552e92
8792619becd8b285e78f14bfcf1ad66e2adbae0f5ec8ad131246621f806ac535
912daff95ce9cabae7d0195d39aa98d49c4bec3b975d404ac266534c069cee20
bc1d8378c2d4dabf3610d8a07fddfe50991d9662c991188b6ed0f7e13aaeea0b
d0228750c35aa8389308c85c3cd6a2175b5fdb950c4f048d731e05d3075cda15
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855