urlscan.io logo urlscan.io
SecurityTrails logo

extranet.osha.gov Open in urlscan Pro
152.180.11.21  Public Scan

Go To Rescan Add Verdict Report
URL: https://extranet.osha.gov/remote/login.html?resource_url=https%3A%2F%2Fextranet.osha.gov%2F
Submission Tags: falconsandbox
Submission: On October 30 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 8 domains to perform 30 HTTP transactions. The main IP is 152.180.11.21, located in Washington, United States and belongs to UUNET, US. The main domain is extranet.osha.gov.
TLS certificate: Issued by Entrust Certification Authority - L1K on July 18th 2024. Valid for: a year.
This is the only time extranet.osha.gov was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

10    152.180.11.21 (Washington, United States)

ASN701 (UUNET, US)
extranet.osha.gov
7    2600:1408:20:a8a::18b9 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
www.osha.gov
3    2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
2    104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)
netdna.bootstrapcdn.com
1    2607:f8b0:4004:c08::5f (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2600:9000:27c2:fe00:5:83ea:ba80:93a1 (United States)

ASN16509 (AMAZON-02, US)
dap.digitalgov.gov
2    2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2607:f8b0:4004:c0b::61 (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2607:f8b0:4004:c07::88 (Washington, United States)

ASN15169 (GOOGLE, US)
www.youtube.com
1    64.233.180.102 (United States)

ASN15169 (GOOGLE, US)
PTR: pe-in-f102.1e100.net
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
17 osha.gov
extranet.osha.gov
www.osha.gov — Cisco Umbrella Rank: 67952
296 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
22 KB
3 jquery.com
code.jquery.com — Cisco Umbrella Rank: 791
105 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 77
12 KB
2 bootstrapcdn.com
netdna.bootstrapcdn.com — Cisco Umbrella Rank: 3539
49 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
99 KB
1 digitalgov.gov
dap.digitalgov.gov — Cisco Umbrella Rank: 4571
9 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
1 KB
30 8
Domain Requested by
10 extranet.osha.gov extranet.osha.gov
7 www.osha.gov extranet.osha.gov
3 www.google-analytics.com extranet.osha.gov
www.google-analytics.com
www.googletagmanager.com
3 code.jquery.com extranet.osha.gov
2 www.youtube.com dap.digitalgov.gov
www.youtube.com
2 netdna.bootstrapcdn.com extranet.osha.gov
netdna.bootstrapcdn.com
1 www.googletagmanager.com dap.digitalgov.gov
1 dap.digitalgov.gov extranet.osha.gov
1 fonts.googleapis.com extranet.osha.gov
30 9

This site contains no links.

Subject Issuer Validity Valid
extranet.osha.gov
Entrust Certification Authority - L1K		 2024-07-18 -
2025-08-18		 a year crt.sh
dol.gov
GeoTrust RSA CA 2018		 2024-09-26 -
2025-09-26		 a year crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA		 2024-06-25 -
2025-06-25		 a year crt.sh
bootstrapcdn.com
WE1		 2024-09-20 -
2024-12-19		 3 months crt.sh
upload.video.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
dap.digitalgov.gov
Amazon RSA 2048 M03		 2024-06-06 -
2025-07-05		 a year crt.sh
*.google-analytics.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://extranet.osha.gov/remote/login.html?resource_url=https%3A%2F%2Fextranet.osha.gov%2F
Frame ID: B477E44EF35F49F1C1E6BD7C15E82B26
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Occupational Safety and Health Administration - OSHA Extranet Login Page

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js

Page Statistics

30
Requests

100 %
HTTPS

70 %
IPv6

8
Domains

9
Subdomains

10
IPs

2
Countries

593 kB
Transfer

1294 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login.html
extranet.osha.gov/remote/ 		10 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://extranet.osha.gov/remote/login.html?resource_url=https%3A%2F%2Fextranet.osha.gov%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
152.180.11.21 Washington, United States, ASN701 (UUNET, US),
Reverse DNS
Software
/
Resource Hash
6c725fd144437a554a9dd9a5952603dc3fc8b97d68f9489024dc31e94a7bb5eb
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Connection
Keep-Alive
Content-Security-Policy
frame-ancestors 'self';
Content-Type
text/html
Date
Wed, 30 Oct 2024 23:59:32 GMT
Keep-Alive
timeout=5, max=100
Strict-Transport-Security
max-age=31536000; includeSubDomains
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Frame-Options
DENY SAMEORIGIN
X-XSS-Protection
1; mode=block
docs.css
extranet.osha.gov/bootstrap/css/ 		22 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://extranet.osha.gov/bootstrap/css/docs.css
Requested by
Host: extranet.osha.gov
URL: https://extranet.osha.gov/remote/login.html?resource_url=https%3A%2F%2Fextranet.osha.gov%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
152.180.11.21 Washington, United States, ASN701 (UUNET, US),
Reverse DNS
Software
/
Resource Hash
a5b39237ae6a8a70cc3080ad5bd86d0ab73ccbf19cd73b1deba579c5928c86f0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://extranet.osha.gov/remote/login.html?resource_url=https%3A%2F%2Fextranet.osha.gov%2F

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self';
ETag
"5608-4d4ac7bd71800"
Connection
Keep-Alive
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Content-Length
22024
Keep-Alive
timeout=5, max=99
Date
Wed, 30 Oct 2024 23:59:32 GMT
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 01 Feb 2013 16:46:24 GMT
Content-Type
text/css
X-Frame-Options
DENY, SAMEORIGIN
bootstrap.css
www.osha.gov/bootstrap-obis/css/ 		150 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.osha.gov/bootstrap-obis/css/bootstrap.css
Requested by
Host: extranet.osha.gov
URL: https://extranet.osha.gov/remote/login.html?resource_url=https%3A%2F%2Fextranet.osha.gov%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:20:a8a::18b9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d33b509cc9606c650fff4395e2c13ccd4a0470f0b1f7dccd7dd4b52582cebf54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://extranet.osha.gov/

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
content-encoding
gzip
etag
"900d5b158d7d2971fa3b7f80e3ba255a:1716477638.203512"
accept-ranges
bytes
content-length
22310
date
Wed, 30 Oct 2024 23:59:33 GMT
content-type
text/css
last-modified
Thu, 23 May 2024 15:20:38 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
prettify.css
www.osha.gov/bootstrap-obis/css/ 		964 B
648 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.osha.gov/bootstrap-obis/css/prettify.css
Requested by
Host: extranet.osha.gov
URL: https://extranet.osha.gov/remote/login.html?resource_url=https%3A%2F%2Fextranet.osha.gov%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:20:a8a::18b9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
ac6d1b18be1a2d2d7c5e23543a1aee95a59e7c57b1bdf888fa00b72262c0be34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://extranet.osha.gov/

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
content-encoding
gzip
etag
"760d8ac69874cfe303f044345e915bdc:1624397947.933703"
accept-ranges
bytes
content-length
448
date
Wed, 30 Oct 2024 23:59:33 GMT
content-type
text/css
last-modified
Tue, 22 Jun 2021 21:39:07 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
jquery-ui.css
code.jquery.com/ui/1.13.2/themes/base/ 		35 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/ui/1.13.2/themes/base/jquery-ui.css
Requested by
Host: extranet.osha.gov
URL: https://extranet.osha.gov/remote/login.html?resource_url=https%3A%2F%2Fextranet.osha.gov%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c8c2157918c9fed0bb9dcc56c96b52dc7af70b05ca0228e467eaf91777751ad7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://extranet.osha.gov/

Response headers

content-encoding
gzip
etag
W/"28feccc0-8d03"
age
3159575
x-cache
HIT, HIT
date
Wed, 30 Oct 2024 23:59:32 GMT
content-type
text/css
vary
Accept-Encoding
x-cache-hits
50, 13800
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
x-served-by
cache-lga21933-LGA, cache-mia-kmia1760060-MIA
cache-control
public, max-age=31536000, stale-while-revalidate=604800
x-timer
S1730332772.308720,VS0,VE0
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
8356
server
nginx
bootstrap-responsive.css
extranet.osha.gov/bootstrap/css/ 		22 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://extranet.osha.gov/bootstrap/css/bootstrap-responsive.css
Requested by
Host: extranet.osha.gov
URL: https://extranet.osha.gov/remote/login.html?resource_url=https%3A%2F%2Fextranet.osha.gov%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
152.180.11.21 Washington, United States, ASN701 (UUNET, US),
Reverse DNS
Software
/
Resource Hash
c6a460fcafb3fee5f2109e1c85beff1d3c33696550717b965ebbedfd408cabb7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://extranet.osha.gov/remote/login.html?resource_url=https%3A%2F%2Fextranet.osha.gov%2F

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self';
ETag
"569f-5d7745f3b7072"
Connection
Keep-Alive
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Content-Length
22175
Keep-Alive
timeout=5, max=98
Date
Wed, 30 Oct 2024 23:59:32 GMT
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 07 Feb 2022 21:34:57 GMT
Content-Type
text/css
X-Frame-Options
DENY, SAMEORIGIN
intratemplate.css
extranet.osha.gov/bootstrap/css/ 		40 KB
40 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://extranet.osha.gov/bootstrap/css/intratemplate.css?version=08-26-2024
Requested by
Host: extranet.osha.gov
URL: https://extranet.osha.gov/remote/login.html?resource_url=https%3A%2F%2Fextranet.osha.gov%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
152.180.11.21 Washington, United States, ASN701 (UUNET, US),
Reverse DNS
Software
/
Resource Hash
877c1d845e4120ac56725917d8e5d191f1b57da5fcd026a74141e35a627bda94
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://extranet.osha.gov/remote/login.html?resource_url=https%3A%2F%2Fextranet.osha.gov%2F

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self';
ETag
"9fe0-6209c546fea58"
Connection
Keep-Alive
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Content-Length
40928
Keep-Alive
timeout=5, max=100
Date
Wed, 30 Oct 2024 23:59:32 GMT
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 26 Aug 2024 20:54:23 GMT
Content-Type
text/css
X-Frame-Options
DENY, SAMEORIGIN
print.css
extranet.osha.gov/bootstrap/css/ 		120 KB
121 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://extranet.osha.gov/bootstrap/css/print.css
Requested by
Host: extranet.osha.gov
URL: https://extranet.osha.gov/remote/login.html?resource_url=https%3A%2F%2Fextranet.osha.gov%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
152.180.11.21 Washington, United States, ASN701 (UUNET, US),
Reverse DNS
Software
/
Resource Hash
e3332f706eb06f5785d08f6c52972bf1d287cc4a6e07f1620f5d5f0ef2eeac86
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://extranet.osha.gov/remote/login.html?resource_url=https%3A%2F%2Fextranet.osha.gov%2F

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self';
ETag
"1e169-4eb3969b55f80"
Connection
Keep-Alive
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Content-Length
123241
Keep-Alive
timeout=5, max=99
Date
Wed, 30 Oct 2024 23:59:33 GMT
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 15 Nov 2013 16:08:46 GMT
Content-Type
text/css
X-Frame-Options
DENY, SAMEORIGIN
font-awesome.css
netdna.bootstrapcdn.com/font-awesome/4.0.3/css/ 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css
Requested by
Host: extranet.osha.gov
URL: https://extranet.osha.gov/remote/login.html?resource_url=https%3A%2F%2Fextranet.osha.gov%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3083e8d3b21ddc3f0e6d65ec3580aa6edfaadca5d9737d9caa27e6a233e1ccf3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://extranet.osha.gov/

Response headers

cdn-status
200
content-encoding
br
cf-cache-status
HIT
etag
W/"1f9e9d1a5a1d347d945ef4b7727f2ea0"
age
776879
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 30 Oct 2024 23:59:32 GMT
last-modified
Mon, 25 Jan 2021 22:04:53 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cdn-cache
HIT
cdn-cachedat
03/18/2024 16:02:18
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
timing-allow-origin
*
cdn-requesttime
0
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
e65a1529604847ec626e5eaf7d58e7c5
cross-origin-resource-policy
cross-origin
cdn-pullzone
252412
cdn-proxyver
1.04
cf-ray
8daf5c12cdd68dd0-MIA
access-control-allow-origin
*
cdn-edgestorageid
974
server
cloudflare
cdn-requestcountrycode
US
responsive-embed.css
extranet.osha.gov/bootstrap/css/ 		313 B
797 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://extranet.osha.gov/bootstrap/css/responsive-embed.css
Requested by
Host: extranet.osha.gov
URL: https://extranet.osha.gov/remote/login.html?resource_url=https%3A%2F%2Fextranet.osha.gov%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
152.180.11.21 Washington, United States, ASN701 (UUNET, US),
Reverse DNS
Software
/
Resource Hash
914d903f404356a2061703c90f730f8e75b7022043415326dc06c3f11cb4310a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://extranet.osha.gov/remote/login.html?resource_url=https%3A%2F%2Fextranet.osha.gov%2F

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self';
ETag
"139-5167159f69100"
Connection
Keep-Alive
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Content-Length
313
Keep-Alive
timeout=5, max=100
Date
Wed, 30 Oct 2024 23:59:32 GMT
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 19 May 2015 15:56:20 GMT
Content-Type
text/css
X-Frame-Options
DENY, SAMEORIGIN
css2
fonts.googleapis.com/ 		15 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Merriweather:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&display=swap
Requested by
Host: extranet.osha.gov
URL: https://extranet.osha.gov/remote/login.html?resource_url=https%3A%2F%2Fextranet.osha.gov%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ee60cce35b32a3c5a31934464b55120718b6c0cf8a888ffa09bd44645305392d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://extranet.osha.gov/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 30 Oct 2024 23:59:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Oct 2024 23:59:32 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Wed, 30 Oct 2024 22:39:05 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
respond.js
www.osha.gov/bootstrap-obis/js/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.osha.gov/bootstrap-obis/js/respond.js
Requested by
Host: extranet.osha.gov
URL: https://extranet.osha.gov/remote/login.html?resource_url=https%3A%2F%2Fextranet.osha.gov%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:20:a8a::18b9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
f3593ba5e220c3937a0f0629b3720dd35d142f6ae5e27a0c9a90fe5cc0d2d6fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://extranet.osha.gov/

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
content-encoding
gzip
etag
"a38a224dd331e62d5d0debb1ba6d1267:1624398060.068855"
accept-ranges
bytes
content-length
3769
date
Wed, 30 Oct 2024 23:59:33 GMT
content-type
application/x-javascript
last-modified
Tue, 22 Jun 2021 21:41:00 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
jquery-3.6.4.min.js
code.jquery.com/ 		88 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.4.min.js
Requested by
Host: extranet.osha.gov
URL: https://extranet.osha.gov/remote/login.html?resource_url=https%3A%2F%2Fextranet.osha.gov%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://extranet.osha.gov/

Response headers

content-encoding
gzip
etag
W/"28feccc0-15ec3"
age
2985488
x-cache
HIT, HIT
date
Wed, 30 Oct 2024 23:59:32 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
x-cache-hits
135, 28192
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
x-served-by
cache-lga21953-LGA, cache-mia-kmia1760060-MIA
cache-control
public, max-age=31536000, stale-while-revalidate=604800
x-timer
S1730332772.309197,VS0,VE0
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
31011
server
nginx
jquery-ui.min.js
code.jquery.com/ui/1.13.2/ 		249 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/ui/1.13.2/jquery-ui.min.js
Requested by
Host: extranet.osha.gov
URL: https://extranet.osha.gov/remote/login.html?resource_url=https%3A%2F%2Fextranet.osha.gov%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9528ca634fecad433d044ddd3e6f9ce1f068d5d932dafdbb19d8e6daea1968bd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://extranet.osha.gov/

Response headers

content-encoding
gzip
etag
W/"28feccc0-3e46c"
age
4990339
x-cache
HIT, HIT
date
Wed, 30 Oct 2024 23:59:32 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
x-cache-hits
45, 18278
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
x-served-by
cache-lga13623-LGA, cache-mia-kmia1760060-MIA
cache-control
public, max-age=31536000, stale-while-revalidate=604800
x-timer
S1730332772.309401,VS0,VE0
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
67628
server
nginx
bootstrap.min.js
www.osha.gov/bootstrap-obis/js/ 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.osha.gov/bootstrap-obis/js/bootstrap.min.js
Requested by
Host: extranet.osha.gov
URL: https://extranet.osha.gov/remote/login.html?resource_url=https%3A%2F%2Fextranet.osha.gov%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:20:a8a::18b9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
29f84620e8e12c98ed6d97025939a2f70d6bc64bf264aa6bad2e060138f82dd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://extranet.osha.gov/

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
content-encoding
gzip
etag
"3817364ad5b9315f1b2865dad814dd30:1644344584.129784"
accept-ranges
bytes
content-length
7655
date
Wed, 30 Oct 2024 23:59:33 GMT
content-type
application/x-javascript
last-modified
Tue, 08 Feb 2022 18:23:04 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
dateSimple.js
extranet.osha.gov/bootstrap/js/ 		479 B
977 B 		Script
General
Check archive.org
Download Go to
Full URL
https://extranet.osha.gov/bootstrap/js/dateSimple.js
Requested by
Host: extranet.osha.gov
URL: https://extranet.osha.gov/remote/login.html?resource_url=https%3A%2F%2Fextranet.osha.gov%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
152.180.11.21 Washington, United States, ASN701 (UUNET, US),
Reverse DNS
Software
/
Resource Hash
d5fda4a583098a1ec123f6389eb5191ccec4089104e69c8976539037eeaa9284
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://extranet.osha.gov/remote/login.html?resource_url=https%3A%2F%2Fextranet.osha.gov%2F

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self';
ETag
"1df-4d49e53852a80"
Connection
Keep-Alive
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Content-Length
479
Keep-Alive
timeout=5, max=100
Date
Wed, 30 Oct 2024 23:59:32 GMT
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 31 Jan 2013 23:52:58 GMT
Content-Type
application/javascript
X-Frame-Options
DENY, SAMEORIGIN
bootstrapx-clickover.js
extranet.osha.gov/bootstrap/js/ 		7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://extranet.osha.gov/bootstrap/js/bootstrapx-clickover.js
Requested by
Host: extranet.osha.gov
URL: https://extranet.osha.gov/remote/login.html?resource_url=https%3A%2F%2Fextranet.osha.gov%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
152.180.11.21 Washington, United States, ASN701 (UUNET, US),
Reverse DNS
Software
/
Resource Hash
d2b69c40de96c66e81027ae1c4ff0a5c7b0a6a3f164b61bdc6011a36f2efd27b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://extranet.osha.gov/remote/login.html?resource_url=https%3A%2F%2Fextranet.osha.gov%2F

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self';
ETag
"1d43-60b61e023df74"
Connection
Keep-Alive
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Content-Length
7491
Keep-Alive
timeout=5, max=100
Date
Wed, 30 Oct 2024 23:59:32 GMT
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 30 Nov 2023 17:21:00 GMT
Content-Type
application/javascript
X-Frame-Options
DENY, SAMEORIGIN
date.js
www.osha.gov/bootstrap-obis/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.osha.gov/bootstrap-obis/js/date.js
Requested by
Host: extranet.osha.gov
URL: https://extranet.osha.gov/remote/login.html?resource_url=https%3A%2F%2Fextranet.osha.gov%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:20:a8a::18b9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
cc40b0f1bf695d221a203c4d4b6565add7891816e5fa3793782b6d7416e2541b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://extranet.osha.gov/

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
content-encoding
gzip
etag
"15e171500b4a5108927531b3f02a90aa:1626382165.183463"
accept-ranges
bytes
content-length
829
date
Wed, 30 Oct 2024 23:59:33 GMT
content-type
application/x-javascript
last-modified
Thu, 15 Jul 2021 20:49:25 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
accordion_mod.js
www.osha.gov/bootstrap-obis/js/ 		2 KB
959 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.osha.gov/bootstrap-obis/js/accordion_mod.js
Requested by
Host: extranet.osha.gov
URL: https://extranet.osha.gov/remote/login.html?resource_url=https%3A%2F%2Fextranet.osha.gov%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:20:a8a::18b9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
019a2d0a793b8860c01569d83a0a55f150c24bb0bc5841bf27c8f9e62dce5a9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://extranet.osha.gov/

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
content-encoding
gzip
etag
"af49a5ad2b40ebeba1beab4491bfb42f:1624398060.221303"
accept-ranges
bytes
content-length
749
date
Wed, 30 Oct 2024 23:59:33 GMT
content-type
application/x-javascript
last-modified
Tue, 22 Jun 2021 21:41:00 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
tabHash.js
www.osha.gov/bootstrap-obis/js/ 		972 B
619 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.osha.gov/bootstrap-obis/js/tabHash.js
Requested by
Host: extranet.osha.gov
URL: https://extranet.osha.gov/remote/login.html?resource_url=https%3A%2F%2Fextranet.osha.gov%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:20:a8a::18b9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
5574284216cc1591dbeacb507456ed64169696974bd442987d83e459214bc55b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://extranet.osha.gov/

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
content-encoding
gzip
etag
"69141ff7c81c9977ba597bc22c10682f:1682963381.307851"
accept-ranges
bytes
content-length
409
date
Wed, 30 Oct 2024 23:59:33 GMT
content-type
application/x-javascript
last-modified
Mon, 01 May 2023 17:49:41 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
extranet-logo.jpg
extranet.osha.gov/remote/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://extranet.osha.gov/remote/extranet-logo.jpg
Requested by
Host: extranet.osha.gov
URL: https://extranet.osha.gov/remote/login.html?resource_url=https%3A%2F%2Fextranet.osha.gov%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
152.180.11.21 Washington, United States, ASN701 (UUNET, US),
Reverse DNS
Software
/
Resource Hash
732060de792008e0e01994f97a9bb950fb7fabad05339035c0f639452147ba61
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://extranet.osha.gov/remote/login.html?resource_url=https%3A%2F%2Fextranet.osha.gov%2F

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self';
ETag
"7ed4-49e2606b03640"
Connection
Keep-Alive
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Content-Length
32468
Keep-Alive
timeout=5, max=100
Date
Wed, 30 Oct 2024 23:59:32 GMT
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 10 Mar 2011 19:41:05 GMT
Content-Type
image/jpeg
X-Frame-Options
DENY, SAMEORIGIN
Universal-Federated-Analytics-Min.js
dap.digitalgov.gov/ 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dap.digitalgov.gov/Universal-Federated-Analytics-Min.js?agency=DOL&subagency=OSHA&yt=true
Requested by
Host: extranet.osha.gov
URL: https://extranet.osha.gov/remote/login.html?resource_url=https%3A%2F%2Fextranet.osha.gov%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:27c2:fe00:5:83ea:ba80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0353637f69fb4c2399c2fb670fdf8769ebf36fe39bc44222ac241bd5db9e8c07

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://extranet.osha.gov/

Response headers

content-encoding
gzip
x-amz-version-id
BFYn5fiooXs0SZNLrHEgbRzkt2bgd2gy
etag
W/"5e016cc570c152968a32dabca2884e03"
age
13837
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
0A-JyzyDvkpv_qhrYjEXjhBdfU51O9mnFYcXDQzuwIsw2KJP6b4MGw==
date
Wed, 30 Oct 2024 20:08:57 GMT
content-type
application/javascript
vary
accept-encoding, Origin
last-modified
Thu, 26 Sep 2024 03:03:52 GMT
x-amz-replication-status
COMPLETED
via
1.1 c2095fc8ad28e69d5b1b0d8a45d5666e.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD61-P4
server
AmazonS3
x-amz-server-side-encryption
AES256
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: extranet.osha.gov
URL: https://extranet.osha.gov/remote/login.html?resource_url=https%3A%2F%2Fextranet.osha.gov%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://extranet.osha.gov/

Response headers

content-encoding
gzip
age
3307
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Thu, 31 Oct 2024 01:04:27 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Oct 2024 23:04:27 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
fontawesome-webfont.woff
netdna.bootstrapcdn.com/font-awesome/4.0.3/fonts/ 		43 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://netdna.bootstrapcdn.com/font-awesome/4.0.3/fonts/fontawesome-webfont.woff?v=4.0.3
Requested by
Host: netdna.bootstrapcdn.com
URL: https://netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://extranet.osha.gov
Referer
https://netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css

Response headers

cdn-status
200
cf-cache-status
HIT
etag
"3293616ec0c605c7c2db25829a0a509e"
age
452517
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Wed, 30 Oct 2024 23:59:33 GMT
content-type
font/woff
last-modified
Mon, 25 Jan 2021 22:04:53 GMT
cdn-cachedat
09/03/2022 05:39:27
cdn-cache
HIT
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
timing-allow-origin
*
cdn-requesttime
0
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
3930bc96657b06e932be7ff0e4bae177
cross-origin-resource-policy
cross-origin
cdn-pullzone
252412
cdn-proxyver
1.02
cf-ray
8daf5c1d2a6412a7-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
44432
cdn-edgestorageid
976
server
cloudflare
cdn-requestcountrycode
US
js
www.googletagmanager.com/gtag/ 		285 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-CSLL4ZEK4L
Requested by
Host: dap.digitalgov.gov
URL: https://dap.digitalgov.gov/Universal-Federated-Analytics-Min.js?agency=DOL&subagency=OSHA&yt=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
953b5a66c8067fc1ca0832cfd31d252d223e6482b98ebf38274aa910e27fefb9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://extranet.osha.gov/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 30 Oct 2024 23:59:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Oct 2024 23:59:34 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
100562
x-xss-protection
0
server
Google Tag Manager
iframe_api
www.youtube.com/ 		993 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: dap.digitalgov.gov
URL: https://dap.digitalgov.gov/Universal-Federated-Analytics-Min.js?agency=DOL&subagency=OSHA&yt=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::88 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2647e02a45178870d60f6549fd7a071c117763b4c6013bfdb13ea1a918c65336
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://extranet.osha.gov/

Response headers

content-encoding
br
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
x-content-type-options
nosniff
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
expires
Wed, 30 Oct 2024 23:59:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
date
Wed, 30 Oct 2024 23:59:34 GMT
content-type
text/javascript; charset=utf-8
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
content-security-policy
require-trusted-types-for 'script'
cache-control
private, max-age=0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
x-xss-protection
0
server
ESF
collect
www.google-analytics.com/j/ 		3 B
422 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=930649113&t=pageview&_s=1&dl=https%3A%2F%2Fextranet.osha.gov%2Fremote%2Flogin.html%3Fresource_url%3Dhttps%253A%252F%252Fextranet.osha.gov%252F&ul=en-us&de=UTF-8&dt=Occupational%20Safety%20and%20Health%20Administration%20-%20OSHA%20Extranet%20Login%20Page&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1349947658&gjid=945717438&cid=1470300025.1730332774&tid=UA-35083949-3&_gid=1818572102.1730332774&_r=1&_slc=1&z=1661006729
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://extranet.osha.gov/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Oct 2024 23:59:34 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://extranet.osha.gov
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
3
server
Golfe2
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-CSLL4ZEK4L&gtm=45je4as0v9131934939za200&_p=1730332773950&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101533422~101823848~101878899~101878944~101925629&cid=1470300025.1730332774&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&dl=https%3A%2F%2Fextranet.osha.gov%2Fremote%2Flogin.html&dt=Occupational%20Safety%20and%20Health%20Administration%20-%20OSHA%20Extranet%20Login%20Page&sid=1730332774&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.agency=DOL&ep.subagency=OSHA&ep.site_topic=unspecified%3Aextranet.osha.gov&ep.site_platform=unspecified%3Aextranet.osha.gov&ep.script_source=https%3A%2F%2Fdap.digitalgov.gov%2Funiversal-federated-analytics-min.js&ep.version=20240925%20v8.3%20-%20ga4&ep.protocol=https%3A&ep.using_parallel_tracker=no&tfd=2484
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CSLL4ZEK4L
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.180.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
pe-in-f102.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://extranet.osha.gov/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://extranet.osha.gov
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Oct 2024 23:59:34 GMT
content-type
text/plain
server
Golfe2
www-widgetapi.js
www.youtube.com/s/player/4e23410d/www-widgetapi.vflset/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/4e23410d/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::88 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c5d5def42611faa30644c529baa623052160b9634f1bb0b97a8185ec32f39f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://extranet.osha.gov/

Response headers

content-encoding
br
age
4065
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options
nosniff
expires
Thu, 30 Oct 2025 22:51:49 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Oct 2024 22:51:49 GMT
last-modified
Wed, 30 Oct 2024 04:17:07 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
content-length
10143
x-xss-protection
0
server
sffe
favicon.ico
extranet.osha.gov/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://extranet.osha.gov/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
152.180.11.21 Washington, United States, ASN701 (UUNET, US),
Reverse DNS
Software
/
Resource Hash
9e18f1d54e3765e993ce4c0c2587a84dda02ef843fe91983d4e7de9ab9320778
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://extranet.osha.gov/remote/login.html?resource_url=https%3A%2F%2Fextranet.osha.gov%2F

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self';
ETag
"57e-5706ad94b7a80"
Connection
Keep-Alive
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Content-Length
1406
Keep-Alive
timeout=5, max=98
Date
Wed, 30 Oct 2024 23:59:34 GMT
X-XSS-Protection
1; mode=block
Last-Modified
Sat, 07 Jul 2018 15:58:18 GMT
Content-Type
image/x-icon
X-Frame-Options
DENY, SAMEORIGIN

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| respond function| $ function| jQuery string| todayDate number| day string| fechaHoy object| dayName object| monName object| now object| mesName function| toAccordion string| GoogleAnalyticsObject function| ga function| clicked string| _fullParams string| _keyValuePair string| _key boolean| _value object| dataLayer function| gas function| gas4 boolean| _isRedacted function| onYouTubeIframeAPIReady function| onPlayerReady function| onPlayerError function| onPlayerStateChange function| youtube_parser function| IsYouTube function| YTUrlHandler function| _initYouTubeTracker object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady

7 Cookies

Domain/Path Name / Value
.osha.gov/ Name: _gid
Value: GA1.2.1818572102.1730332774
.osha.gov/ Name: _gat
Value: 1
.youtube.com/ Name: YSC
Value: r2nwScIHTdY
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: An9XK3_mQSU
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJVUxIEGgAgGg%3D%3D
.osha.gov/ Name: _ga
Value: GA1.1.1470300025.1730332774
.osha.gov/ Name: _ga_CSLL4ZEK4L
Value: GS1.1.1730332774.1.0.1730332774.0.0.0

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://extranet.osha.gov/remote/login.html?resource_url=https%3A%2F%2Fextranet.osha.gov%2F
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
dap.digitalgov.gov
extranet.osha.gov
fonts.googleapis.com
netdna.bootstrapcdn.com
www.google-analytics.com
www.googletagmanager.com
www.osha.gov
www.youtube.com
104.18.11.207
152.180.11.21
2001:4860:4802:38::178
2600:1408:20:a8a::18b9
2600:9000:27c2:fe00:5:83ea:ba80:93a1
2607:f8b0:4004:c07::88
2607:f8b0:4004:c08::5f
2607:f8b0:4004:c0b::61
2a04:4e42:600::649
64.233.180.102
019a2d0a793b8860c01569d83a0a55f150c24bb0bc5841bf27c8f9e62dce5a9a
0353637f69fb4c2399c2fb670fdf8769ebf36fe39bc44222ac241bd5db9e8c07
0c5d5def42611faa30644c529baa623052160b9634f1bb0b97a8185ec32f39f3
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2647e02a45178870d60f6549fd7a071c117763b4c6013bfdb13ea1a918c65336
29f84620e8e12c98ed6d97025939a2f70d6bc64bf264aa6bad2e060138f82dd9
3083e8d3b21ddc3f0e6d65ec3580aa6edfaadca5d9737d9caa27e6a233e1ccf3
5574284216cc1591dbeacb507456ed64169696974bd442987d83e459214bc55b
6c725fd144437a554a9dd9a5952603dc3fc8b97d68f9489024dc31e94a7bb5eb
732060de792008e0e01994f97a9bb950fb7fabad05339035c0f639452147ba61
877c1d845e4120ac56725917d8e5d191f1b57da5fcd026a74141e35a627bda94
914d903f404356a2061703c90f730f8e75b7022043415326dc06c3f11cb4310a
9528ca634fecad433d044ddd3e6f9ce1f068d5d932dafdbb19d8e6daea1968bd
953b5a66c8067fc1ca0832cfd31d252d223e6482b98ebf38274aa910e27fefb9
9e18f1d54e3765e993ce4c0c2587a84dda02ef843fe91983d4e7de9ab9320778
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af
a5b39237ae6a8a70cc3080ad5bd86d0ab73ccbf19cd73b1deba579c5928c86f0
ac6d1b18be1a2d2d7c5e23543a1aee95a59e7c57b1bdf888fa00b72262c0be34
c6a460fcafb3fee5f2109e1c85beff1d3c33696550717b965ebbedfd408cabb7
c8c2157918c9fed0bb9dcc56c96b52dc7af70b05ca0228e467eaf91777751ad7
cc40b0f1bf695d221a203c4d4b6565add7891816e5fa3793782b6d7416e2541b
d2b69c40de96c66e81027ae1c4ff0a5c7b0a6a3f164b61bdc6011a36f2efd27b
d33b509cc9606c650fff4395e2c13ccd4a0470f0b1f7dccd7dd4b52582cebf54
d5fda4a583098a1ec123f6389eb5191ccec4089104e69c8976539037eeaa9284
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3332f706eb06f5785d08f6c52972bf1d287cc4a6e07f1620f5d5f0ef2eeac86
ee60cce35b32a3c5a31934464b55120718b6c0cf8a888ffa09bd44645305392d
f3593ba5e220c3937a0f0629b3720dd35d142f6ae5e27a0c9a90fe5cc0d2d6fb