urlscan.io logo urlscan.io
SecurityTrails logo

carrera.swf.army.mil Open in urlscan Pro
140.17.41.135  Public Scan

Go To Rescan Add Verdict Report
URL: https://carrera.swf.army.mil/
Submission: On January 25 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 23 HTTP transactions. The main IP is 140.17.41.135, located in United States and belongs to DNIC-ASBLK-05800-06055, US. The main domain is carrera.swf.army.mil.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on November 21st 2022. Valid for: a year.
This is the only time carrera.swf.army.mil was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
22 140.17.41.135 5852 (DNIC-ASBL...)
23 2
Apex Domain
Subdomains		 Transfer
22 army.mil
carrera.swf.army.mil
federation.eams.army.mil Failed
466 KB
23 1
Domain Requested by
22 carrera.swf.army.mil carrera.swf.army.mil
0 federation.eams.army.mil Failed
23 2

This site contains links to these domains. Also see Links.

Domain
icamportal.us.army.mil
armyfuturescommand.com
www.army.mil
www.linkedin.com
twitter.com
Subject Issuer Validity Valid
carrera.swf.army.mil
DigiCert SHA2 Extended Validation Server CA		 2022-11-21 -
2023-12-15		 a year crt.sh

This page contains 1 frames:

Primary Page: https://carrera.swf.army.mil/
Frame ID: 6373BC802D892859D6746A73735EAE3B
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Carrera

Page Statistics

23
Requests

96 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

2
IPs

1
Countries

466 kB
Transfer

1160 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://carrera.swf.army.mil/api/user/lastLogin HTTP 302
  • https://carrera.swf.army.mil/oauth2/authorization/eams-a HTTP 0
  • https://federation.eams.army.mil/sso/authenticate?response_type=code&client_id=carrera.swf.army.mil&scope=openid&state=AO_VrJFpQ14OGpcxmkTdnupGQ3Odr-3-eIHGGGY8Ro4%3D&redirect_uri=https://carrera.swf.army.mil/login/oauth2/code/eams-a&code_challenge_method=S256&nonce=dizlVrmphJUeq-tiTrervpgqNrpsnI30pwH3dhkm0q4&code_challenge=3YPoeQAno4JlQnJLnS_SGkR4vDXRdHnV20Zr01Sf9T0

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
carrera.swf.army.mil/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://carrera.swf.army.mil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
140.17.41.135 , United States, ASN5852 (DNIC-ASBLK-05800-06055, US),
Reverse DNS
Software
envoy /
Resource Hash
92e30fd267a0c406df0e20521b9f8a34580904a17dc4682fa0124788cead544b
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self';style-src 'self' 'nonce-d8c3af6c-51da-431d-9095-ac10c18881f3';frame-src 'none';form-action 'none';img-src 'self' data:;font-src 'self';frame-ancestors 'none';sandbox allow-forms allow-downloads allow-scripts allow-same-origin allow-popups
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
default-src 'self';script-src 'self';style-src 'self' 'nonce-d8c3af6c-51da-431d-9095-ac10c18881f3';frame-src 'none';form-action 'none';img-src 'self' data:;font-src 'self';frame-ancestors 'none';sandbox allow-forms allow-downloads allow-scripts allow-same-origin allow-popups
content-type
text/html;charset=UTF-8
date
Wed, 25 Jan 2023 18:39:38 GMT
expires
0
pragma
no-cache
server
envoy
strict-transport-security
max-age=63072000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
1
x-frame-options
DENY
x-xss-protection
1; mode=block
main.beeef5d9.chunk.css
carrera.swf.army.mil/static/css/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://carrera.swf.army.mil/static/css/main.beeef5d9.chunk.css
Requested by
Host: carrera.swf.army.mil
URL: https://carrera.swf.army.mil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
140.17.41.135 , United States, ASN5852 (DNIC-ASBLK-05800-06055, US),
Reverse DNS
Software
envoy /
Resource Hash
293dc280bf88dec33aa3042a651cbc0c9580063dc38b604111c2a25ae261bf4e
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self';style-src 'self' 'nonce-e7b86118-2823-4976-ba44-359a2d059434';frame-src 'none';form-action 'none';img-src 'self' data:;font-src 'self';frame-ancestors 'none';sandbox allow-forms allow-downloads allow-scripts allow-same-origin allow-popups
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://carrera.swf.army.mil/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
default-src 'self';script-src 'self';style-src 'self' 'nonce-e7b86118-2823-4976-ba44-359a2d059434';frame-src 'none';form-action 'none';img-src 'self' data:;font-src 'self';frame-ancestors 'none';sandbox allow-forms allow-downloads allow-scripts allow-same-origin allow-popups
date
Wed, 25 Jan 2023 18:39:38 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
envoy
content-encoding
gzip
x-frame-options
DENY
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
content-type
text/css
cache-control
no-store
x-envoy-upstream-service-time
1
accept-ranges
bytes
x-xss-protection
1; mode=block
runtime-main.60874224.js
carrera.swf.army.mil/static/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://carrera.swf.army.mil/static/js/runtime-main.60874224.js
Requested by
Host: carrera.swf.army.mil
URL: https://carrera.swf.army.mil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
140.17.41.135 , United States, ASN5852 (DNIC-ASBLK-05800-06055, US),
Reverse DNS
Software
envoy /
Resource Hash
6e02a1a209a402332116b464a84ddecfd7d7ad4ab99ef5d16a5bab29f72de0b5
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self';style-src 'self' 'nonce-166cc30c-d062-4c25-b51e-efb93ea0360f';frame-src 'none';form-action 'none';img-src 'self' data:;font-src 'self';frame-ancestors 'none';sandbox allow-forms allow-downloads allow-scripts allow-same-origin allow-popups
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://carrera.swf.army.mil/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
default-src 'self';script-src 'self';style-src 'self' 'nonce-166cc30c-d062-4c25-b51e-efb93ea0360f';frame-src 'none';form-action 'none';img-src 'self' data:;font-src 'self';frame-ancestors 'none';sandbox allow-forms allow-downloads allow-scripts allow-same-origin allow-popups
date
Wed, 25 Jan 2023 18:39:38 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
envoy
content-encoding
gzip
x-frame-options
DENY
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
content-type
application/javascript
cache-control
no-store
x-envoy-upstream-service-time
1
accept-ranges
bytes
x-xss-protection
1; mode=block
2.284d3194.chunk.js
carrera.swf.army.mil/static/js/ 		834 KB
270 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://carrera.swf.army.mil/static/js/2.284d3194.chunk.js
Requested by
Host: carrera.swf.army.mil
URL: https://carrera.swf.army.mil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
140.17.41.135 , United States, ASN5852 (DNIC-ASBLK-05800-06055, US),
Reverse DNS
Software
envoy /
Resource Hash
02bbdc12a375d76f8785272232277f4808eece5e9d76f28c27d4ddd9683b4246
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self';style-src 'self' 'nonce-0ec58297-588b-430d-a8f8-8e2769e86e10';frame-src 'none';form-action 'none';img-src 'self' data:;font-src 'self';frame-ancestors 'none';sandbox allow-forms allow-downloads allow-scripts allow-same-origin allow-popups
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://carrera.swf.army.mil/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
default-src 'self';script-src 'self';style-src 'self' 'nonce-0ec58297-588b-430d-a8f8-8e2769e86e10';frame-src 'none';form-action 'none';img-src 'self' data:;font-src 'self';frame-ancestors 'none';sandbox allow-forms allow-downloads allow-scripts allow-same-origin allow-popups
date
Wed, 25 Jan 2023 18:39:38 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
envoy
content-encoding
gzip
x-frame-options
DENY
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
content-type
application/javascript
cache-control
no-store
x-envoy-upstream-service-time
5
accept-ranges
bytes
x-xss-protection
1; mode=block
main.5605af6d.chunk.js
carrera.swf.army.mil/static/js/ 		135 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://carrera.swf.army.mil/static/js/main.5605af6d.chunk.js
Requested by
Host: carrera.swf.army.mil
URL: https://carrera.swf.army.mil/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
140.17.41.135 , United States, ASN5852 (DNIC-ASBLK-05800-06055, US),
Reverse DNS
Software
envoy /
Resource Hash
e7129e2a550050bd97c990018d04973ed5a33416195a30643504870b0c38239a
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self';style-src 'self' 'nonce-0dcb204c-6cb3-46e3-903f-1205017e8231';frame-src 'none';form-action 'none';img-src 'self' data:;font-src 'self';frame-ancestors 'none';sandbox allow-forms allow-downloads allow-scripts allow-same-origin allow-popups
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://carrera.swf.army.mil/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
default-src 'self';script-src 'self';style-src 'self' 'nonce-0dcb204c-6cb3-46e3-903f-1205017e8231';frame-src 'none';form-action 'none';img-src 'self' data:;font-src 'self';frame-ancestors 'none';sandbox allow-forms allow-downloads allow-scripts allow-same-origin allow-popups
date
Wed, 25 Jan 2023 18:39:38 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
envoy
content-encoding
gzip
x-frame-options
DENY
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
content-type
application/javascript
cache-control
no-store
x-envoy-upstream-service-time
1
accept-ranges
bytes
x-xss-protection
1; mode=block
PublicSans-Regular.98e2b062.woff2
carrera.swf.army.mil/static/media/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://carrera.swf.army.mil/static/media/PublicSans-Regular.98e2b062.woff2
Requested by
Host: carrera.swf.army.mil
URL: https://carrera.swf.army.mil/static/css/main.beeef5d9.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
140.17.41.135 , United States, ASN5852 (DNIC-ASBLK-05800-06055, US),
Reverse DNS
Software
envoy /
Resource Hash
5f798b83d27bd28ab96b39f2092968a4cb6eeade3c0e47ed2139f161b8ca4a44
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self';style-src 'self' 'nonce-22f2b0b6-7dec-42c5-ab8b-ab563e132670';frame-src 'none';form-action 'none';img-src 'self' data:;font-src 'self';frame-ancestors 'none';sandbox allow-forms allow-downloads allow-scripts allow-same-origin allow-popups
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://carrera.swf.army.mil/static/css/main.beeef5d9.chunk.css
Origin
https://carrera.swf.army.mil
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
default-src 'self';script-src 'self';style-src 'self' 'nonce-22f2b0b6-7dec-42c5-ab8b-ab563e132670';frame-src 'none';form-action 'none';img-src 'self' data:;font-src 'self';frame-ancestors 'none';sandbox allow-forms allow-downloads allow-scripts allow-same-origin allow-popups
date
Wed, 25 Jan 2023 18:39:39 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
envoy
x-frame-options
DENY
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type
application/font-woff2
cache-control
no-store
x-envoy-upstream-service-time
1
accept-ranges
bytes
content-length
25424
x-xss-protection
1; mode=block
user
carrera.swf.army.mil/api/ 		13 B
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://carrera.swf.army.mil/api/user
Requested by
Host: carrera.swf.army.mil
URL: https://carrera.swf.army.mil/static/js/2.284d3194.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
140.17.41.135 , United States, ASN5852 (DNIC-ASBLK-05800-06055, US),
Reverse DNS
Software
envoy /
Resource Hash
185333812484e6a5822b3f53ce03b63f5f187b61e896d77be602bf8633c077a0
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self';style-src 'self' 'nonce-5f468299-e4e2-4879-9e45-bc8e8e5638d4';frame-src 'none';form-action 'none';img-src 'self' data:;font-src 'self';frame-ancestors 'none';sandbox allow-forms allow-downloads allow-scripts allow-same-origin allow-popups
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://carrera.swf.army.mil/
X-XSRF-TOKEN
157fefaa-3edf-46f5-8122-22ddeb021cbd
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
default-src 'self';script-src 'self';style-src 'self' 'nonce-5f468299-e4e2-4879-9e45-bc8e8e5638d4';frame-src 'none';form-action 'none';img-src 'self' data:;font-src 'self';frame-ancestors 'none';sandbox allow-forms allow-downloads allow-scripts allow-same-origin allow-popups
date
Wed, 25 Jan 2023 18:39:39 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
server
envoy
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/json
cache-control
no-cache, no-store, max-age=0, must-revalidate
x-envoy-upstream-service-time
1
x-xss-protection
1; mode=block
expires
0
authenticate
federation.eams.army.mil/sso/
Redirect Chain
  • https://carrera.swf.army.mil/api/user/lastLogin
  • https://carrera.swf.army.mil/oauth2/authorization/eams-a
  • https://federation.eams.army.mil/sso/authenticate?response_type=code&client_id=carrera.swf.army.mil&scope=openid&state=AO_VrJFpQ14OGpcxmkTdnupGQ3Odr-3-eIHGGGY8Ro4%3D&redirect_uri=https://carrera.sw...
0
0
trackingdata
carrera.swf.army.mil/api/ 		6 B
448 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://carrera.swf.army.mil/api/trackingdata
Requested by
Host: carrera.swf.army.mil
URL: https://carrera.swf.army.mil/static/js/2.284d3194.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
140.17.41.135 , United States, ASN5852 (DNIC-ASBLK-05800-06055, US),
Reverse DNS
Software
envoy /
Resource Hash
2f936c307269873974b83f33ff8a435abd04164bdfbb778a92afe4794b4096fc
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self';style-src 'self' 'nonce-75eb6e81-014d-4ab6-8dfc-268d6169673c';frame-src 'none';form-action 'none';img-src 'self' data:;font-src 'self';frame-ancestors 'none';sandbox allow-forms allow-downloads allow-scripts allow-same-origin allow-popups
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://carrera.swf.army.mil/
X-XSRF-TOKEN
157fefaa-3edf-46f5-8122-22ddeb021cbd
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
content-security-policy
default-src 'self';script-src 'self';style-src 'self' 'nonce-75eb6e81-014d-4ab6-8dfc-268d6169673c';frame-src 'none';form-action 'none';img-src 'self' data:;font-src 'self';frame-ancestors 'none';sandbox allow-forms allow-downloads allow-scripts allow-same-origin allow-popups
date
Wed, 25 Jan 2023 18:39:39 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
server
envoy
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/json
cache-control
no-cache, no-store, max-age=0, must-revalidate
x-envoy-upstream-service-time
6
x-xss-protection
1; mode=block
expires
0
Carrera.446f5f2b.svg
carrera.swf.army.mil/static/media/ 		19 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://carrera.swf.army.mil/static/media/Carrera.446f5f2b.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
140.17.41.135 , United States, ASN5852 (DNIC-ASBLK-05800-06055, US),
Reverse DNS
Software
envoy /
Resource Hash
2c8342c9883329efcbf429d1946e5a789bf0550186f59911a0a3add053b5fbd3
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self';style-src 'self' 'nonce-64137696-4fe0-4eaa-b9de-60e0c3ea21d7';frame-src 'none';form-action 'none';img-src 'self' data:;font-src 'self';frame-ancestors 'none';sandbox allow-forms allow-downloads allow-scripts allow-same-origin allow-popups
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://carrera.swf.army.mil/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
default-src 'self';script-src 'self';style-src 'self' 'nonce-64137696-4fe0-4eaa-b9de-60e0c3ea21d7';frame-src 'none';form-action 'none';img-src 'self' data:;font-src 'self';frame-ancestors 'none';sandbox allow-forms allow-downloads allow-scripts allow-same-origin allow-popups
date
Wed, 25 Jan 2023 18:39:39 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
envoy
content-encoding
gzip
x-frame-options
DENY
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
content-type
image/svg+xml
cache-control
no-store
x-envoy-upstream-service-time
1
accept-ranges
bytes
x-xss-protection
1; mode=block
CarreraMainImage.02b872ba.svg
carrera.swf.army.mil/static/media/ 		13 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://carrera.swf.army.mil/static/media/CarreraMainImage.02b872ba.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
140.17.41.135 , United States, ASN5852 (DNIC-ASBLK-05800-06055, US),
Reverse DNS
Software
envoy /
Resource Hash
7cb634b7b79c2c74c7a47891e6c1c2acbdffa09fbe9b0a383963c06617f7daf7
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self';style-src 'self' 'nonce-50d7622c-3d9d-4e0a-8b1a-5042b5655859';frame-src 'none';form-action 'none';img-src 'self' data:;font-src 'self';frame-ancestors 'none';sandbox allow-forms allow-downloads allow-scripts allow-same-origin allow-popups
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://carrera.swf.army.mil/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
default-src 'self';script-src 'self';style-src 'self' 'nonce-50d7622c-3d9d-4e0a-8b1a-5042b5655859';frame-src 'none';form-action 'none';img-src 'self' data:;font-src 'self';frame-ancestors 'none';sandbox allow-forms allow-downloads allow-scripts allow-same-origin allow-popups
date
Wed, 25 Jan 2023 18:39:39 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
envoy
content-encoding
gzip
x-frame-options
DENY
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
content-type
image/svg+xml
cache-control
no-store
x-envoy-upstream-service-time
4
accept-ranges
bytes
x-xss-protection
1; mode=block
Travel.757a8174.svg
carrera.swf.army.mil/static/media/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://carrera.swf.army.mil/static/media/Travel.757a8174.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
140.17.41.135 , United States, ASN5852 (DNIC-ASBLK-05800-06055, US),
Reverse DNS
Software
envoy /
Resource Hash
ec9e7f3ad1706b7b13bcbb276748d4b47cb571f45ba442569a9da5ce30eb8fc5
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self';style-src 'self' 'nonce-43c1dd93-3bab-48cd-8fa8-6ca3e700bc6a';frame-src 'none';form-action 'none';img-src 'self' data:;font-src 'self';frame-ancestors 'none';sandbox allow-forms allow-downloads allow-scripts allow-same-origin allow-popups
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://carrera.swf.army.mil/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
default-src 'self';script-src 'self';style-src 'self' 'nonce-43c1dd93-3bab-48cd-8fa8-6ca3e700bc6a';frame-src 'none';form-action 'none';img-src 'self' data:;font-src 'self';frame-ancestors 'none';sandbox allow-forms allow-downloads allow-scripts allow-same-origin allow-popups
date
Wed, 25 Jan 2023 18:39:39 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
envoy
content-encoding
gzip
x-frame-options
DENY
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
content-type
image/svg+xml
cache-control
no-store
x-envoy-upstream-service-time
2
accept-ranges
bytes
x-xss-protection
1; mode=block
Career.e95826de.svg
carrera.swf.army.mil/static/media/ 		944 B
566 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://carrera.swf.army.mil/static/media/Career.e95826de.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
140.17.41.135 , United States, ASN5852 (DNIC-ASBLK-05800-06055, US),
Reverse DNS
Software
envoy /
Resource Hash
d8930ccd0635d8504850afa926900126c80f586f321cc384c0b875940ce0ba36
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self';style-src 'self' 'nonce-f728c4da-f4ac-4119-8990-8b932c400e49';frame-src 'none';form-action 'none';img-src 'self' data:;font-src 'self';frame-ancestors 'none';sandbox allow-forms allow-downloads allow-scripts allow-same-origin allow-popups
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://carrera.swf.army.mil/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
default-src 'self';script-src 'self';style-src 'self' 'nonce-f728c4da-f4ac-4119-8990-8b932c400e49';frame-src 'none';form-action 'none';img-src 'self' data:;font-src 'self';frame-ancestors 'none';sandbox allow-forms allow-downloads allow-scripts allow-same-origin allow-popups
date
Wed, 25 Jan 2023 18:39:39 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
envoy
content-encoding
gzip
x-frame-options
DENY
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
content-type
image/svg+xml
cache-control
no-store
x-envoy-upstream-service-time
3
accept-ranges
bytes
x-xss-protection
1; mode=block
Benefits.7257a7d8.svg
carrera.swf.army.mil/static/media/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://carrera.swf.army.mil/static/media/Benefits.7257a7d8.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
140.17.41.135 , United States, ASN5852 (DNIC-ASBLK-05800-06055, US),
Reverse DNS
Software
envoy /
Resource Hash
b86ca740c0cebfa8110e52e6f544e43c283d2c90cae85a21e52dab47be2740e8
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self';style-src 'self' 'nonce-d21e3db5-0925-4ce0-9d2f-901a13f732bc';frame-src 'none';form-action 'none';img-src 'self' data:;font-src 'self';frame-ancestors 'none';sandbox allow-forms allow-downloads allow-scripts allow-same-origin allow-popups
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://carrera.swf.army.mil/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
default-src 'self';script-src 'self';style-src 'self' 'nonce-d21e3db5-0925-4ce0-9d2f-901a13f732bc';frame-src 'none';form-action 'none';img-src 'self' data:;font-src 'self';frame-ancestors 'none';sandbox allow-forms allow-downloads allow-scripts allow-same-origin allow-popups
date
Wed, 25 Jan 2023 18:39:39 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
envoy
content-encoding
gzip
x-frame-options
DENY
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
content-type
image/svg+xml
cache-control
no-store
x-envoy-upstream-service-time
3
accept-ranges
bytes
x-xss-protection
1; mode=block
FindPositions.2d728379.svg
carrera.swf.army.mil/static/media/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://carrera.swf.army.mil/static/media/FindPositions.2d728379.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
140.17.41.135 , United States, ASN5852 (DNIC-ASBLK-05800-06055, US),
Reverse DNS
Software
envoy /
Resource Hash
788659839721265db57bdad68160a887e5e82b3b7f98ca99ac38be3da6bf7772
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self';style-src 'self' 'nonce-da5fd867-2c33-4ed0-9c04-acd0ac61bf91';frame-src 'none';form-action 'none';img-src 'self' data:;font-src 'self';frame-ancestors 'none';sandbox allow-forms allow-downloads allow-scripts allow-same-origin allow-popups
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://carrera.swf.army.mil/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
default-src 'self';script-src 'self';style-src 'self' 'nonce-da5fd867-2c33-4ed0-9c04-acd0ac61bf91';frame-src 'none';form-action 'none';img-src 'self' data:;font-src 'self';frame-ancestors 'none';sandbox allow-forms allow-downloads allow-scripts allow-same-origin allow-popups
date
Wed, 25 Jan 2023 18:39:39 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
envoy
content-encoding
gzip
x-frame-options
DENY
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
content-type
image/svg+xml
cache-control
no-store
x-envoy-upstream-service-time
2
accept-ranges
bytes
x-xss-protection
1; mode=block
Notifications.369a25f0.svg
carrera.swf.army.mil/static/media/ 		1 KB
853 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://carrera.swf.army.mil/static/media/Notifications.369a25f0.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
140.17.41.135 , United States, ASN5852 (DNIC-ASBLK-05800-06055, US),
Reverse DNS
Software
envoy /
Resource Hash
0fab962cca859912891b1306714de0e860a9d6c4dc937739dbf2ea825c16204c
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self';style-src 'self' 'nonce-eda5cd41-fff6-4265-9037-cb1cfcc81708';frame-src 'none';form-action 'none';img-src 'self' data:;font-src 'self';frame-ancestors 'none';sandbox allow-forms allow-downloads allow-scripts allow-same-origin allow-popups
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://carrera.swf.army.mil/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
default-src 'self';script-src 'self';style-src 'self' 'nonce-eda5cd41-fff6-4265-9037-cb1cfcc81708';frame-src 'none';form-action 'none';img-src 'self' data:;font-src 'self';frame-ancestors 'none';sandbox allow-forms allow-downloads allow-scripts allow-same-origin allow-popups
date
Wed, 25 Jan 2023 18:39:39 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
envoy
content-encoding
gzip
x-frame-options
DENY
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
content-type
image/svg+xml
cache-control
no-store
x-envoy-upstream-service-time
2
accept-ranges
bytes
x-xss-protection
1; mode=block
Apply.ffdbb7fd.svg
carrera.swf.army.mil/static/media/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://carrera.swf.army.mil/static/media/Apply.ffdbb7fd.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
140.17.41.135 , United States, ASN5852 (DNIC-ASBLK-05800-06055, US),
Reverse DNS
Software
envoy /
Resource Hash
a990baba4567e0e359434a0dcb4d9e337683f1add31678cba4480aa8e22faa3e
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self';style-src 'self' 'nonce-bb66ea0e-aa95-490f-a19e-eab0204d34ec';frame-src 'none';form-action 'none';img-src 'self' data:;font-src 'self';frame-ancestors 'none';sandbox allow-forms allow-downloads allow-scripts allow-same-origin allow-popups
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://carrera.swf.army.mil/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
default-src 'self';script-src 'self';style-src 'self' 'nonce-bb66ea0e-aa95-490f-a19e-eab0204d34ec';frame-src 'none';form-action 'none';img-src 'self' data:;font-src 'self';frame-ancestors 'none';sandbox allow-forms allow-downloads allow-scripts allow-same-origin allow-popups
date
Wed, 25 Jan 2023 18:39:39 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
envoy
content-encoding
gzip
x-frame-options
DENY
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
content-type
image/svg+xml
cache-control
no-store
x-envoy-upstream-service-time
3
accept-ranges
bytes
x-xss-protection
1; mode=block
PhoneSecurity.f07442c8.svg
carrera.swf.army.mil/static/media/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://carrera.swf.army.mil/static/media/PhoneSecurity.f07442c8.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
140.17.41.135 , United States, ASN5852 (DNIC-ASBLK-05800-06055, US),
Reverse DNS
Software
envoy /
Resource Hash
efbf113b6451d0c250da1edf20ffafbf2c20e23b80a611a9e8a36696b4cdb843
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self';style-src 'self' 'nonce-90658a59-271c-4457-bfc3-c13974a60d1b';frame-src 'none';form-action 'none';img-src 'self' data:;font-src 'self';frame-ancestors 'none';sandbox allow-forms allow-downloads allow-scripts allow-same-origin allow-popups
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://carrera.swf.army.mil/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
default-src 'self';script-src 'self';style-src 'self' 'nonce-90658a59-271c-4457-bfc3-c13974a60d1b';frame-src 'none';form-action 'none';img-src 'self' data:;font-src 'self';frame-ancestors 'none';sandbox allow-forms allow-downloads allow-scripts allow-same-origin allow-popups
date
Wed, 25 Jan 2023 18:39:39 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
envoy
content-encoding
gzip
x-frame-options
DENY
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
content-type
image/svg+xml
cache-control
no-store
x-envoy-upstream-service-time
1
accept-ranges
bytes
x-xss-protection
1; mode=block
logo_color_dark.399d9f0e.png
carrera.swf.army.mil/static/media/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://carrera.swf.army.mil/static/media/logo_color_dark.399d9f0e.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
140.17.41.135 , United States, ASN5852 (DNIC-ASBLK-05800-06055, US),
Reverse DNS
Software
envoy /
Resource Hash
a5405f573dd2f27dd2514bbd963f4e17246e9eb1a1cd1d3acf3c4733f921321d
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self';style-src 'self' 'nonce-8192d793-5fcb-4e9d-9a83-bfbb00ecba5e';frame-src 'none';form-action 'none';img-src 'self' data:;font-src 'self';frame-ancestors 'none';sandbox allow-forms allow-downloads allow-scripts allow-same-origin allow-popups
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://carrera.swf.army.mil/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
default-src 'self';script-src 'self';style-src 'self' 'nonce-8192d793-5fcb-4e9d-9a83-bfbb00ecba5e';frame-src 'none';form-action 'none';img-src 'self' data:;font-src 'self';frame-ancestors 'none';sandbox allow-forms allow-downloads allow-scripts allow-same-origin allow-popups
date
Wed, 25 Jan 2023 18:39:39 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
envoy
x-frame-options
DENY
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type
image/png
cache-control
no-store
x-envoy-upstream-service-time
2
accept-ranges
bytes
content-length
15315
x-xss-protection
1; mode=block
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b3134d34a97c9660c6f211e90961e01b46ffd08c16634539f5ab4ac5368d0049

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e2c66a9e69f3aed55a991243b58e9ba97a0a3326ce461a0e26c927acafd75e03

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
CarreraBW.08be4754.svg
carrera.swf.army.mil/static/media/ 		9 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://carrera.swf.army.mil/static/media/CarreraBW.08be4754.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
140.17.41.135 , United States, ASN5852 (DNIC-ASBLK-05800-06055, US),
Reverse DNS
Software
envoy /
Resource Hash
bae923fd1e1784496dd3797aa03b7ee73154a507ad61a7cc294dc4aca3570348
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self';style-src 'self' 'nonce-dfb6c07e-fb7b-4c0c-87f2-1d0ca7a40e15';frame-src 'none';form-action 'none';img-src 'self' data:;font-src 'self';frame-ancestors 'none';sandbox allow-forms allow-downloads allow-scripts allow-same-origin allow-popups
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://carrera.swf.army.mil/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
default-src 'self';script-src 'self';style-src 'self' 'nonce-dfb6c07e-fb7b-4c0c-87f2-1d0ca7a40e15';frame-src 'none';form-action 'none';img-src 'self' data:;font-src 'self';frame-ancestors 'none';sandbox allow-forms allow-downloads allow-scripts allow-same-origin allow-popups
date
Wed, 25 Jan 2023 18:39:39 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
envoy
content-encoding
gzip
x-frame-options
DENY
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
content-type
image/svg+xml
cache-control
no-store
x-envoy-upstream-service-time
2
accept-ranges
bytes
x-xss-protection
1; mode=block
truncated
/ 		423 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b925615baad0642a2454081fa73a8e15185c7a32cd06523e92eeb2acbb038366

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		473 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dd5e8333e970c5d9a677c7693b57f8571960b3c6eb85b9d2bedbb5f17dfbf2c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
PublicSans-ExtraBold.114f2538.woff2
carrera.swf.army.mil/static/media/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://carrera.swf.army.mil/static/media/PublicSans-ExtraBold.114f2538.woff2
Requested by
Host: carrera.swf.army.mil
URL: https://carrera.swf.army.mil/static/css/main.beeef5d9.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
140.17.41.135 , United States, ASN5852 (DNIC-ASBLK-05800-06055, US),
Reverse DNS
Software
envoy /
Resource Hash
d0734b65665c86f5a0d2fc77863b23f2718fc4589208d2af74648bb9ff711ecb
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self';style-src 'self' 'nonce-4b1a49e9-0529-401d-a9b6-c24fbe681dde';frame-src 'none';form-action 'none';img-src 'self' data:;font-src 'self';frame-ancestors 'none';sandbox allow-forms allow-downloads allow-scripts allow-same-origin allow-popups
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://carrera.swf.army.mil/static/css/main.beeef5d9.chunk.css
Origin
https://carrera.swf.army.mil
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
default-src 'self';script-src 'self';style-src 'self' 'nonce-4b1a49e9-0529-401d-a9b6-c24fbe681dde';frame-src 'none';form-action 'none';img-src 'self' data:;font-src 'self';frame-ancestors 'none';sandbox allow-forms allow-downloads allow-scripts allow-same-origin allow-popups
date
Wed, 25 Jan 2023 18:39:39 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
envoy
x-frame-options
DENY
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type
application/font-woff2
cache-control
no-store
x-envoy-upstream-service-time
1
accept-ranges
bytes
content-length
25720
x-xss-protection
1; mode=block
PublicSans-Medium.986a6afa.woff2
carrera.swf.army.mil/static/media/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://carrera.swf.army.mil/static/media/PublicSans-Medium.986a6afa.woff2
Requested by
Host: carrera.swf.army.mil
URL: https://carrera.swf.army.mil/static/css/main.beeef5d9.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
140.17.41.135 , United States, ASN5852 (DNIC-ASBLK-05800-06055, US),
Reverse DNS
Software
envoy /
Resource Hash
791c509a48567e0cd045a330eec4241fef6f588fb7566e252d9467c1ae9849d1
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self';style-src 'self' 'nonce-7b308963-c124-418c-b635-d603f29fd7c8';frame-src 'none';form-action 'none';img-src 'self' data:;font-src 'self';frame-ancestors 'none';sandbox allow-forms allow-downloads allow-scripts allow-same-origin allow-popups
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://carrera.swf.army.mil/static/css/main.beeef5d9.chunk.css
Origin
https://carrera.swf.army.mil
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
default-src 'self';script-src 'self';style-src 'self' 'nonce-7b308963-c124-418c-b635-d603f29fd7c8';frame-src 'none';form-action 'none';img-src 'self' data:;font-src 'self';frame-ancestors 'none';sandbox allow-forms allow-downloads allow-scripts allow-same-origin allow-popups
date
Wed, 25 Jan 2023 18:39:39 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
envoy
x-frame-options
DENY
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type
application/font-woff2
cache-control
no-store
x-envoy-upstream-service-time
2
accept-ranges
bytes
content-length
25564
x-xss-protection
1; mode=block
PublicSans-SemiBold.f8eefb9b.woff2
carrera.swf.army.mil/static/media/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://carrera.swf.army.mil/static/media/PublicSans-SemiBold.f8eefb9b.woff2
Requested by
Host: carrera.swf.army.mil
URL: https://carrera.swf.army.mil/static/css/main.beeef5d9.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
140.17.41.135 , United States, ASN5852 (DNIC-ASBLK-05800-06055, US),
Reverse DNS
Software
envoy /
Resource Hash
d3b01b0ceaaf0a5b67d887cd67da9742f383869ec4401afe305f1f604e1273e9
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src 'self';style-src 'self' 'nonce-747ccdf0-a94f-424b-a72a-8f6e3e8bedb9';frame-src 'none';form-action 'none';img-src 'self' data:;font-src 'self';frame-ancestors 'none';sandbox allow-forms allow-downloads allow-scripts allow-same-origin allow-popups
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://carrera.swf.army.mil/static/css/main.beeef5d9.chunk.css
Origin
https://carrera.swf.army.mil
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
default-src 'self';script-src 'self';style-src 'self' 'nonce-747ccdf0-a94f-424b-a72a-8f6e3e8bedb9';frame-src 'none';form-action 'none';img-src 'self' data:;font-src 'self';frame-ancestors 'none';sandbox allow-forms allow-downloads allow-scripts allow-same-origin allow-popups
date
Wed, 25 Jan 2023 18:39:39 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
envoy
x-frame-options
DENY
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type
application/font-woff2
cache-control
no-store
x-envoy-upstream-service-time
2
accept-ranges
bytes
content-length
25632
x-xss-protection
1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
federation.eams.army.mil
URL
https://federation.eams.army.mil/sso/authenticate?response_type=code&client_id=carrera.swf.army.mil&scope=openid&state=AO_VrJFpQ14OGpcxmkTdnupGQ3Odr-3-eIHGGGY8Ro4%3D&redirect_uri=https://carrera.swf.army.mil/login/oauth2/code/eams-a&code_challenge_method=S256&nonce=dizlVrmphJUeq-tiTrervpgqNrpsnI30pwH3dhkm0q4&code_challenge=3YPoeQAno4JlQnJLnS_SGkR4vDXRdHnV20Zr01Sf9T0

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange object| webpackJsonpCarrera

2 Cookies

Domain/Path Name / Value
carrera.swf.army.mil/ Name: XSRF-TOKEN
Value: 157fefaa-3edf-46f5-8122-22ddeb021cbd
carrera.swf.army.mil/ Name: SESSION
Value: NjM1MDJkYjQtZTM3YS00NDRhLWE5MzEtY2ZiMmYwOGNkYmY0

2 Console Messages

Source Level URL
Text
security warning URL: https://carrera.swf.army.mil/
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security error URL: https://carrera.swf.army.mil/
Message:
Refused to connect to 'https://federation.eams.army.mil/sso/authenticate?response_type=code&client_id=carrera.swf.army.mil&scope=openid&state=AO_VrJFpQ14OGpcxmkTdnupGQ3Odr-3-eIHGGGY8Ro4%3D&redirect_uri=https://carrera.swf.army.mil/login/oauth2/code/eams-a&code_challenge_method=S256&nonce=dizlVrmphJUeq-tiTrervpgqNrpsnI30pwH3dhkm0q4&code_challenge=3YPoeQAno4JlQnJLnS_SGkR4vDXRdHnV20Zr01Sf9T0' because it violates the following Content Security Policy directive: "default-src 'self'". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self';script-src 'self';style-src 'self' 'nonce-d8c3af6c-51da-431d-9095-ac10c18881f3';frame-src 'none';form-action 'none';img-src 'self' data:;font-src 'self';frame-ancestors 'none';sandbox allow-forms allow-downloads allow-scripts allow-same-origin allow-popups
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

carrera.swf.army.mil
federation.eams.army.mil
federation.eams.army.mil
140.17.41.135
02bbdc12a375d76f8785272232277f4808eece5e9d76f28c27d4ddd9683b4246
0fab962cca859912891b1306714de0e860a9d6c4dc937739dbf2ea825c16204c
185333812484e6a5822b3f53ce03b63f5f187b61e896d77be602bf8633c077a0
293dc280bf88dec33aa3042a651cbc0c9580063dc38b604111c2a25ae261bf4e
2c8342c9883329efcbf429d1946e5a789bf0550186f59911a0a3add053b5fbd3
2f936c307269873974b83f33ff8a435abd04164bdfbb778a92afe4794b4096fc
5f798b83d27bd28ab96b39f2092968a4cb6eeade3c0e47ed2139f161b8ca4a44
6e02a1a209a402332116b464a84ddecfd7d7ad4ab99ef5d16a5bab29f72de0b5
788659839721265db57bdad68160a887e5e82b3b7f98ca99ac38be3da6bf7772
791c509a48567e0cd045a330eec4241fef6f588fb7566e252d9467c1ae9849d1
7cb634b7b79c2c74c7a47891e6c1c2acbdffa09fbe9b0a383963c06617f7daf7
92e30fd267a0c406df0e20521b9f8a34580904a17dc4682fa0124788cead544b
a5405f573dd2f27dd2514bbd963f4e17246e9eb1a1cd1d3acf3c4733f921321d
a990baba4567e0e359434a0dcb4d9e337683f1add31678cba4480aa8e22faa3e
b3134d34a97c9660c6f211e90961e01b46ffd08c16634539f5ab4ac5368d0049
b86ca740c0cebfa8110e52e6f544e43c283d2c90cae85a21e52dab47be2740e8
b925615baad0642a2454081fa73a8e15185c7a32cd06523e92eeb2acbb038366
bae923fd1e1784496dd3797aa03b7ee73154a507ad61a7cc294dc4aca3570348
d0734b65665c86f5a0d2fc77863b23f2718fc4589208d2af74648bb9ff711ecb
d3b01b0ceaaf0a5b67d887cd67da9742f383869ec4401afe305f1f604e1273e9
d8930ccd0635d8504850afa926900126c80f586f321cc384c0b875940ce0ba36
dd5e8333e970c5d9a677c7693b57f8571960b3c6eb85b9d2bedbb5f17dfbf2c3
e2c66a9e69f3aed55a991243b58e9ba97a0a3326ce461a0e26c927acafd75e03
e7129e2a550050bd97c990018d04973ed5a33416195a30643504870b0c38239a
ec9e7f3ad1706b7b13bcbb276748d4b47cb571f45ba442569a9da5ce30eb8fc5
efbf113b6451d0c250da1edf20ffafbf2c20e23b80a611a9e8a36696b4cdb843