urlscan.io logo urlscan.io
SecurityTrails logo

mta-sts.sativasecurity.net Open in urlscan Pro
138.197.221.162  Public Scan

Go To Rescan Add Verdict Report
URL: https://mta-sts.sativasecurity.net/
Submission: On August 30 via automatic, source certstream-suspicious — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 20 HTTP transactions. The main IP is 138.197.221.162, located in Santa Clara, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is mta-sts.sativasecurity.net.
TLS certificate: Issued by R11 on August 30th 2024. Valid for: 3 months.
This is the only time mta-sts.sativasecurity.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 138.197.221.162 14061 (DIGITALOC...)
6 104.16.149.244 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
4 4 2600:9000:261... 16509 (AMAZON-02)
4 18.164.116.96 16509 (AMAZON-02)
2 54.147.74.122 14618 (AMAZON-AES)
20 6
1    138.197.221.162 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: my.happyface.space
mta-sts.sativasecurity.net
6    104.16.149.244 (None, )

ASN13335 (CLOUDFLARENET, US)
www.fbi.gov
2    2607:f8b0:4006:81e::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2600:9000:261f:ac00:1b:22c5:8c40:93a1 (United States)

ASN16509 (AMAZON-02, US)
gateway.answerscloud.com
4    18.164.116.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-96.jfk50.r.cloudfront.net
gateway.foresee.com
2    54.147.74.122 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-147-74-122.compute-1.amazonaws.com
analytics.foresee.com
Apex Domain
Subdomains		 Transfer
6 foresee.com
gateway.foresee.com — Cisco Umbrella Rank: 11869
analytics.foresee.com — Cisco Umbrella Rank: 17730
52 KB
6 fbi.gov
www.fbi.gov — Cisco Umbrella Rank: 182916
673 KB
4 answerscloud.com
gateway.answerscloud.com — Cisco Umbrella Rank: 57966
2 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
21 KB
1 sativasecurity.net
mta-sts.sativasecurity.net
10 KB
20 5
Domain Requested by
6 www.fbi.gov mta-sts.sativasecurity.net
www.fbi.gov
4 gateway.foresee.com mta-sts.sativasecurity.net
4 gateway.answerscloud.com 4 redirects
2 analytics.foresee.com gateway.answerscloud.com
2 www.google-analytics.com mta-sts.sativasecurity.net
www.google-analytics.com
1 mta-sts.sativasecurity.net
20 6
Subject Issuer Validity Valid
mta-sts.sativasecurity.net
R11		 2024-08-30 -
2024-11-28		 3 months crt.sh
www.fbi.gov
WE1		 2024-07-31 -
2024-10-29		 3 months crt.sh
*.google-analytics.com
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
analytics.foresee.com
R11		 2024-08-05 -
2024-11-03		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://mta-sts.sativasecurity.net/
Frame ID: 60E03C4CA75462EFA5537D981455F457
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Federal Bureau of Investigation

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

20
Requests

55 %
HTTPS

33 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

757 kB
Transfer

2784 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://gateway.answerscloud.com/fbi-gov/production/gateway.min.js HTTP 301
  • https://gateway.foresee.com/sites/fbi-gov/production/gateway.min.js
Request Chain 12
  • https://gateway.answerscloud.com/code/19.14.1-fs/fs.utils.js HTTP 301
  • https://gateway.foresee.com/code/19.14.1-fs/fs.utils.js
Request Chain 13
  • https://gateway.answerscloud.com/code/19.14.1-fs/fs.compress.js HTTP 301
  • https://gateway.foresee.com/code/19.14.1-fs/fs.compress.js
Request Chain 14
  • https://www.fbi.gov/site-icon.png?scale=32 HTTP 302
  • https://www.fbi.gov/acl_users/credentials_cookie_auth/require_login?came_from=https%3A//www.fbi.gov/front-page/%40%40images/image/mini%3Fscale%3D32 HTTP 0
  • http://www.fbi.gov/?came_from=https%3A//www.fbi.gov/front-page/%40%40images/image/mini%3Fscale%3D32
Request Chain 15
  • https://gateway.answerscloud.com/code/19.14.1-fs/fs.trigger.js HTTP 301
  • https://gateway.foresee.com/code/19.14.1-fs/fs.trigger.js
Request Chain 16
  • https://www.fbi.gov/site-icon.png?scale=16 HTTP 302
  • https://www.fbi.gov/acl_users/credentials_cookie_auth/require_login?came_from=https%3A//www.fbi.gov/front-page/%40%40images/image/mini%3Fscale%3D16 HTTP 0
  • http://www.fbi.gov/?came_from=https%3A//www.fbi.gov/front-page/%40%40images/image/mini%3Fscale%3D16

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
mta-sts.sativasecurity.net/ 		33 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mta-sts.sativasecurity.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.197.221.162 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
my.happyface.space
Software
nginx /
Resource Hash
ab127b451ef46e33756c882fc6273c999fb3122dff53f8498ab7b608e4e1cc39
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html
date
Fri, 30 Aug 2024 14:02:38 GMT
etag
W/"5ec1664c-82cd"
last-modified
Sun, 17 May 2020 16:29:00 GMT
server
nginx
strict-transport-security
max-age=15768000
default.css
www.fbi.gov/++plone++production/++unique++2020-05-11T03:50:21.598276/ 		884 KB
218 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.fbi.gov/++plone++production/++unique++2020-05-11T03:50:21.598276/default.css
Requested by
Host: mta-sts.sativasecurity.net
URL: https://mta-sts.sativasecurity.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.149.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8caa140225650ea9bbd9120e58c9524290c0215f4467aae7492c585fdfa114e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mta-sts.sativasecurity.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires
Sat, 31 Aug 2024 06:02:38 GMT
date
Fri, 30 Aug 2024 14:02:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-cache-rule
plone.stableResource
last-modified
Fri, 30 Aug 2024 14:02:38 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
public, max-age=57600
cf-ray
8bb551d5ecad169e-SJC
x-cache-operation
plone.app.caching.strongCaching
index.css
www.fbi.gov/++theme++fbigov.theme/css/ 		194 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.fbi.gov/++theme++fbigov.theme/css/index.css?v=6
Requested by
Host: mta-sts.sativasecurity.net
URL: https://mta-sts.sativasecurity.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.149.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a80228c768752c3731b0219e1408218db6a0c94d082f11fe3581cc8a811be61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mta-sts.sativasecurity.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-cache-operation
plone.app.caching.strongCaching
date
Fri, 30 Aug 2024 14:02:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
gzip
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-cache-rule
plone.resource
last-modified
Fri, 30 Aug 2024 14:02:38 GMT
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=57600
cf-ray
8bb551d5ecab169e-SJC
expires
Sat, 31 Aug 2024 06:02:38 GMT
print.css
www.fbi.gov/++plone++castle/less/public/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.fbi.gov/++plone++castle/less/public/print.css
Requested by
Host: mta-sts.sativasecurity.net
URL: https://mta-sts.sativasecurity.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.149.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f6bddaff8b54d0271d34b7940889a2c24cacf994999ad33cab2c766e064723e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mta-sts.sativasecurity.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires
Sat, 31 Aug 2024 06:02:38 GMT
date
Fri, 30 Aug 2024 14:02:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1478
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-cache-rule
plone.resource
last-modified
Fri, 30 Aug 2024 13:35:36 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=57600
cf-ray
8bb551d5ecb0169e-SJC
x-cache-operation
plone.app.caching.strongCaching
fbibannerseal.png
www.fbi.gov/++theme++fbigov.theme/images/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fbi.gov/++theme++fbigov.theme/images/fbibannerseal.png
Requested by
Host: mta-sts.sativasecurity.net
URL: https://mta-sts.sativasecurity.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.149.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac04bf5d09cf03ff39cab6e5cbddf777ee2ff1fc1611de23ea9928ade6a26cbd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mta-sts.sativasecurity.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires
Sat, 31 Aug 2024 06:02:38 GMT
date
Fri, 30 Aug 2024 14:02:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
alt-svc
h3=":443"; ma=86400
content-length
14404
x-xss-protection
1; mode=block
x-cache-rule
plone.resource
last-modified
Fri, 30 Aug 2024 14:02:38 GMT
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=57600
accept-ranges
bytes
cf-ray
8bb551d5ecaa169e-SJC
x-cache-operation
plone.app.caching.strongCaching
default.js
www.fbi.gov/++plone++production/++unique++2020-05-11T03:50:21.598276/ 		1 MB
343 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fbi.gov/++plone++production/++unique++2020-05-11T03:50:21.598276/default.js
Requested by
Host: mta-sts.sativasecurity.net
URL: https://mta-sts.sativasecurity.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.149.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9bb665da7cbf79bdf804c589837cbd42a4bef5acdcd54e5c02f5159bd1b0854
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mta-sts.sativasecurity.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-cache-operation
plone.app.caching.strongCaching
date
Fri, 30 Aug 2024 14:02:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-cache-rule
plone.stableResource
last-modified
Fri, 30 Aug 2024 14:02:38 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=57600
cf-ray
8bb551d5ecb2169e-SJC
expires
Sat, 31 Aug 2024 06:02:38 GMT
Arial%20Black.woff2
www.fbi.gov/++theme++fbigov.theme/fonts/ 		0
0
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: mta-sts.sativasecurity.net
URL: https://mta-sts.sativasecurity.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://mta-sts.sativasecurity.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 30 Aug 2024 12:06:04 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6995
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 30 Aug 2024 14:06:04 GMT
gateway.min.js
gateway.foresee.com/sites/fbi-gov/production/
Redirect Chain
  • https://gateway.answerscloud.com/fbi-gov/production/gateway.min.js
  • https://gateway.foresee.com/sites/fbi-gov/production/gateway.min.js
38 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gateway.foresee.com/sites/fbi-gov/production/gateway.min.js
Requested by
Host: mta-sts.sativasecurity.net
URL: https://mta-sts.sativasecurity.net/
Protocol
H2
Server
18.164.116.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-96.jfk50.r.cloudfront.net
Software
/
Resource Hash
cb3cd3b8d4b30dc3271cde788e19dab847128ad0171d21b0e13eef1123ccdb06
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://mta-sts.sativasecurity.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 12:01:43 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
via
1.1 6e810acc9d798bdf126180508d1b511e.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
age
7256
x-cache
Hit from cloudfront
status
200
last-modified
Wed, 09 Jun 2021 21:43:25 GMT
etag
W/"9f943fb2ec4344d641a8277a6108f112"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-headers
X-Requested-With
x-amz-cf-id
6aKsNQ3VdVLF5qTieTajhBnJ6eH0wflAmAWeKZF3C8UJiY-6sDUpBQ==
expires
Fri, 30 Aug 2024 16:01:43 GMT

Redirect headers

date
Fri, 30 Aug 2024 12:58:24 GMT
via
1.1 83f903d51f378add519d351aa3b07052.cloudfront.net (CloudFront)
server
nginx/1.23.2
x-amz-cf-pop
JFK52-P3
age
3855
x-cache
Hit from cloudfront
p3p
CP="ok"
location
https://gateway.foresee.com/sites/fbi-gov/production/gateway.min.js
content-type
text/html
content-length
169
x-amz-cf-id
85I9KVQoPDIEGl6jAFvx2tVQVJ3p5W3P2manDQoqVmFl3AQx5OvmYw==
plonejsi18n
www.fbi.gov/ 		0
0
audioplayer.js
www.fbi.gov/++plone++castle-advantage/libs/audioplayer/ 		254 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fbi.gov/++plone++castle-advantage/libs/audioplayer/audioplayer.js
Requested by
Host: www.fbi.gov
URL: https://www.fbi.gov/++plone++production/++unique++2020-05-11T03:50:21.598276/default.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.149.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
076ceb56923ab3139b839a389312dbf8fe32a21481ccccd8d3d295f9cc2759aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mta-sts.sativasecurity.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires
Sat, 31 Aug 2024 06:02:39 GMT
date
Fri, 30 Aug 2024 14:02:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1478
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-cache-rule
plone.resource
last-modified
Fri, 30 Aug 2024 13:35:37 GMT
server
cloudflare
x-frame-options
SAMEORIGIN, SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=57600
cf-ray
8bb551da7fd2169e-SJC
x-cache-operation
plone.app.caching.strongCaching
disclaimer
www.fbi.gov/ 		0
0
collect
www.google-analytics.com/j/ 		3 B
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=701369743&t=pageview&_s=1&dl=https%3A%2F%2Fmta-sts.sativasecurity.net%2F&ul=en-us&de=UTF-8&dt=Federal%20Bureau%20of%20Investigation&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1151901127&gjid=1083611995&cid=1618302304.1725026560&tid=UA-1603990-1&_gid=242566375.1725026560&_r=1&_slc=1&z=538618338
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://mta-sts.sativasecurity.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Aug 2024 14:02:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://mta-sts.sativasecurity.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
fs.utils.js
gateway.foresee.com/code/19.14.1-fs/
Redirect Chain
  • https://gateway.answerscloud.com/code/19.14.1-fs/fs.utils.js
  • https://gateway.foresee.com/code/19.14.1-fs/fs.utils.js
56 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gateway.foresee.com/code/19.14.1-fs/fs.utils.js
Requested by
Host: mta-sts.sativasecurity.net
URL: https://mta-sts.sativasecurity.net/
Protocol
H2
Server
18.164.116.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-96.jfk50.r.cloudfront.net
Software
/
Resource Hash
696bf481ec5c742bf43af05db4e8387220cffd6329918a421523331f1ba7a2b7
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://mta-sts.sativasecurity.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 02:03:11 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
via
1.1 6e810acc9d798bdf126180508d1b511e.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
age
1684769
x-cache
Hit from cloudfront
status
200
last-modified
Tue, 20 Oct 2020 17:22:26 GMT
etag
W/"95849196a22d7892afab30f21864ae6d"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2419200
access-control-allow-headers
X-Requested-With
x-amz-cf-id
T_I8WfJYNjS04Y5DRqewp5yslI5GUyqh5gU4ejiool6feuGJD36tgQ==
expires
Sun, 08 Sep 2024 02:03:11 GMT

Redirect headers

date
Fri, 30 Aug 2024 02:22:15 GMT
via
1.1 83f903d51f378add519d351aa3b07052.cloudfront.net (CloudFront)
server
nginx/1.23.2
x-amz-cf-pop
JFK52-P3
age
42025
x-cache
Hit from cloudfront
p3p
CP="ok"
location
https://gateway.foresee.com/code/19.14.1-fs/fs.utils.js
content-type
text/html
content-length
169
x-amz-cf-id
36opIye-_h0kWYyfs9osTclcbxlj95rUEfCnU7hMX5lTuE93iht9ZQ==
fs.compress.js
gateway.foresee.com/code/19.14.1-fs/
Redirect Chain
  • https://gateway.answerscloud.com/code/19.14.1-fs/fs.compress.js
  • https://gateway.foresee.com/code/19.14.1-fs/fs.compress.js
31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gateway.foresee.com/code/19.14.1-fs/fs.compress.js
Requested by
Host: mta-sts.sativasecurity.net
URL: https://mta-sts.sativasecurity.net/
Protocol
H2
Server
18.164.116.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-96.jfk50.r.cloudfront.net
Software
/
Resource Hash
3a6653a6360e94f7feb9ccfca527cb6485438d7374dc3967722fdb19287cdec7
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://mta-sts.sativasecurity.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 10 Aug 2024 04:58:12 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
via
1.1 6e810acc9d798bdf126180508d1b511e.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
age
1760668
x-cache
Hit from cloudfront
status
200
last-modified
Tue, 20 Oct 2020 17:22:26 GMT
etag
W/"4acabaf9a58154798688b83d8ae9065e"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2419200
access-control-allow-headers
X-Requested-With
x-amz-cf-id
h3R6OA-qrAjqMA7GxnwXD4M2EyYnO5wNRU8sDGut2rZNdXe1tK8mVQ==
expires
Sat, 07 Sep 2024 04:58:12 GMT

Redirect headers

date
Thu, 29 Aug 2024 20:10:28 GMT
via
1.1 83f903d51f378add519d351aa3b07052.cloudfront.net (CloudFront)
server
nginx/1.23.2
x-amz-cf-pop
JFK52-P3
age
64332
x-cache
Hit from cloudfront
p3p
CP="ok"
location
https://gateway.foresee.com/code/19.14.1-fs/fs.compress.js
content-type
text/html
content-length
169
x-amz-cf-id
DYXEj2Hhstjq5qupYNlf3nQ-fT1fS7yiOIg4-eLrcsgs5O47oZPmkg==
/
www.fbi.gov/
Redirect Chain
  • https://www.fbi.gov/site-icon.png?scale=32
  • https://www.fbi.gov/acl_users/credentials_cookie_auth/require_login?came_from=https%3A//www.fbi.gov/front-page/%40%40images/image/mini%3Fscale%3D32
  • http://www.fbi.gov/?came_from=https%3A//www.fbi.gov/front-page/%40%40images/image/mini%3Fscale%3D32
0
0
fs.trigger.js
gateway.foresee.com/code/19.14.1-fs/
Redirect Chain
  • https://gateway.answerscloud.com/code/19.14.1-fs/fs.trigger.js
  • https://gateway.foresee.com/code/19.14.1-fs/fs.trigger.js
29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gateway.foresee.com/code/19.14.1-fs/fs.trigger.js
Protocol
H2
Server
18.164.116.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-96.jfk50.r.cloudfront.net
Software
/
Resource Hash
2a91468d5d25d7e1c30189eb1cb95b8fc937a1c4867cd22a2c0646e4b4a1cd8b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://mta-sts.sativasecurity.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 00:52:09 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
via
1.1 6e810acc9d798bdf126180508d1b511e.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
age
911431
x-cache
Hit from cloudfront
status
200
last-modified
Tue, 20 Oct 2020 17:22:27 GMT
etag
W/"d59601f0d29a3e4fd9f98c742af3f7a1"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2419200
access-control-allow-headers
X-Requested-With
x-amz-cf-id
ZJr2KFAJ7kdT2Hlu_Wr6-DtmttbgKX3L5i8B_bsRNhcMUVKyMhTFYA==
expires
Tue, 17 Sep 2024 00:52:09 GMT

Redirect headers

date
Thu, 29 Aug 2024 23:35:29 GMT
via
1.1 83f903d51f378add519d351aa3b07052.cloudfront.net (CloudFront)
server
nginx/1.23.2
x-amz-cf-pop
JFK52-P3
age
52031
x-cache
Hit from cloudfront
p3p
CP="ok"
location
https://gateway.foresee.com/code/19.14.1-fs/fs.trigger.js
content-type
text/html
content-length
169
x-amz-cf-id
lQTiwp6gNT-hfz23xPCq3oW4fwt6sVtCWEy0N9gRIScs3SXNwhDpyQ==
/
www.fbi.gov/
Redirect Chain
  • https://www.fbi.gov/site-icon.png?scale=16
  • https://www.fbi.gov/acl_users/credentials_cookie_auth/require_login?came_from=https%3A//www.fbi.gov/front-page/%40%40images/image/mini%3Fscale%3D16
  • http://www.fbi.gov/?came_from=https%3A//www.fbi.gov/front-page/%40%40images/image/mini%3Fscale%3D16
0
0
events
analytics.foresee.com/ingest/ 		45 B
352 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.foresee.com/ingest/events
Requested by
Host: gateway.answerscloud.com
URL: https://gateway.answerscloud.com/code/19.14.1-fs/fs.utils.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.147.74.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-74-122.compute-1.amazonaws.com
Software
/
Resource Hash
8eefa322436955a85812c082e3ed2399efd61cef81bf4e07d4bee01146e21e62
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://mta-sts.sativasecurity.net/
Request-API-Version
1.0.0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Fri, 30 Aug 2024 14:02:41 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
brain-server-version
1.9.2
access-control-allow-origin
*
content-type
application/json; charset=UTF-8
cache-control
private, no-cache, no-store, must-revalidate
app-info
fsevents 1.9.2
content-length
60
x-xss-protection
0
expires
-1
events
analytics.foresee.com/ingest/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://analytics.foresee.com/ingest/events
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.147.74.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-74-122.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,request-api-version
Access-Control-Request-Method
POST
Origin
https://mta-sts.sativasecurity.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Access-Control-Allow-Origin,Origin,Request-API-Version,Accept,Authorization,X-Requested-With,Content-Length
access-control-allow-methods
GET,OPTIONS,POST,HEAD
access-control-allow-origin
*
date
Fri, 30 Aug 2024 14:02:41 GMT
strict-transport-security
max-age=15724800; includeSubDomains

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.fbi.gov
URL
https://www.fbi.gov/++theme++fbigov.theme/fonts/Arial%20Black.woff2
Domain
www.fbi.gov
URL
https://www.fbi.gov/plonejsi18n?domain=widgets&language=en
Domain
www.fbi.gov
URL
https://www.fbi.gov/disclaimer
Domain
www.fbi.gov
URL
http://www.fbi.gov/?came_from=https%3A//www.fbi.gov/front-page/%40%40images/image/mini%3Fscale%3D32
Domain
www.fbi.gov
URL
http://www.fbi.gov/?came_from=https%3A//www.fbi.gov/front-page/%40%40images/image/mini%3Fscale%3D16

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| PORTAL_URL function| requirejs function| require function| define object| mejs function| _old_define function| _old_require function| $ function| jQuery function| _ object| jQuery1113030452469730497556 object| L function| onYouTubePlayerAPIReady function| onYouTubePlayerReady function| MediaElement function| MediaElementPlayer string| GoogleAnalyticsObject function| ga function| acsReady object| Backbone object| Select2 object| plog object| dzsap_init_calls object| dzsap__style object| dzsap_self_options object| dzsap_list_for_sync_players function| requestAnimFrame function| dzs_open_social_link function| dzsap_wp_send_contor_60_secs function| dzsap_call_init_calls function| dzsap_list_for_sync_build function| dzsag_init function| dzsap_submit_like function| dzsap_retract_like function| dzsap_init function| dzsap_init_multisharer object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| _acsDefine function| _fsDefine function| _acsRequire function| _fsRequire function| _acsNormalizeUrl function| _fsNormalizeUrl function| _fsNormalizeAssetUrl boolean| _fsAlreadyBootedSDK function| fsReady object| FSR object| FSFB function| __acsReady__ function| __fsReady__

7 Cookies

Domain/Path Name / Value
.fbi.gov/ Name: __cf_bm
Value: LeCF4M5hb7qRk3KpP.ZfmZj90QmH6A9qqTmSYAAN4iA-1725026558-1.0.1.1-DvBfWBQf9tsUWbksbffNZ4tjjHSMPmZ8dkTsx1dMjf5d19wnSaVsqKBZPTvqkoG3iR7WCJpyOfAOS.YBH9cLVA
.fbi.gov/ Name: _cfuvid
Value: CMDYOhNAzI_NhE2B8yz2AD1XWOiLI1kBhEfQ7ZUzW8k-1725026558554-0.0.1.1-604800000
mta-sts.sativasecurity.net/ Name: __castle_fv__
Value: shown
.sativasecurity.net/ Name: _ga
Value: GA1.2.1618302304.1725026560
.sativasecurity.net/ Name: _gid
Value: GA1.2.242566375.1725026560
.sativasecurity.net/ Name: _gat
Value: 1
.sativasecurity.net/ Name: _4c_
Value: %7B%22_4c_s_%22%3A%22dVLBbuMgEP2VinNIANuAc1vtSqtKve45MjCuUVPbAmI3G%2Fnfd0iclZqqvnjmzXuPYYYLmTvoyZ4rUTEhKykKxTfkDc6R7C8keJd%2FE9kTYznUQlRUgS5paVqgjRVApWqMk6pW3DRkQz6yVyE0E5VkhSqWDbHj6nEhdnCAXrze8nLLaRtRkf4iQiVjGI9hcCebDuk8Zt4M5im6Nyw4mLyFw%2Bxd6rLBjb6iHfjXLmVY3OAx5ASj2fdumB9lK%2FooM2GYI2Tpzy4M7%2FDEhUZ4wEmQF9%2BfPjAJ0EIIVxJm0afcZmySn5oI9hR8Om97SGsNx4jl1nj6Okz5etPa1ykcMepSGuN%2Bt3tPDY0pbr%2F67JALfVaNwWF8HGxzzEfizjbk94%2FDn%2Bdf13txXTBRMBzqfZGMLOs2RMW5qCUvlMZpJzxZy5Llb7m1dF0O%2F8zG3VVf2ZO%2FPwfZlpWyCqjWDp%2BDrRU1zDZUlsIZoxpnnSb%2FLZnQhWRSydWS67vjbegU%2Bm8bkUo9NrIs%2FwA%3D%22%7D

8 Console Messages

Source Level URL
Text
javascript error URL: https://mta-sts.sativasecurity.net/
Message:
Access to XMLHttpRequest at 'https://www.fbi.gov/plonejsi18n?domain=widgets&language=en' from origin 'https://mta-sts.sativasecurity.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.fbi.gov/plonejsi18n?domain=widgets&language=en
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://mta-sts.sativasecurity.net/
Message:
Access to font at 'https://www.fbi.gov/++theme++fbigov.theme/fonts/Arial%20Black.woff2' from origin 'https://mta-sts.sativasecurity.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.fbi.gov/++theme++fbigov.theme/fonts/Arial%20Black.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://mta-sts.sativasecurity.net/
Message:
Access to XMLHttpRequest at 'https://www.fbi.gov/disclaimer' from origin 'https://mta-sts.sativasecurity.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.fbi.gov/disclaimer
Message:
Failed to load resource: net::ERR_FAILED
security error URL: https://mta-sts.sativasecurity.net/
Message:
Mixed Content: The page at 'https://mta-sts.sativasecurity.net/' was loaded over HTTPS, but requested an insecure favicon 'http://www.fbi.gov/?came_from=https%3A//www.fbi.gov/front-page/%40%40images/image/mini%3Fscale%3D32'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://mta-sts.sativasecurity.net/
Message:
Mixed Content: The page at 'https://mta-sts.sativasecurity.net/' was loaded over HTTPS, but requested an insecure favicon 'http://www.fbi.gov/?came_from=https%3A//www.fbi.gov/front-page/%40%40images/image/mini%3Fscale%3D16'. This request has been blocked; the content must be served over HTTPS.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15768000