d1rt4thgsoin5q.cloudfront.net Open in urlscan Pro
2600:9000:2190:b000:9:e3a3:6f80:93a1 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://d1rt4thgsoin5q.cloudfront.net/branches-of-government
Submission: On August 18 via manual (August 18th 2021, 10:34:56 pm UTC) from GB

Summary HTTP 54 Redirects Links 39 Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 8 domains to perform 54 HTTP transactions. The main IP is 2600:9000:2190:b000:9:e3a3:6f80:93a1, located in United States and belongs to AMAZON-02, US. The main domain is d1rt4thgsoin5q.cloudfront.net.
TLS certificate: Issued by Amazon on March 19th 2021. Valid for: a year.

This is the only time d1rt4thgsoin5q.cloudfront.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: US Government (Government)

Domain & IP information

	IP Address	AS Autonomous System
37	2600:9000:219... 2600:9000:2190:b000:9:e3a3:6f80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
3	52.217.142.217 52.217.142.217	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1 4	3.211.188.98 3.211.188.98	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700:303... 2606:4700:3031::ac43:91b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6813:9408	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.28.224.120 52.28.224.120	16509 (AMAZON-02) (AMAZON-02)
54	8

37 2600:9000:2190:b000:9:e3a3:6f80:93a1 (United States)

ASN16509 (AMAZON-02, US)

d1rt4thgsoin5q.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.217.142.217 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

app-usa-modeast-prod-a01239f-ecas.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.211.188.98 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-188-98.compute-1.amazonaws.com

search.usa.gov	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::ac43:91b0 (United States)

ASN13335 (CLOUDFLARENET, US)

siteimproveanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.224.120 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-224-120.eu-central-1.compute.amazonaws.com

51567.global.siteimproveanalytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	cloudfront.net d1rt4thgsoin5q.cloudfront.net	359 KB
4	crazyegg.com script.crazyegg.com	25 KB
4	usa.gov 1 redirects search.usa.gov	46 KB
3	google-analytics.com www.google-analytics.com	19 KB
3	amazonaws.com app-usa-modeast-prod-a01239f-ecas.s3.amazonaws.com	643 KB
2	googletagmanager.com www.googletagmanager.com	112 KB
1	siteimproveanalytics.io 51567.global.siteimproveanalytics.io	650 B
1	siteimproveanalytics.com siteimproveanalytics.com	9 KB
54	8

	Domain	Requested by
37	d1rt4thgsoin5q.cloudfront.net	d1rt4thgsoin5q.cloudfront.net
4	script.crazyegg.com	d1rt4thgsoin5q.cloudfront.net script.crazyegg.com
4	search.usa.gov	1 redirects d1rt4thgsoin5q.cloudfront.net search.usa.gov
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	app-usa-modeast-prod-a01239f-ecas.s3.amazonaws.com	d1rt4thgsoin5q.cloudfront.net
2	www.googletagmanager.com	d1rt4thgsoin5q.cloudfront.net
1	51567.global.siteimproveanalytics.io	d1rt4thgsoin5q.cloudfront.net
1	siteimproveanalytics.com	d1rt4thgsoin5q.cloudfront.net
54	8

This site contains links to these domains. Also see Links.

Domain
app-usa-modeast-prod-a01239f-ecas.s3.amazonaws.com
get2.adobe.com
www.archives.gov
bensguide.gpo.gov
www.senate.gov
www.house.gov
history.house.gov
www.supremecourt.gov
www.uscourts.gov
pueblo.gpo.gov
www.usa.gov
www.whitehouse.gov
ustr.gov
www.federalregister.gov
www.judiciary.senate.gov
www.facebook.com
twitter.com
usa.gov
www.youtube.com
www.instagram.com

Subject Issuer	Validity	Valid
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-01-11` - `2022-02-11`	a year	crt.sh
search.usa.gov R3	`2021-06-06` - `2021-09-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-06` - `2022-07-05`	a year	crt.sh
*.global.siteimproveanalytics.io DigiCert SHA2 Secure Server CA	`2020-03-30` - `2022-04-04`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government
Frame ID: D62B37A25F5E11DD6170AEC67066D5D7
Requests: 54 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i
headers server /^AmazonS3$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon S3 (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

headers server /^AmazonS3$/i

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /script\.crazyegg\.com\/pages\/scripts\/\d+\/\d+\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
html //i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

54
Requests

100 %
HTTPS

63 %
IPv6

8
Domains

8
Subdomains

8
IPs

2
Countries

1213 kB
Transfer

2122 kB
Size

4
Cookies

39 Outgoing links

These are links going to different origins than the main page.

URL: https://app-usa-modeast-prod-a01239f-ecas.s3.amazonaws.com/USA_Government_Branches_Infographic.pdf
Title: View a larger version of the infographic.

Search URL Search Domain Scan URL

URL: https://get2.adobe.com/reader/
Title: Download Adobe Reader

Search URL Search Domain Scan URL

URL: https://www.archives.gov/founding-docs/founding-fathers
Title: Founding Fathers

Search URL Search Domain Scan URL

URL: https://www.archives.gov/founding-docs/constitution
Title: U.S. Constitution

Search URL Search Domain Scan URL

URL: https://bensguide.gpo.gov/j-check-balance
Title: checks and balances

Search URL Search Domain Scan URL

URL: https://www.senate.gov/general/contact_information/senators_cfm.cfm
Title: Senate

Search URL Search Domain Scan URL

URL: https://www.house.gov/representatives
Title: House of Representatives

Search URL Search Domain Scan URL

URL: https://history.house.gov/Institution/Apportionment/Determining-Apportionment/
Title: number of representatives

Search URL Search Domain Scan URL

URL: http://www.senate.gov/senators/leadership.htm
Title: presiding officer of the Senate

Search URL Search Domain Scan URL

URL: https://www.supremecourt.gov/about/biographies.aspx
Title: Supreme Court

Search URL Search Domain Scan URL

URL: https://www.uscourts.gov/about-federal-courts
Title: Federal courts

Search URL Search Domain Scan URL

URL: https://pueblo.gpo.gov/Publications/PuebloPubs.php?PubID=6146
Title: download or order a kids' version of our 3 Branches poster

Search URL Search Domain Scan URL

URL: https://www.usa.gov/how-laws-are-made#item-35837
Title: drafts proposed laws

Search URL Search Domain Scan URL

URL: https://www.whitehouse.gov/about-the-white-house/our-government/the-executive-branch/
Title: executive branch

Search URL Search Domain Scan URL

URL: https://www.whitehouse.gov/administration/president-biden/
Title: President

Search URL Search Domain Scan URL

URL: https://www.whitehouse.gov/administration/vice-president-harris/
Title: Vice president

Search URL Search Domain Scan URL

URL: https://www.whitehouse.gov/administration/cabinet/
Title: The Cabinet

Search URL Search Domain Scan URL

URL: https://www.whitehouse.gov/nsc/
Title: National Security Council

Search URL Search Domain Scan URL

URL: https://ustr.gov/
Title: Office of the United States Trade Representative

Search URL Search Domain Scan URL

URL: https://www.usa.gov/federal-agencies/college-of-information-and-cyberspace
Title: College of Information and Cyberspace

Search URL Search Domain Scan URL

URL: https://www.usa.gov/federal-agencies/defense-counterintelligence-and-security-agency
Title: Defense Counterintelligence and Security Agency

Search URL Search Domain Scan URL

URL: https://www.usa.gov/federal-agencies/office-of-the-assistant-secretary-for-research-and-technology
Title: Office of the Assistant Secretary for Research and Technology

Search URL Search Domain Scan URL

URL: https://www.usa.gov/federal-agencies/office-on-violence-against-women
Title: Office of Violence Against Women

Search URL Search Domain Scan URL

URL: https://www.usa.gov/federal-agencies/u-s-international-development-finance-corporation
Title: U.S. International Development Finance Corporation

Search URL Search Domain Scan URL

URL: https://www.federalregister.gov/
Title: Federal Register

Search URL Search Domain Scan URL

URL: https://www.whitehouse.gov/about-the-white-house/the-judicial-branch/
Title: judicial branch

Search URL Search Domain Scan URL

URL: http://www.supremecourt.gov/
Title: Supreme Court

Search URL Search Domain Scan URL

URL: https://www.supremecourt.gov/about/justices.aspx
Title: Nine members

Search URL Search Domain Scan URL

URL: https://www.supremecourt.gov/about/faq_general.aspx
Title: six Justices

Search URL Search Domain Scan URL

URL: https://www.judiciary.senate.gov/nominations
Title: Senate Judiciary Committee

Search URL Search Domain Scan URL

URL: https://www.senate.gov/reference/reference_index_subjects/Cloture_vrd.htm
Title: cloture motion

Search URL Search Domain Scan URL

URL: https://app-usa-modeast-prod-a01239f-ecas.s3.amazonaws.com/SupremeCourt2019_Hires.png
Title: View a larger version of the infographic.

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.usa.gov/branches-of-government&v=3
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?source=webclient&text=Branches%20of%20the%20U.S.%20Government%20https://www.usa.gov/branches-of-government
Title:

Search URL Search Domain Scan URL

URL: https://usa.gov/espanol/contactenos
Title: En Español

Search URL Search Domain Scan URL

URL: https://www.facebook.com/USAgov

Search URL Search Domain Scan URL

URL: https://twitter.com/USAgov

Search URL Search Domain Scan URL

URL: https://www.youtube.com/usagov1

Search URL Search Domain Scan URL

URL: https://www.instagram.com/usagov/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42

https://search.usa.gov/javascripts/remote.loader.js HTTP 301
https://search.usa.gov/assets/sayt_loader.js

54 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request branches-of-government Show response
d1rt4thgsoin5q.cloudfront.net/ 169 KB
30 KB 80ms
27ms Document
text/html 2600:9000:2190:b000:9:e3a3:6f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1rt4thgsoin5q.cloudfront.net/branches-of-government

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:b000:9:e3a3:6f80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

585ab5b9d4c65c47a4449a9d40ead4d1071a7be7934336c2998dca0a23a1bc6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

:method: GET
:authority: d1rt4thgsoin5q.cloudfront.net
:scheme: https
:path: /branches-of-government
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html
date: Wed, 18 Aug 2021 22:34:11 GMT
last-modified: Wed, 18 Aug 2021 22:30:52 GMT
x-amz-version-id: HLTy81lKZmbxbdyZAFYh1Rj.1fUqC8.8
server: AmazonS3
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
etag: W/"2587e3d5c53dc9fdaf7dfe74e2736055"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: 5gIgrD6N5xlHhL7IfVMIlLgGS-MOWSFNqesFJrgzY5P3JEAACt0jGw==
age: 27

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 101 KB
40 KB 24ms
20ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-28227333-1

Requested by

Host: d1rt4thgsoin5q.cloudfront.net
URL: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

32a4af3f55feb7dff04abb5ff7763e5255dc5d6c3f033d295ed1da38d90033e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://d1rt4thgsoin5q.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 22:34:37 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41000
x-xss-protection: 0
last-modified: Wed, 18 Aug 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 18 Aug 2021 22:34:37 GMT

GET
H2 200 style.css
d1rt4thgsoin5q.cloudfront.net/css/ 238 KB
37 KB 35ms
31ms Stylesheet
text/css 2600:9000:2190:b000:9:e3a3:6f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1rt4thgsoin5q.cloudfront.net/css/style.css

Requested by

Host: d1rt4thgsoin5q.cloudfront.net
URL: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:b000:9:e3a3:6f80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

10f18226963e90874adda86d0f48640f7baca1b882d09088a18625bee19d4140

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

:path: /css/style.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: d1rt4thgsoin5q.cloudfront.net
referer: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 22:29:43 GMT
content-encoding: gzip
last-modified: Wed, 18 Aug 2021 21:45:48 GMT
server: AmazonS3
age: 295
etag: W/"b810246ad12e6aa35fb24584ea592fd1"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: text/css
via: 1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: ZRH50-C1
x-amz-version-id: sVBzlvfPQ.xsFmeCj0QcRTOdlKB1vXuX
x-amz-cf-id: GuNe23nkPvlBYirEEIsRcO3y2jEI3WqRFgnMM7wlAOZxGwLeSci_nA==

GET
H2 200 pagelevelsurvey.css
d1rt4thgsoin5q.cloudfront.net/css/ 6 KB
2 KB 21ms
18ms Stylesheet
text/css 2600:9000:2190:b000:9:e3a3:6f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1rt4thgsoin5q.cloudfront.net/css/pagelevelsurvey.css

Requested by

Host: d1rt4thgsoin5q.cloudfront.net
URL: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:b000:9:e3a3:6f80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

99b7e04f899e431ca3962204a6f656764666f7379bef7539b06c2ce330bfe806

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

:path: /css/pagelevelsurvey.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: d1rt4thgsoin5q.cloudfront.net
referer: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 22:25:02 GMT
content-encoding: gzip
last-modified: Wed, 18 Aug 2021 21:45:48 GMT
server: AmazonS3
age: 576
etag: W/"9165d11cc52c90d7e0217f7634939511"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: text/css
via: 1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: ZRH50-C1
x-amz-version-id: NfzPSoeH2ZcuCg9.fsa9_1uWkFkyLF5v
x-amz-cf-id: uP7-pNsLJDpyHowx6QGPyDQZWimlHCh0a5RUg5WHLtSrkJungSuxwA==

GET
H2 200 jquery-3.5.1.min.js Show response
d1rt4thgsoin5q.cloudfront.net/js/ 87 KB
31 KB 23ms
20ms Script
application/javascript 2600:9000:2190:b000:9:e3a3:6f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1rt4thgsoin5q.cloudfront.net/js/jquery-3.5.1.min.js

Requested by

Host: d1rt4thgsoin5q.cloudfront.net
URL: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:b000:9:e3a3:6f80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

:path: /js/jquery-3.5.1.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: d1rt4thgsoin5q.cloudfront.net
referer: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 22:25:02 GMT
content-encoding: gzip
last-modified: Wed, 18 Aug 2021 21:46:04 GMT
server: AmazonS3
age: 576
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
via: 1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: ZRH50-C1
x-amz-version-id: Hqiv9uV66vwZNxKsq.LHwFoGFSVTbws2
x-amz-cf-id: sEIcxEd1qDDeBIglyn_le8zF2zPJil2XQAdkVHM_41lTMK0PrjLxYg==

GET
H2 200 media_link_alter.js Show response
d1rt4thgsoin5q.cloudfront.net/js/ 956 B
1 KB 21ms
18ms Script
application/javascript 2600:9000:2190:b000:9:e3a3:6f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1rt4thgsoin5q.cloudfront.net/js/media_link_alter.js

Requested by

Host: d1rt4thgsoin5q.cloudfront.net
URL: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:b000:9:e3a3:6f80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

50f2f732de828337235fec6ddfaa04c3a9dcf529d89e7872f3f4107dc40fc54a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

:path: /js/media_link_alter.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: d1rt4thgsoin5q.cloudfront.net
referer: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 22:25:02 GMT
via: 1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
last-modified: Wed, 18 Aug 2021 21:46:04 GMT
server: AmazonS3
age: 576
etag: "2b42e4b953c961755c87d8317eec39eb"
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-cache: Hit from cloudfront
x-amz-version-id: .kdGLTHWlrqfzLdtckQBn2FcSrakMoJN
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript
content-length: 956
x-amz-cf-id: DvNdkq6GGzR_5he_eoDceoTZwn51jwKZKEweJRGUgUfKRlmC7Nz27A==

GET
H2 200 accordion-from-content.js Show response
d1rt4thgsoin5q.cloudfront.net/js/ 4 KB
2 KB 36ms
34ms Script
application/javascript 2600:9000:2190:b000:9:e3a3:6f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1rt4thgsoin5q.cloudfront.net/js/accordion-from-content.js

Requested by

Host: d1rt4thgsoin5q.cloudfront.net
URL: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:b000:9:e3a3:6f80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fda991a43fd51d1a3cc76eae8ce92142a5decfe797d3de71da3bb55cf9a7e519

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

:path: /js/accordion-from-content.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: d1rt4thgsoin5q.cloudfront.net
referer: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 22:29:43 GMT
content-encoding: gzip
last-modified: Wed, 18 Aug 2021 21:46:04 GMT
server: AmazonS3
age: 295
etag: W/"f1179864e8cb65b905c008932af26228"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
via: 1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: ZRH50-C1
x-amz-version-id: _qKvRkK.cPjvrOye86Om6xALyJ1jWust
x-amz-cf-id: 4gdFDyRtWb8Qts4YzSIMs3OIvQMflaXopCpBxpd1fMu-5hGU35Ur3w==

GET
H2 200 respond.js Show response
d1rt4thgsoin5q.cloudfront.net/js/ 10 KB
4 KB 31ms
29ms Script
application/javascript 2600:9000:2190:b000:9:e3a3:6f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1rt4thgsoin5q.cloudfront.net/js/respond.js

Requested by

Host: d1rt4thgsoin5q.cloudfront.net
URL: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:b000:9:e3a3:6f80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

57290708c28b937a984a5fb960c32f9e4067a34a5c0ce5aeeaebf07d96f3dce6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

:path: /js/respond.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: d1rt4thgsoin5q.cloudfront.net
referer: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 22:33:21 GMT
content-encoding: gzip
last-modified: Wed, 18 Aug 2021 22:31:07 GMT
server: AmazonS3
age: 77
etag: W/"4988394750ae202ae3418144281ae21b"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
via: 1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: ZRH50-C1
x-amz-version-id: 3zFuppLddY01lFFIpcL28IPqrBx7g5dQ
x-amz-cf-id: RgEuyn8bjpTNnsO1KmvGtNcBG0nj-8g34HYWewPYfAlDvrd4hSYDPg==

GET
H2 200 platform.js Show response
d1rt4thgsoin5q.cloudfront.net/js/ 3 KB
1 KB 35ms
33ms Script
application/javascript 2600:9000:2190:b000:9:e3a3:6f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1rt4thgsoin5q.cloudfront.net/js/platform.js

Requested by

Host: d1rt4thgsoin5q.cloudfront.net
URL: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:b000:9:e3a3:6f80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2ec21222b6afcdf7998b105c4af9b5a67117444da91c924a0d22c16095507265

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

:path: /js/platform.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: d1rt4thgsoin5q.cloudfront.net
referer: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 22:33:21 GMT
content-encoding: gzip
last-modified: Wed, 18 Aug 2021 22:31:07 GMT
server: AmazonS3
age: 77
etag: W/"1764f2a4a2dca3f9abcf3db6cfd8ef60"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
via: 1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: ZRH50-C1
x-amz-version-id: nVU6i5VEixCLgUTsNIFvBHDlDehXUHBg
x-amz-cf-id: XduOokzlk0BmOaK-62Qlc7Xloq-usdop0vpzdiFT3tRh2klFz2SR-Q==

GET
H2 200 menu.js Show response
d1rt4thgsoin5q.cloudfront.net/js/ 11 KB
3 KB 36ms
34ms Script
application/javascript 2600:9000:2190:b000:9:e3a3:6f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1rt4thgsoin5q.cloudfront.net/js/menu.js

Requested by

Host: d1rt4thgsoin5q.cloudfront.net
URL: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:b000:9:e3a3:6f80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

cdf74299b97492ee6a64a5ba9dd31ef92b908046518857b907dfa0d4849c0952

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

:path: /js/menu.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: d1rt4thgsoin5q.cloudfront.net
referer: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 22:33:21 GMT
content-encoding: gzip
last-modified: Wed, 18 Aug 2021 22:31:07 GMT
server: AmazonS3
age: 77
etag: W/"31f47acfdcd210cb346d1b8ddd0c6d81"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
via: 1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: ZRH50-C1
x-amz-version-id: xErOLpWRmbfiYei6yy97CCmvvZfBCCFY
x-amz-cf-id: akp8eVP-5YpneDpfR-HPUVfVGTd4dG3_IM0PPFPprHv1BxPLO16Jtw==

GET
H2 200 standardsModifications.js Show response
d1rt4thgsoin5q.cloudfront.net/js/ 7 KB
3 KB 21ms
19ms Script
application/javascript 2600:9000:2190:b000:9:e3a3:6f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1rt4thgsoin5q.cloudfront.net/js/standardsModifications.js

Requested by

Host: d1rt4thgsoin5q.cloudfront.net
URL: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:b000:9:e3a3:6f80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f51c0d57665865650950096d3f76d8d74d914b81edb02a4306f0f1ab768eb0e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

:path: /js/standardsModifications.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: d1rt4thgsoin5q.cloudfront.net
referer: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 22:25:02 GMT
content-encoding: gzip
last-modified: Wed, 18 Aug 2021 21:46:04 GMT
server: AmazonS3
age: 576
etag: W/"71db7b11e4cd10714a59b3fa167fdb50"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
via: 1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: ZRH50-C1
x-amz-version-id: JCWOi08ITKkGQmAvxtLO9.3vO2apQ9Th
x-amz-cf-id: 7uoAunHhUxpSSPIAV99zm__0sSH0S4b5J6OKwTyR5Yi81ratIxWTBA==

GET
H2 200 modal.js Show response
d1rt4thgsoin5q.cloudfront.net/js/ 6 KB
3 KB 26ms
24ms Script
application/javascript 2600:9000:2190:b000:9:e3a3:6f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1rt4thgsoin5q.cloudfront.net/js/modal.js

Requested by

Host: d1rt4thgsoin5q.cloudfront.net
URL: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:b000:9:e3a3:6f80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

96d3c4b3e449cea6187f1afe4938cfed96eb0bf0e249b6fb1b79203e38b23f5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

:path: /js/modal.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: d1rt4thgsoin5q.cloudfront.net
referer: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 22:33:21 GMT
content-encoding: gzip
last-modified: Wed, 18 Aug 2021 22:31:07 GMT
server: AmazonS3
age: 77
etag: W/"bd40977c07f3cacb3bd0dceefa0dfe39"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
via: 1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: ZRH50-C1
x-amz-version-id: 0IKxlqrUuZLoHFWFMTAvkpa9gYfnxgEh
x-amz-cf-id: -a5afxF1Qly2gGlfEKLZplSAjY4bJVI4bzwbcbfDU3IhmBrQbiHjUg==

GET
H2 200 states.js Show response
d1rt4thgsoin5q.cloudfront.net/js/ 898 B
1 KB 36ms
34ms Script
application/javascript 2600:9000:2190:b000:9:e3a3:6f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1rt4thgsoin5q.cloudfront.net/js/states.js

Requested by

Host: d1rt4thgsoin5q.cloudfront.net
URL: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:b000:9:e3a3:6f80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c3e3507e42e36a8e58713261e873dfdb08ef6804cab0b743877a77ce0d203780

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

:path: /js/states.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: d1rt4thgsoin5q.cloudfront.net
referer: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 22:33:21 GMT
via: 1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
last-modified: Wed, 18 Aug 2021 22:31:07 GMT
server: AmazonS3
age: 77
etag: "44377da1bbb56a5df3e728dab7d33a04"
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-cache: Hit from cloudfront
x-amz-version-id: EVpoz0mW9N7h8xXcamLjaoUWeZ0Eh5Za
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript
content-length: 898
x-amz-cf-id: pOFLfaIPlZ_pzYQBRYtBZWTzi8CS6B7DrNZDnRasEh-KKHHqlZo5hg==

GET
H2 200 homepage.js Show response
d1rt4thgsoin5q.cloudfront.net/js/ 2 KB
1 KB 20ms
19ms Script
application/javascript 2600:9000:2190:b000:9:e3a3:6f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1rt4thgsoin5q.cloudfront.net/js/homepage.js

Requested by

Host: d1rt4thgsoin5q.cloudfront.net
URL: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:b000:9:e3a3:6f80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a90140e6dd9c262ccf1bd4f2fd37131d0bf493b73cf53f593c8e934a8f885396

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

:path: /js/homepage.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: d1rt4thgsoin5q.cloudfront.net
referer: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 22:25:02 GMT
content-encoding: gzip
last-modified: Wed, 18 Aug 2021 21:46:04 GMT
server: AmazonS3
age: 576
etag: W/"0ab8178eebb2694185e1f283a3b05f22"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
via: 1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: ZRH50-C1
x-amz-version-id: gxLDyGtvbRLk6xz6_dtc6vZBjXaaYOWu
x-amz-cf-id: ZGJmM791H2M68uHO7hDjfoc9Lv26LV3XML_ni4nr0woffbiOuNoEWQ==

GET
H2 200 uswds.js Show response
d1rt4thgsoin5q.cloudfront.net/js/ 47 KB
14 KB 30ms
29ms Script
application/javascript 2600:9000:2190:b000:9:e3a3:6f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1rt4thgsoin5q.cloudfront.net/js/uswds.js

Requested by

Host: d1rt4thgsoin5q.cloudfront.net
URL: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:b000:9:e3a3:6f80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

62a6d5fbba7a4068ea4c6c39bdee30c208d4db2ace96a060cbcfea042ebd5eab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

:path: /js/uswds.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: d1rt4thgsoin5q.cloudfront.net
referer: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 22:33:21 GMT
content-encoding: gzip
last-modified: Wed, 18 Aug 2021 22:31:07 GMT
server: AmazonS3
age: 77
etag: W/"cc95a866d9307dd354395f1cdf8e1b89"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
via: 1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: ZRH50-C1
x-amz-version-id: b.9Bo3qxZGlZv0R0_ttNFamU1E3MRmcO
x-amz-cf-id: 4soFwDIo-aSPVS31-mK8UZE8yqzhDDhJAKY4aBGICHxTVuiHTWPHOQ==

GET
H2 200 favicon-57.png
d1rt4thgsoin5q.cloudfront.net/images/ 526 B
929 B 22ms
22ms Image
image/png 2600:9000:2190:b000:9:e3a3:6f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1rt4thgsoin5q.cloudfront.net/images/favicon-57.png

Requested by

Host: d1rt4thgsoin5q.cloudfront.net
URL: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:b000:9:e3a3:6f80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6c279cc4e37124eea5498dac89af9392a67bfba3251b3b2bde42c7cd24b91ce9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

:path: /images/favicon-57.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: d1rt4thgsoin5q.cloudfront.net
referer: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 22:25:03 GMT
via: 1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
last-modified: Wed, 18 Aug 2021 21:46:04 GMT
server: AmazonS3
age: 575
etag: "a8acd268b5437846a6e330716bc57804"
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-cache: Hit from cloudfront
x-amz-version-id: 3fTSatazz4Wkyld4WyiZCpw5MNkILT4_
x-amz-cf-pop: ZRH50-C1
content-type: image/png
content-length: 526
x-amz-cf-id: 5zJFzXvQJzCRF2Nez1bxEqXpWiGNieafXC-bIHKdmzYYvkChKZtJgw==

GET
H2 200 icon-dot-gov.svg
d1rt4thgsoin5q.cloudfront.net/images/ 651 B
1 KB 27ms
23ms Image
image/svg+xml 2600:9000:2190:b000:9:e3a3:6f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1rt4thgsoin5q.cloudfront.net/images/icon-dot-gov.svg

Requested by

Host: d1rt4thgsoin5q.cloudfront.net
URL: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:b000:9:e3a3:6f80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d864af09acd0424cfed830c1910b3df6ed7f484bb93c13681c8a9dbb16147daf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

:path: /images/icon-dot-gov.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: d1rt4thgsoin5q.cloudfront.net
referer: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 22:25:03 GMT
via: 1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
last-modified: Wed, 18 Aug 2021 21:46:04 GMT
server: AmazonS3
age: 575
etag: "cdd13dd30a04e47b6eb00eda6060a1d8"
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-cache: Hit from cloudfront
x-amz-version-id: 9BLTFTG7cqtayfR7vymbTr4B8Ac4rn7d
x-amz-cf-pop: ZRH50-C1
content-type: image/svg+xml
content-length: 651
x-amz-cf-id: n0vfbdheFaaeDcBXIeW_inU-o37xSzeo7hG3SrveVnDlDRE4ofI-oA==

GET
H2 200 icon-https.svg
d1rt4thgsoin5q.cloudfront.net/images/ 518 B
924 B 26ms
22ms Image
image/svg+xml 2600:9000:2190:b000:9:e3a3:6f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1rt4thgsoin5q.cloudfront.net/images/icon-https.svg

Requested by

Host: d1rt4thgsoin5q.cloudfront.net
URL: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:b000:9:e3a3:6f80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fc3f89387d29f9cf14a19103085f91348ea029d6fdbce78add1f129bbcd9d032

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

:path: /images/icon-https.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: d1rt4thgsoin5q.cloudfront.net
referer: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 22:25:03 GMT
via: 1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
last-modified: Wed, 18 Aug 2021 21:46:04 GMT
server: AmazonS3
age: 575
etag: "c7c1e46fb55f5d11df826e0deb61c127"
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-cache: Hit from cloudfront
x-amz-version-id: 5EVpdDDCbd6SG34yOLcLY5YAnPf.sklD
x-amz-cf-pop: ZRH50-C1
content-type: image/svg+xml
content-length: 518
x-amz-cf-id: Gq6Pd3Ky8sV8YkRltkdDAiRzlf7ZTgU6KmCMrBUQak6qk9OVURIC7w==

GET
H/1.1 200
OK Logo_USAGov.png
app-usa-modeast-prod-a01239f-ecas.s3.amazonaws.com/ 9 KB
9 KB 433ms
135ms Image
image/png 52.217.142.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app-usa-modeast-prod-a01239f-ecas.s3.amazonaws.com/Logo_USAGov.png
Requested by: Host: d1rt4thgsoin5q.cloudfront.net
URL: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.142.217 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: b3e177f5dc328128bbdcf56c7e61c4440e99079b0e31ddf83d7cd0c20c41f64b

Request headers

Referer: https://d1rt4thgsoin5q.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
Date: Wed, 18 Aug 2021 22:34:39 GMT
Last-Modified: Fri, 03 Jan 2020 20:30:30 GMT
Server: AmazonS3
x-amz-request-id: KVQCF9J8JBCX3FJC
ETag: "b56f34411a4a810459aa701955e6efb7"
x-amz-version-id: null
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 9255
x-amz-id-2: BRogJa1SPbfffAohvr56t/AVHBmc338Yjo7pYS7npQaaD146XprlpR4vGvwvNzgab0/AZmYETpg=

GET
H3-29 200 gtm.js Show response
www.googletagmanager.com/ 273 KB
72 KB 38ms
34ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KV4BZFD

Requested by

Host: d1rt4thgsoin5q.cloudfront.net
URL: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

209be2933d59c719e250131e55ca99b5e40ec18cfe64d4e7e6f87442f563a9bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://d1rt4thgsoin5q.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 22:34:37 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73560
x-xss-protection: 0
last-modified: Wed, 18 Aug 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 18 Aug 2021 22:34:37 GMT

GET
H2 200 print.css
d1rt4thgsoin5q.cloudfront.net/css/ 2 KB
1 KB 28ms
27ms Stylesheet
text/css 2600:9000:2190:b000:9:e3a3:6f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1rt4thgsoin5q.cloudfront.net/css/print.css

Requested by

Host: d1rt4thgsoin5q.cloudfront.net
URL: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:b000:9:e3a3:6f80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b1b2d26984d7bd057a8b05e362e7beb44d65f93368cf0b9500d699bf2ff62f85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

:path: /css/print.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: d1rt4thgsoin5q.cloudfront.net
referer: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 22:31:42 GMT
content-encoding: gzip
last-modified: Wed, 18 Aug 2021 22:30:53 GMT
server: AmazonS3
age: 176
etag: W/"d44f742a743e8e0ea436c06d94704916"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: text/css
via: 1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: ZRH50-C1
x-amz-version-id: l5PdWmC5N9UaTk91XfFHL8km.AUhx9jk
x-amz-cf-id: 9tpOj69d0HRqVzOKNoUY4mHUNBp3-_AQznKSRilePrv0ynrmgRsaVA==

GET
H2 200 Icon_New_Screen.png
d1rt4thgsoin5q.cloudfront.net/sites/all/themes/usa/images/ 261 B
656 B 172ms
168ms Image
image/png 2600:9000:2190:b000:9:e3a3:6f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1rt4thgsoin5q.cloudfront.net/sites/all/themes/usa/images/Icon_New_Screen.png

Requested by

Host: d1rt4thgsoin5q.cloudfront.net
URL: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:b000:9:e3a3:6f80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a75d2071b457d204013bd7f44b336ee2361ab8452275681440757a05afb5d41c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

:path: /sites/all/themes/usa/images/Icon_New_Screen.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: d1rt4thgsoin5q.cloudfront.net
referer: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 22:34:38 GMT
via: 1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
last-modified: Wed, 18 Aug 2021 22:31:08 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "5aa0ceafdb7094ef7e09653481a2f619"
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-cache: Miss from cloudfront
x-amz-version-id: HQFMwK8GnyxpM34Y45Lh7DcURvvVne0F
content-type: image/png
content-length: 261
x-amz-cf-id: XezEvSZKHlHZ1T8DBANJwcwKUjRVYSx--EHaOyWNoBo_gQfnpw8AtA==

GET
H/1.1 200
OK USA_Government_Branches_Infographic.png
app-usa-modeast-prod-a01239f-ecas.s3.amazonaws.com/ 355 KB
356 KB 425ms
126ms Image
image/png 52.217.142.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app-usa-modeast-prod-a01239f-ecas.s3.amazonaws.com/USA_Government_Branches_Infographic.png
Requested by: Host: d1rt4thgsoin5q.cloudfront.net
URL: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.142.217 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: cc6e9fe306a91d61dacba98cff370ca9a18584dddd0543c9a768d9bc4480a9ed

Request headers

Referer: https://d1rt4thgsoin5q.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
Date: Wed, 18 Aug 2021 22:34:39 GMT
Last-Modified: Fri, 03 Jan 2020 20:30:38 GMT
Server: AmazonS3
x-amz-request-id: KVQCPJ646ZW69BMG
ETag: "f4f507c05e44b475526a96f0db9bd2bc"
x-amz-version-id: null
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 363800
x-amz-id-2: 82fgwlTSy9a2BNS64l4k0nvm5KmauXbuNNG+wLOdLFE7BswnKNLrRNcAfcLb1bBpHxPGIOxbAr4=

GET
H/1.1 200
OK SupremeCourt2019.png
app-usa-modeast-prod-a01239f-ecas.s3.amazonaws.com/ 277 KB
277 KB 421ms
122ms Image
image/png 52.217.142.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app-usa-modeast-prod-a01239f-ecas.s3.amazonaws.com/SupremeCourt2019.png
Requested by: Host: d1rt4thgsoin5q.cloudfront.net
URL: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.142.217 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: d59cd61ca3fc3d32a7cf6b8895d30b31db6b6622effab8306f541e8f26f11b40

Request headers

Referer: https://d1rt4thgsoin5q.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
Date: Wed, 18 Aug 2021 22:34:39 GMT
Last-Modified: Fri, 03 Jan 2020 20:30:35 GMT
Server: AmazonS3
x-amz-request-id: KVQ1QVCGM5FJCWX1
ETag: "742722a0222e2f1d72f2eba67734c1ac"
x-amz-version-id: null
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 283671
x-amz-id-2: D1pp54jzpnE7pCEmcMxGgnK60BAvwXm1Y/cV1I96DJazancUUaenZM4vL/1n6LuNmbp6O7Di5io=

GET
H2 200 Icon_Connect_Facebook.png
d1rt4thgsoin5q.cloudfront.net/images/ 15 KB
15 KB 35ms
32ms Image
image/png 2600:9000:2190:b000:9:e3a3:6f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1rt4thgsoin5q.cloudfront.net/images/Icon_Connect_Facebook.png

Requested by

Host: d1rt4thgsoin5q.cloudfront.net
URL: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:b000:9:e3a3:6f80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0589997eb17e168a2e17770a4c47cc3fa1c731c490b9cb90204dca08ebebd9bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

:path: /images/Icon_Connect_Facebook.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: d1rt4thgsoin5q.cloudfront.net
referer: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 22:29:43 GMT
via: 1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
last-modified: Wed, 18 Aug 2021 21:46:03 GMT
server: AmazonS3
age: 295
etag: "52aef2994ce946c9aee4e43dec91827c"
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-cache: Hit from cloudfront
x-amz-version-id: CVEO.tZzqK_H20tB79QtmGyY4KPFegZc
x-amz-cf-pop: ZRH50-C1
content-type: image/png
content-length: 15381
x-amz-cf-id: gWXNHMC9lu_jnE6GAx8cISAooaQoJrP3YBz_3K0wP_sR6cDG8YhY2A==

GET
H2 200 Icon_Connect_Twitter.png
d1rt4thgsoin5q.cloudfront.net/images/ 16 KB
16 KB 29ms
26ms Image
image/png 2600:9000:2190:b000:9:e3a3:6f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1rt4thgsoin5q.cloudfront.net/images/Icon_Connect_Twitter.png

Requested by

Host: d1rt4thgsoin5q.cloudfront.net
URL: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:b000:9:e3a3:6f80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fb088bc4c344a79622175057f55c9f05a8c2186a2d1c3a8fe744e2857079166c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

:path: /images/Icon_Connect_Twitter.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: d1rt4thgsoin5q.cloudfront.net
referer: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 22:25:04 GMT
via: 1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
last-modified: Wed, 18 Aug 2021 21:46:03 GMT
server: AmazonS3
age: 574
etag: "1598c2b943d4a4e8230323871f76bc58"
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-cache: Hit from cloudfront
x-amz-version-id: HMZTCRoXfBaa.5urNe4ZXyIaGr6Qbnmd
x-amz-cf-pop: ZRH50-C1
content-type: image/png
content-length: 16006
x-amz-cf-id: grjfN9zuDd6LJl9IMGLYenn8MP1FLEP8OdQOsmhpLwsUJsHmU_-4JA==

GET
H2 200 Icon_Connect_Email.png
d1rt4thgsoin5q.cloudfront.net/images/ 16 KB
16 KB 29ms
26ms Image
image/png 2600:9000:2190:b000:9:e3a3:6f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1rt4thgsoin5q.cloudfront.net/images/Icon_Connect_Email.png

Requested by

Host: d1rt4thgsoin5q.cloudfront.net
URL: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:b000:9:e3a3:6f80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7887dab6abbda547c5f100a20b3d8ff1c774d0cf98a84bf1f8cfdf304fa70b3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

:path: /images/Icon_Connect_Email.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: d1rt4thgsoin5q.cloudfront.net
referer: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 22:29:43 GMT
via: 1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
last-modified: Wed, 18 Aug 2021 21:46:03 GMT
server: AmazonS3
age: 295
etag: "2a9530ce4548290854be3a73e40ec440"
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-cache: Hit from cloudfront
x-amz-version-id: WGu4rYJyMiAa_PCDqyqFl.82ywa.Ta_U
x-amz-cf-pop: ZRH50-C1
content-type: image/png
content-length: 16421
x-amz-cf-id: cXnjwJX4vP9QlNMo1BKAk90hOz3ob8vyblRvaTKC4hmeKApzJVWOnA==

GET
H2 200 Icon_Connect_Facebook.png
d1rt4thgsoin5q.cloudfront.net/sites/all/themes/usa/images/ 15 KB
15 KB 35ms
32ms Image
image/png 2600:9000:2190:b000:9:e3a3:6f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1rt4thgsoin5q.cloudfront.net/sites/all/themes/usa/images/Icon_Connect_Facebook.png

Requested by

Host: d1rt4thgsoin5q.cloudfront.net
URL: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:b000:9:e3a3:6f80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0589997eb17e168a2e17770a4c47cc3fa1c731c490b9cb90204dca08ebebd9bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

:path: /sites/all/themes/usa/images/Icon_Connect_Facebook.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: d1rt4thgsoin5q.cloudfront.net
referer: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 22:26:09 GMT
via: 1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
last-modified: Wed, 18 Aug 2021 21:46:06 GMT
server: AmazonS3
age: 509
etag: "52aef2994ce946c9aee4e43dec91827c"
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-cache: Hit from cloudfront
x-amz-version-id: jrLXhpFIHLJvgsTv_VXtUvAXrAgOyi5D
x-amz-cf-pop: ZRH50-C1
content-type: image/png
content-length: 15381
x-amz-cf-id: ZohUxwojIzKvpOgZ0j8yIy_ppvBm5Xv5GGjM_rkQBNU3L3JWCRMyRg==

GET
H2 200 Icon_Connect_Twitter.png
d1rt4thgsoin5q.cloudfront.net/sites/all/themes/usa/images/ 16 KB
16 KB 32ms
30ms Image
image/png 2600:9000:2190:b000:9:e3a3:6f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1rt4thgsoin5q.cloudfront.net/sites/all/themes/usa/images/Icon_Connect_Twitter.png

Requested by

Host: d1rt4thgsoin5q.cloudfront.net
URL: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:b000:9:e3a3:6f80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fb088bc4c344a79622175057f55c9f05a8c2186a2d1c3a8fe744e2857079166c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

:path: /sites/all/themes/usa/images/Icon_Connect_Twitter.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: d1rt4thgsoin5q.cloudfront.net
referer: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 22:26:09 GMT
via: 1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
last-modified: Wed, 18 Aug 2021 21:46:06 GMT
server: AmazonS3
age: 509
etag: "1598c2b943d4a4e8230323871f76bc58"
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-cache: Hit from cloudfront
x-amz-version-id: B8CURXNHIElisj1x_foxHoUhyIXGsSJd
x-amz-cf-pop: ZRH50-C1
content-type: image/png
content-length: 16006
x-amz-cf-id: V2cQOwM3EhkwFHSSWp5lReHNItMUGPNJibQRrrrgdBN_yIjt8OlmeQ==

GET
H2 200 Icon_Connect_Youtube.png
d1rt4thgsoin5q.cloudfront.net/sites/all/themes/usa/images/ 16 KB
16 KB 34ms
31ms Image
image/png 2600:9000:2190:b000:9:e3a3:6f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1rt4thgsoin5q.cloudfront.net/sites/all/themes/usa/images/Icon_Connect_Youtube.png

Requested by

Host: d1rt4thgsoin5q.cloudfront.net
URL: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:b000:9:e3a3:6f80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

19dee6377cad0c4592453ce87f052cb72100f69e673662a3bbffdfc3b7d74b84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

:path: /sites/all/themes/usa/images/Icon_Connect_Youtube.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: d1rt4thgsoin5q.cloudfront.net
referer: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 22:29:43 GMT
via: 1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
last-modified: Wed, 18 Aug 2021 21:46:06 GMT
server: AmazonS3
age: 295
etag: "65802e5d55f5b6b6985ccfcd045e4765"
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-cache: Hit from cloudfront
x-amz-version-id: 7zaDWpkzBvK3qJ3BYgJ6Rx4QabT807Fa
x-amz-cf-pop: ZRH50-C1
content-type: image/png
content-length: 16404
x-amz-cf-id: nGFG_yba3-5cJ7dIeRmH-ynHTq2a1aYPIYECfy33WSVQhHHZ_E7sCw==

GET
H2 200 Icon_Connect_Instragram.png
d1rt4thgsoin5q.cloudfront.net/sites/all/themes/usa/images/ 16 KB
17 KB 27ms
25ms Image
image/png 2600:9000:2190:b000:9:e3a3:6f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1rt4thgsoin5q.cloudfront.net/sites/all/themes/usa/images/Icon_Connect_Instragram.png

Requested by

Host: d1rt4thgsoin5q.cloudfront.net
URL: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:b000:9:e3a3:6f80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ed02b586750118e54c868d24e72baa5265803de7b12dd954f5ca433ccf354ed7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

:path: /sites/all/themes/usa/images/Icon_Connect_Instragram.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: d1rt4thgsoin5q.cloudfront.net
referer: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 22:26:09 GMT
via: 1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
last-modified: Wed, 18 Aug 2021 21:46:06 GMT
server: AmazonS3
age: 509
etag: "da0f97b5a23d2417dadec8031708adbc"
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-cache: Hit from cloudfront
x-amz-version-id: bWxA8cH69Rm2YhZAQNoAcb4eolAuizfw
x-amz-cf-pop: ZRH50-C1
content-type: image/png
content-length: 16595
x-amz-cf-id: 3YNQy79LzsAATBEIoetpqO9eVf9oYXFUQfpV9l88tnq2lhTGnh-v3A==

GET
H2 200 tooltip.js Show response
d1rt4thgsoin5q.cloudfront.net/js/ 4 KB
2 KB 21ms
20ms Script
application/javascript 2600:9000:2190:b000:9:e3a3:6f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1rt4thgsoin5q.cloudfront.net/js/tooltip.js

Requested by

Host: d1rt4thgsoin5q.cloudfront.net
URL: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:b000:9:e3a3:6f80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f81521a24b337c1336e3101c98197418a732ab6745af6071d6e4b18f8713711d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

:path: /js/tooltip.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: d1rt4thgsoin5q.cloudfront.net
referer: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 22:32:35 GMT
content-encoding: gzip
last-modified: Wed, 18 Aug 2021 22:31:07 GMT
server: AmazonS3
age: 123
etag: W/"4d969d257edbd7dc0ce1c165770747b2"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
via: 1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: ZRH50-C1
x-amz-version-id: 8pGAlXN7_5D5BS0rf8Grrv6OZ0B2En71
x-amz-cf-id: 037EY5f_O640F7-ZP3fLPQHqMLXwMVGtGtHJ6TxkPOAXGxukpUy_-w==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-28227333-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://d1rt4thgsoin5q.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 3483
date: Wed, 18 Aug 2021 21:36:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Wed, 18 Aug 2021 23:36:34 GMT

GET
H2 200 angle-arrow-down-primary.svg
d1rt4thgsoin5q.cloudfront.net/images/ 536 B
942 B 26ms
26ms Image
image/svg+xml 2600:9000:2190:b000:9:e3a3:6f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1rt4thgsoin5q.cloudfront.net/images/angle-arrow-down-primary.svg

Requested by

Host: d1rt4thgsoin5q.cloudfront.net
URL: https://d1rt4thgsoin5q.cloudfront.net/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:b000:9:e3a3:6f80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1f8ea9a3af64f407b039e6e0e423b40702641e1ce2f1583409e821311a9ee7a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

:path: /images/angle-arrow-down-primary.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: d1rt4thgsoin5q.cloudfront.net
referer: https://d1rt4thgsoin5q.cloudfront.net/css/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://d1rt4thgsoin5q.cloudfront.net/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 22:26:09 GMT
via: 1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
last-modified: Wed, 18 Aug 2021 21:46:04 GMT
server: AmazonS3
age: 509
etag: "64f4e9687ab10d5205dfb2a13314ddeb"
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-cache: Hit from cloudfront
x-amz-version-id: CkOgtCp9z19TYuh08MYWpVsT_XopRhq5
x-amz-cf-pop: ZRH50-C1
content-type: image/svg+xml
content-length: 536
x-amz-cf-id: g1WdeQ9zkVjjPIIbamaZo9R8ylKA5Xs94TA6h22-X9PyG2DzQ5jz7A==

GET
H2 200 sourcesanspro-regular-webfont.woff2
d1rt4thgsoin5q.cloudfront.net/fonts/ 23 KB
24 KB 161ms
160ms Font
binary/octet-stream 2600:9000:2190:b000:9:e3a3:6f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1rt4thgsoin5q.cloudfront.net/fonts/sourcesanspro-regular-webfont.woff2

Requested by

Host: d1rt4thgsoin5q.cloudfront.net
URL: https://d1rt4thgsoin5q.cloudfront.net/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:b000:9:e3a3:6f80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

cb03c54300164fcc8b068bf1cd8b419e6f8eb5cb44d607f198be1997999cc488

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

:path: /fonts/sourcesanspro-regular-webfont.woff2
pragma: no-cache
origin: https://d1rt4thgsoin5q.cloudfront.net
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: d1rt4thgsoin5q.cloudfront.net
referer: https://d1rt4thgsoin5q.cloudfront.net/css/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://d1rt4thgsoin5q.cloudfront.net
Referer: https://d1rt4thgsoin5q.cloudfront.net/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 22:34:38 GMT
via: 1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
last-modified: Wed, 18 Aug 2021 22:31:05 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "699e5f09daf577ae815ddc7b920f8e24"
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-cache: Miss from cloudfront
x-amz-version-id: jHU.2HXXqWeNrKNshStvtES4kzkVp.Ic
content-type: binary/octet-stream
content-length: 23684
x-amz-cf-id: zOXe0QneF_dNxVKZZ8nLOKGPReEpzTSzDX3btdHc8sOb9avcskBWrQ==

GET
H2 200 search-dark.svg
d1rt4thgsoin5q.cloudfront.net/images/ 1 KB
1008 B 26ms
25ms Image
image/svg+xml 2600:9000:2190:b000:9:e3a3:6f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1rt4thgsoin5q.cloudfront.net/images/search-dark.svg

Requested by

Host: d1rt4thgsoin5q.cloudfront.net
URL: https://d1rt4thgsoin5q.cloudfront.net/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:b000:9:e3a3:6f80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8639916badd9024852fc2de1a04e35a4ef0cbcb145a6048f56184b60406da197

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

:path: /images/search-dark.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: d1rt4thgsoin5q.cloudfront.net
referer: https://d1rt4thgsoin5q.cloudfront.net/css/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://d1rt4thgsoin5q.cloudfront.net/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 22:26:09 GMT
content-encoding: gzip
last-modified: Wed, 18 Aug 2021 21:46:04 GMT
server: AmazonS3
age: 509
etag: W/"4949d1363d02d9104d723fb547f9d029"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/svg+xml
via: 1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: ZRH50-C1
x-amz-version-id: sYO482WLEeO3vLDMwfrbrgAfnuGK8qCN
x-amz-cf-id: JkIX1F802CfCJMLGGIhujNw7FOgR7sa6WggGK9ph4Y2ijOkog7HA2Q==

GET
H2 200 angle-arrow-down.svg
d1rt4thgsoin5q.cloudfront.net/images/ 536 B
940 B 24ms
24ms Image
image/svg+xml 2600:9000:2190:b000:9:e3a3:6f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1rt4thgsoin5q.cloudfront.net/images/angle-arrow-down.svg

Requested by

Host: d1rt4thgsoin5q.cloudfront.net
URL: https://d1rt4thgsoin5q.cloudfront.net/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:b000:9:e3a3:6f80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f29fa268e11c17ab5cfdaf8770a45dd5ecea090e02b0846e050d83382b6d35d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

:path: /images/angle-arrow-down.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: d1rt4thgsoin5q.cloudfront.net
referer: https://d1rt4thgsoin5q.cloudfront.net/css/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://d1rt4thgsoin5q.cloudfront.net/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 22:32:57 GMT
via: 1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
last-modified: Wed, 18 Aug 2021 22:31:06 GMT
server: AmazonS3
age: 101
etag: "c3c72a6ee199232be52daa761c4a7582"
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-cache: Hit from cloudfront
x-amz-version-id: Hff3sQoIvkfb_vcgc.3YgovCO7U1Jq_Z
x-amz-cf-pop: ZRH50-C1
content-type: image/svg+xml
content-length: 536
x-amz-cf-id: KsFILgBiwR_MK3tnu_YmzxEDKNKU863Qc80zifYvQWUrvtT5dh8QmQ==

GET
H2 200 Icon_Video_Transcript.png
d1rt4thgsoin5q.cloudfront.net/images/ 1 KB
1 KB 175ms
174ms Image
image/png 2600:9000:2190:b000:9:e3a3:6f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1rt4thgsoin5q.cloudfront.net/images/Icon_Video_Transcript.png

Requested by

Host: d1rt4thgsoin5q.cloudfront.net
URL: https://d1rt4thgsoin5q.cloudfront.net/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:b000:9:e3a3:6f80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2142971baf7444f8b4110794226549ba4671ec06f171d0dcac645848029cf60a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

:path: /images/Icon_Video_Transcript.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: d1rt4thgsoin5q.cloudfront.net
referer: https://d1rt4thgsoin5q.cloudfront.net/css/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://d1rt4thgsoin5q.cloudfront.net/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 22:34:38 GMT
via: 1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
last-modified: Wed, 18 Aug 2021 22:31:06 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "1ee9faae34182acc1f64e7a04f15bde3"
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-cache: Miss from cloudfront
x-amz-version-id: Fe9tGup9NiTZJCAwULO6CQNPjPOlHb0u
content-type: image/png
content-length: 1097
x-amz-cf-id: A4rF0BwjdmabYhXvVytkAz5M6VWNftU6yrYiWMtmhpZHzwNBm8fD_w==

GET
H2 200 Contact_Center_Icon.svg
d1rt4thgsoin5q.cloudfront.net/images/ 3 KB
2 KB 24ms
23ms Image
image/svg+xml 2600:9000:2190:b000:9:e3a3:6f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1rt4thgsoin5q.cloudfront.net/images/Contact_Center_Icon.svg

Requested by

Host: d1rt4thgsoin5q.cloudfront.net
URL: https://d1rt4thgsoin5q.cloudfront.net/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:b000:9:e3a3:6f80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

18b1f11bd6cc520de6a51b1301f06cf7f8cc418bddc21b5d5433f66c58132511

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

:path: /images/Contact_Center_Icon.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: d1rt4thgsoin5q.cloudfront.net
referer: https://d1rt4thgsoin5q.cloudfront.net/css/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://d1rt4thgsoin5q.cloudfront.net/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 22:32:35 GMT
content-encoding: gzip
last-modified: Wed, 18 Aug 2021 22:31:05 GMT
server: AmazonS3
age: 123
etag: W/"f29ea1b65c80efb77aaa435a4588771c"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/svg+xml
via: 1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: ZRH50-C1
x-amz-version-id: XSesnDKhjAdhX8jKrBqn0FkNk0SI4.Ry
x-amz-cf-id: 7ELJYYUqoMa5QHhVHJwGvu6478bOqGZ83tkzOe6wMSv0MIYb6GD8qg==

GET
H2 200 Icon_Back_to_Top_Blue.png
d1rt4thgsoin5q.cloudfront.net/images/ 2 KB
3 KB 26ms
17ms Image
image/png 2600:9000:2190:b000:9:e3a3:6f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1rt4thgsoin5q.cloudfront.net/images/Icon_Back_to_Top_Blue.png

Requested by

Host: d1rt4thgsoin5q.cloudfront.net
URL: https://d1rt4thgsoin5q.cloudfront.net/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:b000:9:e3a3:6f80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c8c18288f8fba811a0c42fb398a5c189e8220af7d0dc96e6e1da717ec8fa728a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

:path: /images/Icon_Back_to_Top_Blue.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: d1rt4thgsoin5q.cloudfront.net
referer: https://d1rt4thgsoin5q.cloudfront.net/css/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://d1rt4thgsoin5q.cloudfront.net/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 22:26:09 GMT
via: 1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
last-modified: Wed, 18 Aug 2021 21:46:03 GMT
server: AmazonS3
age: 509
etag: "f6180b97c3c7583227398dc61d85ac27"
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-cache: Hit from cloudfront
x-amz-version-id: YoGHy3RmSyqSyGArga2vfzt2RQBK26vx
x-amz-cf-pop: ZRH50-C1
content-type: image/png
content-length: 2342
x-amz-cf-id: Wxf1I3gcHH8M4vensd5YNJZM3V_rm40q8Gh3N-QDQ4qxtPjTLOTZQA==

GET
H2 200 sourcesanspro-bold-webfont.woff2
d1rt4thgsoin5q.cloudfront.net/fonts/ 23 KB
23 KB 163ms
155ms Font
binary/octet-stream 2600:9000:2190:b000:9:e3a3:6f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1rt4thgsoin5q.cloudfront.net/fonts/sourcesanspro-bold-webfont.woff2

Requested by

Host: d1rt4thgsoin5q.cloudfront.net
URL: https://d1rt4thgsoin5q.cloudfront.net/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:b000:9:e3a3:6f80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2517c2a8077acd9cee8170e5b1aaebb2001c3447ca77fd63e6c9f378b35052c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

:path: /fonts/sourcesanspro-bold-webfont.woff2
pragma: no-cache
origin: https://d1rt4thgsoin5q.cloudfront.net
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: d1rt4thgsoin5q.cloudfront.net
referer: https://d1rt4thgsoin5q.cloudfront.net/css/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://d1rt4thgsoin5q.cloudfront.net
Referer: https://d1rt4thgsoin5q.cloudfront.net/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 22:34:38 GMT
via: 1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
last-modified: Wed, 18 Aug 2021 22:31:05 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "db08924457dfce83611a4392af58de04"
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-cache: Miss from cloudfront
x-amz-version-id: Y.FkNW3Ws9Z9JsEKjd3fxFuj7Bwg0hB0
content-type: binary/octet-stream
content-length: 23368
x-amz-cf-id: _9s3uWgSPuMcMUqCM7tucLOVf7GnzxqtXqO1wGsYXIpxtDRv_4QINA==

GET
H2 200 merriweather-regular-webfont.woff2
d1rt4thgsoin5q.cloudfront.net/fonts/ 25 KB
25 KB 173ms
169ms Font
binary/octet-stream 2600:9000:2190:b000:9:e3a3:6f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1rt4thgsoin5q.cloudfront.net/fonts/merriweather-regular-webfont.woff2

Requested by

Host: d1rt4thgsoin5q.cloudfront.net
URL: https://d1rt4thgsoin5q.cloudfront.net/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:b000:9:e3a3:6f80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

14610ab0161da6565005c72974bd4ab639484511b7a13b73b7cc2ff218fbf21b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

:path: /fonts/merriweather-regular-webfont.woff2
pragma: no-cache
origin: https://d1rt4thgsoin5q.cloudfront.net
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: d1rt4thgsoin5q.cloudfront.net
referer: https://d1rt4thgsoin5q.cloudfront.net/css/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://d1rt4thgsoin5q.cloudfront.net
Referer: https://d1rt4thgsoin5q.cloudfront.net/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 22:34:38 GMT
via: 1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
last-modified: Wed, 18 Aug 2021 22:31:05 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "18fb7572812a600eeb86ecbdeb3c3064"
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-cache: Miss from cloudfront
x-amz-version-id: MCVaSWjcclgrv6.EzQNrulD8d5Xe5L3A
content-type: binary/octet-stream
content-length: 25176
x-amz-cf-id: FyLgi0CrP8vd1jHB4TiebVSsj34mIEDLiB15qlhq0TpDOwUXOoGMCw==

GET
H2 200 merriweather-bold-webfont.woff2
d1rt4thgsoin5q.cloudfront.net/fonts/ 26 KB
27 KB 170ms
167ms Font
binary/octet-stream 2600:9000:2190:b000:9:e3a3:6f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1rt4thgsoin5q.cloudfront.net/fonts/merriweather-bold-webfont.woff2

Requested by

Host: d1rt4thgsoin5q.cloudfront.net
URL: https://d1rt4thgsoin5q.cloudfront.net/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:b000:9:e3a3:6f80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

42b5a66f55a22dfb69e7282c3decef520cc085b58734c2fe517092b7b1f4c6bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

:path: /fonts/merriweather-bold-webfont.woff2
pragma: no-cache
origin: https://d1rt4thgsoin5q.cloudfront.net
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: d1rt4thgsoin5q.cloudfront.net
referer: https://d1rt4thgsoin5q.cloudfront.net/css/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://d1rt4thgsoin5q.cloudfront.net
Referer: https://d1rt4thgsoin5q.cloudfront.net/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 22:34:38 GMT
via: 1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
last-modified: Wed, 18 Aug 2021 22:31:05 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: "6d33d1693d8c3e674020a003b03d5aef"
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-cache: Miss from cloudfront
x-amz-version-id: DdAUUklzdnwTSIheKabC5qh5smTdyx2y
content-type: binary/octet-stream
content-length: 27028
x-amz-cf-id: I7-WwhU6u66v4mQmcBrzlvVW7-7XnyegYwIvNk34TpERc1d5TJec_Q==

GET
H/1.1

200
OK

sayt_loader.js Show response
search.usa.gov/assets/
Redirect Chain

https://search.usa.gov/javascripts/remote.loader.js
https://search.usa.gov/assets/sayt_loader.js

2 KB
1 KB

112ms
111ms

Script
application/javascript

3.211.188.98
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://search.usa.gov/assets/sayt_loader.js

Requested by

Host: d1rt4thgsoin5q.cloudfront.net
URL: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.211.188.98 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-211-188-98.compute-1.amazonaws.com

Software

Apache /

Resource Hash

0dfd8d495ca7e8d4c481663f4a51c1879cfdb5e23decf79f307d04829e4ab504

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Referer: https://d1rt4thgsoin5q.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 18 Aug 2021 22:34:38 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Aug 2021 17:24:57 GMT
Server: Apache
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Accept-Ranges: bytes
Content-Length: 876
Via: 1.1 proxy7.us-east-1.prod.infr.search.usa.gov:8443
Expires: Wed, 18 Aug 2021 23:34:38 GMT

Redirect headers

Location: https://search.usa.gov/assets/sayt_loader.js
Date: Wed, 18 Aug 2021 22:34:38 GMT
Server: Apache
Connection: keep-alive
Content-Length: 252
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 siteanalyze_51567.js Show response
siteimproveanalytics.com/js/ 23 KB
9 KB 36ms
15ms Script
application/javascript 2606:4700:3031::ac43:91b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://siteimproveanalytics.com/js/siteanalyze_51567.js
Requested by: Host: d1rt4thgsoin5q.cloudfront.net
URL: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:91b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: affa866db091e62c767be11a17b0c39d27dc181b3e4a7469f04549d66cb3b6d3

Request headers

Referer: https://d1rt4thgsoin5q.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 22:34:37 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2443
cf-ray: 680e9c52edc24e7f-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 7975
x-amz-id-2: t+sIhnzYw7ARpgB4mUeiJMKpwVXZu4IDHEjMAcBI547cngcIAz5+neCIQ7ynIgPQoUDO9uGqGWI=
last-modified: Tue, 22 Jun 2021 15:04:22 GMT
server: cloudflare
etag: "42766133c66bb461d2ce430b22f9a079"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2FMLAai6NxA1ybIIWncA48PPJAvAJR3K%2FzYd9rjyrwB0yg0ETmhQtH5dVAefNuy3B2BJV7Qn9x7jg2CBeDn%2BMsz93oy8CuxbbHdkYHau4a3ycdfFr%2BVrrTTMxA7ZXSCADNWa%2BsJkQkXqZIFclNc4dnGw9Et5N2w%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: QM51WJ28QVND7202
cache-control: max-age=86400, no-transform
accept-ranges: bytes
content-type: application/javascript; charset=utf-8

GET
H2 200 9651.js Show response
script.crazyegg.com/pages/scripts/0007/ 5 KB
2 KB 18ms
18ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0007/9651.js?452590
Requested by: Host: d1rt4thgsoin5q.cloudfront.net
URL: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc4e97fc9f7d868b5f517b6233e20e6a66e861acb928a7926b21090e5db8af2d

Request headers

Referer: https://d1rt4thgsoin5q.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 22:34:37 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4496
cf-polished: origSize=4899
cf-ray: 680e9c52c92a2b35-FRA
ce-version: 11.1.323
last-modified: Wed, 18 Aug 2021 21:19:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-bgj: minify

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
24 B 13ms
12ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1425810707&t=pageview&_s=1&dl=https%3A%2F%2Fd1rt4thgsoin5q.cloudfront.net%2Fbranches-of-government&ul=en-us&de=UTF-8&dt=Branches%20of%20the%20U.S.%20Government%20%7C%20USAGov&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=717751592&gjid=1052346753&cid=997029041.1629326078&tid=UA-28227333-1&_gid=1711953638.1629326078&_r=1&gtm=2ou8g0&z=201042186

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://d1rt4thgsoin5q.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 18 Aug 2021 22:34:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://d1rt4thgsoin5q.cloudfront.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 9651.json Show response
script.crazyegg.com/pages/data-scripts/0007/ 14 KB
2 KB 15ms
15ms XHR
application/json 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0007/9651.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0007/9651.js?452590
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2695b28fd7c8a0ef4992a985e161115cbf1b0346b7ed73c3e24b9941c191c112

Request headers

Referer: https://d1rt4thgsoin5q.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 22:34:37 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4495
ce-version: 11.1.323
content-length: 1665
timing-allow-origin: *
last-modified: Wed, 18 Aug 2021 21:19:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 680e9c534bf4074a-FRA

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
24 B 12ms
12ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1425810707&t=pageview&_s=1&dl=https%3A%2F%2Fd1rt4thgsoin5q.cloudfront.net%2Fbranches-of-government&ul=en-us&de=UTF-8&dt=Branches%20of%20the%20U.S.%20Government%20%7C%20USAGov&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAAC~&jid=223908756&gjid=318540255&cid=997029041.1629326078&tid=UA-97030733-2&_gid=1711953638.1629326078&_r=1&gtm=2wg8g0KV4BZFD&z=748230101

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://d1rt4thgsoin5q.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 18 Aug 2021 22:34:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://d1rt4thgsoin5q.cloudfront.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 11.1.323.js Show response
script.crazyegg.com/pages/versioned/common-scripts/ 64 KB
21 KB 13ms
13ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.323.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0007/9651.js?452590
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 714cafff07c401d54cda0b09af30d81dd5e3e2bc5891556168366fcc771a5bc4

Request headers

Referer: https://d1rt4thgsoin5q.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 18 Aug 2021 22:34:37 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 15 Jul 2021 13:13:31 GMT
server: cloudflare
age: 1927971
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
cf-ray: 680e9c536a082b35-FRA
content-length: 21471

GET
H2 200 9651.json Show response
script.crazyegg.com/pages/sampling-data-scripts/0007/ 912 B
431 B 12ms
11ms XHR
application/json 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/sampling-data-scripts/0007/9651.json?t=452590
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.323.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14953f4efd6983b360fb0c3fe87f8994ec155ac67f5bf64fd151a10993690c17

Request headers

Referer: https://d1rt4thgsoin5q.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 22:34:38 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4495
ce-version: 11.1.323
content-length: 320
timing-allow-origin: *
last-modified: Wed, 18 Aug 2021 21:19:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 680e9c538c5e074a-FRA

GET
H/1.1 200
OK image.aspx
51567.global.siteimproveanalytics.io/ 34 B
650 B 99ms
14ms Image
image/gif 52.28.224.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://51567.global.siteimproveanalytics.io/image.aspx?url=https%3A%2F%2Fd1rt4thgsoin5q.cloudfront.net%2Fbranches-of-government&title=Branches%20of%20the%20U.S.%20Government%20%7C%20USAGov&res=1600x1200&accountid=51567&rt=438&prev=32548ccf-126f-841c-67a6-b8526656c750&luid=7cfc85b4-d036-2309-106b-b77e840c2bea&rnd=9562
Requested by: Host: d1rt4thgsoin5q.cloudfront.net
URL: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.224.120 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-224-120.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

Referer: https://d1rt4thgsoin5q.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 18 Aug 2021 22:34:38 GMT
Cache-Control: max-age=0, no-cache="set-cookie"
Expires: Wed, 18 Aug 2021 22:34:38 UTC
Connection: keep-alive
Content-Type: image/gif
Content-Length: 34
P3p: NOI OUR IND COM NAV INT

GET
H/1.1 200
OK sayt.css
search.usa.gov/assets/ 11 KB
3 KB 113ms
112ms Stylesheet
text/css 3.211.188.98
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://search.usa.gov/assets/sayt.css

Requested by

Host: search.usa.gov
URL: https://search.usa.gov/javascripts/remote.loader.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.211.188.98 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-211-188-98.compute-1.amazonaws.com

Software

Apache /

Resource Hash

ad1af8375b6c6ceff0b6688cedcf42f3463e12878368e929aa00fd961d89947f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Referer: https://d1rt4thgsoin5q.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 18 Aug 2021 22:34:38 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Aug 2021 17:07:19 GMT
Server: Apache
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Accept-Ranges: bytes
Content-Length: 2747
Via: 1.1 proxy7.us-east-1.prod.infr.search.usa.gov:8443
Expires: Wed, 18 Aug 2021 23:34:38 GMT

GET
H/1.1 200
OK sayt_loader_libs.js Show response
search.usa.gov/assets/ 124 KB
41 KB 325ms
212ms Script
application/javascript 3.211.188.98
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://search.usa.gov/assets/sayt_loader_libs.js

Requested by

Host: search.usa.gov
URL: https://search.usa.gov/javascripts/remote.loader.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.211.188.98 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-211-188-98.compute-1.amazonaws.com

Software

Apache /

Resource Hash

578ad12daa232afd19461c8c39d987e1b6f5880e881676c71fc237011b836866

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Referer: https://d1rt4thgsoin5q.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 18 Aug 2021 22:34:38 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Aug 2021 17:19:12 GMT
Server: Apache
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Accept-Ranges: bytes
Content-Length: 41867
Via: 1.1 proxy6.us-east-1.prod.infr.search.usa.gov:8443
Expires: Wed, 18 Aug 2021 23:34:38 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: US Government (Government)

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.d1rt4thgsoin5q.cloudfront.net/	1970-01-19 20:35:26	Name: _gat_UA-97030733-2 Value: 1
.d1rt4thgsoin5q.cloudfront.net/	1970-01-19 20:35:26	Name: _gat_gtag_UA_28227333_1 Value: 1
.d1rt4thgsoin5q.cloudfront.net/	1970-01-19 20:36:52	Name: _gid Value: GA1.3.1711953638.1629326078
.d1rt4thgsoin5q.cloudfront.net/	1970-01-20 14:06:38	Name: _ga Value: GA1.3.997029041.1629326078

18 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government(Line 5186) Message: The class attribute was modified.
console-api	log	URL: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government(Line 5180) Message: A child node has been added or removed.
console-api	log	URL: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government(Line 5186) Message: The id attribute was modified.
console-api	log	URL: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government(Line 5186) Message: The class attribute was modified.
console-api	log	URL: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government(Line 5180) Message: A child node has been added or removed.
console-api	log	URL: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government(Line 5186) Message: The class attribute was modified.
console-api	log	URL: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government(Line 5180) Message: A child node has been added or removed.
console-api	log	URL: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government(Line 5186) Message: The class attribute was modified.
console-api	log	URL: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government(Line 5186) Message: The class attribute was modified.
console-api	log	URL: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government(Line 5186) Message: The class attribute was modified.
console-api	log	URL: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government(Line 5186) Message: The class attribute was modified.
console-api	log	URL: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government(Line 5186) Message: The class attribute was modified.
console-api	log	URL: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government(Line 5186) Message: The class attribute was modified.
console-api	log	URL: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government(Line 5186) Message: The class attribute was modified.
console-api	log	URL: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government(Line 5186) Message: The class attribute was modified.
console-api	log	URL: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government(Line 5186) Message: The class attribute was modified.
console-api	log	URL: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government(Line 5186) Message: The class attribute was modified.
console-api	log	URL: https://d1rt4thgsoin5q.cloudfront.net/branches-of-government(Line 5186) Message: The class attribute was modified.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

51567.global.siteimproveanalytics.io
app-usa-modeast-prod-a01239f-ecas.s3.amazonaws.com
d1rt4thgsoin5q.cloudfront.net
script.crazyegg.com
search.usa.gov
siteimproveanalytics.com
www.google-analytics.com
www.googletagmanager.com
2600:9000:2190:b000:9:e3a3:6f80:93a1
2606:4700:3031::ac43:91b0
2606:4700::6813:9408
2a00:1450:4001:80f::200e
2a00:1450:4001:82a::2008
3.211.188.98
52.217.142.217
52.28.224.120
0589997eb17e168a2e17770a4c47cc3fa1c731c490b9cb90204dca08ebebd9bc
0dfd8d495ca7e8d4c481663f4a51c1879cfdb5e23decf79f307d04829e4ab504
10f18226963e90874adda86d0f48640f7baca1b882d09088a18625bee19d4140
14610ab0161da6565005c72974bd4ab639484511b7a13b73b7cc2ff218fbf21b
14953f4efd6983b360fb0c3fe87f8994ec155ac67f5bf64fd151a10993690c17
18b1f11bd6cc520de6a51b1301f06cf7f8cc418bddc21b5d5433f66c58132511
19dee6377cad0c4592453ce87f052cb72100f69e673662a3bbffdfc3b7d74b84
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
1f8ea9a3af64f407b039e6e0e423b40702641e1ce2f1583409e821311a9ee7a3
209be2933d59c719e250131e55ca99b5e40ec18cfe64d4e7e6f87442f563a9bb
2142971baf7444f8b4110794226549ba4671ec06f171d0dcac645848029cf60a
2517c2a8077acd9cee8170e5b1aaebb2001c3447ca77fd63e6c9f378b35052c0
2695b28fd7c8a0ef4992a985e161115cbf1b0346b7ed73c3e24b9941c191c112
2ec21222b6afcdf7998b105c4af9b5a67117444da91c924a0d22c16095507265
32a4af3f55feb7dff04abb5ff7763e5255dc5d6c3f033d295ed1da38d90033e3
42b5a66f55a22dfb69e7282c3decef520cc085b58734c2fe517092b7b1f4c6bc
50f2f732de828337235fec6ddfaa04c3a9dcf529d89e7872f3f4107dc40fc54a
57290708c28b937a984a5fb960c32f9e4067a34a5c0ce5aeeaebf07d96f3dce6
578ad12daa232afd19461c8c39d987e1b6f5880e881676c71fc237011b836866
585ab5b9d4c65c47a4449a9d40ead4d1071a7be7934336c2998dca0a23a1bc6e
62a6d5fbba7a4068ea4c6c39bdee30c208d4db2ace96a060cbcfea042ebd5eab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c279cc4e37124eea5498dac89af9392a67bfba3251b3b2bde42c7cd24b91ce9
714cafff07c401d54cda0b09af30d81dd5e3e2bc5891556168366fcc771a5bc4
7887dab6abbda547c5f100a20b3d8ff1c774d0cf98a84bf1f8cfdf304fa70b3b
8639916badd9024852fc2de1a04e35a4ef0cbcb145a6048f56184b60406da197
96d3c4b3e449cea6187f1afe4938cfed96eb0bf0e249b6fb1b79203e38b23f5c
99b7e04f899e431ca3962204a6f656764666f7379bef7539b06c2ce330bfe806
a75d2071b457d204013bd7f44b336ee2361ab8452275681440757a05afb5d41c
a90140e6dd9c262ccf1bd4f2fd37131d0bf493b73cf53f593c8e934a8f885396
ad1af8375b6c6ceff0b6688cedcf42f3463e12878368e929aa00fd961d89947f
affa866db091e62c767be11a17b0c39d27dc181b3e4a7469f04549d66cb3b6d3
b1b2d26984d7bd057a8b05e362e7beb44d65f93368cf0b9500d699bf2ff62f85
b3e177f5dc328128bbdcf56c7e61c4440e99079b0e31ddf83d7cd0c20c41f64b
c3e3507e42e36a8e58713261e873dfdb08ef6804cab0b743877a77ce0d203780
c8c18288f8fba811a0c42fb398a5c189e8220af7d0dc96e6e1da717ec8fa728a
cb03c54300164fcc8b068bf1cd8b419e6f8eb5cb44d607f198be1997999cc488
cc4e97fc9f7d868b5f517b6233e20e6a66e861acb928a7926b21090e5db8af2d
cc6e9fe306a91d61dacba98cff370ca9a18584dddd0543c9a768d9bc4480a9ed
cdf74299b97492ee6a64a5ba9dd31ef92b908046518857b907dfa0d4849c0952
d59cd61ca3fc3d32a7cf6b8895d30b31db6b6622effab8306f541e8f26f11b40
d864af09acd0424cfed830c1910b3df6ed7f484bb93c13681c8a9dbb16147daf
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
ed02b586750118e54c868d24e72baa5265803de7b12dd954f5ca433ccf354ed7
f29fa268e11c17ab5cfdaf8770a45dd5ecea090e02b0846e050d83382b6d35d6
f51c0d57665865650950096d3f76d8d74d914b81edb02a4306f0f1ab768eb0e8
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f81521a24b337c1336e3101c98197418a732ab6745af6071d6e4b18f8713711d
fb088bc4c344a79622175057f55c9f05a8c2186a2d1c3a8fe744e2857079166c
fc3f89387d29f9cf14a19103085f91348ea029d6fdbce78add1f129bbcd9d032
fda991a43fd51d1a3cc76eae8ce92142a5decfe797d3de71da3bb55cf9a7e519

d1rt4thgsoin5q.cloudfront.net Open in urlscan Pro 2600:9000:2190:b000:9:e3a3:6f80:93a1 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

54 Requests

100 %HTTPS

63 %IPv6

8 Domains

8 Subdomains

8 IPs

2 Countries

1213 kBTransfer

2122 kBSize

4 Cookies

39 Outgoing links

Redirected requests

54 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

d1rt4thgsoin5q.cloudfront.net Open in urlscan Pro
2600:9000:2190:b000:9:e3a3:6f80:93a1 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

54
Requests

100 %
HTTPS

63 %
IPv6

8
Domains

8
Subdomains

8
IPs

2
Countries

1213 kB
Transfer

2122 kB
Size

4
Cookies

54 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!