urlscan.io logo urlscan.io
SecurityTrails logo

auth.disa.com Open in urlscan Pro
64.9.169.17  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://disaworks.disa.com/#/backgrounds/order/detail/4540347
Effective URL: https://auth.disa.com/account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dux-emberjs%26redirect_ur...
Submission: On August 16 via manual from IT — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 54 HTTP transactions. The main IP is 64.9.169.17, located in Houston, United States and belongs to TEXASNET-ASN, US. The main domain is auth.disa.com. The Cisco Umbrella rank of the primary domain is 288699.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on June 22nd 2023. Valid for: a year.
This is the only time auth.disa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 64.9.169.16 3900 (TEXASNET-ASN)
23 104.102.45.207 16625 (AKAMAI-AS)
4 108.156.2.46 16509 (AMAZON-02)
1 18 64.9.169.17 3900 (TEXASNET-ASN)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
54 6
6    64.9.169.16 (Houston, United States)

ASN3900 (TEXASNET-ASN, US)
PTR: 64-9-169-16.fwd.datafoundry.com
disaworks.disa.com
23    104.102.45.207 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-45-207.deploy.static.akamaitechnologies.com
cdn.walkme.com
4    108.156.2.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-2-46.mxp63.r.cloudfront.net
cdn.appdynamics.com
18    64.9.169.17 (Houston, United States)

ASN3900 (TEXASNET-ASN, US)
PTR: 64-9-169-17.fwd.datafoundry.com
auth.disa.com
1    2a02:26f0:480:598::327b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
playerserver.walkme.com
Apex Domain
Subdomains		 Transfer
24 walkme.com
cdn.walkme.com — Cisco Umbrella Rank: 1538
playerserver.walkme.com — Cisco Umbrella Rank: 4831
ec.walkme.com Failed
880 KB
24 disa.com
disaworks.disa.com — Cisco Umbrella Rank: 256929
auth.disa.com — Cisco Umbrella Rank: 288699
3 MB
4 appdynamics.com
cdn.appdynamics.com — Cisco Umbrella Rank: 4274
71 KB
0 eum-appdynamics.com Failed
col.eum-appdynamics.com Failed
0 cloudfront.net Failed
d2qhvajt3imc89.cloudfront.net Failed
54 5
Domain Requested by
23 cdn.walkme.com disaworks.disa.com
cdn.walkme.com
cdn.appdynamics.com
18 auth.disa.com 1 redirects disaworks.disa.com
auth.disa.com
6 disaworks.disa.com disaworks.disa.com
4 cdn.appdynamics.com disaworks.disa.com
cdn.appdynamics.com
1 playerserver.walkme.com cdn.appdynamics.com
0 ec.walkme.com Failed cdn.appdynamics.com
0 col.eum-appdynamics.com Failed cdn.appdynamics.com
0 d2qhvajt3imc89.cloudfront.net Failed
54 8

This site contains links to these domains. Also see Links.

Domain
disaworks.disa.com
Subject Issuer Validity Valid
*.disa.com
Go Daddy Secure Certificate Authority - G2		 2023-06-22 -
2024-06-25		 a year crt.sh
walkme.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-08-13 -
2024-01-31		 6 months crt.sh
*.appdynamics.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-21 -
2024-07-21		 a year crt.sh

This page contains 4 frames:

Primary Page: https://auth.disa.com/account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dux-emberjs%26redirect_uri%3Dhttps%253A%252F%252Fdisaworks.disa.com%252Fcallback.html%26response_type%3Did_token%2520token%26scope%3Dopenid%2520profile%2520ux-api%26state%3Dd8ae6f7520114f28a67265577bcce5a0%26nonce%3Dbe531d4776fe432d8ed079ebf9c41638
Frame ID: 4478DD20ED0347477405FF5FE292211B
Requests: 52 HTTP requests in this frame

Frame: https://cdn.walkme.com/player/lib/20200825-172205-541b3ba0/resources/CD/cdHiddenIframeScript.js
Frame ID: 40A8CA1F48CECA23CF1A87F1F2A55792
Requests: 1 HTTP requests in this frame

Frame: https://cdn.appdynamics.com/adrum-xd.15ad9e12c414858a5e6cfdfb1f2331b1.html
Frame ID: CB0A9591DC9DB096E506BBC24BEE6176
Requests: 1 HTTP requests in this frame

Frame: https://cdn.walkme.com/player/lib/20200825-172205-541b3ba0/resources/CD/CDhiddenIframe.compress.html
Frame ID: B7DA5063E47CB7170AB2588BEE51D8E1
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

DISA

Page URL History Show full URLs

  1. https://disaworks.disa.com/ Page URL
  2. https://auth.disa.com/connect/authorize?client_id=ux-emberjs&redirect_uri=https%3A%2F%2Fdisaworks.... HTTP 302
    https://auth.disa.com/account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dux-e... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adrum
Overall confidence: 100%
Detected patterns
  • underscore.*\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

54
Requests

94 %
HTTPS

20 %
IPv6

5
Domains

8
Subdomains

6
IPs

2
Countries

3900 kB
Transfer

23304 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://disaworks.disa.com/ Page URL
  2. https://auth.disa.com/connect/authorize?client_id=ux-emberjs&redirect_uri=https%3A%2F%2Fdisaworks.disa.com%2Fcallback.html&response_type=id_token%20token&scope=openid%20profile%20ux-api&state=d8ae6f7520114f28a67265577bcce5a0&nonce=be531d4776fe432d8ed079ebf9c41638 HTTP 302
    https://auth.disa.com/account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dux-emberjs%26redirect_uri%3Dhttps%253A%252F%252Fdisaworks.disa.com%252Fcallback.html%26response_type%3Did_token%2520token%26scope%3Dopenid%2520profile%2520ux-api%26state%3Dd8ae6f7520114f28a67265577bcce5a0%26nonce%3Dbe531d4776fe432d8ed079ebf9c41638 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

54 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
disaworks.disa.com/ 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://disaworks.disa.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.9.169.16 Houston, United States, ASN3900 (TEXASNET-ASN, US),
Reverse DNS
64-9-169-16.fwd.datafoundry.com
Software
/
Resource Hash
e6f4125fa41fa3f6ad022d3e45b536e26eca6f25d5480f7ae35cd0f89050129a
Security Headers
Name Value
Content-Security-Policy default-src 'self' ; script-src 'self' https://maps.googleapis.com https://ajax.googleapis.com https://auth.disa.com https://classic.disa.com https://cdn.rawgit.com https://www.sertifi.com https://disaworks.disa.com https://cdn.walkme.com https://cdn.appdynamics.com https://internal.disa.com https://classic.disa.com https://www.google.com https://www.gstatic.com https://playerserver.walkme.com https://cdn.jsdelivr.net 'unsafe-inline' 'unsafe-eval' ; connect-src 'self' https://disaworks.disa.com https://auth.disa.com https://qaauth.disa.com https://qaux.disa.com https://ec.walkme.com https://classic.disa.com https://www.sertifi.com https://internal.disa.com https://cdn.walkme.com https://maps.googleapis.com https://col.eum-appdynamics.com https://*.disa.com; style-src https://fonts.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; frame-src 'self' https://disaworks.disa.com https://www.sertifi.com https://cdn.walkme.com https://auth.disa.com https://cdn.appdynamics.com https://www.google.com https://maps.google.com https://internal.disa.com https://cdn.appdynamics.com; frame-ancestors 'self' https://*.disa.com; img-src https://*.google.com https://maps.gstatic.com https://maps.googleapis.com https://www.sertifi.com https://*.cloudfront.net https://online.swagger.io https://validator.swagger.io https://ec.walkme.com 'self' data:; font-src https://fonts.gstatic.com 'self' data:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
2530
content-security-policy
default-src 'self' ; script-src 'self' https://maps.googleapis.com https://ajax.googleapis.com https://auth.disa.com https://classic.disa.com https://cdn.rawgit.com https://www.sertifi.com https://disaworks.disa.com https://cdn.walkme.com https://cdn.appdynamics.com https://internal.disa.com https://classic.disa.com https://www.google.com https://www.gstatic.com https://playerserver.walkme.com https://cdn.jsdelivr.net 'unsafe-inline' 'unsafe-eval' ; connect-src 'self' https://disaworks.disa.com https://auth.disa.com https://qaauth.disa.com https://qaux.disa.com https://ec.walkme.com https://classic.disa.com https://www.sertifi.com https://internal.disa.com https://cdn.walkme.com https://maps.googleapis.com https://col.eum-appdynamics.com https://*.disa.com; style-src https://fonts.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; frame-src 'self' https://disaworks.disa.com https://www.sertifi.com https://cdn.walkme.com https://auth.disa.com https://cdn.appdynamics.com https://www.google.com https://maps.google.com https://internal.disa.com https://cdn.appdynamics.com; frame-ancestors 'self' https://*.disa.com; img-src https://*.google.com https://maps.gstatic.com https://maps.googleapis.com https://www.sertifi.com https://*.cloudfront.net https://online.swagger.io https://validator.swagger.io https://ec.walkme.com 'self' data:; font-src https://fonts.gstatic.com 'self' data:;
content-type
text/html
date
Wed, 16 Aug 2023 12:30:02 GMT
etag
"808c9cf8b2c5d91:0"
last-modified
Thu, 03 Aug 2023 02:34:05 GMT
permissions-policy
sync-xhr=(self "https://*.disa.com" "https://internal.disa.com" "https://apisandbox.disa.com" "https://www.disa.com" "https://disa.com")
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-node
6
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
vendor-6c657ab1bb5823c68b83f0de41f0352f.css
disaworks.disa.com/assets/ 		34 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://disaworks.disa.com/assets/vendor-6c657ab1bb5823c68b83f0de41f0352f.css
Requested by
Host: disaworks.disa.com
URL: https://disaworks.disa.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.9.169.16 Houston, United States, ASN3900 (TEXASNET-ASN, US),
Reverse DNS
64-9-169-16.fwd.datafoundry.com
Software
/
Resource Hash
31dc6f8748103e65227d4e0c625e7dfadecfa9f20f42f1ba215cc8db3ef7c700
Security Headers
Name Value
Content-Security-Policy default-src 'self' ; script-src 'self' https://maps.googleapis.com https://ajax.googleapis.com https://auth.disa.com https://classic.disa.com https://cdn.rawgit.com https://www.sertifi.com https://disaworks.disa.com https://cdn.walkme.com https://cdn.appdynamics.com https://internal.disa.com https://classic.disa.com https://www.google.com https://www.gstatic.com https://playerserver.walkme.com https://cdn.jsdelivr.net 'unsafe-inline' 'unsafe-eval' ; connect-src 'self' https://disaworks.disa.com https://auth.disa.com https://qaauth.disa.com https://qaux.disa.com https://ec.walkme.com https://classic.disa.com https://www.sertifi.com https://internal.disa.com https://cdn.walkme.com https://maps.googleapis.com https://col.eum-appdynamics.com https://*.disa.com; style-src https://fonts.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; frame-src 'self' https://disaworks.disa.com https://www.sertifi.com https://cdn.walkme.com https://auth.disa.com https://cdn.appdynamics.com https://www.google.com https://maps.google.com https://internal.disa.com https://cdn.appdynamics.com; frame-ancestors 'self' https://*.disa.com; img-src https://*.google.com https://maps.gstatic.com https://maps.googleapis.com https://www.sertifi.com https://*.cloudfront.net https://online.swagger.io https://validator.swagger.io https://ec.walkme.com 'self' data:; font-src https://fonts.gstatic.com 'self' data:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://disaworks.disa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 12:30:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies
none
content-security-policy
default-src 'self' ; script-src 'self' https://maps.googleapis.com https://ajax.googleapis.com https://auth.disa.com https://classic.disa.com https://cdn.rawgit.com https://www.sertifi.com https://disaworks.disa.com https://cdn.walkme.com https://cdn.appdynamics.com https://internal.disa.com https://classic.disa.com https://www.google.com https://www.gstatic.com https://playerserver.walkme.com https://cdn.jsdelivr.net 'unsafe-inline' 'unsafe-eval' ; connect-src 'self' https://disaworks.disa.com https://auth.disa.com https://qaauth.disa.com https://qaux.disa.com https://ec.walkme.com https://classic.disa.com https://www.sertifi.com https://internal.disa.com https://cdn.walkme.com https://maps.googleapis.com https://col.eum-appdynamics.com https://*.disa.com; style-src https://fonts.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; frame-src 'self' https://disaworks.disa.com https://www.sertifi.com https://cdn.walkme.com https://auth.disa.com https://cdn.appdynamics.com https://www.google.com https://maps.google.com https://internal.disa.com https://cdn.appdynamics.com; frame-ancestors 'self' https://*.disa.com; img-src https://*.google.com https://maps.gstatic.com https://maps.googleapis.com https://www.sertifi.com https://*.cloudfront.net https://online.swagger.io https://validator.swagger.io https://ec.walkme.com 'self' data:; font-src https://fonts.gstatic.com 'self' data:;
x-node
6
content-length
7840
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 03 Aug 2023 02:32:44 GMT
etag
"0ee54c8b2c5d91:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
permissions-policy
sync-xhr=(self "https://*.disa.com" "https://internal.disa.com" "https://apisandbox.disa.com" "https://www.disa.com" "https://disa.com")
accept-ranges
bytes
disaworksui-250ec9c5ef106b8da96fe5d792a068c5.css
disaworks.disa.com/assets/ 		233 KB
40 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://disaworks.disa.com/assets/disaworksui-250ec9c5ef106b8da96fe5d792a068c5.css
Requested by
Host: disaworks.disa.com
URL: https://disaworks.disa.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.9.169.16 Houston, United States, ASN3900 (TEXASNET-ASN, US),
Reverse DNS
64-9-169-16.fwd.datafoundry.com
Software
/
Resource Hash
2fc90c1c7adba181b5ac67469cc314d0776f01cee15b1a12b8c8fa96c6dcd1d3
Security Headers
Name Value
Content-Security-Policy default-src 'self' ; script-src 'self' https://maps.googleapis.com https://ajax.googleapis.com https://auth.disa.com https://classic.disa.com https://cdn.rawgit.com https://www.sertifi.com https://disaworks.disa.com https://cdn.walkme.com https://cdn.appdynamics.com https://internal.disa.com https://classic.disa.com https://www.google.com https://www.gstatic.com https://playerserver.walkme.com https://cdn.jsdelivr.net 'unsafe-inline' 'unsafe-eval' ; connect-src 'self' https://disaworks.disa.com https://auth.disa.com https://qaauth.disa.com https://qaux.disa.com https://ec.walkme.com https://classic.disa.com https://www.sertifi.com https://internal.disa.com https://cdn.walkme.com https://maps.googleapis.com https://col.eum-appdynamics.com https://*.disa.com; style-src https://fonts.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; frame-src 'self' https://disaworks.disa.com https://www.sertifi.com https://cdn.walkme.com https://auth.disa.com https://cdn.appdynamics.com https://www.google.com https://maps.google.com https://internal.disa.com https://cdn.appdynamics.com; frame-ancestors 'self' https://*.disa.com; img-src https://*.google.com https://maps.gstatic.com https://maps.googleapis.com https://www.sertifi.com https://*.cloudfront.net https://online.swagger.io https://validator.swagger.io https://ec.walkme.com 'self' data:; font-src https://fonts.gstatic.com 'self' data:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://disaworks.disa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 12:30:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies
none
content-security-policy
default-src 'self' ; script-src 'self' https://maps.googleapis.com https://ajax.googleapis.com https://auth.disa.com https://classic.disa.com https://cdn.rawgit.com https://www.sertifi.com https://disaworks.disa.com https://cdn.walkme.com https://cdn.appdynamics.com https://internal.disa.com https://classic.disa.com https://www.google.com https://www.gstatic.com https://playerserver.walkme.com https://cdn.jsdelivr.net 'unsafe-inline' 'unsafe-eval' ; connect-src 'self' https://disaworks.disa.com https://auth.disa.com https://qaauth.disa.com https://qaux.disa.com https://ec.walkme.com https://classic.disa.com https://www.sertifi.com https://internal.disa.com https://cdn.walkme.com https://maps.googleapis.com https://col.eum-appdynamics.com https://*.disa.com; style-src https://fonts.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; frame-src 'self' https://disaworks.disa.com https://www.sertifi.com https://cdn.walkme.com https://auth.disa.com https://cdn.appdynamics.com https://www.google.com https://maps.google.com https://internal.disa.com https://cdn.appdynamics.com; frame-ancestors 'self' https://*.disa.com; img-src https://*.google.com https://maps.gstatic.com https://maps.googleapis.com https://www.sertifi.com https://*.cloudfront.net https://online.swagger.io https://validator.swagger.io https://ec.walkme.com 'self' data:; font-src https://fonts.gstatic.com 'self' data:;
x-node
6
content-length
40137
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 03 Aug 2023 02:32:42 GMT
etag
"0c123c7b2c5d91:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
permissions-policy
sync-xhr=(self "https://*.disa.com" "https://internal.disa.com" "https://apisandbox.disa.com" "https://www.disa.com" "https://disa.com")
accept-ranges
bytes
check-browser-78c6aaacd3e54614ed7b50d611b8d60d.js
disaworks.disa.com/scripts/ 		1 KB
753 B 		Script
General
Check archive.org
Download Go to
Full URL
https://disaworks.disa.com/scripts/check-browser-78c6aaacd3e54614ed7b50d611b8d60d.js
Requested by
Host: disaworks.disa.com
URL: https://disaworks.disa.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.9.169.16 Houston, United States, ASN3900 (TEXASNET-ASN, US),
Reverse DNS
64-9-169-16.fwd.datafoundry.com
Software
/
Resource Hash
7188f2c011b596dfaf46075a226ca944ff039dbcb056d837b5d3f88f33b79437
Security Headers
Name Value
Content-Security-Policy default-src 'self' ; script-src 'self' https://maps.googleapis.com https://ajax.googleapis.com https://auth.disa.com https://classic.disa.com https://cdn.rawgit.com https://www.sertifi.com https://disaworks.disa.com https://cdn.walkme.com https://cdn.appdynamics.com https://internal.disa.com https://classic.disa.com https://www.google.com https://www.gstatic.com https://playerserver.walkme.com https://cdn.jsdelivr.net 'unsafe-inline' 'unsafe-eval' ; connect-src 'self' https://disaworks.disa.com https://auth.disa.com https://qaauth.disa.com https://qaux.disa.com https://ec.walkme.com https://classic.disa.com https://www.sertifi.com https://internal.disa.com https://cdn.walkme.com https://maps.googleapis.com https://col.eum-appdynamics.com https://*.disa.com; style-src https://fonts.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; frame-src 'self' https://disaworks.disa.com https://www.sertifi.com https://cdn.walkme.com https://auth.disa.com https://cdn.appdynamics.com https://www.google.com https://maps.google.com https://internal.disa.com https://cdn.appdynamics.com; frame-ancestors 'self' https://*.disa.com; img-src https://*.google.com https://maps.gstatic.com https://maps.googleapis.com https://www.sertifi.com https://*.cloudfront.net https://online.swagger.io https://validator.swagger.io https://ec.walkme.com 'self' data:; font-src https://fonts.gstatic.com 'self' data:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://disaworks.disa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 12:30:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies
none
content-security-policy
default-src 'self' ; script-src 'self' https://maps.googleapis.com https://ajax.googleapis.com https://auth.disa.com https://classic.disa.com https://cdn.rawgit.com https://www.sertifi.com https://disaworks.disa.com https://cdn.walkme.com https://cdn.appdynamics.com https://internal.disa.com https://classic.disa.com https://www.google.com https://www.gstatic.com https://playerserver.walkme.com https://cdn.jsdelivr.net 'unsafe-inline' 'unsafe-eval' ; connect-src 'self' https://disaworks.disa.com https://auth.disa.com https://qaauth.disa.com https://qaux.disa.com https://ec.walkme.com https://classic.disa.com https://www.sertifi.com https://internal.disa.com https://cdn.walkme.com https://maps.googleapis.com https://col.eum-appdynamics.com https://*.disa.com; style-src https://fonts.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; frame-src 'self' https://disaworks.disa.com https://www.sertifi.com https://cdn.walkme.com https://auth.disa.com https://cdn.appdynamics.com https://www.google.com https://maps.google.com https://internal.disa.com https://cdn.appdynamics.com; frame-ancestors 'self' https://*.disa.com; img-src https://*.google.com https://maps.gstatic.com https://maps.googleapis.com https://www.sertifi.com https://*.cloudfront.net https://online.swagger.io https://validator.swagger.io https://ec.walkme.com 'self' data:; font-src https://fonts.gstatic.com 'self' data:;
x-node
6
content-length
655
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 03 Aug 2023 02:32:47 GMT
etag
"f570a0cab2c5d91:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
permissions-policy
sync-xhr=(self "https://*.disa.com" "https://internal.disa.com" "https://apisandbox.disa.com" "https://www.disa.com" "https://disa.com")
accept-ranges
bytes
vendor-41de19b6cde433f0528bdbd63eebac3a.js
disaworks.disa.com/assets/ 		4 MB
961 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://disaworks.disa.com/assets/vendor-41de19b6cde433f0528bdbd63eebac3a.js
Requested by
Host: disaworks.disa.com
URL: https://disaworks.disa.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.9.169.16 Houston, United States, ASN3900 (TEXASNET-ASN, US),
Reverse DNS
64-9-169-16.fwd.datafoundry.com
Software
/
Resource Hash
f3c3fe3d6ac0fbc851017f0a31b1c73f33d273f2dac106c2d414b04c5146271f
Security Headers
Name Value
Content-Security-Policy default-src 'self' ; script-src 'self' https://maps.googleapis.com https://ajax.googleapis.com https://auth.disa.com https://classic.disa.com https://cdn.rawgit.com https://www.sertifi.com https://disaworks.disa.com https://cdn.walkme.com https://cdn.appdynamics.com https://internal.disa.com https://classic.disa.com https://www.google.com https://www.gstatic.com https://playerserver.walkme.com https://cdn.jsdelivr.net 'unsafe-inline' 'unsafe-eval' ; connect-src 'self' https://disaworks.disa.com https://auth.disa.com https://qaauth.disa.com https://qaux.disa.com https://ec.walkme.com https://classic.disa.com https://www.sertifi.com https://internal.disa.com https://cdn.walkme.com https://maps.googleapis.com https://col.eum-appdynamics.com https://*.disa.com; style-src https://fonts.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; frame-src 'self' https://disaworks.disa.com https://www.sertifi.com https://cdn.walkme.com https://auth.disa.com https://cdn.appdynamics.com https://www.google.com https://maps.google.com https://internal.disa.com https://cdn.appdynamics.com; frame-ancestors 'self' https://*.disa.com; img-src https://*.google.com https://maps.gstatic.com https://maps.googleapis.com https://www.sertifi.com https://*.cloudfront.net https://online.swagger.io https://validator.swagger.io https://ec.walkme.com 'self' data:; font-src https://fonts.gstatic.com 'self' data:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://disaworks.disa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 12:30:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies
none
content-security-policy
default-src 'self' ; script-src 'self' https://maps.googleapis.com https://ajax.googleapis.com https://auth.disa.com https://classic.disa.com https://cdn.rawgit.com https://www.sertifi.com https://disaworks.disa.com https://cdn.walkme.com https://cdn.appdynamics.com https://internal.disa.com https://classic.disa.com https://www.google.com https://www.gstatic.com https://playerserver.walkme.com https://cdn.jsdelivr.net 'unsafe-inline' 'unsafe-eval' ; connect-src 'self' https://disaworks.disa.com https://auth.disa.com https://qaauth.disa.com https://qaux.disa.com https://ec.walkme.com https://classic.disa.com https://www.sertifi.com https://internal.disa.com https://cdn.walkme.com https://maps.googleapis.com https://col.eum-appdynamics.com https://*.disa.com; style-src https://fonts.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; frame-src 'self' https://disaworks.disa.com https://www.sertifi.com https://cdn.walkme.com https://auth.disa.com https://cdn.appdynamics.com https://www.google.com https://maps.google.com https://internal.disa.com https://cdn.appdynamics.com; frame-ancestors 'self' https://*.disa.com; img-src https://*.google.com https://maps.gstatic.com https://maps.googleapis.com https://www.sertifi.com https://*.cloudfront.net https://online.swagger.io https://validator.swagger.io https://ec.walkme.com 'self' data:; font-src https://fonts.gstatic.com 'self' data:;
x-node
6
content-length
978318
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 03 Aug 2023 02:32:44 GMT
etag
"0ee54c8b2c5d91:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
permissions-policy
sync-xhr=(self "https://*.disa.com" "https://internal.disa.com" "https://apisandbox.disa.com" "https://www.disa.com" "https://disa.com")
accept-ranges
bytes
disaworksui-29ace6009ecf3f9bc2be1d10b0652930.js
disaworks.disa.com/assets/ 		14 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://disaworks.disa.com/assets/disaworksui-29ace6009ecf3f9bc2be1d10b0652930.js
Requested by
Host: disaworks.disa.com
URL: https://disaworks.disa.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.9.169.16 Houston, United States, ASN3900 (TEXASNET-ASN, US),
Reverse DNS
64-9-169-16.fwd.datafoundry.com
Software
/
Resource Hash
4724959402c807b262330e221f897b0a33ddbe4fa01e36152d7c54259f201f7f
Security Headers
Name Value
Content-Security-Policy default-src 'self' ; script-src 'self' https://maps.googleapis.com https://ajax.googleapis.com https://auth.disa.com https://classic.disa.com https://cdn.rawgit.com https://www.sertifi.com https://disaworks.disa.com https://cdn.walkme.com https://cdn.appdynamics.com https://internal.disa.com https://classic.disa.com https://www.google.com https://www.gstatic.com https://playerserver.walkme.com https://cdn.jsdelivr.net 'unsafe-inline' 'unsafe-eval' ; connect-src 'self' https://disaworks.disa.com https://auth.disa.com https://qaauth.disa.com https://qaux.disa.com https://ec.walkme.com https://classic.disa.com https://www.sertifi.com https://internal.disa.com https://cdn.walkme.com https://maps.googleapis.com https://col.eum-appdynamics.com https://*.disa.com; style-src https://fonts.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; frame-src 'self' https://disaworks.disa.com https://www.sertifi.com https://cdn.walkme.com https://auth.disa.com https://cdn.appdynamics.com https://www.google.com https://maps.google.com https://internal.disa.com https://cdn.appdynamics.com; frame-ancestors 'self' https://*.disa.com; img-src https://*.google.com https://maps.gstatic.com https://maps.googleapis.com https://www.sertifi.com https://*.cloudfront.net https://online.swagger.io https://validator.swagger.io https://ec.walkme.com 'self' data:; font-src https://fonts.gstatic.com 'self' data:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://disaworks.disa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 12:30:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies
none
content-security-policy
default-src 'self' ; script-src 'self' https://maps.googleapis.com https://ajax.googleapis.com https://auth.disa.com https://classic.disa.com https://cdn.rawgit.com https://www.sertifi.com https://disaworks.disa.com https://cdn.walkme.com https://cdn.appdynamics.com https://internal.disa.com https://classic.disa.com https://www.google.com https://www.gstatic.com https://playerserver.walkme.com https://cdn.jsdelivr.net 'unsafe-inline' 'unsafe-eval' ; connect-src 'self' https://disaworks.disa.com https://auth.disa.com https://qaauth.disa.com https://qaux.disa.com https://ec.walkme.com https://classic.disa.com https://www.sertifi.com https://internal.disa.com https://cdn.walkme.com https://maps.googleapis.com https://col.eum-appdynamics.com https://*.disa.com; style-src https://fonts.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; frame-src 'self' https://disaworks.disa.com https://www.sertifi.com https://cdn.walkme.com https://auth.disa.com https://cdn.appdynamics.com https://www.google.com https://maps.google.com https://internal.disa.com https://cdn.appdynamics.com; frame-ancestors 'self' https://*.disa.com; img-src https://*.google.com https://maps.gstatic.com https://maps.googleapis.com https://www.sertifi.com https://*.cloudfront.net https://online.swagger.io https://validator.swagger.io https://ec.walkme.com 'self' data:; font-src https://fonts.gstatic.com 'self' data:;
x-node
6
content-length
1383099
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 03 Aug 2023 02:32:43 GMT
etag
"8057bcc7b2c5d91:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
permissions-policy
sync-xhr=(self "https://*.disa.com" "https://internal.disa.com" "https://apisandbox.disa.com" "https://www.disa.com" "https://disa.com")
accept-ranges
bytes
walkme_f6a575c2511441499650b66970637485_https.js
cdn.walkme.com/users/f6a575c2511441499650b66970637485/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/users/f6a575c2511441499650b66970637485/walkme_f6a575c2511441499650b66970637485_https.js
Requested by
Host: disaworks.disa.com
URL: https://disaworks.disa.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.45.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-45-207.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8aaeddf26ba3d668121c48266221fe0317c7661cec7ff65b838b240ae4b2835e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://disaworks.disa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
yHZlJr8_gomiwsJ_jr8Rf_4EM0xeUTtv
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 16 Aug 2023 12:30:03 GMT
access-control-allow-private-network
true
x-amz-request-id
H16SD4N41BGYSX6W
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
4596
x-amz-id-2
NHS5zcGZoaxdts/zoBqGoQjMv+zP8BJBTHYrh+SyEMIsMjh+T53LP5l6cK97FyOk4T1uIwTYisE=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 25 Aug 2020 19:54:15 GMT
etag
"366aae92f8ace32297a8bf6e2041d617"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=82511
accept-ranges
bytes
timing-allow-origin
*
settings.txt
cdn.walkme.com/users/f6a575c2511441499650b66970637485/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/users/f6a575c2511441499650b66970637485/settings.txt
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/users/f6a575c2511441499650b66970637485/walkme_f6a575c2511441499650b66970637485_https.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.45.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-45-207.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b421a7eee79d86655938555fd05607104207655daa5c82caf2117c3a4011e63c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://disaworks.disa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
UWDb5uWVdYdk_JYeY_Jcv2pHaPi1YXF7
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 16 Aug 2023 12:30:03 GMT
access-control-allow-private-network
true
x-amz-request-id
QQK27HS1H63B782P
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
546
x-amz-id-2
C5FEqy2dgC4jrGiIkAu1buVL8WHFSZFxdHmgtCOd4uocfvciQa1JNWimBVzTJWtwoAiEFleXtpo=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 25 Aug 2020 19:54:15 GMT
etag
"18fb63f1ab4a60bd9bc3fcfe4b3155ad"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
timing-allow-origin
*
wmjQuery171.js
cdn.walkme.com/player/resources/ 		92 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/player/resources/wmjQuery171.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/users/f6a575c2511441499650b66970637485/walkme_f6a575c2511441499650b66970637485_https.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.45.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-45-207.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d4b341e0e1b10b8d9d72b33a552d9a4c5f181644a550e6c5290ffbd0df7ff698
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://disaworks.disa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
dlOIL_rgT0aloi1SfIVB2qBEX5hN4XKk
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 16 Aug 2023 12:30:03 GMT
access-control-allow-private-network
true
x-amz-request-id
AAKMHH9VJ1T2SA6P
x-amz-meta-cb-modifiedtime
Sun, 14 Apr 2013 07:28:19 GMT
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
cross-origin-resource-policy
cross-origin
content-length
33167
x-amz-id-2
YWp+y0vZopLZYFLP8Mm3pzkQdMqVNy951tTTCnWE3Li04V6HjdHOjyGhug7t7xrT5TUa1y3iswc=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 10 Jan 2016 09:10:17 GMT
etag
"bd856ab0099e8b88daeced6a21ed1398"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=23659194
accept-ranges
bytes
timing-allow-origin
*
walkme_lib_20200825-172205-541b3ba0.js
cdn.walkme.com/player/lib/ 		1 MB
420 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/player/lib/walkme_lib_20200825-172205-541b3ba0.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/users/f6a575c2511441499650b66970637485/walkme_f6a575c2511441499650b66970637485_https.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.45.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-45-207.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
50bdd1fc19e8a472e8d105f288dbdbd46badf5b66964dd16b31cb5fb33cfb12d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://disaworks.disa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
dEgq0QqjFe1ip9XERF6zcO88LeH3dVDf
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 16 Aug 2023 12:30:03 GMT
access-control-allow-private-network
true
x-amz-request-id
GDJ1FDMMANEKRAG0
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
429316
x-amz-id-2
4S4xOAzix81quoYwPfcVD2q2YAc9fzbxxYs0dn71DkxR4EfUZZAg7ynFuI+XD5svVSlWhaPd2hw=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 25 Aug 2020 19:26:59 GMT
etag
"cf34c313377735adf175c683913f7d44"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=23522144
accept-ranges
bytes
timing-allow-origin
*
walkme_config_4280c3318fce4acd9549c491038b6028.js
cdn.walkme.com/users/f6a575c2511441499650b66970637485/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/users/f6a575c2511441499650b66970637485/walkme_config_4280c3318fce4acd9549c491038b6028.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/users/f6a575c2511441499650b66970637485/walkme_f6a575c2511441499650b66970637485_https.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.45.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-45-207.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6814e2514d91a4ede65ff6cca2938967db8524a12f7910f573c7eba1f1938e54
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://disaworks.disa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
8h9SR9gsevawXvXhzgDZZrWzixlMMu.G
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 16 Aug 2023 12:30:03 GMT
access-control-allow-private-network
true
x-amz-request-id
GDJ3KQ9C7RW0G2KY
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
1362
x-amz-id-2
ulROqEfIRFRSoXW0g109qlAmHoKLBZ0UVf07p+kRZArzAZbwmt7QQ3EGVU5XGtnMY2TXIW1skok=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 25 Aug 2020 19:54:11 GMT
etag
"ca07d1ea905e7828df7cc6b9b5ce6e3b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=23522174
accept-ranges
bytes
timing-allow-origin
*
adrum-4.5.2.1326.js
cdn.appdynamics.com/adrum/ 		68 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.appdynamics.com/adrum/adrum-4.5.2.1326.js?_=1692189004697
Requested by
Host: disaworks.disa.com
URL: https://disaworks.disa.com/assets/vendor-41de19b6cde433f0528bdbd63eebac3a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.2.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-2-46.mxp63.r.cloudfront.net
Software
nginx/1.16.1 /
Resource Hash

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://disaworks.disa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 23:57:37 GMT
content-encoding
gzip
via
1.1 488566c6c2cd3108c8176e63cecbf9e0.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP63-P4
age
1254747
x-cache
Hit from cloudfront
last-modified
Mon, 24 Sep 2018 23:54:42 GMT
server
nginx/1.16.1
etag
W/"5ba97942-10fd5"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2678400, s-max-age=14400
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
-fqINOAznRE1m0i2UnbrW5PqGyed7nBZAMm95m00zfFSxzqp7zv2HA==
adrum-4.5.2.1326.js
cdn.appdynamics.com/adrum/ 		68 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.appdynamics.com/adrum/adrum-4.5.2.1326.js?_=1692189004698
Requested by
Host: disaworks.disa.com
URL: https://disaworks.disa.com/assets/vendor-41de19b6cde433f0528bdbd63eebac3a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.2.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-2-46.mxp63.r.cloudfront.net
Software
nginx/1.16.1 /
Resource Hash

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://disaworks.disa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 23:57:37 GMT
content-encoding
gzip
via
1.1 488566c6c2cd3108c8176e63cecbf9e0.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP63-P4
age
1254747
x-cache
Hit from cloudfront
last-modified
Mon, 24 Sep 2018 23:54:42 GMT
server
nginx/1.16.1
etag
W/"5ba97942-10fd5"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2678400, s-max-age=14400
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
ADpLSUy_URAfSSYRsyr7022rw0yaYscALnKXjrC6BZ9fVsiBRhazsg==
openid-configuration
auth.disa.com/.well-known/ 		1 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://auth.disa.com/.well-known/openid-configuration
Requested by
Host: disaworks.disa.com
URL: https://disaworks.disa.com/assets/vendor-41de19b6cde433f0528bdbd63eebac3a.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.9.169.17 Houston, United States, ASN3900 (TEXASNET-ASN, US),
Reverse DNS
64-9-169-17.fwd.datafoundry.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' ; script-src 'self' https://maps.googleapis.com https://ajax.googleapis.com https://auth.disa.com https://classic.disa.com https://cdn.rawgit.com https://www.sertifi.com https://disaworks.disa.com https://cdn.walkme.com https://cdn.appdynamics.com https://internal.disa.com https://classic.disa.com https://www.google.com https://www.gstatic.com https://playerserver.walkme.com https://cdn.jsdelivr.net 'unsafe-inline' 'unsafe-eval' ; connect-src 'self' https://disaworks.disa.com https://auth.disa.com https://qaauth.disa.com https://qaux.disa.com https://ec.walkme.com https://classic.disa.com https://www.sertifi.com https://internal.disa.com https://cdn.walkme.com https://maps.googleapis.com https://col.eum-appdynamics.com https://*.disa.com; style-src https://fonts.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; frame-src 'self' https://disaworks.disa.com https://www.sertifi.com https://cdn.walkme.com https://auth.disa.com https://cdn.appdynamics.com https://www.google.com https://maps.google.com https://internal.disa.com https://cdn.appdynamics.com; frame-ancestors 'self' https://*.disa.com; img-src https://*.google.com https://maps.gstatic.com https://maps.googleapis.com https://www.sertifi.com https://*.cloudfront.net https://online.swagger.io https://validator.swagger.io https://ec.walkme.com 'self' data:; font-src https://fonts.gstatic.com 'self' data:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://disaworks.disa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 12:30:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
x-permitted-cross-domain-policies
none
content-security-policy
default-src 'self' ; script-src 'self' https://maps.googleapis.com https://ajax.googleapis.com https://auth.disa.com https://classic.disa.com https://cdn.rawgit.com https://www.sertifi.com https://disaworks.disa.com https://cdn.walkme.com https://cdn.appdynamics.com https://internal.disa.com https://classic.disa.com https://www.google.com https://www.gstatic.com https://playerserver.walkme.com https://cdn.jsdelivr.net 'unsafe-inline' 'unsafe-eval' ; connect-src 'self' https://disaworks.disa.com https://auth.disa.com https://qaauth.disa.com https://qaux.disa.com https://ec.walkme.com https://classic.disa.com https://www.sertifi.com https://internal.disa.com https://cdn.walkme.com https://maps.googleapis.com https://col.eum-appdynamics.com https://*.disa.com; style-src https://fonts.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; frame-src 'self' https://disaworks.disa.com https://www.sertifi.com https://cdn.walkme.com https://auth.disa.com https://cdn.appdynamics.com https://www.google.com https://maps.google.com https://internal.disa.com https://cdn.appdynamics.com; frame-ancestors 'self' https://*.disa.com; img-src https://*.google.com https://maps.gstatic.com https://maps.googleapis.com https://www.sertifi.com https://*.cloudfront.net https://online.swagger.io https://validator.swagger.io https://ec.walkme.com 'self' data:; font-src https://fonts.gstatic.com 'self' data:;
x-node-s
2
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://disaworks.disa.com
permissions-policy
sync-xhr=(self "https://*.disa.com" "https://internal.disa.com" "https://apisandbox.disa.com" "https://www.disa.com" "https://disa.com")
x-xss-protection
1; mode=block
cdHiddenIframeScript.js
cdn.walkme.com/player/lib/20200825-172205-541b3ba0/resources/CD/ Frame 40A8 		244 B
761 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/player/lib/20200825-172205-541b3ba0/resources/CD/cdHiddenIframeScript.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20200825-172205-541b3ba0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.45.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-45-207.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
n_Fmxim2lCbhY.h1ONEm2tEBphYBZ_O4
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 16 Aug 2023 12:30:05 GMT
access-control-allow-private-network
true
x-amz-request-id
GZ1B0V04K3MSR7DP
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
163
x-amz-id-2
I/QNm2shZqCFTNoY/JoUgSn5Svh26Ic1lDmwTaLO8IHDORyu4kswC/lrl2RuPc1so6LNZtvuliE=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 25 Aug 2020 19:24:41 GMT
etag
"a6abe89a638483d2d4657e7b666392dc"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=23522131
accept-ranges
bytes
timing-allow-origin
*
adrum-ext.15ad9e12c414858a5e6cfdfb1f2331b1.js
cdn.appdynamics.com/ 		50 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.appdynamics.com/adrum-ext.15ad9e12c414858a5e6cfdfb1f2331b1.js
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.2.1326.js?_=1692189004697
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.2.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-2-46.mxp63.r.cloudfront.net
Software
nginx/1.16.1 /
Resource Hash

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://disaworks.disa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 22:55:46 GMT
content-encoding
gzip
via
1.1 488566c6c2cd3108c8176e63cecbf9e0.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP63-P4
age
1737456
x-cache
Hit from cloudfront
last-modified
Wed, 26 Sep 2018 23:59:21 GMT
server
nginx/1.16.1
etag
W/"5bac1d59-c890"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2678400, s-max-age=14400
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
6TJe1YNxvyvmwKEDj96eK8RA3A4CTpXdbgYjGWBDLlgEMWpnG-LmQg==
adrum-xd.15ad9e12c414858a5e6cfdfb1f2331b1.html
cdn.appdynamics.com/ Frame CB0A 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.appdynamics.com/adrum-xd.15ad9e12c414858a5e6cfdfb1f2331b1.html
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.2.1326.js?_=1692189004697
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.2.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-2-46.mxp63.r.cloudfront.net
Software
nginx/1.16.1 /
Resource Hash

Request headers

Referer
https://disaworks.disa.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
age
1898711
cache-control
public, max-age=2678400, s-max-age=14400
content-encoding
gzip
content-type
text/html
date
Tue, 25 Jul 2023 13:04:54 GMT
etag
W/"5bad1a55-77a"
last-modified
Thu, 27 Sep 2018 17:58:45 GMT
server
nginx/1.16.1
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 488566c6c2cd3108c8176e63cecbf9e0.cloudfront.net (CloudFront)
x-amz-cf-id
OX8JnXjgvQZzDZBjkl8tWhtf52OLu4Rz7BoZQ0eI3hlRiQGuYa7NzA==
x-amz-cf-pop
MXP63-P4
x-cache
Hit from cloudfront
CDhiddenIframe.compress.html
cdn.walkme.com/player/lib/20200825-172205-541b3ba0/resources/CD/ Frame B7DA 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/player/lib/20200825-172205-541b3ba0/resources/CD/CDhiddenIframe.compress.html
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20200825-172205-541b3ba0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.45.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-45-207.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=23522098
content-encoding
gzip
content-length
7575
content-security-policy
upgrade-insecure-requests;
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Wed, 16 Aug 2023 12:30:05 GMT
etag
"3f496649dbe5363fab56277f26b2dd94"
last-modified
Tue, 25 Aug 2020 19:24:41 GMT
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=31536000;includeSubdomains
vary
Accept-Encoding
x-amz-id-2
671kSRph/h9crz4cZLIlkw0+WGefZq8slbFzRRdRxFgbhocpFVRnPMGWztb2hVlbB5SE5r9c9ro=
x-amz-replication-status
COMPLETED
x-amz-request-id
GZ1EQBECDC3FPD20
x-amz-server-side-encryption
AES256
x-amz-version-id
SvNi_axaSXJtBEUVBqlBFuQpzynG8vnw
x-content-type-options
nosniff
x-xss-protection
1; mode=block
settings.txt
cdn.walkme.com/users/f6a575c2511441499650b66970637485/ Frame B7DA 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/users/f6a575c2511441499650b66970637485/settings.txt
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/20200825-172205-541b3ba0/resources/CD/CDhiddenIframe.compress.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.45.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-45-207.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://cdn.walkme.com/player/lib/20200825-172205-541b3ba0/resources/CD/CDhiddenIframe.compress.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
UWDb5uWVdYdk_JYeY_Jcv2pHaPi1YXF7
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 16 Aug 2023 12:30:05 GMT
access-control-allow-private-network
true
x-amz-request-id
QQK27HS1H63B782P
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
546
x-amz-id-2
C5FEqy2dgC4jrGiIkAu1buVL8WHFSZFxdHmgtCOd4uocfvciQa1JNWimBVzTJWtwoAiEFleXtpo=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 25 Aug 2020 19:54:15 GMT
etag
"18fb63f1ab4a60bd9bc3fcfe4b3155ad"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=898
accept-ranges
bytes
timing-allow-origin
*
walkme_config_4280c3318fce4acd9549c491038b6028.js
cdn.walkme.com/users/f6a575c2511441499650b66970637485/ Frame B7DA 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/users/f6a575c2511441499650b66970637485/walkme_config_4280c3318fce4acd9549c491038b6028.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/20200825-172205-541b3ba0/resources/CD/CDhiddenIframe.compress.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.45.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-45-207.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://cdn.walkme.com/player/lib/20200825-172205-541b3ba0/resources/CD/CDhiddenIframe.compress.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
8h9SR9gsevawXvXhzgDZZrWzixlMMu.G
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 16 Aug 2023 12:30:05 GMT
access-control-allow-private-network
true
x-amz-request-id
GDJ3KQ9C7RW0G2KY
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
1362
x-amz-id-2
ulROqEfIRFRSoXW0g109qlAmHoKLBZ0UVf07p+kRZArzAZbwmt7QQ3EGVU5XGtnMY2TXIW1skok=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 25 Aug 2020 19:54:11 GMT
etag
"ca07d1ea905e7828df7cc6b9b5ce6e3b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=23522172
accept-ranges
bytes
timing-allow-origin
*
data_1d1140514bf64c409d0ea61c0f840ce0.json
cdn.walkme.com/users/f6a575c2511441499650b66970637485/ 		2 MB
181 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/users/f6a575c2511441499650b66970637485/data_1d1140514bf64c409d0ea61c0f840ce0.json
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.2.1326.js?_=1692189004697
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.45.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-45-207.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://disaworks.disa.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
xFpKBworOK9t_R7Qeks7TWCFeCi2cqWG
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 16 Aug 2023 12:30:06 GMT
access-control-allow-private-network
true
x-amz-request-id
R8ZV0W0TXV1767V7
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
184945
x-amz-id-2
zRK+FGE1Hz1Z6etKS5wfqcuHbzrFgbjuwt8E8kH2J0T3z48jbciuMq5oObOhvM65+hedcTnN78M=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 25 Aug 2020 19:54:15 GMT
etag
"dc43b337b87ec956bd1dd73567f782e8"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
Primary Request login
auth.disa.com/account/
Redirect Chain
  • https://auth.disa.com/connect/authorize?client_id=ux-emberjs&redirect_uri=https%3A%2F%2Fdisaworks.disa.com%2Fcallback.html&response_type=id_token%20token&scope=openid%20profile%20ux-api&state=d8ae6...
  • https://auth.disa.com/account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dux-emberjs%26redirect_uri%3Dhttps%253A%252F%252Fdisaworks.disa.com%252Fcallback.html%26response_type%3D...
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.disa.com/account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dux-emberjs%26redirect_uri%3Dhttps%253A%252F%252Fdisaworks.disa.com%252Fcallback.html%26response_type%3Did_token%2520token%26scope%3Dopenid%2520profile%2520ux-api%26state%3Dd8ae6f7520114f28a67265577bcce5a0%26nonce%3Dbe531d4776fe432d8ed079ebf9c41638
Requested by
Host: disaworks.disa.com
URL: https://disaworks.disa.com/assets/vendor-41de19b6cde433f0528bdbd63eebac3a.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.9.169.17 Houston, United States, ASN3900 (TEXASNET-ASN, US),
Reverse DNS
64-9-169-17.fwd.datafoundry.com
Software
/
Resource Hash
64a2619d76618797ffcdff65190df37016551ad81e0e812aa71e93b5b00fc289
Security Headers
Name Value
Content-Security-Policy default-src 'self' ; script-src 'self' https://maps.googleapis.com https://ajax.googleapis.com https://auth.disa.com https://classic.disa.com https://cdn.rawgit.com https://www.sertifi.com https://disaworks.disa.com https://cdn.walkme.com https://cdn.appdynamics.com https://internal.disa.com https://classic.disa.com https://www.google.com https://www.gstatic.com https://playerserver.walkme.com https://cdn.jsdelivr.net 'unsafe-inline' 'unsafe-eval' ; connect-src 'self' https://disaworks.disa.com https://auth.disa.com https://qaauth.disa.com https://qaux.disa.com https://ec.walkme.com https://classic.disa.com https://www.sertifi.com https://internal.disa.com https://cdn.walkme.com https://maps.googleapis.com https://col.eum-appdynamics.com https://*.disa.com; style-src https://fonts.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; frame-src 'self' https://disaworks.disa.com https://www.sertifi.com https://cdn.walkme.com https://auth.disa.com https://cdn.appdynamics.com https://www.google.com https://maps.google.com https://internal.disa.com https://cdn.appdynamics.com; frame-ancestors 'self' https://*.disa.com; img-src https://*.google.com https://maps.gstatic.com https://maps.googleapis.com https://www.sertifi.com https://*.cloudfront.net https://online.swagger.io https://validator.swagger.io https://ec.walkme.com 'self' data:; font-src https://fonts.gstatic.com 'self' data:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disaworks.disa.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

cache-control
no-cache, no-store
content-encoding
gzip
content-security-policy
default-src 'self' ; script-src 'self' https://maps.googleapis.com https://ajax.googleapis.com https://auth.disa.com https://classic.disa.com https://cdn.rawgit.com https://www.sertifi.com https://disaworks.disa.com https://cdn.walkme.com https://cdn.appdynamics.com https://internal.disa.com https://classic.disa.com https://www.google.com https://www.gstatic.com https://playerserver.walkme.com https://cdn.jsdelivr.net 'unsafe-inline' 'unsafe-eval' ; connect-src 'self' https://disaworks.disa.com https://auth.disa.com https://qaauth.disa.com https://qaux.disa.com https://ec.walkme.com https://classic.disa.com https://www.sertifi.com https://internal.disa.com https://cdn.walkme.com https://maps.googleapis.com https://col.eum-appdynamics.com https://*.disa.com; style-src https://fonts.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; frame-src 'self' https://disaworks.disa.com https://www.sertifi.com https://cdn.walkme.com https://auth.disa.com https://cdn.appdynamics.com https://www.google.com https://maps.google.com https://internal.disa.com https://cdn.appdynamics.com; frame-ancestors 'self' https://*.disa.com; img-src https://*.google.com https://maps.gstatic.com https://maps.googleapis.com https://www.sertifi.com https://*.cloudfront.net https://online.swagger.io https://validator.swagger.io https://ec.walkme.com 'self' data:; font-src https://fonts.gstatic.com 'self' data:;
content-type
text/html; charset=utf-8
date
Wed, 16 Aug 2023 12:30:06 GMT
permissions-policy
sync-xhr=(self "https://*.disa.com" "https://internal.disa.com" "https://apisandbox.disa.com" "https://www.disa.com" "https://disa.com")
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN SAMEORIGIN
x-node-s
2
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block

Redirect headers

content-length
0
content-security-policy
default-src 'self' ; script-src 'self' https://maps.googleapis.com https://ajax.googleapis.com https://auth.disa.com https://classic.disa.com https://cdn.rawgit.com https://www.sertifi.com https://disaworks.disa.com https://cdn.walkme.com https://cdn.appdynamics.com https://internal.disa.com https://classic.disa.com https://www.google.com https://www.gstatic.com https://playerserver.walkme.com https://cdn.jsdelivr.net 'unsafe-inline' 'unsafe-eval' ; connect-src 'self' https://disaworks.disa.com https://auth.disa.com https://qaauth.disa.com https://qaux.disa.com https://ec.walkme.com https://classic.disa.com https://www.sertifi.com https://internal.disa.com https://cdn.walkme.com https://maps.googleapis.com https://col.eum-appdynamics.com https://*.disa.com; style-src https://fonts.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; frame-src 'self' https://disaworks.disa.com https://www.sertifi.com https://cdn.walkme.com https://auth.disa.com https://cdn.appdynamics.com https://www.google.com https://maps.google.com https://internal.disa.com https://cdn.appdynamics.com; frame-ancestors 'self' https://*.disa.com; img-src https://*.google.com https://maps.gstatic.com https://maps.googleapis.com https://www.sertifi.com https://*.cloudfront.net https://online.swagger.io https://validator.swagger.io https://ec.walkme.com 'self' data:; font-src https://fonts.gstatic.com 'self' data:;
date
Wed, 16 Aug 2023 12:30:06 GMT
location
https://auth.disa.com/account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dux-emberjs%26redirect_uri%3Dhttps%253A%252F%252Fdisaworks.disa.com%252Fcallback.html%26response_type%3Did_token%2520token%26scope%3Dopenid%2520profile%2520ux-api%26state%3Dd8ae6f7520114f28a67265577bcce5a0%26nonce%3Dbe531d4776fe432d8ed079ebf9c41638
permissions-policy
sync-xhr=(self "https://*.disa.com" "https://internal.disa.com" "https://apisandbox.disa.com" "https://www.disa.com" "https://disa.com")
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-node-s
2
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
8.23daf72d.walkme_lib.js
cdn.walkme.com/player/lib/20200825-172205-541b3ba0/ 		682 B
952 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/player/lib/20200825-172205-541b3ba0/8.23daf72d.walkme_lib.js
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.2.1326.js?_=1692189004697
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.45.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-45-207.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://disaworks.disa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
ijx23oxB0ZIzpUI.W0cDTFejgVhRkKZG
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 16 Aug 2023 12:30:06 GMT
access-control-allow-private-network
true
x-amz-request-id
3SCVXRS2CJ732GE0
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
354
x-amz-id-2
aKHQxI38zEFaAHttcO1nJaL3l6/hp5LzF0gsy7qtlIFAE9B/P57c2YzyH0LLrKOLTZPvXLTf7Ro=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 25 Aug 2020 19:24:26 GMT
etag
"dbe63251db202c3d72ff7a9857ee12ce"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=29073237
accept-ranges
bytes
timing-allow-origin
*
1.65ad3e19.walkme_lib.js
cdn.walkme.com/player/lib/20200825-172205-541b3ba0/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/player/lib/20200825-172205-541b3ba0/1.65ad3e19.walkme_lib.js
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.2.1326.js?_=1692189004697
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.45.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-45-207.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://disaworks.disa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
pmwKK7HE8Frj6fmIBE58qebsREgNY3Ds
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 16 Aug 2023 12:30:06 GMT
access-control-allow-private-network
true
x-amz-request-id
HF4FBQGW20E9VRCX
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
1139
x-amz-id-2
M+no1eA4rp498UX0JSmXuFYVi/oQgm4CNZUKkbCjNj+yM0EF5m6emG9+5akJ8fqWz2IPh5ysQmI=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 25 Aug 2020 19:24:14 GMT
etag
"0ddb44e9417df283ddd9588b1de9b6d6"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=30250611
accept-ranges
bytes
timing-allow-origin
*
21.cda6e480.walkme_lib.js
cdn.walkme.com/player/lib/20200825-172205-541b3ba0/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/player/lib/20200825-172205-541b3ba0/21.cda6e480.walkme_lib.js
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.2.1326.js?_=1692189004697
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.45.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-45-207.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://disaworks.disa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
SiwBoWihYj3AelEtw_Ey1U0pTj.iPtS8
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 16 Aug 2023 12:30:06 GMT
access-control-allow-private-network
true
x-amz-request-id
T5B883B61PWFAR8E
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
8908
x-amz-id-2
PZlnNxY2APN2M/llbrumjSyMlplLLxF4GBuXMiROxASS5IgRhhG6Iv7pMmzhyd34WHHwDjVKYjg=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 25 Aug 2020 19:24:17 GMT
etag
"ca010fa11ab2a837ba5d55503dabba0c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=30250611
accept-ranges
bytes
timing-allow-origin
*
17.55165e14.walkme_lib.js
cdn.walkme.com/player/lib/20200825-172205-541b3ba0/ 		998 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/player/lib/20200825-172205-541b3ba0/17.55165e14.walkme_lib.js
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.2.1326.js?_=1692189004697
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.45.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-45-207.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://disaworks.disa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
6enbVqohpLjqBDl9Bj2c.UJ5RZVbstBk
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 16 Aug 2023 12:30:06 GMT
access-control-allow-private-network
true
x-amz-request-id
T5B41GJ25NHC028A
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
559
x-amz-id-2
ZvhzTyKx+noIuyvtvifWYJRfwWOZ06RzAPSif77fGwlG65yWSNFjuE8Cwc8n7HCCz0XABeo5Pq8=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 25 Aug 2020 19:24:15 GMT
etag
"8ab43b427f7c7b3c0e177614994f502f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=30250611
accept-ranges
bytes
timing-allow-origin
*
32.39617815.walkme_lib.js
cdn.walkme.com/player/lib/20200825-172205-541b3ba0/ 		100 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/player/lib/20200825-172205-541b3ba0/32.39617815.walkme_lib.js
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.2.1326.js?_=1692189004697
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.45.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-45-207.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://disaworks.disa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
tAcyNVSy3JnwV2JH8qQMumxc8OYAW8NR
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 16 Aug 2023 12:30:06 GMT
access-control-allow-private-network
true
x-amz-request-id
HF48847CAY13WM2R
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
31382
x-amz-id-2
TTjzZr7PnJR1fFLUH7y/B8G5q/n0H118g99QoT0UZ5t5g/M3ai6ArqwG4lQrcKS5/167+ictguM=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 25 Aug 2020 19:24:20 GMT
etag
"30398308a327addca18a0efb5b5cd00b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=30250611
accept-ranges
bytes
timing-allow-origin
*
main.js
cdn.walkme.com/chatbot/3.50.0/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/chatbot/3.50.0/main.js
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.2.1326.js?_=1692189004697
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.45.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-45-207.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://disaworks.disa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
vidkId4eW_lnQTts4bRrAanhXCXtDoVg
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 16 Aug 2023 12:30:06 GMT
content-security-policy
upgrade-insecure-requests;
x-amz-request-id
T5B09F5BK7TTYYDY
x-amz-server-side-encryption
AES256
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
1732
x-amz-id-2
5paFu7ukDJLxS3uErTC9SjdwREzvCkg10d05y+e/R2O1ZMcCvTUk8ipg+HxFCSy1rCbsJKv4BIs=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 17 Aug 2020 16:34:47 GMT
etag
"3eba370f75d04dbc79d4515c115c7683"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=30259884
accept-ranges
bytes
timing-allow-origin
*
44.e9d9a3d4.walkme_lib.js
cdn.walkme.com/player/lib/20200825-172205-541b3ba0/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/player/lib/20200825-172205-541b3ba0/44.e9d9a3d4.walkme_lib.js
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.2.1326.js?_=1692189004697
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.45.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-45-207.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://disaworks.disa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
0AupMswgUbOBAkdEWu1K4LRHL_puJthq
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 16 Aug 2023 12:30:06 GMT
access-control-allow-private-network
true
x-amz-request-id
3SCHD1NKE5KFGTWS
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
967
x-amz-id-2
GkQMU4jUlyReJPGMkiQDJk/FpCCZhhCZhNoDuzWqmPvt8Rkykr9afw+Nd7IwrhKZtiJ259Q4/MU=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 25 Aug 2020 19:24:23 GMT
etag
"a41588507e1f009b1fcf69a6a41b5832"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=29073236
accept-ranges
bytes
timing-allow-origin
*
35.44a61b0b.walkme_lib.js
cdn.walkme.com/player/lib/20200825-172205-541b3ba0/ 		368 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/player/lib/20200825-172205-541b3ba0/35.44a61b0b.walkme_lib.js
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.2.1326.js?_=1692189004697
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.45.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-45-207.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://disaworks.disa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
Ny7zRXoehLZLFo8mHJCN4rQ6bV1dEUap
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 16 Aug 2023 12:30:06 GMT
access-control-allow-private-network
true
x-amz-request-id
XDV6TE58QHAZFPYG
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
59059
x-amz-id-2
50qBQujMl73VoH0xoZ4XkcehzClDHeq3qeh91cZTUbKxxHfLsTKviJ3mHiVwcSBDpVK+oEdVBvY=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 25 Aug 2020 19:24:20 GMT
etag
"e207e0f2edb07383fe1c12fe58920fa4"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=30250611
accept-ranges
bytes
timing-allow-origin
*
8.8a7cedbe9d68d607cac9.js
cdn.walkme.com/chatbot/3.50.0/ 		52 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/chatbot/3.50.0/8.8a7cedbe9d68d607cac9.js
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.2.1326.js?_=1692189004697
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.45.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-45-207.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://disaworks.disa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
7cDvIMwNnm9V_phyn9G0QnvIwxDarEIc
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 16 Aug 2023 12:30:06 GMT
content-security-policy
upgrade-insecure-requests;
x-amz-request-id
FQ7ZESPCTTHRDJTB
x-amz-server-side-encryption
AES256
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
15599
x-amz-id-2
+gncW+C1YE2OUWCHh0TF8xU2nQ+9uJFjihDFjSuXVjLBSNEIf5P2vKoroy0bIHizVHDkwr6ng8I=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 17 Aug 2020 16:34:46 GMT
etag
"00292c0006d464fb2ad6a45e925fe8b4"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=30259884
accept-ranges
bytes
timing-allow-origin
*
2.8a7cedbe9d68d607cac9.js
cdn.walkme.com/chatbot/3.50.0/ 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/chatbot/3.50.0/2.8a7cedbe9d68d607cac9.js
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.2.1326.js?_=1692189004697
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.45.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-45-207.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://disaworks.disa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
jGLyFUN01HD4Qmr8aXWMvJ1_eYW3IgOl
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 16 Aug 2023 12:30:06 GMT
content-security-policy
upgrade-insecure-requests;
x-amz-request-id
FQ7S7A7AAV46ZB83
x-amz-server-side-encryption
AES256
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
11042
x-amz-id-2
mtmdRw8wxr4dhEsLmZFrnidBZgt39dLvANFHO3/OthoD+EdtJvneNwydd06DuGw8WZ2UTbTVDIo=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 17 Aug 2020 16:34:45 GMT
etag
"ec41eb2817038ab7e8ae5d2a3f1c99db"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=30259884
accept-ranges
bytes
timing-allow-origin
*
opensans.js
cdn.walkme.com/player/resources/fonts/ 		66 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/player/resources/fonts/opensans.js
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.2.1326.js?_=1692189004697
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.45.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-45-207.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://disaworks.disa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
rAFCWxTL86C.ZHLzZe9V1dX9A1JJFkDd
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 16 Aug 2023 12:30:06 GMT
access-control-allow-private-network
true
x-amz-request-id
EE5AMGW7A2RCTDYM
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
51200
x-amz-id-2
4e33LNEexiWc7pTQL5qSTkaz03+M0VDf+skEWAeA7e4RfZA50Smn0m1mz4Z374A8+Mm3bJ/M9FA=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 12 Feb 2023 07:35:31 GMT
etag
"f0929eacd329b25f2c32b513ae2bb075"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=26500150
accept-ranges
bytes
timing-allow-origin
*
UserCompletedTasksByIdsAndGoalsIds
playerserver.walkme.com/ToDoList/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://playerserver.walkme.com/ToDoList/UserCompletedTasksByIdsAndGoalsIds?callback=mtjQuery17107918975169301967_1692189003692&userGuid=f6a575c2511441499650b66970637485&endUserId=b0a8e245-9102-4cd9-a6f9-c0de15b314c2&taskGoalsIds=%7B%22115411%22%3A%5B351109%5D%2C%22115422%22%3A%5B351144%5D%2C%22115555%22%3A%5B351348%5D%2C%22115620%22%3A%5B351523%5D%2C%22115623%22%3A%5B351537%5D%2C%22115635%22%3A%5B351625%5D%2C%22115637%22%3A%5B351627%5D%2C%22115709%22%3A%5B351819%5D%2C%22115712%22%3A%5B351828%5D%2C%22116636%22%3A%5B441378%5D%2C%22117365%22%3A%5B356763%5D%2C%22117421%22%3A%5B356936%5D%2C%22117434%22%3A%5B356955%5D%2C%22117447%22%3A%5B356976%5D%2C%22117457%22%3A%5B357020%5D%2C%22117617%22%3A%5B357300%5D%2C%22117639%22%3A%5B357333%5D%2C%22117649%22%3A%5B357375%5D%2C%22117881%22%3A%5B%5D%2C%22117910%22%3A%5B358079%5D%2C%22117915%22%3A%5B358082%5D%2C%22120240%22%3A%5B%5D%2C%22120350%22%3A%5B%5D%2C%22120354%22%3A%5B%5D%2C%22120356%22%3A%5B%5D%2C%22120358%22%3A%5B%5D%2C%22120359%22%3A%5B%5D%2C%22120360%22%3A%5B%5D%2C%22120361%22%3A%5B%5D%2C%22120362%22%3A%5B%5D%2C%22120363%22%3A%5B%5D%2C%22120364%22%3A%5B%5D%2C%22120375%22%3A%5B%5D%2C%22120378%22%3A%5B%5D%2C%22120634%22%3A%5B424632%5D%2C%22120635%22%3A%5B%5D%2C%22120636%22%3A%5B%5D%2C%22124017%22%3A%5B371922%5D%2C%22124025%22%3A%5B371963%5D%2C%22124203%22%3A%5B372281%5D%2C%22124217%22%3A%5B372292%5D%2C%22125488%22%3A%5B377906%5D%2C%22126966%22%3A%5B%5D%7D&source=0&isEncoded=true&_=1692189006725
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.2.1326.js?_=1692189004697
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:598::327b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://disaworks.disa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 16 Aug 2023 12:30:07 GMT
referrer-policy
strict-origin
content-security-policy
default-src 'none'; upgrade-insecure-requests; block-all-mixed-content;
x-frame-options
DENY
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600
content-length
3701
x-xss-protection
1; mode=block
lato-regular.js
cdn.walkme.com/player/resources/fonts/ 		42 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/player/resources/fonts/lato-regular.js
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.2.1326.js?_=1692189004697
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.45.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-45-207.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://disaworks.disa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
SPi0CPECJ.CZqfFUI3zhiets7o7_yWy5
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 16 Aug 2023 12:30:06 GMT
access-control-allow-private-network
true
x-amz-request-id
46B6B8W4SY76A32N
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
32313
x-amz-id-2
mhhxVwZ5W0Au2496yVkdUpsHulVO5xrqUShKcpDSR6XzeZ8UcisKTiO6nWDWAG4FEqJWqPVT/4I=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 31 Oct 2018 15:50:47 GMT
etag
"4ac8e123914921762bfa15613cd58178"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=24695314
accept-ranges
bytes
timing-allow-origin
*
widget-font_v3.js
cdn.walkme.com/player/resources/fonts/ 		9 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/player/resources/fonts/widget-font_v3.js
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.2.1326.js?_=1692189004697
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.45.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-45-207.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://disaworks.disa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
QPtwPFsdULF4UirQoUOZt.r.1w6ivPv5
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 16 Aug 2023 12:30:06 GMT
access-control-allow-private-network
true
x-amz-request-id
ZFNPMAS9HSFPSW8E
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
5103
x-amz-id-2
wtrXyif/W3dUnvWRxJi14YkiBgW6Sp/1HG1bW2MuxGv2o/g3eDH2QzhRC6vmI96kZMvVVg3sL/c=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 30 Dec 2019 11:33:51 GMT
etag
"9ae2ebcf4bb0793b4925ad68e76c66a5"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=24695285
accept-ranges
bytes
timing-allow-origin
*
disa_logo1.png
d2qhvajt3imc89.cloudfront.net/customers/DISA+Global/ 		0
0
truncated
/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
Origin
https://disaworks.disa.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
adrum
col.eum-appdynamics.com/eumcollector/beacons/browser/v2/AD-AAB-AAC-PTX/ 		0
0
truncated
/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
Origin
https://disaworks.disa.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
font/woff
truncated
/ 		6 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
Origin
https://disaworks.disa.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
postEvent
ec.walkme.com/event/ 		0
0
bootstrap.min.css
auth.disa.com/lib/bootstrap/css/ 		157 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth.disa.com/lib/bootstrap/css/bootstrap.min.css
Requested by
Host: auth.disa.com
URL: https://auth.disa.com/account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dux-emberjs%26redirect_uri%3Dhttps%253A%252F%252Fdisaworks.disa.com%252Fcallback.html%26response_type%3Did_token%2520token%26scope%3Dopenid%2520profile%2520ux-api%26state%3Dd8ae6f7520114f28a67265577bcce5a0%26nonce%3Dbe531d4776fe432d8ed079ebf9c41638
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.9.169.17 Houston, United States, ASN3900 (TEXASNET-ASN, US),
Reverse DNS
64-9-169-17.fwd.datafoundry.com
Software
/
Resource Hash
b64b23b4a62a17d314b64f2dc76260b4c5bcd10135c092eb59372d998c2ef7ae
Security Headers
Name Value
Content-Security-Policy default-src 'self' ; script-src 'self' https://maps.googleapis.com https://ajax.googleapis.com https://auth.disa.com https://classic.disa.com https://cdn.rawgit.com https://www.sertifi.com https://disaworks.disa.com https://cdn.walkme.com https://cdn.appdynamics.com https://internal.disa.com https://classic.disa.com https://www.google.com https://www.gstatic.com https://playerserver.walkme.com https://cdn.jsdelivr.net 'unsafe-inline' 'unsafe-eval' ; connect-src 'self' https://disaworks.disa.com https://auth.disa.com https://qaauth.disa.com https://qaux.disa.com https://ec.walkme.com https://classic.disa.com https://www.sertifi.com https://internal.disa.com https://cdn.walkme.com https://maps.googleapis.com https://col.eum-appdynamics.com https://*.disa.com; style-src https://fonts.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; frame-src 'self' https://disaworks.disa.com https://www.sertifi.com https://cdn.walkme.com https://auth.disa.com https://cdn.appdynamics.com https://www.google.com https://maps.google.com https://internal.disa.com https://cdn.appdynamics.com; frame-ancestors 'self' https://*.disa.com; img-src https://*.google.com https://maps.gstatic.com https://maps.googleapis.com https://www.sertifi.com https://*.cloudfront.net https://online.swagger.io https://validator.swagger.io https://ec.walkme.com 'self' data:; font-src https://fonts.gstatic.com 'self' data:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://auth.disa.com/account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dux-emberjs%26redirect_uri%3Dhttps%253A%252F%252Fdisaworks.disa.com%252Fcallback.html%26response_type%3Did_token%2520token%26scope%3Dopenid%2520profile%2520ux-api%26state%3Dd8ae6f7520114f28a67265577bcce5a0%26nonce%3Dbe531d4776fe432d8ed079ebf9c41638
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 12:30:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies
none
content-security-policy
default-src 'self' ; script-src 'self' https://maps.googleapis.com https://ajax.googleapis.com https://auth.disa.com https://classic.disa.com https://cdn.rawgit.com https://www.sertifi.com https://disaworks.disa.com https://cdn.walkme.com https://cdn.appdynamics.com https://internal.disa.com https://classic.disa.com https://www.google.com https://www.gstatic.com https://playerserver.walkme.com https://cdn.jsdelivr.net 'unsafe-inline' 'unsafe-eval' ; connect-src 'self' https://disaworks.disa.com https://auth.disa.com https://qaauth.disa.com https://qaux.disa.com https://ec.walkme.com https://classic.disa.com https://www.sertifi.com https://internal.disa.com https://cdn.walkme.com https://maps.googleapis.com https://col.eum-appdynamics.com https://*.disa.com; style-src https://fonts.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; frame-src 'self' https://disaworks.disa.com https://www.sertifi.com https://cdn.walkme.com https://auth.disa.com https://cdn.appdynamics.com https://www.google.com https://maps.google.com https://internal.disa.com https://cdn.appdynamics.com; frame-ancestors 'self' https://*.disa.com; img-src https://*.google.com https://maps.gstatic.com https://maps.googleapis.com https://www.sertifi.com https://*.cloudfront.net https://online.swagger.io https://validator.swagger.io https://ec.walkme.com 'self' data:; font-src https://fonts.gstatic.com 'self' data:;
x-node-s
2
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 27 Apr 2023 02:10:19 GMT
etag
"1d978ad6a28c50e"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
permissions-policy
sync-xhr=(self "https://*.disa.com" "https://internal.disa.com" "https://apisandbox.disa.com" "https://www.disa.com" "https://disa.com")
accept-ranges
bytes
site.css
auth.disa.com/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth.disa.com/css/site.css
Requested by
Host: auth.disa.com
URL: https://auth.disa.com/account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dux-emberjs%26redirect_uri%3Dhttps%253A%252F%252Fdisaworks.disa.com%252Fcallback.html%26response_type%3Did_token%2520token%26scope%3Dopenid%2520profile%2520ux-api%26state%3Dd8ae6f7520114f28a67265577bcce5a0%26nonce%3Dbe531d4776fe432d8ed079ebf9c41638
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.9.169.17 Houston, United States, ASN3900 (TEXASNET-ASN, US),
Reverse DNS
64-9-169-17.fwd.datafoundry.com
Software
/
Resource Hash
1a2b6064a0b0565c1e2198151e8635930095d8dc62ab43ae5c7f5840deb1c985
Security Headers
Name Value
Content-Security-Policy default-src 'self' ; script-src 'self' https://maps.googleapis.com https://ajax.googleapis.com https://auth.disa.com https://classic.disa.com https://cdn.rawgit.com https://www.sertifi.com https://disaworks.disa.com https://cdn.walkme.com https://cdn.appdynamics.com https://internal.disa.com https://classic.disa.com https://www.google.com https://www.gstatic.com https://playerserver.walkme.com https://cdn.jsdelivr.net 'unsafe-inline' 'unsafe-eval' ; connect-src 'self' https://disaworks.disa.com https://auth.disa.com https://qaauth.disa.com https://qaux.disa.com https://ec.walkme.com https://classic.disa.com https://www.sertifi.com https://internal.disa.com https://cdn.walkme.com https://maps.googleapis.com https://col.eum-appdynamics.com https://*.disa.com; style-src https://fonts.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; frame-src 'self' https://disaworks.disa.com https://www.sertifi.com https://cdn.walkme.com https://auth.disa.com https://cdn.appdynamics.com https://www.google.com https://maps.google.com https://internal.disa.com https://cdn.appdynamics.com; frame-ancestors 'self' https://*.disa.com; img-src https://*.google.com https://maps.gstatic.com https://maps.googleapis.com https://www.sertifi.com https://*.cloudfront.net https://online.swagger.io https://validator.swagger.io https://ec.walkme.com 'self' data:; font-src https://fonts.gstatic.com 'self' data:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://auth.disa.com/account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dux-emberjs%26redirect_uri%3Dhttps%253A%252F%252Fdisaworks.disa.com%252Fcallback.html%26response_type%3Did_token%2520token%26scope%3Dopenid%2520profile%2520ux-api%26state%3Dd8ae6f7520114f28a67265577bcce5a0%26nonce%3Dbe531d4776fe432d8ed079ebf9c41638
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 12:30:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies
none
content-security-policy
default-src 'self' ; script-src 'self' https://maps.googleapis.com https://ajax.googleapis.com https://auth.disa.com https://classic.disa.com https://cdn.rawgit.com https://www.sertifi.com https://disaworks.disa.com https://cdn.walkme.com https://cdn.appdynamics.com https://internal.disa.com https://classic.disa.com https://www.google.com https://www.gstatic.com https://playerserver.walkme.com https://cdn.jsdelivr.net 'unsafe-inline' 'unsafe-eval' ; connect-src 'self' https://disaworks.disa.com https://auth.disa.com https://qaauth.disa.com https://qaux.disa.com https://ec.walkme.com https://classic.disa.com https://www.sertifi.com https://internal.disa.com https://cdn.walkme.com https://maps.googleapis.com https://col.eum-appdynamics.com https://*.disa.com; style-src https://fonts.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; frame-src 'self' https://disaworks.disa.com https://www.sertifi.com https://cdn.walkme.com https://auth.disa.com https://cdn.appdynamics.com https://www.google.com https://maps.google.com https://internal.disa.com https://cdn.appdynamics.com; frame-ancestors 'self' https://*.disa.com; img-src https://*.google.com https://maps.gstatic.com https://maps.googleapis.com https://www.sertifi.com https://*.cloudfront.net https://online.swagger.io https://validator.swagger.io https://ec.walkme.com 'self' data:; font-src https://fonts.gstatic.com 'self' data:;
x-node-s
2
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 27 Apr 2023 02:10:18 GMT
etag
"1d978ad69923468"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
permissions-policy
sync-xhr=(self "https://*.disa.com" "https://internal.disa.com" "https://apisandbox.disa.com" "https://www.disa.com" "https://disa.com")
accept-ranges
bytes
jquery.min.js
auth.disa.com/lib/jquery/ 		88 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.disa.com/lib/jquery/jquery.min.js
Requested by
Host: auth.disa.com
URL: https://auth.disa.com/account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dux-emberjs%26redirect_uri%3Dhttps%253A%252F%252Fdisaworks.disa.com%252Fcallback.html%26response_type%3Did_token%2520token%26scope%3Dopenid%2520profile%2520ux-api%26state%3Dd8ae6f7520114f28a67265577bcce5a0%26nonce%3Dbe531d4776fe432d8ed079ebf9c41638
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.9.169.17 Houston, United States, ASN3900 (TEXASNET-ASN, US),
Reverse DNS
64-9-169-17.fwd.datafoundry.com
Software
/
Resource Hash
c4ae5268bef77000a0b3d189ab188bcd5a819ed731d3e2577ff75e22a5ab37b7
Security Headers
Name Value
Content-Security-Policy default-src 'self' ; script-src 'self' https://maps.googleapis.com https://ajax.googleapis.com https://auth.disa.com https://classic.disa.com https://cdn.rawgit.com https://www.sertifi.com https://disaworks.disa.com https://cdn.walkme.com https://cdn.appdynamics.com https://internal.disa.com https://classic.disa.com https://www.google.com https://www.gstatic.com https://playerserver.walkme.com https://cdn.jsdelivr.net 'unsafe-inline' 'unsafe-eval' ; connect-src 'self' https://disaworks.disa.com https://auth.disa.com https://qaauth.disa.com https://qaux.disa.com https://ec.walkme.com https://classic.disa.com https://www.sertifi.com https://internal.disa.com https://cdn.walkme.com https://maps.googleapis.com https://col.eum-appdynamics.com https://*.disa.com; style-src https://fonts.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; frame-src 'self' https://disaworks.disa.com https://www.sertifi.com https://cdn.walkme.com https://auth.disa.com https://cdn.appdynamics.com https://www.google.com https://maps.google.com https://internal.disa.com https://cdn.appdynamics.com; frame-ancestors 'self' https://*.disa.com; img-src https://*.google.com https://maps.gstatic.com https://maps.googleapis.com https://www.sertifi.com https://*.cloudfront.net https://online.swagger.io https://validator.swagger.io https://ec.walkme.com 'self' data:; font-src https://fonts.gstatic.com 'self' data:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://auth.disa.com/account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dux-emberjs%26redirect_uri%3Dhttps%253A%252F%252Fdisaworks.disa.com%252Fcallback.html%26response_type%3Did_token%2520token%26scope%3Dopenid%2520profile%2520ux-api%26state%3Dd8ae6f7520114f28a67265577bcce5a0%26nonce%3Dbe531d4776fe432d8ed079ebf9c41638
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 12:30:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies
none
content-security-policy
default-src 'self' ; script-src 'self' https://maps.googleapis.com https://ajax.googleapis.com https://auth.disa.com https://classic.disa.com https://cdn.rawgit.com https://www.sertifi.com https://disaworks.disa.com https://cdn.walkme.com https://cdn.appdynamics.com https://internal.disa.com https://classic.disa.com https://www.google.com https://www.gstatic.com https://playerserver.walkme.com https://cdn.jsdelivr.net 'unsafe-inline' 'unsafe-eval' ; connect-src 'self' https://disaworks.disa.com https://auth.disa.com https://qaauth.disa.com https://qaux.disa.com https://ec.walkme.com https://classic.disa.com https://www.sertifi.com https://internal.disa.com https://cdn.walkme.com https://maps.googleapis.com https://col.eum-appdynamics.com https://*.disa.com; style-src https://fonts.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; frame-src 'self' https://disaworks.disa.com https://www.sertifi.com https://cdn.walkme.com https://auth.disa.com https://cdn.appdynamics.com https://www.google.com https://maps.google.com https://internal.disa.com https://cdn.appdynamics.com; frame-ancestors 'self' https://*.disa.com; img-src https://*.google.com https://maps.gstatic.com https://maps.googleapis.com https://www.sertifi.com https://*.cloudfront.net https://online.swagger.io https://validator.swagger.io https://ec.walkme.com 'self' data:; font-src https://fonts.gstatic.com 'self' data:;
x-node-s
2
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 27 Apr 2023 02:10:19 GMT
etag
"1d978ad6a2be8dd"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
permissions-policy
sync-xhr=(self "https://*.disa.com" "https://internal.disa.com" "https://apisandbox.disa.com" "https://www.disa.com" "https://disa.com")
accept-ranges
bytes
Validator.js
auth.disa.com/js/ 		812 B
537 B 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.disa.com/js/Validator.js
Requested by
Host: auth.disa.com
URL: https://auth.disa.com/account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dux-emberjs%26redirect_uri%3Dhttps%253A%252F%252Fdisaworks.disa.com%252Fcallback.html%26response_type%3Did_token%2520token%26scope%3Dopenid%2520profile%2520ux-api%26state%3Dd8ae6f7520114f28a67265577bcce5a0%26nonce%3Dbe531d4776fe432d8ed079ebf9c41638
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.9.169.17 Houston, United States, ASN3900 (TEXASNET-ASN, US),
Reverse DNS
64-9-169-17.fwd.datafoundry.com
Software
/
Resource Hash
5b2c8956c5cc3222a9430ec1f7480c12ff73392a6db985f71eba60a30658b9f3
Security Headers
Name Value
Content-Security-Policy default-src 'self' ; script-src 'self' https://maps.googleapis.com https://ajax.googleapis.com https://auth.disa.com https://classic.disa.com https://cdn.rawgit.com https://www.sertifi.com https://disaworks.disa.com https://cdn.walkme.com https://cdn.appdynamics.com https://internal.disa.com https://classic.disa.com https://www.google.com https://www.gstatic.com https://playerserver.walkme.com https://cdn.jsdelivr.net 'unsafe-inline' 'unsafe-eval' ; connect-src 'self' https://disaworks.disa.com https://auth.disa.com https://qaauth.disa.com https://qaux.disa.com https://ec.walkme.com https://classic.disa.com https://www.sertifi.com https://internal.disa.com https://cdn.walkme.com https://maps.googleapis.com https://col.eum-appdynamics.com https://*.disa.com; style-src https://fonts.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; frame-src 'self' https://disaworks.disa.com https://www.sertifi.com https://cdn.walkme.com https://auth.disa.com https://cdn.appdynamics.com https://www.google.com https://maps.google.com https://internal.disa.com https://cdn.appdynamics.com; frame-ancestors 'self' https://*.disa.com; img-src https://*.google.com https://maps.gstatic.com https://maps.googleapis.com https://www.sertifi.com https://*.cloudfront.net https://online.swagger.io https://validator.swagger.io https://ec.walkme.com 'self' data:; font-src https://fonts.gstatic.com 'self' data:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://auth.disa.com/account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dux-emberjs%26redirect_uri%3Dhttps%253A%252F%252Fdisaworks.disa.com%252Fcallback.html%26response_type%3Did_token%2520token%26scope%3Dopenid%2520profile%2520ux-api%26state%3Dd8ae6f7520114f28a67265577bcce5a0%26nonce%3Dbe531d4776fe432d8ed079ebf9c41638
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 12:30:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies
none
content-security-policy
default-src 'self' ; script-src 'self' https://maps.googleapis.com https://ajax.googleapis.com https://auth.disa.com https://classic.disa.com https://cdn.rawgit.com https://www.sertifi.com https://disaworks.disa.com https://cdn.walkme.com https://cdn.appdynamics.com https://internal.disa.com https://classic.disa.com https://www.google.com https://www.gstatic.com https://playerserver.walkme.com https://cdn.jsdelivr.net 'unsafe-inline' 'unsafe-eval' ; connect-src 'self' https://disaworks.disa.com https://auth.disa.com https://qaauth.disa.com https://qaux.disa.com https://ec.walkme.com https://classic.disa.com https://www.sertifi.com https://internal.disa.com https://cdn.walkme.com https://maps.googleapis.com https://col.eum-appdynamics.com https://*.disa.com; style-src https://fonts.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; frame-src 'self' https://disaworks.disa.com https://www.sertifi.com https://cdn.walkme.com https://auth.disa.com https://cdn.appdynamics.com https://www.google.com https://maps.google.com https://internal.disa.com https://cdn.appdynamics.com; frame-ancestors 'self' https://*.disa.com; img-src https://*.google.com https://maps.gstatic.com https://maps.googleapis.com https://www.sertifi.com https://*.cloudfront.net https://online.swagger.io https://validator.swagger.io https://ec.walkme.com 'self' data:; font-src https://fonts.gstatic.com 'self' data:;
x-node-s
2
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 27 Apr 2023 02:10:18 GMT
etag
"1d978ad6992222c"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
permissions-policy
sync-xhr=(self "https://*.disa.com" "https://internal.disa.com" "https://apisandbox.disa.com" "https://www.disa.com" "https://disa.com")
accept-ranges
bytes
login.js
auth.disa.com/js/AccountVerification/ 		165 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.disa.com/js/AccountVerification/login.js
Requested by
Host: auth.disa.com
URL: https://auth.disa.com/account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dux-emberjs%26redirect_uri%3Dhttps%253A%252F%252Fdisaworks.disa.com%252Fcallback.html%26response_type%3Did_token%2520token%26scope%3Dopenid%2520profile%2520ux-api%26state%3Dd8ae6f7520114f28a67265577bcce5a0%26nonce%3Dbe531d4776fe432d8ed079ebf9c41638
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.9.169.17 Houston, United States, ASN3900 (TEXASNET-ASN, US),
Reverse DNS
64-9-169-17.fwd.datafoundry.com
Software
/
Resource Hash
432efb4b31a5c23060c87519f85360864b2a226ad36fe1aa4a4db5e382f588bd
Security Headers
Name Value
Content-Security-Policy default-src 'self' ; script-src 'self' https://maps.googleapis.com https://ajax.googleapis.com https://auth.disa.com https://classic.disa.com https://cdn.rawgit.com https://www.sertifi.com https://disaworks.disa.com https://cdn.walkme.com https://cdn.appdynamics.com https://internal.disa.com https://classic.disa.com https://www.google.com https://www.gstatic.com https://playerserver.walkme.com https://cdn.jsdelivr.net 'unsafe-inline' 'unsafe-eval' ; connect-src 'self' https://disaworks.disa.com https://auth.disa.com https://qaauth.disa.com https://qaux.disa.com https://ec.walkme.com https://classic.disa.com https://www.sertifi.com https://internal.disa.com https://cdn.walkme.com https://maps.googleapis.com https://col.eum-appdynamics.com https://*.disa.com; style-src https://fonts.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; frame-src 'self' https://disaworks.disa.com https://www.sertifi.com https://cdn.walkme.com https://auth.disa.com https://cdn.appdynamics.com https://www.google.com https://maps.google.com https://internal.disa.com https://cdn.appdynamics.com; frame-ancestors 'self' https://*.disa.com; img-src https://*.google.com https://maps.gstatic.com https://maps.googleapis.com https://www.sertifi.com https://*.cloudfront.net https://online.swagger.io https://validator.swagger.io https://ec.walkme.com 'self' data:; font-src https://fonts.gstatic.com 'self' data:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://auth.disa.com/account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dux-emberjs%26redirect_uri%3Dhttps%253A%252F%252Fdisaworks.disa.com%252Fcallback.html%26response_type%3Did_token%2520token%26scope%3Dopenid%2520profile%2520ux-api%26state%3Dd8ae6f7520114f28a67265577bcce5a0%26nonce%3Dbe531d4776fe432d8ed079ebf9c41638
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 12:30:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies
none
content-security-policy
default-src 'self' ; script-src 'self' https://maps.googleapis.com https://ajax.googleapis.com https://auth.disa.com https://classic.disa.com https://cdn.rawgit.com https://www.sertifi.com https://disaworks.disa.com https://cdn.walkme.com https://cdn.appdynamics.com https://internal.disa.com https://classic.disa.com https://www.google.com https://www.gstatic.com https://playerserver.walkme.com https://cdn.jsdelivr.net 'unsafe-inline' 'unsafe-eval' ; connect-src 'self' https://disaworks.disa.com https://auth.disa.com https://qaauth.disa.com https://qaux.disa.com https://ec.walkme.com https://classic.disa.com https://www.sertifi.com https://internal.disa.com https://cdn.walkme.com https://maps.googleapis.com https://col.eum-appdynamics.com https://*.disa.com; style-src https://fonts.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; frame-src 'self' https://disaworks.disa.com https://www.sertifi.com https://cdn.walkme.com https://auth.disa.com https://cdn.appdynamics.com https://www.google.com https://maps.google.com https://internal.disa.com https://cdn.appdynamics.com; frame-ancestors 'self' https://*.disa.com; img-src https://*.google.com https://maps.gstatic.com https://maps.googleapis.com https://www.sertifi.com https://*.cloudfront.net https://online.swagger.io https://validator.swagger.io https://ec.walkme.com 'self' data:; font-src https://fonts.gstatic.com 'self' data:;
x-node-s
2
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 27 Apr 2023 02:10:18 GMT
etag
"1d978ad699221a5"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
permissions-policy
sync-xhr=(self "https://*.disa.com" "https://internal.disa.com" "https://apisandbox.disa.com" "https://www.disa.com" "https://disa.com")
accept-ranges
bytes
disaworks_logo.png
auth.disa.com/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://auth.disa.com/images/disaworks_logo.png
Requested by
Host: auth.disa.com
URL: https://auth.disa.com/account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dux-emberjs%26redirect_uri%3Dhttps%253A%252F%252Fdisaworks.disa.com%252Fcallback.html%26response_type%3Did_token%2520token%26scope%3Dopenid%2520profile%2520ux-api%26state%3Dd8ae6f7520114f28a67265577bcce5a0%26nonce%3Dbe531d4776fe432d8ed079ebf9c41638
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.9.169.17 Houston, United States, ASN3900 (TEXASNET-ASN, US),
Reverse DNS
64-9-169-17.fwd.datafoundry.com
Software
/
Resource Hash
6add0cf16d46b4dac70b6029a797199ecc0a84099d46e73b4cd65cc200c7cb63
Security Headers
Name Value
Content-Security-Policy default-src 'self' ; script-src 'self' https://maps.googleapis.com https://ajax.googleapis.com https://auth.disa.com https://classic.disa.com https://cdn.rawgit.com https://www.sertifi.com https://disaworks.disa.com https://cdn.walkme.com https://cdn.appdynamics.com https://internal.disa.com https://classic.disa.com https://www.google.com https://www.gstatic.com https://playerserver.walkme.com https://cdn.jsdelivr.net 'unsafe-inline' 'unsafe-eval' ; connect-src 'self' https://disaworks.disa.com https://auth.disa.com https://qaauth.disa.com https://qaux.disa.com https://ec.walkme.com https://classic.disa.com https://www.sertifi.com https://internal.disa.com https://cdn.walkme.com https://maps.googleapis.com https://col.eum-appdynamics.com https://*.disa.com; style-src https://fonts.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; frame-src 'self' https://disaworks.disa.com https://www.sertifi.com https://cdn.walkme.com https://auth.disa.com https://cdn.appdynamics.com https://www.google.com https://maps.google.com https://internal.disa.com https://cdn.appdynamics.com; frame-ancestors 'self' https://*.disa.com; img-src https://*.google.com https://maps.gstatic.com https://maps.googleapis.com https://www.sertifi.com https://*.cloudfront.net https://online.swagger.io https://validator.swagger.io https://ec.walkme.com 'self' data:; font-src https://fonts.gstatic.com 'self' data:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://auth.disa.com/account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dux-emberjs%26redirect_uri%3Dhttps%253A%252F%252Fdisaworks.disa.com%252Fcallback.html%26response_type%3Did_token%2520token%26scope%3Dopenid%2520profile%2520ux-api%26state%3Dd8ae6f7520114f28a67265577bcce5a0%26nonce%3Dbe531d4776fe432d8ed079ebf9c41638
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 12:30:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 27 Apr 2023 02:10:18 GMT
x-permitted-cross-domain-policies
none
content-security-policy
default-src 'self' ; script-src 'self' https://maps.googleapis.com https://ajax.googleapis.com https://auth.disa.com https://classic.disa.com https://cdn.rawgit.com https://www.sertifi.com https://disaworks.disa.com https://cdn.walkme.com https://cdn.appdynamics.com https://internal.disa.com https://classic.disa.com https://www.google.com https://www.gstatic.com https://playerserver.walkme.com https://cdn.jsdelivr.net 'unsafe-inline' 'unsafe-eval' ; connect-src 'self' https://disaworks.disa.com https://auth.disa.com https://qaauth.disa.com https://qaux.disa.com https://ec.walkme.com https://classic.disa.com https://www.sertifi.com https://internal.disa.com https://cdn.walkme.com https://maps.googleapis.com https://col.eum-appdynamics.com https://*.disa.com; style-src https://fonts.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; frame-src 'self' https://disaworks.disa.com https://www.sertifi.com https://cdn.walkme.com https://auth.disa.com https://cdn.appdynamics.com https://www.google.com https://maps.google.com https://internal.disa.com https://cdn.appdynamics.com; frame-ancestors 'self' https://*.disa.com; img-src https://*.google.com https://maps.gstatic.com https://maps.googleapis.com https://www.sertifi.com https://*.cloudfront.net https://online.swagger.io https://validator.swagger.io https://ec.walkme.com 'self' data:; font-src https://fonts.gstatic.com 'self' data:;
x-node-s
2
etag
"1d978ad699236ac"
x-frame-options
SAMEORIGIN
content-type
image/png
permissions-policy
sync-xhr=(self "https://*.disa.com" "https://internal.disa.com" "https://apisandbox.disa.com" "https://www.disa.com" "https://disa.com")
accept-ranges
bytes
content-length
6060
x-xss-protection
1; mode=block
Login-box-bg.png
auth.disa.com/images/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://auth.disa.com/images/Login-box-bg.png
Requested by
Host: auth.disa.com
URL: https://auth.disa.com/account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dux-emberjs%26redirect_uri%3Dhttps%253A%252F%252Fdisaworks.disa.com%252Fcallback.html%26response_type%3Did_token%2520token%26scope%3Dopenid%2520profile%2520ux-api%26state%3Dd8ae6f7520114f28a67265577bcce5a0%26nonce%3Dbe531d4776fe432d8ed079ebf9c41638
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.9.169.17 Houston, United States, ASN3900 (TEXASNET-ASN, US),
Reverse DNS
64-9-169-17.fwd.datafoundry.com
Software
/
Resource Hash
670c838ad977845d7a48c7e43af79030bfba4e6e680a0a0b2a1546b96a40b6ff
Security Headers
Name Value
Content-Security-Policy default-src 'self' ; script-src 'self' https://maps.googleapis.com https://ajax.googleapis.com https://auth.disa.com https://classic.disa.com https://cdn.rawgit.com https://www.sertifi.com https://disaworks.disa.com https://cdn.walkme.com https://cdn.appdynamics.com https://internal.disa.com https://classic.disa.com https://www.google.com https://www.gstatic.com https://playerserver.walkme.com https://cdn.jsdelivr.net 'unsafe-inline' 'unsafe-eval' ; connect-src 'self' https://disaworks.disa.com https://auth.disa.com https://qaauth.disa.com https://qaux.disa.com https://ec.walkme.com https://classic.disa.com https://www.sertifi.com https://internal.disa.com https://cdn.walkme.com https://maps.googleapis.com https://col.eum-appdynamics.com https://*.disa.com; style-src https://fonts.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; frame-src 'self' https://disaworks.disa.com https://www.sertifi.com https://cdn.walkme.com https://auth.disa.com https://cdn.appdynamics.com https://www.google.com https://maps.google.com https://internal.disa.com https://cdn.appdynamics.com; frame-ancestors 'self' https://*.disa.com; img-src https://*.google.com https://maps.gstatic.com https://maps.googleapis.com https://www.sertifi.com https://*.cloudfront.net https://online.swagger.io https://validator.swagger.io https://ec.walkme.com 'self' data:; font-src https://fonts.gstatic.com 'self' data:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://auth.disa.com/account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dux-emberjs%26redirect_uri%3Dhttps%253A%252F%252Fdisaworks.disa.com%252Fcallback.html%26response_type%3Did_token%2520token%26scope%3Dopenid%2520profile%2520ux-api%26state%3Dd8ae6f7520114f28a67265577bcce5a0%26nonce%3Dbe531d4776fe432d8ed079ebf9c41638
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 12:30:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 27 Apr 2023 02:10:18 GMT
x-permitted-cross-domain-policies
none
content-security-policy
default-src 'self' ; script-src 'self' https://maps.googleapis.com https://ajax.googleapis.com https://auth.disa.com https://classic.disa.com https://cdn.rawgit.com https://www.sertifi.com https://disaworks.disa.com https://cdn.walkme.com https://cdn.appdynamics.com https://internal.disa.com https://classic.disa.com https://www.google.com https://www.gstatic.com https://playerserver.walkme.com https://cdn.jsdelivr.net 'unsafe-inline' 'unsafe-eval' ; connect-src 'self' https://disaworks.disa.com https://auth.disa.com https://qaauth.disa.com https://qaux.disa.com https://ec.walkme.com https://classic.disa.com https://www.sertifi.com https://internal.disa.com https://cdn.walkme.com https://maps.googleapis.com https://col.eum-appdynamics.com https://*.disa.com; style-src https://fonts.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; frame-src 'self' https://disaworks.disa.com https://www.sertifi.com https://cdn.walkme.com https://auth.disa.com https://cdn.appdynamics.com https://www.google.com https://maps.google.com https://internal.disa.com https://cdn.appdynamics.com; frame-ancestors 'self' https://*.disa.com; img-src https://*.google.com https://maps.gstatic.com https://maps.googleapis.com https://www.sertifi.com https://*.cloudfront.net https://online.swagger.io https://validator.swagger.io https://ec.walkme.com 'self' data:; font-src https://fonts.gstatic.com 'self' data:;
x-node-s
2
etag
"1d978ad6992aab7"
x-frame-options
SAMEORIGIN
content-type
image/png
permissions-policy
sync-xhr=(self "https://*.disa.com" "https://internal.disa.com" "https://apisandbox.disa.com" "https://www.disa.com" "https://disa.com")
accept-ranges
bytes
content-length
35767
x-xss-protection
1; mode=block
Disa-white-logo.png
auth.disa.com/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://auth.disa.com/images/Disa-white-logo.png
Requested by
Host: auth.disa.com
URL: https://auth.disa.com/account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dux-emberjs%26redirect_uri%3Dhttps%253A%252F%252Fdisaworks.disa.com%252Fcallback.html%26response_type%3Did_token%2520token%26scope%3Dopenid%2520profile%2520ux-api%26state%3Dd8ae6f7520114f28a67265577bcce5a0%26nonce%3Dbe531d4776fe432d8ed079ebf9c41638
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.9.169.17 Houston, United States, ASN3900 (TEXASNET-ASN, US),
Reverse DNS
64-9-169-17.fwd.datafoundry.com
Software
/
Resource Hash
14d405478f57092b6f86de7b4b7d76a0e62a88c7d5a6c50a9f363bb3dfa81c1a
Security Headers
Name Value
Content-Security-Policy default-src 'self' ; script-src 'self' https://maps.googleapis.com https://ajax.googleapis.com https://auth.disa.com https://classic.disa.com https://cdn.rawgit.com https://www.sertifi.com https://disaworks.disa.com https://cdn.walkme.com https://cdn.appdynamics.com https://internal.disa.com https://classic.disa.com https://www.google.com https://www.gstatic.com https://playerserver.walkme.com https://cdn.jsdelivr.net 'unsafe-inline' 'unsafe-eval' ; connect-src 'self' https://disaworks.disa.com https://auth.disa.com https://qaauth.disa.com https://qaux.disa.com https://ec.walkme.com https://classic.disa.com https://www.sertifi.com https://internal.disa.com https://cdn.walkme.com https://maps.googleapis.com https://col.eum-appdynamics.com https://*.disa.com; style-src https://fonts.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; frame-src 'self' https://disaworks.disa.com https://www.sertifi.com https://cdn.walkme.com https://auth.disa.com https://cdn.appdynamics.com https://www.google.com https://maps.google.com https://internal.disa.com https://cdn.appdynamics.com; frame-ancestors 'self' https://*.disa.com; img-src https://*.google.com https://maps.gstatic.com https://maps.googleapis.com https://www.sertifi.com https://*.cloudfront.net https://online.swagger.io https://validator.swagger.io https://ec.walkme.com 'self' data:; font-src https://fonts.gstatic.com 'self' data:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://auth.disa.com/account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dux-emberjs%26redirect_uri%3Dhttps%253A%252F%252Fdisaworks.disa.com%252Fcallback.html%26response_type%3Did_token%2520token%26scope%3Dopenid%2520profile%2520ux-api%26state%3Dd8ae6f7520114f28a67265577bcce5a0%26nonce%3Dbe531d4776fe432d8ed079ebf9c41638
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 12:30:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 27 Apr 2023 02:10:18 GMT
x-permitted-cross-domain-policies
none
content-security-policy
default-src 'self' ; script-src 'self' https://maps.googleapis.com https://ajax.googleapis.com https://auth.disa.com https://classic.disa.com https://cdn.rawgit.com https://www.sertifi.com https://disaworks.disa.com https://cdn.walkme.com https://cdn.appdynamics.com https://internal.disa.com https://classic.disa.com https://www.google.com https://www.gstatic.com https://playerserver.walkme.com https://cdn.jsdelivr.net 'unsafe-inline' 'unsafe-eval' ; connect-src 'self' https://disaworks.disa.com https://auth.disa.com https://qaauth.disa.com https://qaux.disa.com https://ec.walkme.com https://classic.disa.com https://www.sertifi.com https://internal.disa.com https://cdn.walkme.com https://maps.googleapis.com https://col.eum-appdynamics.com https://*.disa.com; style-src https://fonts.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; frame-src 'self' https://disaworks.disa.com https://www.sertifi.com https://cdn.walkme.com https://auth.disa.com https://cdn.appdynamics.com https://www.google.com https://maps.google.com https://internal.disa.com https://cdn.appdynamics.com; frame-ancestors 'self' https://*.disa.com; img-src https://*.google.com https://maps.gstatic.com https://maps.googleapis.com https://www.sertifi.com https://*.cloudfront.net https://online.swagger.io https://validator.swagger.io https://ec.walkme.com 'self' data:; font-src https://fonts.gstatic.com 'self' data:;
x-node-s
2
etag
"1d978ad69922e2c"
x-frame-options
SAMEORIGIN
content-type
image/png
permissions-policy
sync-xhr=(self "https://*.disa.com" "https://internal.disa.com" "https://apisandbox.disa.com" "https://www.disa.com" "https://disa.com")
accept-ranges
bytes
content-length
3884
x-xss-protection
1; mode=block
login-bg.jpg
auth.disa.com/images/ 		266 KB
268 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://auth.disa.com/images/login-bg.jpg
Requested by
Host: auth.disa.com
URL: https://auth.disa.com/css/site.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.9.169.17 Houston, United States, ASN3900 (TEXASNET-ASN, US),
Reverse DNS
64-9-169-17.fwd.datafoundry.com
Software
/
Resource Hash
6bc86a3cc7bd7bf9615a36c21bcaea75871d31a11610523e054b153d83a74d78
Security Headers
Name Value
Content-Security-Policy default-src 'self' ; script-src 'self' https://maps.googleapis.com https://ajax.googleapis.com https://auth.disa.com https://classic.disa.com https://cdn.rawgit.com https://www.sertifi.com https://disaworks.disa.com https://cdn.walkme.com https://cdn.appdynamics.com https://internal.disa.com https://classic.disa.com https://www.google.com https://www.gstatic.com https://playerserver.walkme.com https://cdn.jsdelivr.net 'unsafe-inline' 'unsafe-eval' ; connect-src 'self' https://disaworks.disa.com https://auth.disa.com https://qaauth.disa.com https://qaux.disa.com https://ec.walkme.com https://classic.disa.com https://www.sertifi.com https://internal.disa.com https://cdn.walkme.com https://maps.googleapis.com https://col.eum-appdynamics.com https://*.disa.com; style-src https://fonts.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; frame-src 'self' https://disaworks.disa.com https://www.sertifi.com https://cdn.walkme.com https://auth.disa.com https://cdn.appdynamics.com https://www.google.com https://maps.google.com https://internal.disa.com https://cdn.appdynamics.com; frame-ancestors 'self' https://*.disa.com; img-src https://*.google.com https://maps.gstatic.com https://maps.googleapis.com https://www.sertifi.com https://*.cloudfront.net https://online.swagger.io https://validator.swagger.io https://ec.walkme.com 'self' data:; font-src https://fonts.gstatic.com 'self' data:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://auth.disa.com/css/site.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 12:30:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 27 Apr 2023 02:10:18 GMT
x-permitted-cross-domain-policies
none
content-security-policy
default-src 'self' ; script-src 'self' https://maps.googleapis.com https://ajax.googleapis.com https://auth.disa.com https://classic.disa.com https://cdn.rawgit.com https://www.sertifi.com https://disaworks.disa.com https://cdn.walkme.com https://cdn.appdynamics.com https://internal.disa.com https://classic.disa.com https://www.google.com https://www.gstatic.com https://playerserver.walkme.com https://cdn.jsdelivr.net 'unsafe-inline' 'unsafe-eval' ; connect-src 'self' https://disaworks.disa.com https://auth.disa.com https://qaauth.disa.com https://qaux.disa.com https://ec.walkme.com https://classic.disa.com https://www.sertifi.com https://internal.disa.com https://cdn.walkme.com https://maps.googleapis.com https://col.eum-appdynamics.com https://*.disa.com; style-src https://fonts.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; frame-src 'self' https://disaworks.disa.com https://www.sertifi.com https://cdn.walkme.com https://auth.disa.com https://cdn.appdynamics.com https://www.google.com https://maps.google.com https://internal.disa.com https://cdn.appdynamics.com; frame-ancestors 'self' https://*.disa.com; img-src https://*.google.com https://maps.gstatic.com https://maps.googleapis.com https://www.sertifi.com https://*.cloudfront.net https://online.swagger.io https://validator.swagger.io https://ec.walkme.com 'self' data:; font-src https://fonts.gstatic.com 'self' data:;
x-node-s
2
etag
"1d978ad69960667"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
permissions-policy
sync-xhr=(self "https://*.disa.com" "https://internal.disa.com" "https://apisandbox.disa.com" "https://www.disa.com" "https://disa.com")
accept-ranges
bytes
content-length
272231
x-xss-protection
1; mode=block
industry-book.otf
auth.disa.com/fonts/ 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://auth.disa.com/fonts/industry-book.otf
Requested by
Host: auth.disa.com
URL: https://auth.disa.com/css/site.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.9.169.17 Houston, United States, ASN3900 (TEXASNET-ASN, US),
Reverse DNS
64-9-169-17.fwd.datafoundry.com
Software
/
Resource Hash
fe9b5427b4f7eb946d421c9628bbfdc1222b64d92ef5b61f7ced944568b2f8d8
Security Headers
Name Value
Content-Security-Policy default-src 'self' ; script-src 'self' https://maps.googleapis.com https://ajax.googleapis.com https://auth.disa.com https://classic.disa.com https://cdn.rawgit.com https://www.sertifi.com https://disaworks.disa.com https://cdn.walkme.com https://cdn.appdynamics.com https://internal.disa.com https://classic.disa.com https://www.google.com https://www.gstatic.com https://playerserver.walkme.com https://cdn.jsdelivr.net 'unsafe-inline' 'unsafe-eval' ; connect-src 'self' https://disaworks.disa.com https://auth.disa.com https://qaauth.disa.com https://qaux.disa.com https://ec.walkme.com https://classic.disa.com https://www.sertifi.com https://internal.disa.com https://cdn.walkme.com https://maps.googleapis.com https://col.eum-appdynamics.com https://*.disa.com; style-src https://fonts.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; frame-src 'self' https://disaworks.disa.com https://www.sertifi.com https://cdn.walkme.com https://auth.disa.com https://cdn.appdynamics.com https://www.google.com https://maps.google.com https://internal.disa.com https://cdn.appdynamics.com; frame-ancestors 'self' https://*.disa.com; img-src https://*.google.com https://maps.gstatic.com https://maps.googleapis.com https://www.sertifi.com https://*.cloudfront.net https://online.swagger.io https://validator.swagger.io https://ec.walkme.com 'self' data:; font-src https://fonts.gstatic.com 'self' data:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.disa.com/css/site.css
Origin
https://auth.disa.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 12:30:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 27 Apr 2023 02:10:18 GMT
x-permitted-cross-domain-policies
none
content-security-policy
default-src 'self' ; script-src 'self' https://maps.googleapis.com https://ajax.googleapis.com https://auth.disa.com https://classic.disa.com https://cdn.rawgit.com https://www.sertifi.com https://disaworks.disa.com https://cdn.walkme.com https://cdn.appdynamics.com https://internal.disa.com https://classic.disa.com https://www.google.com https://www.gstatic.com https://playerserver.walkme.com https://cdn.jsdelivr.net 'unsafe-inline' 'unsafe-eval' ; connect-src 'self' https://disaworks.disa.com https://auth.disa.com https://qaauth.disa.com https://qaux.disa.com https://ec.walkme.com https://classic.disa.com https://www.sertifi.com https://internal.disa.com https://cdn.walkme.com https://maps.googleapis.com https://col.eum-appdynamics.com https://*.disa.com; style-src https://fonts.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; frame-src 'self' https://disaworks.disa.com https://www.sertifi.com https://cdn.walkme.com https://auth.disa.com https://cdn.appdynamics.com https://www.google.com https://maps.google.com https://internal.disa.com https://cdn.appdynamics.com; frame-ancestors 'self' https://*.disa.com; img-src https://*.google.com https://maps.gstatic.com https://maps.googleapis.com https://www.sertifi.com https://*.cloudfront.net https://online.swagger.io https://validator.swagger.io https://ec.walkme.com 'self' data:; font-src https://fonts.gstatic.com 'self' data:;
x-node-s
2
etag
"1d978ad6992b634"
x-frame-options
SAMEORIGIN
content-type
font/otf
permissions-policy
sync-xhr=(self "https://*.disa.com" "https://internal.disa.com" "https://apisandbox.disa.com" "https://www.disa.com" "https://disa.com")
accept-ranges
bytes
content-length
38708
x-xss-protection
1; mode=block
industry-medium.otf
auth.disa.com/fonts/ 		38 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://auth.disa.com/fonts/industry-medium.otf
Requested by
Host: auth.disa.com
URL: https://auth.disa.com/css/site.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.9.169.17 Houston, United States, ASN3900 (TEXASNET-ASN, US),
Reverse DNS
64-9-169-17.fwd.datafoundry.com
Software
/
Resource Hash
410e7aa13a0abbd8bdffa9e40e9cbd8f51b9de3718e2ac5bda81a941ca3be9e9
Security Headers
Name Value
Content-Security-Policy default-src 'self' ; script-src 'self' https://maps.googleapis.com https://ajax.googleapis.com https://auth.disa.com https://classic.disa.com https://cdn.rawgit.com https://www.sertifi.com https://disaworks.disa.com https://cdn.walkme.com https://cdn.appdynamics.com https://internal.disa.com https://classic.disa.com https://www.google.com https://www.gstatic.com https://playerserver.walkme.com https://cdn.jsdelivr.net 'unsafe-inline' 'unsafe-eval' ; connect-src 'self' https://disaworks.disa.com https://auth.disa.com https://qaauth.disa.com https://qaux.disa.com https://ec.walkme.com https://classic.disa.com https://www.sertifi.com https://internal.disa.com https://cdn.walkme.com https://maps.googleapis.com https://col.eum-appdynamics.com https://*.disa.com; style-src https://fonts.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; frame-src 'self' https://disaworks.disa.com https://www.sertifi.com https://cdn.walkme.com https://auth.disa.com https://cdn.appdynamics.com https://www.google.com https://maps.google.com https://internal.disa.com https://cdn.appdynamics.com; frame-ancestors 'self' https://*.disa.com; img-src https://*.google.com https://maps.gstatic.com https://maps.googleapis.com https://www.sertifi.com https://*.cloudfront.net https://online.swagger.io https://validator.swagger.io https://ec.walkme.com 'self' data:; font-src https://fonts.gstatic.com 'self' data:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.disa.com/css/site.css
Origin
https://auth.disa.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 12:30:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 27 Apr 2023 02:10:18 GMT
x-permitted-cross-domain-policies
none
content-security-policy
default-src 'self' ; script-src 'self' https://maps.googleapis.com https://ajax.googleapis.com https://auth.disa.com https://classic.disa.com https://cdn.rawgit.com https://www.sertifi.com https://disaworks.disa.com https://cdn.walkme.com https://cdn.appdynamics.com https://internal.disa.com https://classic.disa.com https://www.google.com https://www.gstatic.com https://playerserver.walkme.com https://cdn.jsdelivr.net 'unsafe-inline' 'unsafe-eval' ; connect-src 'self' https://disaworks.disa.com https://auth.disa.com https://qaauth.disa.com https://qaux.disa.com https://ec.walkme.com https://classic.disa.com https://www.sertifi.com https://internal.disa.com https://cdn.walkme.com https://maps.googleapis.com https://col.eum-appdynamics.com https://*.disa.com; style-src https://fonts.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; frame-src 'self' https://disaworks.disa.com https://www.sertifi.com https://cdn.walkme.com https://auth.disa.com https://cdn.appdynamics.com https://www.google.com https://maps.google.com https://internal.disa.com https://cdn.appdynamics.com; frame-ancestors 'self' https://*.disa.com; img-src https://*.google.com https://maps.gstatic.com https://maps.googleapis.com https://www.sertifi.com https://*.cloudfront.net https://online.swagger.io https://validator.swagger.io https://ec.walkme.com 'self' data:; font-src https://fonts.gstatic.com 'self' data:;
x-node-s
2
etag
"1d978ad6992b848"
x-frame-options
SAMEORIGIN
content-type
font/otf
permissions-policy
sync-xhr=(self "https://*.disa.com" "https://internal.disa.com" "https://apisandbox.disa.com" "https://www.disa.com" "https://disa.com")
accept-ranges
bytes
content-length
39240
x-xss-protection
1; mode=block
bootstrap.min.js
auth.disa.com/lib/bootstrap/js/ 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.disa.com/lib/bootstrap/js/bootstrap.min.js
Requested by
Host: auth.disa.com
URL: https://auth.disa.com/account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dux-emberjs%26redirect_uri%3Dhttps%253A%252F%252Fdisaworks.disa.com%252Fcallback.html%26response_type%3Did_token%2520token%26scope%3Dopenid%2520profile%2520ux-api%26state%3Dd8ae6f7520114f28a67265577bcce5a0%26nonce%3Dbe531d4776fe432d8ed079ebf9c41638
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.9.169.17 Houston, United States, ASN3900 (TEXASNET-ASN, US),
Reverse DNS
64-9-169-17.fwd.datafoundry.com
Software
/
Resource Hash
52bb7446862e479f013494ba2cefb1105c68e66f5be24fb57173c81bb395f8e1
Security Headers
Name Value
Content-Security-Policy default-src 'self' ; script-src 'self' https://maps.googleapis.com https://ajax.googleapis.com https://auth.disa.com https://classic.disa.com https://cdn.rawgit.com https://www.sertifi.com https://disaworks.disa.com https://cdn.walkme.com https://cdn.appdynamics.com https://internal.disa.com https://classic.disa.com https://www.google.com https://www.gstatic.com https://playerserver.walkme.com https://cdn.jsdelivr.net 'unsafe-inline' 'unsafe-eval' ; connect-src 'self' https://disaworks.disa.com https://auth.disa.com https://qaauth.disa.com https://qaux.disa.com https://ec.walkme.com https://classic.disa.com https://www.sertifi.com https://internal.disa.com https://cdn.walkme.com https://maps.googleapis.com https://col.eum-appdynamics.com https://*.disa.com; style-src https://fonts.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; frame-src 'self' https://disaworks.disa.com https://www.sertifi.com https://cdn.walkme.com https://auth.disa.com https://cdn.appdynamics.com https://www.google.com https://maps.google.com https://internal.disa.com https://cdn.appdynamics.com; frame-ancestors 'self' https://*.disa.com; img-src https://*.google.com https://maps.gstatic.com https://maps.googleapis.com https://www.sertifi.com https://*.cloudfront.net https://online.swagger.io https://validator.swagger.io https://ec.walkme.com 'self' data:; font-src https://fonts.gstatic.com 'self' data:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://auth.disa.com/account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dux-emberjs%26redirect_uri%3Dhttps%253A%252F%252Fdisaworks.disa.com%252Fcallback.html%26response_type%3Did_token%2520token%26scope%3Dopenid%2520profile%2520ux-api%26state%3Dd8ae6f7520114f28a67265577bcce5a0%26nonce%3Dbe531d4776fe432d8ed079ebf9c41638
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 12:30:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies
none
content-security-policy
default-src 'self' ; script-src 'self' https://maps.googleapis.com https://ajax.googleapis.com https://auth.disa.com https://classic.disa.com https://cdn.rawgit.com https://www.sertifi.com https://disaworks.disa.com https://cdn.walkme.com https://cdn.appdynamics.com https://internal.disa.com https://classic.disa.com https://www.google.com https://www.gstatic.com https://playerserver.walkme.com https://cdn.jsdelivr.net 'unsafe-inline' 'unsafe-eval' ; connect-src 'self' https://disaworks.disa.com https://auth.disa.com https://qaauth.disa.com https://qaux.disa.com https://ec.walkme.com https://classic.disa.com https://www.sertifi.com https://internal.disa.com https://cdn.walkme.com https://maps.googleapis.com https://col.eum-appdynamics.com https://*.disa.com; style-src https://fonts.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; frame-src 'self' https://disaworks.disa.com https://www.sertifi.com https://cdn.walkme.com https://auth.disa.com https://cdn.appdynamics.com https://www.google.com https://maps.google.com https://internal.disa.com https://cdn.appdynamics.com; frame-ancestors 'self' https://*.disa.com; img-src https://*.google.com https://maps.gstatic.com https://maps.googleapis.com https://www.sertifi.com https://*.cloudfront.net https://online.swagger.io https://validator.swagger.io https://ec.walkme.com 'self' data:; font-src https://fonts.gstatic.com 'self' data:;
x-node-s
2
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 27 Apr 2023 02:10:19 GMT
etag
"1d978ad6a2a408e"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
permissions-policy
sync-xhr=(self "https://*.disa.com" "https://internal.disa.com" "https://apisandbox.disa.com" "https://www.disa.com" "https://disa.com")
accept-ranges
bytes
underscore.min.js
auth.disa.com/lib/underscore.js/ 		18 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.disa.com/lib/underscore.js/underscore.min.js
Requested by
Host: auth.disa.com
URL: https://auth.disa.com/account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dux-emberjs%26redirect_uri%3Dhttps%253A%252F%252Fdisaworks.disa.com%252Fcallback.html%26response_type%3Did_token%2520token%26scope%3Dopenid%2520profile%2520ux-api%26state%3Dd8ae6f7520114f28a67265577bcce5a0%26nonce%3Dbe531d4776fe432d8ed079ebf9c41638
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.9.169.17 Houston, United States, ASN3900 (TEXASNET-ASN, US),
Reverse DNS
64-9-169-17.fwd.datafoundry.com
Software
/
Resource Hash
b6439b42a8e7a53ce67534e25dc3784568f47cbee8488ea20cd44dde5ffbfff7
Security Headers
Name Value
Content-Security-Policy default-src 'self' ; script-src 'self' https://maps.googleapis.com https://ajax.googleapis.com https://auth.disa.com https://classic.disa.com https://cdn.rawgit.com https://www.sertifi.com https://disaworks.disa.com https://cdn.walkme.com https://cdn.appdynamics.com https://internal.disa.com https://classic.disa.com https://www.google.com https://www.gstatic.com https://playerserver.walkme.com https://cdn.jsdelivr.net 'unsafe-inline' 'unsafe-eval' ; connect-src 'self' https://disaworks.disa.com https://auth.disa.com https://qaauth.disa.com https://qaux.disa.com https://ec.walkme.com https://classic.disa.com https://www.sertifi.com https://internal.disa.com https://cdn.walkme.com https://maps.googleapis.com https://col.eum-appdynamics.com https://*.disa.com; style-src https://fonts.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; frame-src 'self' https://disaworks.disa.com https://www.sertifi.com https://cdn.walkme.com https://auth.disa.com https://cdn.appdynamics.com https://www.google.com https://maps.google.com https://internal.disa.com https://cdn.appdynamics.com; frame-ancestors 'self' https://*.disa.com; img-src https://*.google.com https://maps.gstatic.com https://maps.googleapis.com https://www.sertifi.com https://*.cloudfront.net https://online.swagger.io https://validator.swagger.io https://ec.walkme.com 'self' data:; font-src https://fonts.gstatic.com 'self' data:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://auth.disa.com/account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dux-emberjs%26redirect_uri%3Dhttps%253A%252F%252Fdisaworks.disa.com%252Fcallback.html%26response_type%3Did_token%2520token%26scope%3Dopenid%2520profile%2520ux-api%26state%3Dd8ae6f7520114f28a67265577bcce5a0%26nonce%3Dbe531d4776fe432d8ed079ebf9c41638
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 12:30:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies
none
content-security-policy
default-src 'self' ; script-src 'self' https://maps.googleapis.com https://ajax.googleapis.com https://auth.disa.com https://classic.disa.com https://cdn.rawgit.com https://www.sertifi.com https://disaworks.disa.com https://cdn.walkme.com https://cdn.appdynamics.com https://internal.disa.com https://classic.disa.com https://www.google.com https://www.gstatic.com https://playerserver.walkme.com https://cdn.jsdelivr.net 'unsafe-inline' 'unsafe-eval' ; connect-src 'self' https://disaworks.disa.com https://auth.disa.com https://qaauth.disa.com https://qaux.disa.com https://ec.walkme.com https://classic.disa.com https://www.sertifi.com https://internal.disa.com https://cdn.walkme.com https://maps.googleapis.com https://col.eum-appdynamics.com https://*.disa.com; style-src https://fonts.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; frame-src 'self' https://disaworks.disa.com https://www.sertifi.com https://cdn.walkme.com https://auth.disa.com https://cdn.appdynamics.com https://www.google.com https://maps.google.com https://internal.disa.com https://cdn.appdynamics.com; frame-ancestors 'self' https://*.disa.com; img-src https://*.google.com https://maps.gstatic.com https://maps.googleapis.com https://www.sertifi.com https://*.cloudfront.net https://online.swagger.io https://validator.swagger.io https://ec.walkme.com 'self' data:; font-src https://fonts.gstatic.com 'self' data:;
x-node-s
2
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 27 Apr 2023 02:10:19 GMT
etag
"1d978ad6a2afe3c"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
permissions-policy
sync-xhr=(self "https://*.disa.com" "https://internal.disa.com" "https://apisandbox.disa.com" "https://www.disa.com" "https://disa.com")
accept-ranges
bytes
jquery.validate.min.js
auth.disa.com/lib/jquery-validate/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.disa.com/lib/jquery-validate/jquery.validate.min.js
Requested by
Host: auth.disa.com
URL: https://auth.disa.com/account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dux-emberjs%26redirect_uri%3Dhttps%253A%252F%252Fdisaworks.disa.com%252Fcallback.html%26response_type%3Did_token%2520token%26scope%3Dopenid%2520profile%2520ux-api%26state%3Dd8ae6f7520114f28a67265577bcce5a0%26nonce%3Dbe531d4776fe432d8ed079ebf9c41638
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.9.169.17 Houston, United States, ASN3900 (TEXASNET-ASN, US),
Reverse DNS
64-9-169-17.fwd.datafoundry.com
Software
/
Resource Hash
e9ed0df9626254a05e4e2b4ad46292c0f8b7adb74fa4bb6ea9a8a2b598de0f6c
Security Headers
Name Value
Content-Security-Policy default-src 'self' ; script-src 'self' https://maps.googleapis.com https://ajax.googleapis.com https://auth.disa.com https://classic.disa.com https://cdn.rawgit.com https://www.sertifi.com https://disaworks.disa.com https://cdn.walkme.com https://cdn.appdynamics.com https://internal.disa.com https://classic.disa.com https://www.google.com https://www.gstatic.com https://playerserver.walkme.com https://cdn.jsdelivr.net 'unsafe-inline' 'unsafe-eval' ; connect-src 'self' https://disaworks.disa.com https://auth.disa.com https://qaauth.disa.com https://qaux.disa.com https://ec.walkme.com https://classic.disa.com https://www.sertifi.com https://internal.disa.com https://cdn.walkme.com https://maps.googleapis.com https://col.eum-appdynamics.com https://*.disa.com; style-src https://fonts.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; frame-src 'self' https://disaworks.disa.com https://www.sertifi.com https://cdn.walkme.com https://auth.disa.com https://cdn.appdynamics.com https://www.google.com https://maps.google.com https://internal.disa.com https://cdn.appdynamics.com; frame-ancestors 'self' https://*.disa.com; img-src https://*.google.com https://maps.gstatic.com https://maps.googleapis.com https://www.sertifi.com https://*.cloudfront.net https://online.swagger.io https://validator.swagger.io https://ec.walkme.com 'self' data:; font-src https://fonts.gstatic.com 'self' data:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://auth.disa.com/account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dux-emberjs%26redirect_uri%3Dhttps%253A%252F%252Fdisaworks.disa.com%252Fcallback.html%26response_type%3Did_token%2520token%26scope%3Dopenid%2520profile%2520ux-api%26state%3Dd8ae6f7520114f28a67265577bcce5a0%26nonce%3Dbe531d4776fe432d8ed079ebf9c41638
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 12:30:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies
none
content-security-policy
default-src 'self' ; script-src 'self' https://maps.googleapis.com https://ajax.googleapis.com https://auth.disa.com https://classic.disa.com https://cdn.rawgit.com https://www.sertifi.com https://disaworks.disa.com https://cdn.walkme.com https://cdn.appdynamics.com https://internal.disa.com https://classic.disa.com https://www.google.com https://www.gstatic.com https://playerserver.walkme.com https://cdn.jsdelivr.net 'unsafe-inline' 'unsafe-eval' ; connect-src 'self' https://disaworks.disa.com https://auth.disa.com https://qaauth.disa.com https://qaux.disa.com https://ec.walkme.com https://classic.disa.com https://www.sertifi.com https://internal.disa.com https://cdn.walkme.com https://maps.googleapis.com https://col.eum-appdynamics.com https://*.disa.com; style-src https://fonts.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; frame-src 'self' https://disaworks.disa.com https://www.sertifi.com https://cdn.walkme.com https://auth.disa.com https://cdn.appdynamics.com https://www.google.com https://maps.google.com https://internal.disa.com https://cdn.appdynamics.com; frame-ancestors 'self' https://*.disa.com; img-src https://*.google.com https://maps.gstatic.com https://maps.googleapis.com https://www.sertifi.com https://*.cloudfront.net https://online.swagger.io https://validator.swagger.io https://ec.walkme.com 'self' data:; font-src https://fonts.gstatic.com 'self' data:;
x-node-s
2
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 27 Apr 2023 02:10:19 GMT
etag
"1d978ad6a2ad79c"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
permissions-policy
sync-xhr=(self "https://*.disa.com" "https://internal.disa.com" "https://apisandbox.disa.com" "https://www.disa.com" "https://disa.com")
accept-ranges
bytes
jquery.validate.unobtrusive.min.js
auth.disa.com/lib/jquery-validation-unobtrusive/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.disa.com/lib/jquery-validation-unobtrusive/jquery.validate.unobtrusive.min.js
Requested by
Host: auth.disa.com
URL: https://auth.disa.com/account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dux-emberjs%26redirect_uri%3Dhttps%253A%252F%252Fdisaworks.disa.com%252Fcallback.html%26response_type%3Did_token%2520token%26scope%3Dopenid%2520profile%2520ux-api%26state%3Dd8ae6f7520114f28a67265577bcce5a0%26nonce%3Dbe531d4776fe432d8ed079ebf9c41638
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
64.9.169.17 Houston, United States, ASN3900 (TEXASNET-ASN, US),
Reverse DNS
64-9-169-17.fwd.datafoundry.com
Software
/
Resource Hash
44558558820fb230780ee711e23ab0c535b0d77666b48facead551d8b2666579
Security Headers
Name Value
Content-Security-Policy default-src 'self' ; script-src 'self' https://maps.googleapis.com https://ajax.googleapis.com https://auth.disa.com https://classic.disa.com https://cdn.rawgit.com https://www.sertifi.com https://disaworks.disa.com https://cdn.walkme.com https://cdn.appdynamics.com https://internal.disa.com https://classic.disa.com https://www.google.com https://www.gstatic.com https://playerserver.walkme.com https://cdn.jsdelivr.net 'unsafe-inline' 'unsafe-eval' ; connect-src 'self' https://disaworks.disa.com https://auth.disa.com https://qaauth.disa.com https://qaux.disa.com https://ec.walkme.com https://classic.disa.com https://www.sertifi.com https://internal.disa.com https://cdn.walkme.com https://maps.googleapis.com https://col.eum-appdynamics.com https://*.disa.com; style-src https://fonts.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; frame-src 'self' https://disaworks.disa.com https://www.sertifi.com https://cdn.walkme.com https://auth.disa.com https://cdn.appdynamics.com https://www.google.com https://maps.google.com https://internal.disa.com https://cdn.appdynamics.com; frame-ancestors 'self' https://*.disa.com; img-src https://*.google.com https://maps.gstatic.com https://maps.googleapis.com https://www.sertifi.com https://*.cloudfront.net https://online.swagger.io https://validator.swagger.io https://ec.walkme.com 'self' data:; font-src https://fonts.gstatic.com 'self' data:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://auth.disa.com/account/login?returnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dux-emberjs%26redirect_uri%3Dhttps%253A%252F%252Fdisaworks.disa.com%252Fcallback.html%26response_type%3Did_token%2520token%26scope%3Dopenid%2520profile%2520ux-api%26state%3Dd8ae6f7520114f28a67265577bcce5a0%26nonce%3Dbe531d4776fe432d8ed079ebf9c41638
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 12:30:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies
none
content-security-policy
default-src 'self' ; script-src 'self' https://maps.googleapis.com https://ajax.googleapis.com https://auth.disa.com https://classic.disa.com https://cdn.rawgit.com https://www.sertifi.com https://disaworks.disa.com https://cdn.walkme.com https://cdn.appdynamics.com https://internal.disa.com https://classic.disa.com https://www.google.com https://www.gstatic.com https://playerserver.walkme.com https://cdn.jsdelivr.net 'unsafe-inline' 'unsafe-eval' ; connect-src 'self' https://disaworks.disa.com https://auth.disa.com https://qaauth.disa.com https://qaux.disa.com https://ec.walkme.com https://classic.disa.com https://www.sertifi.com https://internal.disa.com https://cdn.walkme.com https://maps.googleapis.com https://col.eum-appdynamics.com https://*.disa.com; style-src https://fonts.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; frame-src 'self' https://disaworks.disa.com https://www.sertifi.com https://cdn.walkme.com https://auth.disa.com https://cdn.appdynamics.com https://www.google.com https://maps.google.com https://internal.disa.com https://cdn.appdynamics.com; frame-ancestors 'self' https://*.disa.com; img-src https://*.google.com https://maps.gstatic.com https://maps.googleapis.com https://www.sertifi.com https://*.cloudfront.net https://online.swagger.io https://validator.swagger.io https://ec.walkme.com 'self' data:; font-src https://fonts.gstatic.com 'self' data:;
x-node-s
2
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 27 Apr 2023 02:10:19 GMT
etag
"1d978ad6a2aa147"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
permissions-policy
sync-xhr=(self "https://*.disa.com" "https://internal.disa.com" "https://apisandbox.disa.com" "https://www.disa.com" "https://disa.com")
accept-ranges
bytes

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
d2qhvajt3imc89.cloudfront.net
URL
https://d2qhvajt3imc89.cloudfront.net/customers/DISA+Global/disa_logo1.png
Domain
col.eum-appdynamics.com
URL
https://col.eum-appdynamics.com/eumcollector/beacons/browser/v2/AD-AAB-AAC-PTX/adrum
Domain
ec.walkme.com
URL
https://ec.walkme.com/event/postEvent

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| $ function| jQuery object| bootstrap function| _

2 Cookies

Domain/Path Name / Value
.disa.com/ Name: ADRUM
Value: s=1692189006415&r=https%3A%2F%2Fdisaworks.disa.com%2F%3F-1848390019
auth.disa.com/ Name: .AspNetCore.Antiforgery.8dD6ioclbLg
Value: CfDJ8MlphMhbrqREjIqx4qqqie77CVomkevH_q3gkoYohLUeFBhCo14Qz1IzvLQPcqAAF6B1RTqJLCabiTdC6vyYKx3DbvwthosFEYHJIqveHzQD7FgEZvoZb3EPgeS1rvtEalmX-FDhMUNj0_hf4KGxIjU

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' ; script-src 'self' https://maps.googleapis.com https://ajax.googleapis.com https://auth.disa.com https://classic.disa.com https://cdn.rawgit.com https://www.sertifi.com https://disaworks.disa.com https://cdn.walkme.com https://cdn.appdynamics.com https://internal.disa.com https://classic.disa.com https://www.google.com https://www.gstatic.com https://playerserver.walkme.com https://cdn.jsdelivr.net 'unsafe-inline' 'unsafe-eval' ; connect-src 'self' https://disaworks.disa.com https://auth.disa.com https://qaauth.disa.com https://qaux.disa.com https://ec.walkme.com https://classic.disa.com https://www.sertifi.com https://internal.disa.com https://cdn.walkme.com https://maps.googleapis.com https://col.eum-appdynamics.com https://*.disa.com; style-src https://fonts.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; frame-src 'self' https://disaworks.disa.com https://www.sertifi.com https://cdn.walkme.com https://auth.disa.com https://cdn.appdynamics.com https://www.google.com https://maps.google.com https://internal.disa.com https://cdn.appdynamics.com; frame-ancestors 'self' https://*.disa.com; img-src https://*.google.com https://maps.gstatic.com https://maps.googleapis.com https://www.sertifi.com https://*.cloudfront.net https://online.swagger.io https://validator.swagger.io https://ec.walkme.com 'self' data:; font-src https://fonts.gstatic.com 'self' data:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth.disa.com
cdn.appdynamics.com
cdn.walkme.com
col.eum-appdynamics.com
d2qhvajt3imc89.cloudfront.net
disaworks.disa.com
ec.walkme.com
playerserver.walkme.com
col.eum-appdynamics.com
d2qhvajt3imc89.cloudfront.net
ec.walkme.com
104.102.45.207
108.156.2.46
2a02:26f0:480:598::327b
64.9.169.16
64.9.169.17
14d405478f57092b6f86de7b4b7d76a0e62a88c7d5a6c50a9f363bb3dfa81c1a
1a2b6064a0b0565c1e2198151e8635930095d8dc62ab43ae5c7f5840deb1c985
2fc90c1c7adba181b5ac67469cc314d0776f01cee15b1a12b8c8fa96c6dcd1d3
31dc6f8748103e65227d4e0c625e7dfadecfa9f20f42f1ba215cc8db3ef7c700
410e7aa13a0abbd8bdffa9e40e9cbd8f51b9de3718e2ac5bda81a941ca3be9e9
432efb4b31a5c23060c87519f85360864b2a226ad36fe1aa4a4db5e382f588bd
44558558820fb230780ee711e23ab0c535b0d77666b48facead551d8b2666579
4724959402c807b262330e221f897b0a33ddbe4fa01e36152d7c54259f201f7f
50bdd1fc19e8a472e8d105f288dbdbd46badf5b66964dd16b31cb5fb33cfb12d
52bb7446862e479f013494ba2cefb1105c68e66f5be24fb57173c81bb395f8e1
5b2c8956c5cc3222a9430ec1f7480c12ff73392a6db985f71eba60a30658b9f3
64a2619d76618797ffcdff65190df37016551ad81e0e812aa71e93b5b00fc289
670c838ad977845d7a48c7e43af79030bfba4e6e680a0a0b2a1546b96a40b6ff
6814e2514d91a4ede65ff6cca2938967db8524a12f7910f573c7eba1f1938e54
6add0cf16d46b4dac70b6029a797199ecc0a84099d46e73b4cd65cc200c7cb63
6bc86a3cc7bd7bf9615a36c21bcaea75871d31a11610523e054b153d83a74d78
7188f2c011b596dfaf46075a226ca944ff039dbcb056d837b5d3f88f33b79437
8aaeddf26ba3d668121c48266221fe0317c7661cec7ff65b838b240ae4b2835e
b421a7eee79d86655938555fd05607104207655daa5c82caf2117c3a4011e63c
b6439b42a8e7a53ce67534e25dc3784568f47cbee8488ea20cd44dde5ffbfff7
b64b23b4a62a17d314b64f2dc76260b4c5bcd10135c092eb59372d998c2ef7ae
c4ae5268bef77000a0b3d189ab188bcd5a819ed731d3e2577ff75e22a5ab37b7
d4b341e0e1b10b8d9d72b33a552d9a4c5f181644a550e6c5290ffbd0df7ff698
e6f4125fa41fa3f6ad022d3e45b536e26eca6f25d5480f7ae35cd0f89050129a
e9ed0df9626254a05e4e2b4ad46292c0f8b7adb74fa4bb6ea9a8a2b598de0f6c
f3c3fe3d6ac0fbc851017f0a31b1c73f33d273f2dac106c2d414b04c5146271f
fe9b5427b4f7eb946d421c9628bbfdc1222b64d92ef5b61f7ced944568b2f8d8