urlscan.io logo urlscan.io
SecurityTrails logo

myaccessxtl.faa.gov Open in urlscan Pro
3.15.167.135  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ksn2.faa.gov/ajg/ajg-r/AJG-R4/AJG-R41
Effective URL: https://myaccessxtl.faa.gov/app/sharepoint_onpremise/sso/wsfed/passive?wa=wsignin1.0&wtrealm=urn%3Aokta%3Asharepoint%3Aexk51...
Submission: On April 23 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 3 domains to perform 17 HTTP transactions. The main IP is 3.15.167.135, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is myaccessxtl.faa.gov. The Cisco Umbrella rank of the primary domain is 794253.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on October 2nd 2023. Valid for: a year.
This is the only time myaccessxtl.faa.gov was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 8 155.178.69.23 4046 (FAA)
3 3.15.167.135 16509 (AMAZON-02)
3 2a02:26f0:350... 20940 (AKAMAI-ASN1)
3 2606:4700:303... 13335 (CLOUDFLAR...)
2 18.173.187.72 16509 (AMAZON-02)
17 6
8    155.178.69.23 (United States)

ASN4046 (FAA, US)
PTR: ksn2.faa.gov
ksn2.faa.gov
3    3.15.167.135 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-15-167-135.us-east-2.compute.amazonaws.com
myaccessxtl.faa.gov
3    2a02:26f0:3500:88b::1256 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.myaccess.faa.gov
3    2606:4700:3036::6815:1b98 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
2    18.173.187.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-187-72.muc50.r.cloudfront.net
ok10static.oktacdn.com
Apex Domain
Subdomains		 Transfer
14 faa.gov
ksn2.faa.gov
myaccessxtl.faa.gov — Cisco Umbrella Rank: 794253
cdn.myaccess.faa.gov — Cisco Umbrella Rank: 944370
59 KB
3 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1230
92 KB
2 oktacdn.com
ok10static.oktacdn.com — Cisco Umbrella Rank: 24933
13 KB
17 3
Domain Requested by
8 ksn2.faa.gov 3 redirects ksn2.faa.gov
3 use.fontawesome.com myaccessxtl.faa.gov
use.fontawesome.com
3 cdn.myaccess.faa.gov myaccessxtl.faa.gov
3 myaccessxtl.faa.gov myaccessxtl.faa.gov
2 ok10static.oktacdn.com myaccessxtl.faa.gov
17 5

This site contains links to these domains. Also see Links.

Domain
www.transportation.gov
myaccessreg.faa.gov
support.okta.com
www.faa.gov
Subject Issuer Validity Valid
KSNSP2019Portal.faa.gov
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-01-18 -
2024-10-12		 9 months crt.sh
myaccessxtl.faa.gov
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-02 -
2024-10-08		 a year crt.sh
www.faa.gov
GeoTrust RSA CA 2018		 2024-04-16 -
2024-09-24		 5 months crt.sh
use.fontawesome.com
Cloudflare Inc ECC CA-3		 2023-10-12 -
2024-10-10		 a year crt.sh
*.oktacdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-15 -
2025-01-02		 a year crt.sh

This page contains 1 frames:

Primary Page: https://myaccessxtl.faa.gov/app/sharepoint_onpremise/sso/wsfed/passive?wa=wsignin1.0&wtrealm=urn%3Aokta%3Asharepoint%3Aexk51b5m11123Ub0Q4h7&wctx=https%3A%2F%2Fksn2.faa.gov%2Fajg%2Fajg-r%2FAJG-R4%2FAJG-R41
Frame ID: D1CD250688C89D42FAE096812018DA46
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

MyAccess CIAM - Zugriff verboten

Page URL History Show full URLs

  1. https://ksn2.faa.gov/ajg/ajg-r/AJG-R4/AJG-R41 HTTP 302
    https://ksn2.faa.gov/tacgw/init.cshtml?cs=0&origUrl=%2fajg%2fajg-r%2fAJG-R4%2fAJG-R41 HTTP 302
    https://ksn2.faa.gov/tacgw/init.cshtml?cs=1&tmpriul=%2fajg%2fajg-r%2fAJG-R4%2fAJG-R41 Page URL
  2. https://ksn2.faa.gov/tacgw/init.cshtml?cs=2&tsop=873560&tmpriul=%2Fajg%2Fajg-r%2FAJG-R4%2FAJG-R41... HTTP 302
    https://ksn2.faa.gov/tacgw/welcome.cshtml Page URL
  3. https://ksn2.faa.gov/tacgw/login.cshtml Page URL
  4. https://myaccessxtl.faa.gov/app/sharepoint_onpremise/sso/wsfed/passive?wa=wsignin1.0&wtrealm=urn%3Aokta%... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

17
Requests

94 %
HTTPS

40 %
IPv6

3
Domains

5
Subdomains

6
IPs

2
Countries

163 kB
Transfer

528 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ksn2.faa.gov/ajg/ajg-r/AJG-R4/AJG-R41 HTTP 302
    https://ksn2.faa.gov/tacgw/init.cshtml?cs=0&origUrl=%2fajg%2fajg-r%2fAJG-R4%2fAJG-R41 HTTP 302
    https://ksn2.faa.gov/tacgw/init.cshtml?cs=1&tmpriul=%2fajg%2fajg-r%2fAJG-R4%2fAJG-R41 Page URL
  2. https://ksn2.faa.gov/tacgw/init.cshtml?cs=2&tsop=873560&tmpriul=%2Fajg%2Fajg-r%2FAJG-R4%2FAJG-R41&tlch= HTTP 302
    https://ksn2.faa.gov/tacgw/welcome.cshtml Page URL
  3. https://ksn2.faa.gov/tacgw/login.cshtml Page URL
  4. https://myaccessxtl.faa.gov/app/sharepoint_onpremise/sso/wsfed/passive?wa=wsignin1.0&wtrealm=urn%3Aokta%3Asharepoint%3Aexk51b5m11123Ub0Q4h7&wctx=https%3A%2F%2Fksn2.faa.gov%2Fajg%2Fajg-r%2FAJG-R4%2FAJG-R41 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://ksn2.faa.gov/ajg/ajg-r/AJG-R4/AJG-R41 HTTP 302
  • https://ksn2.faa.gov/tacgw/init.cshtml?cs=0&origUrl=%2fajg%2fajg-r%2fAJG-R4%2fAJG-R41 HTTP 302
  • https://ksn2.faa.gov/tacgw/init.cshtml?cs=1&tmpriul=%2fajg%2fajg-r%2fAJG-R4%2fAJG-R41
Request Chain 2
  • https://ksn2.faa.gov/tacgw/init.cshtml?cs=2&tsop=873560&tmpriul=%2Fajg%2Fajg-r%2FAJG-R4%2FAJG-R41&tlch= HTTP 302
  • https://ksn2.faa.gov/tacgw/welcome.cshtml

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
init.cshtml
ksn2.faa.gov/tacgw/
Redirect Chain
  • https://ksn2.faa.gov/ajg/ajg-r/AJG-R4/AJG-R41
  • https://ksn2.faa.gov/tacgw/init.cshtml?cs=0&origUrl=%2fajg%2fajg-r%2fAJG-R4%2fAJG-R41
  • https://ksn2.faa.gov/tacgw/init.cshtml?cs=1&tmpriul=%2fajg%2fajg-r%2fAJG-R4%2fAJG-R41
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ksn2.faa.gov/tacgw/init.cshtml?cs=1&tmpriul=%2fajg%2fajg-r%2fAJG-R4%2fAJG-R41
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
155.178.69.23 , United States, ASN4046 (FAA, US),
Reverse DNS
ksn2.faa.gov
Software
/
Resource Hash
7fe20bd15cd71c03f894580bfbb3a27dba35c5b496b83435cce34addae1871c0
Security Headers
Name Value
Content-Security-Policy default-src 'self';form-action 'self';base-uri 'self';font-src 'self';object-src 'none';frame-src 'self' portsystac:; frame-ancestors 'self';script-src 'self' 'nonce-4WxKtHazMCyZN6838AmJIBtqjVngB3ZqJL0yfKsqqjY=';style-src 'self';img-src 'self';connect-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-cache, no-store
Content-Encoding
gzip
Content-Length
1499
Content-Security-Policy
default-src 'self';form-action 'self';base-uri 'self';font-src 'self';object-src 'none';frame-src 'self' portsystac:; frame-ancestors 'self';script-src 'self' 'nonce-4WxKtHazMCyZN6838AmJIBtqjVngB3ZqJL0yfKsqqjY=';style-src 'self';img-src 'self';connect-src 'self';
Content-Type
text/html; charset=utf-8
Date
Tue, 23 Apr 2024 20:18:17 GMT
Expires
-1
Pragma
no-cache
Referrer-Policy
same-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-UA-Compatible
IE=Edge
X-XSS-Protection
1; mode=block

Redirect headers

Content-Length
241
Content-Type
text/html
Date
Tue, 23 Apr 2024 20:18:17 GMT
Location
https://ksn2.faa.gov/tacgw/init.cshtml?cs=1&tmpriul=%2fajg%2fajg-r%2fAJG-R4%2fAJG-R41
Referrer-Policy
origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
favicon.ico
ksn2.faa.gov/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ksn2.faa.gov/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
155.178.69.23 , United States, ASN4046 (FAA, US),
Reverse DNS
ksn2.faa.gov
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none';object-src 'none';frame-ancestors 'self';img-src 'self';script-src 'self';style-src 'self' 'sha256-o6wSC15InKzMdQsAjlOwalELkGSpN0I4/fzIfw2Ckvg=';form-action 'self';frame-src 'self';base-uri 'self';font-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ksn2.faa.gov/tacgw/init.cshtml?cs=1&tmpriul=%2fajg%2fajg-r%2fAJG-R4%2fAJG-R41
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src 'none';object-src 'none';frame-ancestors 'self';img-src 'self';script-src 'self';style-src 'self' 'sha256-o6wSC15InKzMdQsAjlOwalELkGSpN0I4/fzIfw2Ckvg=';form-action 'self';frame-src 'self';base-uri 'self';font-src 'self';
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
same-origin
Date
Tue, 23 Apr 2024 20:18:17 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
text/html
Connection
close
Content-Length
1242
X-XSS-Protection
1; mode=block
welcome.cshtml
ksn2.faa.gov/tacgw/
Redirect Chain
  • https://ksn2.faa.gov/tacgw/init.cshtml?cs=2&tsop=873560&tmpriul=%2Fajg%2Fajg-r%2FAJG-R4%2FAJG-R41&tlch=
  • https://ksn2.faa.gov/tacgw/welcome.cshtml
5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ksn2.faa.gov/tacgw/welcome.cshtml
Requested by
Host: ksn2.faa.gov
URL: https://ksn2.faa.gov/tacgw/init.cshtml?cs=1&tmpriul=%2fajg%2fajg-r%2fAJG-R4%2fAJG-R41
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
155.178.69.23 , United States, ASN4046 (FAA, US),
Reverse DNS
ksn2.faa.gov
Software
/
Resource Hash
438af8012d2ca08b82c957b01f9595a5c21bb67e632f09c3ce7b55156bfd9688
Security Headers
Name Value
Content-Security-Policy default-src 'self';form-action 'self';base-uri 'self';font-src 'self';object-src 'none';frame-src 'self' portsystac:; frame-ancestors 'self';script-src 'self' 'nonce-DR4br9XVpzFUek98d1TdNnOSrbMnjC2-Mx2T3Lp6wNU=';style-src 'self' 'nonce-MBWpOixRU7CAn4ARYQh5lzQnvWekwUUieQGJe5h275E=';img-src 'self';connect-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://ksn2.faa.gov/tacgw/init.cshtml?cs=1&tmpriul=%2fajg%2fajg-r%2fAJG-R4%2fAJG-R41
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-cache, no-store
Content-Encoding
gzip
Content-Length
2097
Content-Security-Policy
default-src 'self';form-action 'self';base-uri 'self';font-src 'self';object-src 'none';frame-src 'self' portsystac:; frame-ancestors 'self';script-src 'self' 'nonce-DR4br9XVpzFUek98d1TdNnOSrbMnjC2-Mx2T3Lp6wNU=';style-src 'self' 'nonce-MBWpOixRU7CAn4ARYQh5lzQnvWekwUUieQGJe5h275E=';img-src 'self';connect-src 'self';
Content-Type
text/html; charset=utf-8
Date
Tue, 23 Apr 2024 20:18:18 GMT
Expires
-1
Pragma
no-cache
Referrer-Policy
same-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-UA-Compatible
IE=Edge
X-XSS-Protection
1; mode=block

Redirect headers

Cache-Control
no-cache, no-store
Content-Length
138
Content-Security-Policy
default-src 'self';form-action 'self';base-uri 'self';font-src 'self';object-src 'none';frame-src 'self' portsystac:; frame-ancestors 'self';script-src 'self';style-src 'self';img-src 'self';connect-src 'self';
Content-Type
text/html; charset=utf-8
Date
Tue, 23 Apr 2024 20:18:17 GMT
Expires
-1
Location
/tacgw/welcome.cshtml
Pragma
no-cache
Referrer-Policy
same-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-UA-Compatible
IE=Edge
X-XSS-Protection
1; mode=block
welcome.cshtml
ksn2.faa.gov/tacgw/ 		0
628 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ksn2.faa.gov/tacgw/welcome.cshtml?jsdd=1&bdid=40bd3521451944dda889b432256649b8&cdm=NmI3MzZlMzIyZTY2NjE2MTJlNjc2Zjc2&lch=
Requested by
Host: ksn2.faa.gov
URL: https://ksn2.faa.gov/tacgw/welcome.cshtml
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
155.178.69.23 , United States, ASN4046 (FAA, US),
Reverse DNS
ksn2.faa.gov
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';form-action 'self';base-uri 'self';font-src 'self';object-src 'none';frame-src 'self' portsystac:; frame-ancestors 'self';script-src 'self';style-src 'self';img-src 'self';connect-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://ksn2.faa.gov/tacgw/welcome.cshtml
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type
application/json

Response headers

Expires
-1
Pragma
no-cache
Content-Security-Policy
default-src 'self';form-action 'self';base-uri 'self';font-src 'self';object-src 'none';frame-src 'self' portsystac:; frame-ancestors 'self';script-src 'self';style-src 'self';img-src 'self';connect-src 'self';
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
same-origin
Date
Tue, 23 Apr 2024 20:18:18 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain
Cache-Control
no-cache, no-store
Content-Length
0
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge
login.cshtml
ksn2.faa.gov/tacgw/ 		719 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ksn2.faa.gov/tacgw/login.cshtml
Requested by
Host: ksn2.faa.gov
URL: https://ksn2.faa.gov/tacgw/welcome.cshtml
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
155.178.69.23 , United States, ASN4046 (FAA, US),
Reverse DNS
ksn2.faa.gov
Software
/
Resource Hash
7f396a1b6bffca19626a175be68f7e2c2fe5e41d7d2a6ee57207f18c50c99f97
Security Headers
Name Value
Content-Security-Policy default-src 'self';form-action 'self' https://myaccessxtl.faa.gov;frame-src 'self';frame-ancestors 'self';base-uri 'self';font-src 'self';object-src 'none';script-src 'self' 'nonce-IHZEsYkS6BKQ9JopFMRsZ3oxZfw8DY9ndQMww_SKGr8=';style-src 'self';img-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://ksn2.faa.gov/tacgw/welcome.cshtml
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-cache, no-store
Content-Encoding
gzip
Content-Length
583
Content-Security-Policy
default-src 'self';form-action 'self' https://myaccessxtl.faa.gov;frame-src 'self';frame-ancestors 'self';base-uri 'self';font-src 'self';object-src 'none';script-src 'self' 'nonce-IHZEsYkS6BKQ9JopFMRsZ3oxZfw8DY9ndQMww_SKGr8=';style-src 'self';img-src 'self';
Content-Type
text/html; charset=utf-8
Date
Tue, 23 Apr 2024 20:18:18 GMT
Expires
-1
Pragma
no-cache
Referrer-Policy
same-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-UA-Compatible
IE=Edge
X-XSS-Protection
1; mode=block
Primary Request passive
myaccessxtl.faa.gov/app/sharepoint_onpremise/sso/wsfed/ 		8 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://myaccessxtl.faa.gov/app/sharepoint_onpremise/sso/wsfed/passive?wa=wsignin1.0&wtrealm=urn%3Aokta%3Asharepoint%3Aexk51b5m11123Ub0Q4h7&wctx=https%3A%2F%2Fksn2.faa.gov%2Fajg%2Fajg-r%2FAJG-R4%2FAJG-R41
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.15.167.135 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-15-167-135.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b0c6b62579043ed1b0dc034b9ba88ed5c9c2e7de2c0847489a373f568ad24966
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Type
text/html;charset=utf-8
Date
Tue, 23 Apr 2024 20:18:36 GMT
Keep-Alive
timeout=5, max=100
Server
nginx
Strict-Transport-Security
max-age=315360000; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
accept-ch
Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store
content-language
de
content-security-policy
frame-ancestors 'self'
content-security-policy-report-only
default-src 'self' faa-ciam2.okta.com myaccessxtl.faa.gov *.oktacdn.com https://cdn.myaccess.faa.gov https://use.fontawesome.com; connect-src 'self' faa-ciam2.okta.com faa-ciam2-admin.okta.com myaccessxtl.faa.gov *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com faa-ciam2.kerberos.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: https://cdn.myaccess.faa.gov https://use.fontawesome.com data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' faa-ciam2.okta.com myaccessxtl.faa.gov *.oktacdn.com https://cdn.myaccess.faa.gov https://use.fontawesome.com; style-src 'unsafe-inline' 'self' faa-ciam2.okta.com myaccessxtl.faa.gov *.oktacdn.com https://cdn.myaccess.faa.gov https://use.fontawesome.com; frame-src 'self' faa-ciam2.okta.com faa-ciam2-admin.okta.com myaccessxtl.faa.gov login.okta.com com-okta-authenticator: https://cdn.myaccess.faa.gov https://use.fontawesome.com; img-src 'self' faa-ciam2.okta.com myaccessxtl.faa.gov *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: https://cdn.myaccess.faa.gov https://use.fontawesome.com data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' faa-ciam2.okta.com myaccessxtl.faa.gov data: *.oktacdn.com fonts.gstatic.com https://cdn.myaccess.faa.gov https://use.fontawesome.com; frame-ancestors 'self'
expires
0
pragma
no-cache
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-okta-request-id
ZigXnNjY7A9PQeziIaqyzwAACSo
x-xss-protection
0
errors-v2.css
myaccessxtl.faa.gov/assets/css/sections/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://myaccessxtl.faa.gov/assets/css/sections/errors-v2.css
Requested by
Host: myaccessxtl.faa.gov
URL: https://myaccessxtl.faa.gov/app/sharepoint_onpremise/sso/wsfed/passive?wa=wsignin1.0&wtrealm=urn%3Aokta%3Asharepoint%3Aexk51b5m11123Ub0Q4h7&wctx=https%3A%2F%2Fksn2.faa.gov%2Fajg%2Fajg-r%2FAJG-R4%2FAJG-R41
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.15.167.135 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-15-167-135.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
07d7429f55979af1968161a3eb812a39c797f9c3e2f0fd88aecbf1ea741349c1
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://myaccessxtl.faa.gov/app/sharepoint_onpremise/sso/wsfed/passive?wa=wsignin1.0&wtrealm=urn%3Aokta%3Asharepoint%3Aexk51b5m11123Ub0Q4h7&wctx=https%3A%2F%2Fksn2.faa.gov%2Fajg%2Fajg-r%2FAJG-R4%2FAJG-R41
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 23 Apr 2024 20:18:36 GMT
x-amz-meta-sha1sum
a0af4ecf251187b0203ff095d16f850cc57a38c1
Content-Encoding
gzip
Strict-Transport-Security
max-age=315360000; includeSubDomains
Last-Modified
Thu, 03 Nov 2022 18:04:24 GMT
Server
nginx
ETag
W/"80127ba5c47706686501006723ba83da"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Expires
Wed, 23 Apr 2025 20:18:36 GMT
style-sheet
myaccessxtl.faa.gov/api/internal/brand/theme/ 		0
0
devkitAll.css
cdn.myaccess.faa.gov/assets/css/ 		221 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.myaccess.faa.gov/assets/css/devkitAll.css
Requested by
Host: myaccessxtl.faa.gov
URL: https://myaccessxtl.faa.gov/app/sharepoint_onpremise/sso/wsfed/passive?wa=wsignin1.0&wtrealm=urn%3Aokta%3Asharepoint%3Aexk51b5m11123Ub0Q4h7&wctx=https%3A%2F%2Fksn2.faa.gov%2Fajg%2Fajg-r%2FAJG-R4%2FAJG-R41
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:88b::1256 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
98b44fdde8df79f3561a710a4b47bdb8d9da7d29047ba2d26cad80c81a4f8e1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://myaccessxtl.faa.gov/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 20:18:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000 ; includeSubDomains
last-modified
Thu, 15 Feb 2024 20:58:30 GMT
etag
"cad132b3e35c5726c21d26fe375322d0:1708030710.577342"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=345906
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1713903516702_388276626_3251127092_69_1725_5_20_255";dur=1
accept-ranges
bytes
content-length
23752
all.css
use.fontawesome.com/releases/v5.3.1/css/ 		48 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.3.1/css/all.css
Requested by
Host: myaccessxtl.faa.gov
URL: https://myaccessxtl.faa.gov/app/sharepoint_onpremise/sso/wsfed/passive?wa=wsignin1.0&wtrealm=urn%3Aokta%3Asharepoint%3Aexk51b5m11123Ub0Q4h7&wctx=https%3A%2F%2Fksn2.faa.gov%2Fajg%2Fajg-r%2FAJG-R4%2FAJG-R41
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
604dcf1f11698655f75046bb92f98aaa9477e1c16b01c5fc415e78794393ffb9

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://myaccessxtl.faa.gov/
Origin
https://myaccessxtl.faa.gov
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 20:18:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Sep 2023 01:45:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
140712
etag
W/"10519cfd3206802f58315b877a9beab5"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9%2FyVx70j46WruZWyHmV7xiz0dv5qpBg%2FEfsszgjGM4zYzJKpJXq1u2QQeHtiunxabkS%2BAsQZBshcGety20i2lq%2Fx4ZGcvZoKIvSOW1JIYU9gOLJ%2BxPcNTG2kzsWIGO6IXtSEwcKNXj%2FsLpYUJOCNY9sE"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
87908b333cf99024-FRA
alt-svc
h3=":443"; ma=86400
DOT-name-logo.svg
cdn.myaccess.faa.gov/assets/images/ 		74 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.myaccess.faa.gov/assets/images/DOT-name-logo.svg
Requested by
Host: myaccessxtl.faa.gov
URL: https://myaccessxtl.faa.gov/app/sharepoint_onpremise/sso/wsfed/passive?wa=wsignin1.0&wtrealm=urn%3Aokta%3Asharepoint%3Aexk51b5m11123Ub0Q4h7&wctx=https%3A%2F%2Fksn2.faa.gov%2Fajg%2Fajg-r%2FAJG-R4%2FAJG-R41
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:88b::1256 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c58ac18798094403b470d8567e00595405d708dac4630d4a3bbb16f1db0b4dee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://myaccessxtl.faa.gov/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 20:18:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000 ; includeSubDomains
last-modified
Thu, 15 Feb 2024 21:07:11 GMT
etag
"61c8a5e0de021cb9e0c2c52bf5375c40:1708031231.223263"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=217423
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1713903516722_388276626_3251127094_121_1800_5_0_182";dur=1
accept-ranges
bytes
content-length
8714
fs04kpeeo1qWlMv2H4h7
ok10static.oktacdn.com/fs/bco/1/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ok10static.oktacdn.com/fs/bco/1/fs04kpeeo1qWlMv2H4h7
Requested by
Host: myaccessxtl.faa.gov
URL: https://myaccessxtl.faa.gov/app/sharepoint_onpremise/sso/wsfed/passive?wa=wsignin1.0&wtrealm=urn%3Aokta%3Asharepoint%3Aexk51b5m11123Ub0Q4h7&wctx=https%3A%2F%2Fksn2.faa.gov%2Fajg%2Fajg-r%2FAJG-R4%2FAJG-R41
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-72.muc50.r.cloudfront.net
Software
nginx /
Resource Hash
4c8ccee2991c172af31af70948a4d1bc36a77fd22a44f8e446482e7bcc739554
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://myaccessxtl.faa.gov/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 05:39:07 GMT
strict-transport-security
max-age=315360000; includeSubDomains
via
1.1 67b46acac5b2604c39c0417497d3d218.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P4
age
225569
x-cache
Hit from cloudfront
content-length
9597
last-modified
Wed, 21 Jun 2023 21:04:59 GMT
server
nginx
etag
"a54b16f4c1d4ffb46180b6997f8cade3"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
WoJIOrvNKTdSxdaeEQlqeQUj96T09L0-7alMxt1yivMKwvBDgR-X9g==
expires
Mon, 21 Apr 2025 05:39:07 GMT
DOT-logo.svg
cdn.myaccess.faa.gov/assets/images/ 		74 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.myaccess.faa.gov/assets/images/DOT-logo.svg
Requested by
Host: myaccessxtl.faa.gov
URL: https://myaccessxtl.faa.gov/app/sharepoint_onpremise/sso/wsfed/passive?wa=wsignin1.0&wtrealm=urn%3Aokta%3Asharepoint%3Aexk51b5m11123Ub0Q4h7&wctx=https%3A%2F%2Fksn2.faa.gov%2Fajg%2Fajg-r%2FAJG-R4%2FAJG-R41
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:88b::1256 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e26e97368caf5f114b5a4b2a9b7589cba725b929bc009a227ba4db53cd14e3ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://myaccessxtl.faa.gov/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 20:18:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000 ; includeSubDomains
last-modified
Thu, 15 Feb 2024 21:08:21 GMT
etag
"544fefb316b3135bab07cf6849d17342:1708031301.34967"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=391158
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1713903516724_388276626_3251127093_304_1290_5_0_182";dur=1
accept-ranges
bytes
content-length
8777
fa-regular-400.woff2
use.fontawesome.com/releases/v5.3.1/webfonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.3.1/webfonts/fa-regular-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.3.1/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48810f2ca5c1a9cb285177a493b18a3ca22c177afeb9b242a592788eafc606f2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://use.fontawesome.com/releases/v5.3.1/css/all.css
Origin
https://myaccessxtl.faa.gov
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 20:18:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
349227
alt-svc
h3=":443"; ma=86400
content-length
14868
last-modified
Fri, 22 Sep 2023 01:45:30 GMT
server
cloudflare
etag
"949a2b066ec37f5a384712fc7beaf2f1"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8D7fAwWcbDqQSpVMpPp93s5l2E4Gg6PYcgJy9TeGuJ6IFUHrfwWmmA5k2ztaMMTSgPVB0hVxwsUn%2BbT8HqzbcYQhOpP0mbh%2Bzr4syYLRUtJ9P5OmY2TRmdGTZjWBrC2Jt6r%2Fa%2FwJBLEEJZiyDzz8zAZy"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
87908b34aef89024-FRA
fa-solid-900.woff2
use.fontawesome.com/releases/v5.3.1/webfonts/ 		66 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.3.1/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.3.1/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca3ea16761b7d443c64cfd99dd1cf8aa84790a25bb4709582935956fe71d014d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://use.fontawesome.com/releases/v5.3.1/css/all.css
Origin
https://myaccessxtl.faa.gov
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 20:18:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
105375
alt-svc
h3=":443"; ma=86400
content-length
67400
last-modified
Fri, 22 Sep 2023 01:45:31 GMT
server
cloudflare
etag
"14a08198ec7d1eb96d515362293fed36"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QcNvBZ78RKYrmxfLSIW29P%2BteBDa6zXcOpUtCXViohY2qrKwg2eZXhCCJ24YnMjXfrnsesnUtXLoBYbht2j0uJiQaNmQoh4BUybTLrKECuibMfxxtIR7v5Uc%2FG7XePEAIYj9tufBhvEgM107QXEnWNpo"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
87908b34aef99024-FRA
me
myaccessxtl.faa.gov/api/v1/sessions/ 		178 B
552 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://myaccessxtl.faa.gov/api/v1/sessions/me
Requested by
Host: myaccessxtl.faa.gov
URL: https://myaccessxtl.faa.gov/app/sharepoint_onpremise/sso/wsfed/passive?wa=wsignin1.0&wtrealm=urn%3Aokta%3Asharepoint%3Aexk51b5m11123Ub0Q4h7&wctx=https%3A%2F%2Fksn2.faa.gov%2Fajg%2Fajg-r%2FAJG-R4%2FAJG-R41
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.15.167.135 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-15-167-135.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
3b1da7cffbddef148e9e36eac9e9432a39f4b7743e2338b0ebb0837de857bd4e
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://myaccessxtl.faa.gov/app/sharepoint_onpremise/sso/wsfed/passive?wa=wsignin1.0&wtrealm=urn%3Aokta%3Asharepoint%3Aexk51b5m11123Ub0Q4h7&wctx=https%3A%2F%2Fksn2.faa.gov%2Fajg%2Fajg-r%2FAJG-R4%2FAJG-R41
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-okta-request-id
ZigXnNjY7A9PQeziIaqy1wAACSo
Date
Tue, 23 Apr 2024 20:18:36 GMT
Strict-Transport-Security
max-age=315360000; includeSubDomains
x-content-type-options
nosniff
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/json
Connection
Keep-Alive
Keep-Alive
timeout=5, max=97
fileStoreRecord
ok10static.oktacdn.com/bc/image/ 		1 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ok10static.oktacdn.com/bc/image/fileStoreRecord?id=fs04kpeeocEn2Vrlj4h7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-72.muc50.r.cloudfront.net
Software
nginx /
Resource Hash
eac483fc8d77f19533bd38c431e21d5de69cc8fec25584169d2b967a723626d7
Security Headers
Name Value
Content-Security-Policy default-src 'self' ok10-okta.okta.com *.oktacdn.com; connect-src 'self' ok10-okta.okta.com ok10-okta-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com ok10-okta.kerberos.okta.com https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' ok10-okta.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' ok10-okta.okta.com *.oktacdn.com; frame-src 'self' ok10-okta.okta.com ok10-okta-admin.okta.com login.okta.com; img-src 'self' ok10-okta.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' ok10-okta.okta.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://myaccessxtl.faa.gov/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-okta-request-id
8d7140ed21b91ae17d7412934e562394
content-security-policy
default-src 'self' ok10-okta.okta.com *.oktacdn.com; connect-src 'self' ok10-okta.okta.com ok10-okta-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com ok10-okta.kerberos.okta.com https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' ok10-okta.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' ok10-okta.okta.com *.oktacdn.com; frame-src 'self' ok10-okta.okta.com ok10-okta-admin.okta.com login.okta.com; img-src 'self' ok10-okta.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' ok10-okta.okta.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
strict-transport-security
max-age=315360000; includeSubDomains
x-rate-limit-limit
600
x-content-type-options
nosniff
via
1.1 67b46acac5b2604c39c0417497d3d218.cloudfront.net (CloudFront)
x-rate-limit-remaining
598
date
Tue, 23 Apr 2024 20:18:36 GMT
x-amz-cf-pop
MUC50-P4
age
225568
content-security-policy-report-only
default-src 'self' ok10-okta.okta.com *.oktacdn.com; connect-src 'self' ok10-okta.okta.com ok10-okta-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com ok10-okta.kerberos.okta.com https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' ok10-okta.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'nonce-__5QA_eP0nim-56oH9G1ZQ' 'self' ok10-okta.okta.com *.oktacdn.com; frame-src 'self' ok10-okta.okta.com ok10-okta-admin.okta.com login.okta.com; img-src 'self' ok10-okta.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' ok10-okta.okta.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'; report-uri https://oktacsp.report-uri.com/r/t/csp/reportOnly; report-to csp
x-cache
Hit from cloudfront
p3p
CP="HONK"
content-length
1064
x-xss-protection
0
last-modified
Wed, 21 Jun 2023 21:04:58 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version
report-to
{"group":"csp","max_age":31536000,"endpoints":[{"url":"https://oktacsp.report-uri.com/a/t/g"}],"include_subdomains":true}
content-type
image/png
access-control-allow-origin
*
x-rate-limit-reset
1711841577
cache-control
public,max-age=31536000,s-maxage=1814400
x-robots-tag
noindex,nofollow
x-amz-cf-id
BHNDCmYC4c2_Q2hgnJnj6wauE9vpEgSgzSohtxDkd0Hmn8BhuPvQZg==
expires
Mon, 21 Apr 2025 05:39:08 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
myaccessxtl.faa.gov
URL
https://myaccessxtl.faa.gov/api/internal/brand/theme/style-sheet?touch-point=ERROR_PAGE&v=d5aac7bb7852281c9e29dab9e51e52a30f48765ff7bf4d1b597f0d989eb6dd3b356c01f8b7e3764044b0ba07e84a47ab

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Domain/Path Name / Value
.faa.gov/ Name: tgdcxn
Value: Om7Hbj9w50Sktc_VfWEMQw
myaccessxtl.faa.gov/ Name: JSESSIONID
Value: CA5B1F4BC84389CE67D4E33CBA35D815
myaccessxtl.faa.gov/ Name: t
Value: default
myaccessxtl.faa.gov/ Name: DT
Value: DI12YSYZ41WQ6utG4uaE0KgEg

4 Console Messages

Source Level URL
Text
network error URL: https://ksn2.faa.gov/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://myaccessxtl.faa.gov/app/sharepoint_onpremise/sso/wsfed/passive?wa=wsignin1.0&wtrealm=urn%3Aokta%3Asharepoint%3Aexk51b5m11123Ub0Q4h7&wctx=https%3A%2F%2Fksn2.faa.gov%2Fajg%2Fajg-r%2FAJG-R4%2FAJG-R41
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
security error URL: https://myaccessxtl.faa.gov/app/sharepoint_onpremise/sso/wsfed/passive?wa=wsignin1.0&wtrealm=urn%3Aokta%3Asharepoint%3Aexk51b5m11123Ub0Q4h7&wctx=https%3A%2F%2Fksn2.faa.gov%2Fajg%2Fajg-r%2FAJG-R4%2FAJG-R41
Message:
Refused to apply style from 'https://myaccessxtl.faa.gov/api/internal/brand/theme/style-sheet?touch-point=ERROR_PAGE&v=d5aac7bb7852281c9e29dab9e51e52a30f48765ff7bf4d1b597f0d989eb6dd3b356c01f8b7e3764044b0ba07e84a47ab' because its MIME type ('application/json') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
network error URL: https://myaccessxtl.faa.gov/api/v1/sessions/me
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self';form-action 'self';base-uri 'self';font-src 'self';object-src 'none';frame-src 'self' portsystac:; frame-ancestors 'self';script-src 'self' 'nonce-4WxKtHazMCyZN6838AmJIBtqjVngB3ZqJL0yfKsqqjY=';style-src 'self';img-src 'self';connect-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block