urlscan.io logo urlscan.io
SecurityTrails logo

fedauth.alaskasworld.com Open in urlscan Pro
159.49.47.144  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://cherwell.alaskaair.com/CherwellPortal/ITSServiceDesk
Effective URL: https://fedauth.alaskasworld.com/as/authorization.oauth2?client_id=yuBv7hh7dpOQ&response_type=code&response_mode=form_post&scope=...
Submission: On July 14 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 3 domains to perform 12 HTTP transactions. The main IP is 159.49.47.144, located in United States and belongs to ALASKA-AIR, US. The main domain is fedauth.alaskasworld.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on February 22nd 2022. Valid for: a year.
This is the only time fedauth.alaskasworld.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 7 2606:4700:7::... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 7 159.49.47.144 10966 (ALASKA-AIR)
2 2 159.49.253.40 29750 (ALASKA-AI...)
12 4
Apex Domain
Subdomains		 Transfer
9 alaskasworld.com
fedauth.alaskasworld.com
ids.alaskasworld.com
32 KB
7 alaskaair.com
cherwell.alaskaair.com
92 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1393
5 KB
12 3
Domain Requested by
7 fedauth.alaskasworld.com 1 redirects fedauth.alaskasworld.com
7 cherwell.alaskaair.com 4 redirects cherwell.alaskaair.com
static.cloudflareinsights.com
2 ids.alaskasworld.com 2 redirects
1 static.cloudflareinsights.com cherwell.alaskaair.com
12 4

This site contains no links.

Subject Issuer Validity Valid
cherwell.alaskaair.com
Cloudflare Inc ECC CA-3		 2021-12-29 -
2022-12-29		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-11 -
2023-05-10		 a year crt.sh
fedauth.alaskasworld.com
Entrust Certification Authority - L1K		 2022-02-22 -
2023-03-03		 a year crt.sh

This page contains 1 frames:

Primary Page: https://fedauth.alaskasworld.com/as/authorization.oauth2?client_id=yuBv7hh7dpOQ&response_type=code&response_mode=form_post&scope=openid%20profile&state=yNLNw8gzIws%3d&acr_values=urn%3aoasis%3anames%3atc%3aSAML%3a2.0%3aac%3aclasses%3aPasswordProtectedTransport&redirect_uri=https:%2F%2Fids.alaskasworld.com%2faccess%2foblix%2fapps%2fwebgate%2fbin%2fwebgate.dll
Frame ID: 7B4FE3D721AA37D5433D1662C577879C
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Alaska Airlines / Horizon Air

Page URL History Show full URLs

  1. https://cherwell.alaskaair.com/CherwellPortal/ITSServiceDesk HTTP 307
    https://cherwell.alaskaair.com/CherwellPortal/ITSServiceDesk?_=425cb61e HTTP 307
    https://cherwell.alaskaair.com/CherwellAPI/auth/authorize?response_type=code&state=WkdJMk1ETTBaV0k0WkdWaE5H... HTTP 302
    http://cherwell.alaskaair.com/CherwellAPI/Account/Login?ReturnUrl=%2FCherwellAPI%2Fauth%2Fauthorize%3Fresp... HTTP 301
    https://cherwell.alaskaair.com/CherwellAPI/Account/Login?ReturnUrl=%2FCherwellAPI%2Fauth%2Fauthorize%3Fresp... Page URL
  2. https://fedauth.alaskasworld.com/idp/SSO.saml2?binding=urn%253aoasis%253anames%253atc%253aSAML%253a2.0%253abi... HTTP 302
    https://ids.alaskasworld.com/ssl/logon/auth/FedSSO/IdpLogin.ashx?resume=%2Fidp%2F7ytus%2FresumeSAML20%2Fi... HTTP 302
    https://ids.alaskasworld.com/ssl/logon/auth/FedSSO/OidcClientLogin.ashx HTTP 302
    https://fedauth.alaskasworld.com/as/authorization.oauth2?client_id=yuBv7hh7dpOQ&response_type=code&response_m... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Page Statistics

12
Requests

83 %
HTTPS

50 %
IPv6

3
Domains

4
Subdomains

4
IPs

1
Countries

125 kB
Transfer

276 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://cherwell.alaskaair.com/CherwellPortal/ITSServiceDesk HTTP 307
    https://cherwell.alaskaair.com/CherwellPortal/ITSServiceDesk?_=425cb61e HTTP 307
    https://cherwell.alaskaair.com/CherwellAPI/auth/authorize?response_type=code&state=WkdJMk1ETTBaV0k0WkdWaE5HVXhNVGszT1dOaU5HWm1OakUzT1RZeE9EST0%3D&client_id=e24b63a5-3454-4bdf-acda-3a7786c001cb&scope=&redirect_uri=https%3A%2F%2Fcherwell.alaskaair.com%2FCherwellPortal%2Fcommand%2FAuthentication.PostRestApiLogin%3FsiteName%3DITSServiceDesk%26_%3D425cb61e&lang=en-US HTTP 302
    http://cherwell.alaskaair.com/CherwellAPI/Account/Login?ReturnUrl=%2FCherwellAPI%2Fauth%2Fauthorize%3Fresponse_type%3Dcode%26state%3DWkdJMk1ETTBaV0k0WkdWaE5HVXhNVGszT1dOaU5HWm1OakUzT1RZeE9EST0%253D%26client_id%3De24b63a5-3454-4bdf-acda-3a7786c001cb%26scope%3D%26redirect_uri%3Dhttps%253A%252F%252Fcherwell.alaskaair.com%252FCherwellPortal%252Fcommand%252FAuthentication.PostRestApiLogin%253FsiteName%253DITSServiceDesk%2526_%253D425cb61e%26lang%3Den-US&lang=en-US HTTP 301
    https://cherwell.alaskaair.com/CherwellAPI/Account/Login?ReturnUrl=%2FCherwellAPI%2Fauth%2Fauthorize%3Fresponse_type%3Dcode%26state%3DWkdJMk1ETTBaV0k0WkdWaE5HVXhNVGszT1dOaU5HWm1OakUzT1RZeE9EST0%253D%26client_id%3De24b63a5-3454-4bdf-acda-3a7786c001cb%26scope%3D%26redirect_uri%3Dhttps%253A%252F%252Fcherwell.alaskaair.com%252FCherwellPortal%252Fcommand%252FAuthentication.PostRestApiLogin%253FsiteName%253DITSServiceDesk%2526_%253D425cb61e%26lang%3Den-US&lang=en-US Page URL
  2. https://fedauth.alaskasworld.com/idp/SSO.saml2?binding=urn%253aoasis%253anames%253atc%253aSAML%253a2.0%253abindings%253aHTTP-POST HTTP 302
    https://ids.alaskasworld.com/ssl/logon/auth/FedSSO/IdpLogin.ashx?resume=%2Fidp%2F7ytus%2FresumeSAML20%2Fidp%2FSSO.ping&spentity=https%3A%2F%2Fcherwell.alaskaair.com&ForceAuthn=true HTTP 302
    https://ids.alaskasworld.com/ssl/logon/auth/FedSSO/OidcClientLogin.ashx HTTP 302
    https://fedauth.alaskasworld.com/as/authorization.oauth2?client_id=yuBv7hh7dpOQ&response_type=code&response_mode=form_post&scope=openid%20profile&state=yNLNw8gzIws%3d&acr_values=urn%3aoasis%3anames%3atc%3aSAML%3a2.0%3aac%3aclasses%3aPasswordProtectedTransport&redirect_uri=https:%2F%2Fids.alaskasworld.com%2faccess%2foblix%2fapps%2fwebgate%2fbin%2fwebgate.dll Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://cherwell.alaskaair.com/CherwellPortal/ITSServiceDesk HTTP 307
  • https://cherwell.alaskaair.com/CherwellPortal/ITSServiceDesk?_=425cb61e HTTP 307
  • https://cherwell.alaskaair.com/CherwellAPI/auth/authorize?response_type=code&state=WkdJMk1ETTBaV0k0WkdWaE5HVXhNVGszT1dOaU5HWm1OakUzT1RZeE9EST0%3D&client_id=e24b63a5-3454-4bdf-acda-3a7786c001cb&scope=&redirect_uri=https%3A%2F%2Fcherwell.alaskaair.com%2FCherwellPortal%2Fcommand%2FAuthentication.PostRestApiLogin%3FsiteName%3DITSServiceDesk%26_%3D425cb61e&lang=en-US HTTP 302
  • http://cherwell.alaskaair.com/CherwellAPI/Account/Login?ReturnUrl=%2FCherwellAPI%2Fauth%2Fauthorize%3Fresponse_type%3Dcode%26state%3DWkdJMk1ETTBaV0k0WkdWaE5HVXhNVGszT1dOaU5HWm1OakUzT1RZeE9EST0%253D%26client_id%3De24b63a5-3454-4bdf-acda-3a7786c001cb%26scope%3D%26redirect_uri%3Dhttps%253A%252F%252Fcherwell.alaskaair.com%252FCherwellPortal%252Fcommand%252FAuthentication.PostRestApiLogin%253FsiteName%253DITSServiceDesk%2526_%253D425cb61e%26lang%3Den-US&lang=en-US HTTP 301
  • https://cherwell.alaskaair.com/CherwellAPI/Account/Login?ReturnUrl=%2FCherwellAPI%2Fauth%2Fauthorize%3Fresponse_type%3Dcode%26state%3DWkdJMk1ETTBaV0k0WkdWaE5HVXhNVGszT1dOaU5HWm1OakUzT1RZeE9EST0%253D%26client_id%3De24b63a5-3454-4bdf-acda-3a7786c001cb%26scope%3D%26redirect_uri%3Dhttps%253A%252F%252Fcherwell.alaskaair.com%252FCherwellPortal%252Fcommand%252FAuthentication.PostRestApiLogin%253FsiteName%253DITSServiceDesk%2526_%253D425cb61e%26lang%3Den-US&lang=en-US

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Login
cherwell.alaskaair.com/CherwellAPI/Account/
Redirect Chain
  • https://cherwell.alaskaair.com/CherwellPortal/ITSServiceDesk
  • https://cherwell.alaskaair.com/CherwellPortal/ITSServiceDesk?_=425cb61e
  • https://cherwell.alaskaair.com/CherwellAPI/auth/authorize?response_type=code&state=WkdJMk1ETTBaV0k0WkdWaE5HVXhNVGszT1dOaU5HWm1OakUzT1RZeE9EST0%3D&client_id=e24b63a5-3454-4bdf-acda-3a7786c001cb&scop...
  • http://cherwell.alaskaair.com/CherwellAPI/Account/Login?ReturnUrl=%2FCherwellAPI%2Fauth%2Fauthorize%3Fresponse_type%3Dcode%26state%3DWkdJMk1ETTBaV0k0WkdWaE5HVXhNVGszT1dOaU5HWm1OakUzT1RZeE9EST0%253D...
  • https://cherwell.alaskaair.com/CherwellAPI/Account/Login?ReturnUrl=%2FCherwellAPI%2Fauth%2Fauthorize%3Fresponse_type%3Dcode%26state%3DWkdJMk1ETTBaV0k0WkdWaE5HVXhNVGszT1dOaU5HWm1OakUzT1RZeE9EST0%253...
7 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cherwell.alaskaair.com/CherwellAPI/Account/Login?ReturnUrl=%2FCherwellAPI%2Fauth%2Fauthorize%3Fresponse_type%3Dcode%26state%3DWkdJMk1ETTBaV0k0WkdWaE5HVXhNVGszT1dOaU5HWm1OakUzT1RZeE9EST0%253D%26client_id%3De24b63a5-3454-4bdf-acda-3a7786c001cb%26scope%3D%26redirect_uri%3Dhttps%253A%252F%252Fcherwell.alaskaair.com%252FCherwellPortal%252Fcommand%252FAuthentication.PostRestApiLogin%253FsiteName%253DITSServiceDesk%2526_%253D425cb61e%26lang%3Den-US&lang=en-US
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:8925 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
9923a99e16913ef8e89d929ce9a7a631d0281688be5bdaf521a5a64bd96b7525
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private
cf-cache-status
DYNAMIC
cf-ray
72abbfc728086967-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 14 Jul 2022 16:49:00 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
server-timing
dtSInfo;desc="0", dtRpid;desc="-987729771"
strict-transport-security
max-age=0; includeSubDomains
vary
Accept-Encoding
x-aspnet-version
4.0.30319
x-aspnetmvc-version
5.2
x-oneagent-js-injection
true
x-powered-by
ASP.NET
x-ruxit-js-agent
true

Redirect headers

CF-RAY
72abbfc6ed7490f2-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Thu, 14 Jul 2022 16:49:00 GMT
Expires
Thu, 14 Jul 2022 17:48:59 GMT
Location
https://cherwell.alaskaair.com/CherwellAPI/Account/Login?ReturnUrl=%2FCherwellAPI%2Fauth%2Fauthorize%3Fresponse_type%3Dcode%26state%3DWkdJMk1ETTBaV0k0WkdWaE5HVXhNVGszT1dOaU5HWm1OakUzT1RZeE9EST0%253D%26client_id%3De24b63a5-3454-4bdf-acda-3a7786c001cb%26scope%3D%26redirect_uri%3Dhttps%253A%252F%252Fcherwell.alaskaair.com%252FCherwellPortal%252Fcommand%252FAuthentication.PostRestApiLogin%253FsiteName%253DITSServiceDesk%2526_%253D425cb61e%26lang%3Den-US&lang=en-US
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ruxitagentjs_ICA2Vfhjqrux_10243220606153550.js
cherwell.alaskaair.com/CherwellAPI/ 		223 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cherwell.alaskaair.com/CherwellAPI/ruxitagentjs_ICA2Vfhjqrux_10243220606153550.js
Requested by
Host: cherwell.alaskaair.com
URL: https://cherwell.alaskaair.com/CherwellAPI/Account/Login?ReturnUrl=%2FCherwellAPI%2Fauth%2Fauthorize%3Fresponse_type%3Dcode%26state%3DWkdJMk1ETTBaV0k0WkdWaE5HVXhNVGszT1dOaU5HWm1OakUzT1RZeE9EST0%253D%26client_id%3De24b63a5-3454-4bdf-acda-3a7786c001cb%26scope%3D%26redirect_uri%3Dhttps%253A%252F%252Fcherwell.alaskaair.com%252FCherwellPortal%252Fcommand%252FAuthentication.PostRestApiLogin%253FsiteName%253DITSServiceDesk%2526_%253D425cb61e%26lang%3Den-US&lang=en-US
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:8925 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
0c2f511d6730d48ac9dfcdb0703e6bccf1bf0dae2a6190c1d40129e1a78c13c8
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cherwell.alaskaair.com/CherwellAPI/Account/Login?ReturnUrl=%2FCherwellAPI%2Fauth%2Fauthorize%3Fresponse_type%3Dcode%26state%3DWkdJMk1ETTBaV0k0WkdWaE5HVXhNVGszT1dOaU5HWm1OakUzT1RZeE9EST0%253D%26client_id%3De24b63a5-3454-4bdf-acda-3a7786c001cb%26scope%3D%26redirect_uri%3Dhttps%253A%252F%252Fcherwell.alaskaair.com%252FCherwellPortal%252Fcommand%252FAuthentication.PostRestApiLogin%253FsiteName%253DITSServiceDesk%2526_%253D425cb61e%26lang%3Den-US&lang=en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 14 Jul 2022 16:49:00 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
86032
last-modified
Wed, 03 Mar 2010 07:01:40 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=31536000, immutable
cf-ray
72abbfc859d36967-FRA
access-control-allow-headers
Content-Type, Accept
expires
Fri, 14 Jul 2023 16:49:00 GMT
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by
Host: cherwell.alaskaair.com
URL: https://cherwell.alaskaair.com/CherwellAPI/Account/Login?ReturnUrl=%2FCherwellAPI%2Fauth%2Fauthorize%3Fresponse_type%3Dcode%26state%3DWkdJMk1ETTBaV0k0WkdWaE5HVXhNVGszT1dOaU5HWm1OakUzT1RZeE9EST0%253D%26client_id%3De24b63a5-3454-4bdf-acda-3a7786c001cb%26scope%3D%26redirect_uri%3Dhttps%253A%252F%252Fcherwell.alaskaair.com%252FCherwellPortal%252Fcommand%252FAuthentication.PostRestApiLogin%253FsiteName%253DITSServiceDesk%2526_%253D425cb61e%26lang%3Den-US&lang=en-US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
https://cherwell.alaskaair.com/
Origin
https://cherwell.alaskaair.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 14 Jul 2022 16:49:00 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
72abbfc8b8465c14-FRA
rb_bf40299okg
cherwell.alaskaair.com/CherwellAPI/ 		144 B
575 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://cherwell.alaskaair.com/CherwellAPI/rb_bf40299okg?type=js3&sn=v_4_srv_5_sn_855A011CE90466C295684167A03392C1_perc_100000_ol_0_mul_1_app-3A5793926e3deeacb9_0_rcs-3Acss_0&svrid=5&flavor=post&vi=WCKICKOLMMMCAMPLDHMIEIAPAIEUCISQ-0&modifiedSince=1657781608201&rf=https%3A%2F%2Fcherwell.alaskaair.com%2FCherwellAPI%2FAccount%2FLogin%3FReturnUrl%3D%252FCherwellAPI%252Fauth%252Fauthorize%253Fresponse_type%253Dcode%2526state%253DWkdJMk1ETTBaV0k0WkdWaE5HVXhNVGszT1dOaU5HWm1OakUzT1RZeE9EST0%25253D%2526client_id%253De24b63a5-3454-4bdf-acda-3a7786c001cb%2526scope%253D%2526redirect_uri%253Dhttps%25253A%25252F%25252Fcherwell.alaskaair.com%25252FCherwellPortal%25252Fcommand%25252FAuthentication.PostRestApiLogin%25253FsiteName%25253DITSServiceDesk%252526_%25253D425cb61e%2526lang%253Den-US%26lang%3Den-US&bp=3&app=5793926e3deeacb9&crc=2574494723&en=mzwv0x6h&end=1
Requested by
Host: cherwell.alaskaair.com
URL: https://cherwell.alaskaair.com/CherwellAPI/ruxitagentjs_ICA2Vfhjqrux_10243220606153550.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:8925 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

Referer
https://cherwell.alaskaair.com/CherwellAPI/Account/Login?ReturnUrl=%2FCherwellAPI%2Fauth%2Fauthorize%3Fresponse_type%3Dcode%26state%3DWkdJMk1ETTBaV0k0WkdWaE5HVXhNVGszT1dOaU5HWm1OakUzT1RZeE9EST0%253D%26client_id%3De24b63a5-3454-4bdf-acda-3a7786c001cb%26scope%3D%26redirect_uri%3Dhttps%253A%252F%252Fcherwell.alaskaair.com%252FCherwellPortal%252Fcommand%252FAuthentication.PostRestApiLogin%253FsiteName%253DITSServiceDesk%2526_%253D425cb61e%26lang%3Den-US&lang=en-US
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 14 Jul 2022 16:49:00 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-headers
Content-Type, Accept
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
text/plain; charset=utf-8
strict-transport-security
max-age=0; includeSubDomains
cf-ray
72abbfca9d3f6967-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
253
Primary Request authorization.oauth2
fedauth.alaskasworld.com/as/
Redirect Chain
  • https://fedauth.alaskasworld.com/idp/SSO.saml2?binding=urn%253aoasis%253anames%253atc%253aSAML%253a2.0%253abindings%253aHTTP-POST
  • https://ids.alaskasworld.com/ssl/logon/auth/FedSSO/IdpLogin.ashx?resume=%2Fidp%2F7ytus%2FresumeSAML20%2Fidp%2FSSO.ping&spentity=https%3A%2F%2Fcherwell.alaskaair.com&ForceAuthn=true
  • https://ids.alaskasworld.com/ssl/logon/auth/FedSSO/OidcClientLogin.ashx
  • https://fedauth.alaskasworld.com/as/authorization.oauth2?client_id=yuBv7hh7dpOQ&response_type=code&response_mode=form_post&scope=openid%20profile&state=yNLNw8gzIws%3d&acr_values=urn%3aoasis%3anames...
8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fedauth.alaskasworld.com/as/authorization.oauth2?client_id=yuBv7hh7dpOQ&response_type=code&response_mode=form_post&scope=openid%20profile&state=yNLNw8gzIws%3d&acr_values=urn%3aoasis%3anames%3atc%3aSAML%3a2.0%3aac%3aclasses%3aPasswordProtectedTransport&redirect_uri=https:%2F%2Fids.alaskasworld.com%2faccess%2foblix%2fapps%2fwebgate%2fbin%2fwebgate.dll
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.49.47.144 , United States, ASN10966 (ALASKA-AIR, US),
Reverse DNS
Software
/
Resource Hash
df673a920b422c4364fd5c093e34780cb62301296a362d1f4fc13dff6952eac4
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://cherwell.alaskaair.com
Referer
https://cherwell.alaskaair.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, no-store
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
3074
Content-Type
text/html;charset=utf-8
Date
Thu, 14 Jul 2022 16:49:02 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Referrer-Policy
origin
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN

Redirect headers

Cache-Control
private
Content-Length
500
Content-Type
text/html; charset=utf-8
Date
Thu, 14 Jul 2022 16:49:02 GMT
Location
https://fedauth.alaskasworld.com/as/authorization.oauth2?client_id=yuBv7hh7dpOQ&response_type=code&response_mode=form_post&scope=openid%20profile&state=yNLNw8gzIws%3d&acr_values=urn%3aoasis%3anames%3atc%3aSAML%3a2.0%3aac%3aclasses%3aPasswordProtectedTransport&redirect_uri=https:%2F%2Fids.alaskasworld.com%2faccess%2foblix%2fapps%2fwebgate%2fbin%2fwebgate.dll
rum
cherwell.alaskaair.com/cdn-cgi/ 		0
0
rum
cherwell.alaskaair.com/cdn-cgi/ 		0
0
AagIdentityServices-2.0.09.css
fedauth.alaskasworld.com/assets/css/ 		4 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fedauth.alaskasworld.com/assets/css/AagIdentityServices-2.0.09.css
Requested by
Host: fedauth.alaskasworld.com
URL: https://fedauth.alaskasworld.com/as/authorization.oauth2?client_id=yuBv7hh7dpOQ&response_type=code&response_mode=form_post&scope=openid%20profile&state=yNLNw8gzIws%3d&acr_values=urn%3aoasis%3anames%3atc%3aSAML%3a2.0%3aac%3aclasses%3aPasswordProtectedTransport&redirect_uri=https:%2F%2Fids.alaskasworld.com%2faccess%2foblix%2fapps%2fwebgate%2fbin%2fwebgate.dll
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.49.47.144 , United States, ASN10966 (ALASKA-AIR, US),
Reverse DNS
Software
/
Resource Hash
63368ffd17665ffd162f6864dd25c413cef2ba9d7775f4a4ebae6d56a1ab6f7d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fedauth.alaskasworld.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Thu, 14 Jul 2022 16:49:03 GMT
Referrer-Policy
origin
Last-Modified
Mon, 16 May 2022 20:08:04 GMT
Age
0
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
max-age=0, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
3861
auto-complete.css
fedauth.alaskasworld.com/assets/css/ 		662 B
996 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fedauth.alaskasworld.com/assets/css/auto-complete.css
Requested by
Host: fedauth.alaskasworld.com
URL: https://fedauth.alaskasworld.com/as/authorization.oauth2?client_id=yuBv7hh7dpOQ&response_type=code&response_mode=form_post&scope=openid%20profile&state=yNLNw8gzIws%3d&acr_values=urn%3aoasis%3anames%3atc%3aSAML%3a2.0%3aac%3aclasses%3aPasswordProtectedTransport&redirect_uri=https:%2F%2Fids.alaskasworld.com%2faccess%2foblix%2fapps%2fwebgate%2fbin%2fwebgate.dll
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.49.47.144 , United States, ASN10966 (ALASKA-AIR, US),
Reverse DNS
Software
/
Resource Hash
16bfc3b9fa9e858153be1e9178ef6574ebccead091c91ce1b49d8cc679052fc0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fedauth.alaskasworld.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Thu, 14 Jul 2022 16:49:03 GMT
Referrer-Policy
origin
Last-Modified
Mon, 16 May 2022 20:08:04 GMT
Age
0
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
max-age=0, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
662
ASQXLogo-1.png
fedauth.alaskasworld.com/assets/images/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fedauth.alaskasworld.com/assets/images/ASQXLogo-1.png
Requested by
Host: fedauth.alaskasworld.com
URL: https://fedauth.alaskasworld.com/as/authorization.oauth2?client_id=yuBv7hh7dpOQ&response_type=code&response_mode=form_post&scope=openid%20profile&state=yNLNw8gzIws%3d&acr_values=urn%3aoasis%3anames%3atc%3aSAML%3a2.0%3aac%3aclasses%3aPasswordProtectedTransport&redirect_uri=https:%2F%2Fids.alaskasworld.com%2faccess%2foblix%2fapps%2fwebgate%2fbin%2fwebgate.dll
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.49.47.144 , United States, ASN10966 (ALASKA-AIR, US),
Reverse DNS
Software
/
Resource Hash
6bf97da46749a9c7acf65bdf64e09e8b629079b4c72d5cc9f2753d5472179cf8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fedauth.alaskasworld.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Thu, 14 Jul 2022 16:49:03 GMT
Referrer-Policy
origin
Last-Modified
Mon, 16 May 2022 20:08:04 GMT
Age
0
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
max-age=0, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
13634
auto-complete.min.js
fedauth.alaskasworld.com/assets/scripts/ 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fedauth.alaskasworld.com/assets/scripts/auto-complete.min.js
Requested by
Host: fedauth.alaskasworld.com
URL: https://fedauth.alaskasworld.com/as/authorization.oauth2?client_id=yuBv7hh7dpOQ&response_type=code&response_mode=form_post&scope=openid%20profile&state=yNLNw8gzIws%3d&acr_values=urn%3aoasis%3anames%3atc%3aSAML%3a2.0%3aac%3aclasses%3aPasswordProtectedTransport&redirect_uri=https:%2F%2Fids.alaskasworld.com%2faccess%2foblix%2fapps%2fwebgate%2fbin%2fwebgate.dll
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.49.47.144 , United States, ASN10966 (ALASKA-AIR, US),
Reverse DNS
Software
/
Resource Hash
4c593e4a2c46cd03b5565fc4811678afe0c606383c430b1244d746b4ac20104b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fedauth.alaskasworld.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Thu, 14 Jul 2022 16:49:03 GMT
Referrer-Policy
origin
Last-Modified
Mon, 16 May 2022 20:08:04 GMT
Age
0
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
5329
aag.autocomplete.js
fedauth.alaskasworld.com/assets/scripts/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fedauth.alaskasworld.com/assets/scripts/aag.autocomplete.js
Requested by
Host: fedauth.alaskasworld.com
URL: https://fedauth.alaskasworld.com/as/authorization.oauth2?client_id=yuBv7hh7dpOQ&response_type=code&response_mode=form_post&scope=openid%20profile&state=yNLNw8gzIws%3d&acr_values=urn%3aoasis%3anames%3atc%3aSAML%3a2.0%3aac%3aclasses%3aPasswordProtectedTransport&redirect_uri=https:%2F%2Fids.alaskasworld.com%2faccess%2foblix%2fapps%2fwebgate%2fbin%2fwebgate.dll
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.49.47.144 , United States, ASN10966 (ALASKA-AIR, US),
Reverse DNS
Software
/
Resource Hash
848f2935b243a93ca847c2a18fd483d171b941de1cbf47d06b31925bb8657016
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fedauth.alaskasworld.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Thu, 14 Jul 2022 16:49:03 GMT
Referrer-Policy
origin
Last-Modified
Mon, 16 May 2022 20:08:04 GMT
Age
0
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
1568

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cherwell.alaskaair.com
URL
https://cherwell.alaskaair.com/cdn-cgi/rum?
Domain
cherwell.alaskaair.com
URL
https://cherwell.alaskaair.com/cdn-cgi/rum?

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| autoComplete boolean| haveSubmitted function| onFormSubmit function| postOk function| postCancel function| postOnReturn function| setFocus function| setMobile function| getScreenWidth object| bodyTag number| width boolean| remember object| checkbox function| emptyField function| validateUserIdInput function| formatUrl function| doLinkWithBackUrl function| doLinkWithUserId object| AagAutocomplete

15 Cookies

Domain/Path Name / Value
ids.alaskasworld.com/access/oblix/apps/webgate/bin/webgate.dll Name: ObFormLoginCookie
Value: wh%3Dids.alaskasworld.com%20wu%3D%2Fssl%2Flogon%2Fauth%2FFedSSO%2FIdpLogin.ashx%3Fresume%3D%252Fidp%252F7ytus%252FresumeSAML20%252Fidp%252FSSO.ping%26spentity%3Dhttps%253A%252F%252Fcherwell.alaskaair.com%26ForceAuthn%3Dtrue%20wo%3D1%20rh%3Dhttps%3A%2F%2Fids.alaskasworld.com%20ru%3D%252Fssl%252Flogon%252Fauth%252FFedSSO%252FIdpLogin.ashx%20rq%3Dresume%253D%25252Fidp%25252F7ytus%25252FresumeSAML20%25252Fidp%25252FSSO.ping%2526spentity%253Dhttps%25253A%25252F%25252Fcherwell.alaskaair.com%2526ForceAuthn%253Dtrue
ids.alaskasworld.com/access/oblix/apps/webgate/bin/webgate.dll Name: TS01e0a92e
Value: 018b1f8e24ccc4746e13fa33d13c5582208078a6eeaad0e860b25c3b4aa10dc773929adcce9b612e265c6c5af7c6feae6af47330da7641ba489b29574ed3cbb34c99956e77
cherwell.alaskaair.com/CherwellPortal Name: ASP.NET_SessionId
Value: z3vlf0xxi41cwaenn14yah30
.alaskaair.com/ Name: dtCookie
Value: v_4_srv_5_sn_855A011CE90466C295684167A03392C1_perc_100000_ol_0_mul_1_app-3A5793926e3deeacb9_0_rcs-3Acss_0
cherwell.alaskaair.com/ Name: ASP.NET_SessionId
Value: m4j545swlpjguxl5ogsrrxia
.alaskaair.com/ Name: rxVisitor
Value: 1657817340473FU70N0PCL5JA67QVEKM4ON73IRKDK627
.alaskaair.com/ Name: dtLatC
Value: 488
.alaskaair.com/ Name: rxvt
Value: 1657819140534|1657817340477
.alaskaair.com/ Name: dtSa
Value: false%7C_load_%7C2%7C_onload_%7C-%7C1657817340533%7C17340469_525%7Chttps%3A%2F%2Fcherwell.alaskaair.com%2FCherwellAPI%2FAccount%2FLogin%3FReturnUrl%3D_252FCherwellAPI_252Fauth_252Fauthorize_253Fresponse_5Ftype_253Dcode_2526state_253DWkdJMk1ETTBaV0k0WkdWaE5HVXhNVGszT1dOaU5HWm1OakUzT1RZeE9EST0_25253D_2526client_5Fid_253De24b63a5-3454-4bdf-acda-3a7786c001cb_2526scope_253D_2526redirect_5Furi_253Dhttps_25253A_25252F_25252Fcherwell.alaskaair.com_25252FCherwellPortal_25252Fcommand_25252FAuthentication.PostRestApiLogin_25253FsiteName_25253DITSServiceDesk_252526_5F_25253D425cb61e_2526lang_253Den-US%26lang%3Den-US%7C%7C%7C%7C
fedauth.alaskasworld.com/ Name: PF
Value: J4FNDFZgBhAn7GE3una6bqecymrwY8bayUsoi2xlfRJI
.fedauth.alaskasworld.com/ Name: TS01513baa
Value: 01a3df51d7fe6d29418c731ff062d00538d06e34c2151be46840dc9a0ca7a1dd452ce9ec7d0a1f9252607e7b804556c45a08c70ef0a9ad867ef19bcbac6bf5f94608637372
.alaskasworld.com/ Name: ObSSOCookie
Value: loggedoutcontinue
ids.alaskasworld.com/ Name: aagOidcNonce
Value: yNLNw8gzIws=
.ids.alaskasworld.com/ Name: TS01bd2c2a
Value: 018b1f8e245d15796f113fc869bedf6df66a160239aad0e860b25c3b4aa10dc773929adcce0e789015cfdfb8ff85ab994685f5bca4e9693cfe733c53924b3bc2f79096d2d5ed903c51226391f6763ed15f5403b19a
.alaskaair.com/ Name: dtPC
Value: 5$17340469_525h-vWCKICKOLMMMCAMPLDHMIEIAPAIEUCISQ-0e0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0; includeSubDomains