urlscan.io logo urlscan.io
SecurityTrails logo

gsaxcess.gov Open in urlscan Pro
2620:0:150:6000::4:86  Public Scan

Go To Rescan Add Verdict Report
URL: https://gsaxcess.gov/fedsweb/fedsweb?g=sru&id=N85939578811
Submission: On October 16 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 18 HTTP transactions. The main IP is 2620:0:150:6000::4:86, located in United States and belongs to GSA-GOV - General Services Administration, US. The main domain is gsaxcess.gov.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on July 10th 2019. Valid for: a year.
This is the only time gsaxcess.gov was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
14 2620:0:150:60... 2714 (GSA-GOV)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
18 4
Domain Requested by
14 gsaxcess.gov gsaxcess.gov
2 www.google-analytics.com gsaxcess.gov
1 s.ytimg.com www.youtube.com
1 www.youtube.com gsaxcess.gov
18 4

This site contains links to these domains. Also see Links.

Domain
www.gsa.gov
www.usa.gov
Subject Issuer Validity Valid
gsaxcess.gov
DigiCert SHA2 Secure Server CA		 2019-07-10 -
2020-09-24		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-09-17 -
2019-12-10		 3 months crt.sh
*.google.com
GTS CA 1O1		 2019-09-17 -
2019-12-10		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://gsaxcess.gov/fedsweb/fedsweb?g=sru&id=N85939578811
Frame ID: A2BDB742320BF948D29427F21FD30B35
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

18
Requests

100 %
HTTPS

100 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

199 kB
Transfer

255 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request fedsweb
gsaxcess.gov/fedsweb/ 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gsaxcess.gov/fedsweb/fedsweb?g=sru&id=N85939578811
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:0:150:6000::4:86 , United States, ASN2714 (GSA-GOV - General Services Administration, US),
Reverse DNS
Software
Web Server /
Resource Hash
2426c1e9723c49cd1ecae5b154d193e981bcd8a844089578a743f5c16a9b9824
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Host
gsaxcess.gov
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
none
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1

Response headers

Mime-Version
1.0
Date
Wed, 16 Oct 2019 14:42:25 GMT
Content-Length
3202
Content-Type
text/html
Connection
Keep-Alive
Keep-Alive
timeout=90
Server
Web Server
Strict-Transport-Security
max-age=31536000
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Encoding
gzip
feds.css
gsaxcess.gov/js/ 		7 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gsaxcess.gov/js/feds.css
Requested by
Host: gsaxcess.gov
URL: https://gsaxcess.gov/fedsweb/fedsweb?g=sru&id=N85939578811
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:0:150:6000::4:86 , United States, ASN2714 (GSA-GOV - General Services Administration, US),
Reverse DNS
Software
Web Server /
Resource Hash
a552227bfd2101e9e44d8fe7c7e687f30d01cc9dfe19176b0a326456d366ca7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://gsaxcess.gov/fedsweb/fedsweb?g=sru&id=N85939578811
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Wed, 11 Apr 2018 21:05:23 GMT
Server
Web Server
Age
800
Date
Wed, 16 Oct 2019 14:42:25 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Mime-Version
1.0
Keep-Alive
timeout=90
Content-Length
2209
xcess_home.css
gsaxcess.gov/css/ 		19 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gsaxcess.gov/css/xcess_home.css
Requested by
Host: gsaxcess.gov
URL: https://gsaxcess.gov/fedsweb/fedsweb?g=sru&id=N85939578811
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:0:150:6000::4:86 , United States, ASN2714 (GSA-GOV - General Services Administration, US),
Reverse DNS
Software
Web Server /
Resource Hash
4bf783dd5d885269de0f404e0736b6947417df7965c5059a839f2a4650404d48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://gsaxcess.gov/fedsweb/fedsweb?g=sru&id=N85939578811
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Tue, 11 Sep 2018 18:00:44 GMT
Server
Web Server
Age
721
Date
Wed, 16 Oct 2019 14:42:25 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Mime-Version
1.0
Keep-Alive
timeout=90
Content-Length
6433
feds.js
gsaxcess.gov/js/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gsaxcess.gov/js/feds.js
Requested by
Host: gsaxcess.gov
URL: https://gsaxcess.gov/fedsweb/fedsweb?g=sru&id=N85939578811
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:0:150:6000::4:86 , United States, ASN2714 (GSA-GOV - General Services Administration, US),
Reverse DNS
Software
Web Server /
Resource Hash
76f14d888fa21eb0ee5af570f1b63eb25385a3001814861946613a130fcbd650
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://gsaxcess.gov/fedsweb/fedsweb?g=sru&id=N85939578811
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Last-Modified
Thu, 19 Jul 2018 18:54:52 GMT
Server
Web Server
Age
2052
Date
Wed, 16 Oct 2019 14:42:25 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Mime-Version
1.0
Keep-Alive
timeout=90
Content-Length
7883
xcessPages.js
gsaxcess.gov/js/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gsaxcess.gov/js/xcessPages.js
Requested by
Host: gsaxcess.gov
URL: https://gsaxcess.gov/fedsweb/fedsweb?g=sru&id=N85939578811
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:0:150:6000::4:86 , United States, ASN2714 (GSA-GOV - General Services Administration, US),
Reverse DNS
Software
Web Server /
Resource Hash
98f26731f1ddf2962d49495f2d501498a0e3cc29069afa9d53d8c7c04cdf0b3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://gsaxcess.gov/fedsweb/fedsweb?g=sru&id=N85939578811
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Last-Modified
Tue, 22 Nov 2016 22:12:42 GMT
Server
Web Server
Age
721
Date
Wed, 16 Oct 2019 14:42:25 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Mime-Version
1.0
Keep-Alive
timeout=90
Content-Length
1414
pubheader.js
gsaxcess.gov/js/ 		24 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gsaxcess.gov/js/pubheader.js
Requested by
Host: gsaxcess.gov
URL: https://gsaxcess.gov/fedsweb/fedsweb?g=sru&id=N85939578811
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:0:150:6000::4:86 , United States, ASN2714 (GSA-GOV - General Services Administration, US),
Reverse DNS
Software
Web Server /
Resource Hash
ae21dc247e85e7f540f8e70fafb2c858d4944dab313ccd23fa5c825382d94299
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://gsaxcess.gov/fedsweb/fedsweb?g=sru&id=N85939578811
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Last-Modified
Thu, 18 Oct 2018 23:40:13 GMT
Server
Web Server
Age
2982
Date
Wed, 16 Oct 2019 14:42:26 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Mime-Version
1.0
Keep-Alive
timeout=90
Content-Length
24425
foresee-trigger.js
gsaxcess.gov/foresee/ 		22 B
379 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gsaxcess.gov/foresee/foresee-trigger.js
Requested by
Host: gsaxcess.gov
URL: https://gsaxcess.gov/fedsweb/fedsweb?g=sru&id=N85939578811
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:0:150:6000::4:86 , United States, ASN2714 (GSA-GOV - General Services Administration, US),
Reverse DNS
Software
Web Server /
Resource Hash
d7e76dd99a7dc081169fea8f13fe567f3a771bb2f80b09b2b9cd32d5c86f45e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://gsaxcess.gov/fedsweb/fedsweb?g=sru&id=N85939578811
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Last-Modified
Mon, 30 Nov 2015 21:21:58 GMT
Server
Web Server
Age
1701
Date
Wed, 16 Oct 2019 14:42:26 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Mime-Version
1.0
Keep-Alive
timeout=90
Content-Length
22
xcess_home_jquery.js
gsaxcess.gov/js/ 		95 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gsaxcess.gov/js/xcess_home_jquery.js
Requested by
Host: gsaxcess.gov
URL: https://gsaxcess.gov/fedsweb/fedsweb?g=sru&id=N85939578811
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:0:150:6000::4:86 , United States, ASN2714 (GSA-GOV - General Services Administration, US),
Reverse DNS
Software
Web Server /
Resource Hash
e970794390a3d83d6e0b762858cfe38606a1e1612b413130f9538e2fad8f70c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://gsaxcess.gov/fedsweb/fedsweb?g=sru&id=N85939578811
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Last-Modified
Thu, 22 Aug 2019 16:52:36 GMT
Server
Web Server
Age
2982
Date
Wed, 16 Oct 2019 14:42:26 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Mime-Version
1.0
Keep-Alive
timeout=90
Content-Length
97192
Universal-Federated-Analytics-Min.js
gsaxcess.gov/js/ 		19 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gsaxcess.gov/js/Universal-Federated-Analytics-Min.js?agency=GSA
Requested by
Host: gsaxcess.gov
URL: https://gsaxcess.gov/js/pubheader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:0:150:6000::4:86 , United States, ASN2714 (GSA-GOV - General Services Administration, US),
Reverse DNS
Software
Web Server /
Resource Hash
b699fda93603b76db70ebc5cf860993ba4ec9c0c4d0f233c529e6c976522eea6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://gsaxcess.gov/fedsweb/fedsweb?g=sru&id=N85939578811
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 16 Oct 2019 14:42:26 GMT
Last-Modified
Tue, 21 Apr 2015 18:31:02 GMT
Server
Web Server
Mime-Version
1.0
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Connection
Keep-Alive
Strict-Transport-Security
max-age=31536000
Keep-Alive
timeout=90
Content-Length
18962
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: gsaxcess.gov
URL: https://gsaxcess.gov/js/Universal-Federated-Analytics-Min.js?agency=GSA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://gsaxcess.gov/fedsweb/fedsweb?g=sru&id=N85939578811
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
2896
date
Wed, 16 Oct 2019 13:54:10 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Wed, 16 Oct 2019 15:54:10 GMT
player_api
www.youtube.com/ 		859 B
944 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/player_api
Requested by
Host: gsaxcess.gov
URL: https://gsaxcess.gov/js/Universal-Federated-Analytics-Min.js?agency=GSA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
16dd54686a3ed4ca169cba44af157ea072d91930a6b5ad3690b4651820e5e0b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://gsaxcess.gov/fedsweb/fedsweb?g=sru&id=N85939578811
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 14:42:26 GMT
x-content-type-options
nosniff
server
YouTube Frontend Proxy
content-type
application/javascript
status
200
cache-control
no-cache
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
859
x-xss-protection
0
expires
Tue, 27 Apr 1971 19:44:06 EST
collect
www.google-analytics.com/r/ 		35 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j79&aip=1&a=358792540&t=pageview&_s=1&dl=https%3A%2F%2Fgsaxcess.gov%2Ffedsweb%2Ffedsweb%3Fg%3Dsru%26id%3DN85939578811&dp=%2Ffedsweb%2Ffedsweb%3Fg%3Dsru%26id%3DN85939578811&ul=en-us&de=UTF-8&dt=GSAXcess%C2%AE%20-%20GSAXcess%C2%AE%20User%20ID%20Activation%20(XCSACTIVATE)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAQAB~&jid=73690400&gjid=1012766554&cid=674525443.1571236947&tid=UA-33523145-1&_gid=277828496.1571236947&_r=1&cd1=GSA&cd2=GSA%20-%20gsaxcess.gov&cd3=20150416%20v1.04%20-%20Universal%20Analytics&z=1188585389
Requested by
Host: gsaxcess.gov
URL: https://gsaxcess.gov/fedsweb/fedsweb?g=sru&id=N85939578811
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://gsaxcess.gov/fedsweb/fedsweb?g=sru&id=N85939578811
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Oct 2019 14:42:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
www-widgetapi.js
s.ytimg.com/yts/jsbin/www-widgetapi-vfloS5Wsk/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ytimg.com/yts/jsbin/www-widgetapi-vfloS5Wsk/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/player_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b631fccbe48b26dccef2b6eedeed2d6fb9020daf34dbc8010e587e280b6f498e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://gsaxcess.gov/fedsweb/fedsweb?g=sru&id=N85939578811
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 16 Oct 2019 04:08:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38015
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
8680
x-xss-protection
0
last-modified
Tue, 15 Oct 2019 12:11:19 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=691200
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Thu, 24 Oct 2019 04:08:51 GMT
hp_spacer.gif
gsaxcess.gov/pgmimg/ 		67 B
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsaxcess.gov/pgmimg/hp_spacer.gif
Requested by
Host: gsaxcess.gov
URL: https://gsaxcess.gov/fedsweb/fedsweb?g=sru&id=N85939578811
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:0:150:6000::4:86 , United States, ASN2714 (GSA-GOV - General Services Administration, US),
Reverse DNS
Software
Web Server /
Resource Hash
09d46019c7a75b96187202c3c8412182f27c413a9c3661857923dc8e94e91b7b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://gsaxcess.gov/fedsweb/fedsweb?g=sru&id=N85939578811
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Last-Modified
Mon, 06 Jan 2003 20:10:48 GMT
Server
Web Server
Age
768
Date
Wed, 16 Oct 2019 14:42:27 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Mime-Version
1.0
Keep-Alive
timeout=90
Content-Length
67
hp_gsaxcess_logo.gif
gsaxcess.gov/pgmimg/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsaxcess.gov/pgmimg/hp_gsaxcess_logo.gif
Requested by
Host: gsaxcess.gov
URL: https://gsaxcess.gov/fedsweb/fedsweb?g=sru&id=N85939578811
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:0:150:6000::4:86 , United States, ASN2714 (GSA-GOV - General Services Administration, US),
Reverse DNS
Software
Web Server /
Resource Hash
94d0347a7faecfa7e29001d1e68d69d9032e48f98fa23a85a5e63b92275608f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://gsaxcess.gov/fedsweb/fedsweb?g=sru&id=N85939578811
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Last-Modified
Thu, 05 Aug 2004 15:15:20 GMT
Server
Web Server
Age
768
Date
Wed, 16 Oct 2019 14:42:27 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Mime-Version
1.0
Keep-Alive
timeout=90
Content-Length
2703
hp_flag1.jpg
gsaxcess.gov/pgmimg/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsaxcess.gov/pgmimg/hp_flag1.jpg
Requested by
Host: gsaxcess.gov
URL: https://gsaxcess.gov/fedsweb/fedsweb?g=sru&id=N85939578811
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:0:150:6000::4:86 , United States, ASN2714 (GSA-GOV - General Services Administration, US),
Reverse DNS
Software
Web Server /
Resource Hash
18751c9278bc2185c1d22958436b53201de6ed0d94af3aa770b024af36cb461d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://gsaxcess.gov/fedsweb/fedsweb?g=sru&id=N85939578811
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Last-Modified
Tue, 07 Jan 2003 15:18:42 GMT
Server
Web Server
Age
1718
Date
Wed, 16 Oct 2019 14:42:27 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Mime-Version
1.0
Keep-Alive
timeout=90
Content-Length
3343
hp_flag2.jpg
gsaxcess.gov/pgmimg/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsaxcess.gov/pgmimg/hp_flag2.jpg
Requested by
Host: gsaxcess.gov
URL: https://gsaxcess.gov/fedsweb/fedsweb?g=sru&id=N85939578811
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:0:150:6000::4:86 , United States, ASN2714 (GSA-GOV - General Services Administration, US),
Reverse DNS
Software
Web Server /
Resource Hash
9a2206234d86cdd72896bd9a47ab0d7dd904852fbad28852309513c0a13b477d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://gsaxcess.gov/fedsweb/fedsweb?g=sru&id=N85939578811
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Last-Modified
Tue, 07 Jan 2003 15:18:42 GMT
Server
Web Server
Age
2699
Date
Wed, 16 Oct 2019 14:42:27 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Mime-Version
1.0
Keep-Alive
timeout=90
Content-Length
3150
background_page.png
gsaxcess.gov/PGMIMG/HomePage/HP/ 		255 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsaxcess.gov/PGMIMG/HomePage/HP/background_page.png
Requested by
Host: gsaxcess.gov
URL: https://gsaxcess.gov/fedsweb/fedsweb?g=sru&id=N85939578811
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:0:150:6000::4:86 , United States, ASN2714 (GSA-GOV - General Services Administration, US),
Reverse DNS
Software
Web Server /
Resource Hash
d5d3b14a1234fda4f87fc7dd2c073c53fa9100e0cd76fb12c5b88f61daaa5cd1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://gsaxcess.gov/css/xcess_home.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Last-Modified
Mon, 19 Nov 2012 18:13:18 GMT
Server
Web Server
Age
2100
Date
Wed, 16 Oct 2019 14:42:27 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Mime-Version
1.0
Keep-Alive
timeout=90
Content-Length
255

Verdicts & Comments Add Verdict or Comment

161 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate string| scSASPFlag string| imgSpace undefined| winFeatures string| winBrowser boolean| isNN boolean| NSX boolean| IEX number| BV function| hlpOpen function| newsOpen function| uC function| trim function| LTrim function| RTrim number| timer object| timOutWin function| timeOut number| timerRetnHome function| saveData function| bust string| scPermAO string| scPermNASA string| scPermNA string| scPermNF string| scPermM1 string| scPermM2 string| scPermN1 string| scPermN2 string| scPermN3 string| scPermNN string| scPermS2 string| scPermS3 string| scPermU1 string| scPermU2 string| scPermU3 string| scPermNO string| nAgt string| browserName string| fullVersion undefined| nameOffset undefined| verOffset function| getBrowserName string| HMMWVSpecialItemMsg string| HMMWVTireWarnMsg function| HMMWVSITWmsg function| specialItemMsg function| HMMWVTireWarningMsg object| ua_dap_script string| htmln string| htmln10 string| htmln20 undefined| newWindow function| goBack function| selOpt function| selLnk function| nw1 function| nwXcessFAQ function| fasNW function| usaGovNW function| nwGSAAuc function| gsaNW function| supBrNW function| confmHome function| confmLogout string| gSName string| gSOptn string| srchOptnLn function| bldGSOptn string| pubHost function| hdrFlag function| hdrBar1 function| hdrBar1NASA function| hdrBar2 function| hdrBar2NASA string| htmBasic string| htmNASABasic string| htmAAMSStd string| htmNASAStd string| htmBStd string| htmBSASP string| htmDisa string| htmBNASA string| htmBFG string| htmApproveTO function| hdrBar3 function| hdrBar3A function| hdrBar3A1 function| hdrBar3B function| hdrBar3AAMS1 function| hdrBar3AAMS1A function| hdrBar3AAMS2 function| hdrBar3NASA1 function| hdrBar3NASA1A function| hdrBar3NASA2 string| prNASAAll string| prNASAShuttle string| prNASAApollo string| prNASAMercury string| prNASAHubble string| prNASAGemini string| prNASATile string| prNASAOther function| hdrNASATabs function| ftrLn function| footerLine function| foresee object| oCONFIG function| _onEveryPage function| _defineCookieDomain function| _defineAgencyCDsValues function| _cleanBooleanParam function| _isValidUANum function| _cleanDimensionValue function| _updateConfig function| _sendCustomDimensions function| _sendCustomMetrics function| _sendEvent function| _sendPageview function| gas function| _URIHandler string| tObjectCheck function| createTracker function| _initAutoTracker function| _addEventListener object| videoArray_fed object| playerArray_fed boolean| _f33 boolean| _f66 boolean| _f90 object| tag object| firstScriptTag function| youtube_parser_fed function| IsYouTube_fed function| YTUrlHandler_fed function| _initYouTubeTracker function| onYouTubePlayerAPIReady function| onFedPlayerReady function| onFedPlayerStateChange function| _initIdAssigner string| _keyValuePair string| _key string| _value string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter function| $ function| jQuery string| hdrLn string| hdrln

0 Cookies

1 Console Messages

Source Level URL
Text
console-api log URL: https://gsaxcess.gov/js/xcess_home_jquery.js(Line 5)
Message:
JQMIGRATE: Migrate is installed, version 3.1.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

gsaxcess.gov
s.ytimg.com
www.google-analytics.com
www.youtube.com
2620:0:150:6000::4:86
2a00:1450:4001:815::200e
2a00:1450:4001:818::200e
2a00:1450:4001:824::200e
09d46019c7a75b96187202c3c8412182f27c413a9c3661857923dc8e94e91b7b
16dd54686a3ed4ca169cba44af157ea072d91930a6b5ad3690b4651820e5e0b2
18751c9278bc2185c1d22958436b53201de6ed0d94af3aa770b024af36cb461d
2426c1e9723c49cd1ecae5b154d193e981bcd8a844089578a743f5c16a9b9824
4bf783dd5d885269de0f404e0736b6947417df7965c5059a839f2a4650404d48
76f14d888fa21eb0ee5af570f1b63eb25385a3001814861946613a130fcbd650
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
94d0347a7faecfa7e29001d1e68d69d9032e48f98fa23a85a5e63b92275608f6
98f26731f1ddf2962d49495f2d501498a0e3cc29069afa9d53d8c7c04cdf0b3a
9a2206234d86cdd72896bd9a47ab0d7dd904852fbad28852309513c0a13b477d
a552227bfd2101e9e44d8fe7c7e687f30d01cc9dfe19176b0a326456d366ca7c
ae21dc247e85e7f540f8e70fafb2c858d4944dab313ccd23fa5c825382d94299
b631fccbe48b26dccef2b6eedeed2d6fb9020daf34dbc8010e587e280b6f498e
b699fda93603b76db70ebc5cf860993ba4ec9c0c4d0f233c529e6c976522eea6
d5d3b14a1234fda4f87fc7dd2c073c53fa9100e0cd76fb12c5b88f61daaa5cd1
d7e76dd99a7dc081169fea8f13fe567f3a771bb2f80b09b2b9cd32d5c86f45e3
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e970794390a3d83d6e0b762858cfe38606a1e1612b413130f9538e2fad8f70c7