urlscan.io logo urlscan.io
SecurityTrails logo

ga.exim.gov Open in urlscan Pro
208.68.145.22  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ga3.exim.gov/
Effective URL: https://ga.exim.gov/SAAS/auth/login
Submission: On December 12 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 16 HTTP transactions. The main IP is 208.68.145.22, located in Falls Church, United States and belongs to CENTURYLINK-MTIPS1-STN, US. The main domain is ga.exim.gov.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 3rd 2023. Valid for: a year.
This is the only time ga.exim.gov was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 19 208.68.145.22 6223 (CENTURYLI...)
16 1
Apex Domain
Subdomains		 Transfer
19 exim.gov
ga3.exim.gov
ga.exim.gov
754 KB
16 1
Domain Requested by
18 ga.exim.gov 2 redirects ga.exim.gov
1 ga3.exim.gov 1 redirects
16 2

This site contains no links.

Subject Issuer Validity Valid
ga.exim.gov
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-02		 a year crt.sh

This page contains 1 frames:

Primary Page: https://ga.exim.gov/SAAS/auth/login
Frame ID: E7859A217B6A15C06D122CDF68D6CA66
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Export-Import Bank of the United States Workspace ONE

Page URL History Show full URLs

  1. http://ga3.exim.gov/ HTTP 302
    https://ga.exim.gov/ HTTP 302
    https://ga.exim.gov/SAAS/apps/ HTTP 302
    https://ga.exim.gov/SAAS/auth/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

16
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

1
IPs

1
Countries

752 kB
Transfer

741 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ga3.exim.gov/ HTTP 302
    https://ga.exim.gov/ HTTP 302
    https://ga.exim.gov/SAAS/apps/ HTTP 302
    https://ga.exim.gov/SAAS/auth/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
ga.exim.gov/SAAS/auth/
Redirect Chain
  • http://ga3.exim.gov/
  • https://ga.exim.gov/
  • https://ga.exim.gov/SAAS/apps/
  • https://ga.exim.gov/SAAS/auth/login
13 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ga.exim.gov/SAAS/auth/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.68.145.22 Falls Church, United States, ASN6223 (CENTURYLINK-MTIPS1-STN, US),
Reverse DNS
Software
/
Resource Hash
f850b5931df634c02836be6eb68e4315f4af0bda757398f0b82841b8d8031c67
Security Headers
Name Value
Content-Security-Policy default-src blob: https: 'self' ; script-src 'unsafe-inline' 'unsafe-eval' https: 'self' ; style-src 'unsafe-inline' https: 'self'; img-src https: data: 'self' frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, no-store must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Language
de-DE
Content-Security-Policy
default-src blob: https: 'self' ; script-src 'unsafe-inline' 'unsafe-eval' https: 'self' ; style-src 'unsafe-inline' https: 'self'; img-src https: data: 'self' frame-ancestors 'self'
Content-Type
text/html;charset=utf-8
Date
Tue, 12 Dec 2023 19:20:14 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT 0
Keep-Alive
timeout=20
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Pragma
no-cache public
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block

Redirect headers

Connection
keep-alive
Content-Length
0
Content-Security-Policy
default-src blob: https: 'self' ; script-src 'unsafe-inline' 'unsafe-eval' https: 'self' ; style-src 'unsafe-inline' https: 'self'; img-src https: data: 'self' frame-ancestors 'self'
Date
Tue, 12 Dec 2023 19:20:12 GMT
Keep-Alive
timeout=20
Location
https://ga.exim.gov/SAAS/auth/login
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
bootstrap-login.5896a56f1d301d0ea7cf6ce2058ae8e5.css
ga.exim.gov/SAAS/horizon/css/ 		341 KB
342 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ga.exim.gov/SAAS/horizon/css/bootstrap-login.5896a56f1d301d0ea7cf6ce2058ae8e5.css?v=5896a56f1d301d0ea7cf6ce2058ae8e5
Requested by
Host: ga.exim.gov
URL: https://ga.exim.gov/SAAS/auth/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.68.145.22 Falls Church, United States, ASN6223 (CENTURYLINK-MTIPS1-STN, US),
Reverse DNS
Software
/
Resource Hash
68aaab2e839f88b0eff8faf4a14bda0b2a54ca81d6f9205e4231dd6b0c476fbd
Security Headers
Name Value
Content-Security-Policy default-src blob: https: 'self' ; script-src 'unsafe-inline' 'unsafe-eval' https: 'self' ; style-src 'unsafe-inline' https: 'self'; img-src https: data: 'self', frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ga.exim.gov/SAAS/auth/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Security-Policy
default-src blob: https: 'self' ; script-src 'unsafe-inline' 'unsafe-eval' https: 'self' ; style-src 'unsafe-inline' https: 'self'; img-src https: data: 'self', frame-ancestors 'self'
X-Content-Type-Options
nosniff
Date
Tue, 12 Dec 2023 19:20:14 GMT
Last-Modified
Sat, 10 Dec 2022 19:38:44 GMT
ETag
W/"349017-1670701124000"
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
text/css;charset=UTF-8
Cache-Control
public, max-age=7776000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
349017
X-XSS-Protection
1; mode=block
Expires
Mon, 11 Mar 2024 19:20:14 GMT
message.135d59a969faeed39566809fe3bab413.css
ga.exim.gov/SAAS/horizon/css/ 		1 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ga.exim.gov/SAAS/horizon/css/message.135d59a969faeed39566809fe3bab413.css?v=135d59a969faeed39566809fe3bab413
Requested by
Host: ga.exim.gov
URL: https://ga.exim.gov/SAAS/auth/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.68.145.22 Falls Church, United States, ASN6223 (CENTURYLINK-MTIPS1-STN, US),
Reverse DNS
Software
/
Resource Hash
358ff7b5e8009c21e117b61cbe3555dbb9aae069a5d688ef5d3d830a385d9032
Security Headers
Name Value
Content-Security-Policy default-src blob: https: 'self' ; script-src 'unsafe-inline' 'unsafe-eval' https: 'self' ; style-src 'unsafe-inline' https: 'self'; img-src https: data: 'self', frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ga.exim.gov/SAAS/auth/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Security-Policy
default-src blob: https: 'self' ; script-src 'unsafe-inline' 'unsafe-eval' https: 'self' ; style-src 'unsafe-inline' https: 'self'; img-src https: data: 'self', frame-ancestors 'self'
X-Content-Type-Options
nosniff
Date
Tue, 12 Dec 2023 19:20:14 GMT
Last-Modified
Sat, 10 Dec 2022 19:38:44 GMT
ETag
W/"1163-1670701124000"
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
text/css;charset=UTF-8
Cache-Control
public, max-age=7776000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
1163
X-XSS-Protection
1; mode=block
Expires
Mon, 11 Mar 2024 19:20:14 GMT
jquery.min.8fb8fee4fcc3cc86ff6c724154c49c42.js
ga.exim.gov/SAAS/horizon/js-lib/ 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ga.exim.gov/SAAS/horizon/js-lib/jquery.min.8fb8fee4fcc3cc86ff6c724154c49c42.js?v=8fb8fee4fcc3cc86ff6c724154c49c42
Requested by
Host: ga.exim.gov
URL: https://ga.exim.gov/SAAS/auth/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.68.145.22 Falls Church, United States, ASN6223 (CENTURYLINK-MTIPS1-STN, US),
Reverse DNS
Software
/
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Content-Security-Policy default-src blob: https: 'self' ; script-src 'unsafe-inline' 'unsafe-eval' https: 'self' ; style-src 'unsafe-inline' https: 'self'; img-src https: data: 'self', frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ga.exim.gov/SAAS/auth/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Security-Policy
default-src blob: https: 'self' ; script-src 'unsafe-inline' 'unsafe-eval' https: 'self' ; style-src 'unsafe-inline' https: 'self'; img-src https: data: 'self', frame-ancestors 'self'
X-Content-Type-Options
nosniff
Date
Tue, 12 Dec 2023 19:20:14 GMT
Last-Modified
Sat, 10 Dec 2022 19:38:44 GMT
ETag
W/"89501-1670701124000"
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
application/javascript;charset=UTF-8
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
89501
X-XSS-Protection
1; mode=block
util.csrf.05ce6dee0f684a5d5538a448944c84bd.js
ga.exim.gov/SAAS/horizon/js/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ga.exim.gov/SAAS/horizon/js/util.csrf.05ce6dee0f684a5d5538a448944c84bd.js?v=05ce6dee0f684a5d5538a448944c84bd
Requested by
Host: ga.exim.gov
URL: https://ga.exim.gov/SAAS/auth/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.68.145.22 Falls Church, United States, ASN6223 (CENTURYLINK-MTIPS1-STN, US),
Reverse DNS
Software
/
Resource Hash
ed970c5dced6d3d14e7e541dad9e90110fe8294741e9449e766221d6516da6e0
Security Headers
Name Value
Content-Security-Policy default-src blob: https: 'self' ; script-src 'unsafe-inline' 'unsafe-eval' https: 'self' ; style-src 'unsafe-inline' https: 'self'; img-src https: data: 'self', frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ga.exim.gov/SAAS/auth/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Security-Policy
default-src blob: https: 'self' ; script-src 'unsafe-inline' 'unsafe-eval' https: 'self' ; style-src 'unsafe-inline' https: 'self'; img-src https: data: 'self', frame-ancestors 'self'
X-Content-Type-Options
nosniff
Date
Tue, 12 Dec 2023 19:20:14 GMT
Last-Modified
Sat, 10 Dec 2022 19:38:44 GMT
ETag
W/"5728-1670701124000"
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
application/javascript;charset=UTF-8
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
5728
X-XSS-Protection
1; mode=block
util.message-strip.3dbb47e87bbb777f873b40cde6bde92c.js
ga.exim.gov/SAAS/horizon/js/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ga.exim.gov/SAAS/horizon/js/util.message-strip.3dbb47e87bbb777f873b40cde6bde92c.js?v=3dbb47e87bbb777f873b40cde6bde92c
Requested by
Host: ga.exim.gov
URL: https://ga.exim.gov/SAAS/auth/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.68.145.22 Falls Church, United States, ASN6223 (CENTURYLINK-MTIPS1-STN, US),
Reverse DNS
Software
/
Resource Hash
7831415beb04158ec43ef06da61a5a906f1b3b4d79894912f5d93a4c53d5e997
Security Headers
Name Value
Content-Security-Policy default-src blob: https: 'self' ; script-src 'unsafe-inline' 'unsafe-eval' https: 'self' ; style-src 'unsafe-inline' https: 'self'; img-src https: data: 'self', frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ga.exim.gov/SAAS/auth/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Security-Policy
default-src blob: https: 'self' ; script-src 'unsafe-inline' 'unsafe-eval' https: 'self' ; style-src 'unsafe-inline' https: 'self'; img-src https: data: 'self', frame-ancestors 'self'
X-Content-Type-Options
nosniff
Date
Tue, 12 Dec 2023 19:20:14 GMT
Last-Modified
Sat, 10 Dec 2022 19:38:44 GMT
ETag
W/"4605-1670701124000"
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
application/javascript;charset=UTF-8
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
4605
X-XSS-Protection
1; mode=block
util.autofocus.97b2f2aa2244bde7495522a6eb8cf176.js
ga.exim.gov/SAAS/horizon/js/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ga.exim.gov/SAAS/horizon/js/util.autofocus.97b2f2aa2244bde7495522a6eb8cf176.js?v=97b2f2aa2244bde7495522a6eb8cf176
Requested by
Host: ga.exim.gov
URL: https://ga.exim.gov/SAAS/auth/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.68.145.22 Falls Church, United States, ASN6223 (CENTURYLINK-MTIPS1-STN, US),
Reverse DNS
Software
/
Resource Hash
f3bda07eff79b023f19d06ab2753a6a70e4d69e9a212b521d4e956506c944935
Security Headers
Name Value
Content-Security-Policy default-src blob: https: 'self' ; script-src 'unsafe-inline' 'unsafe-eval' https: 'self' ; style-src 'unsafe-inline' https: 'self'; img-src https: data: 'self', frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ga.exim.gov/SAAS/auth/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Security-Policy
default-src blob: https: 'self' ; script-src 'unsafe-inline' 'unsafe-eval' https: 'self' ; style-src 'unsafe-inline' https: 'self'; img-src https: data: 'self', frame-ancestors 'self'
X-Content-Type-Options
nosniff
Date
Tue, 12 Dec 2023 19:20:15 GMT
Last-Modified
Sat, 10 Dec 2022 19:38:44 GMT
ETag
W/"1419-1670701124000"
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
application/javascript;charset=UTF-8
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
1419
X-XSS-Protection
1; mode=block
util.message.716a19b47c764a9dacc2f4d9d52ac4ed.css
ga.exim.gov/SAAS/horizon/css/ 		897 B
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ga.exim.gov/SAAS/horizon/css/util.message.716a19b47c764a9dacc2f4d9d52ac4ed.css?v=716a19b47c764a9dacc2f4d9d52ac4ed
Requested by
Host: ga.exim.gov
URL: https://ga.exim.gov/SAAS/auth/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.68.145.22 Falls Church, United States, ASN6223 (CENTURYLINK-MTIPS1-STN, US),
Reverse DNS
Software
/
Resource Hash
aa92ca87a99f72efd2d1f7ecb637f03f910d0522262f880c8370095c7f5477f2
Security Headers
Name Value
Content-Security-Policy default-src blob: https: 'self' ; script-src 'unsafe-inline' 'unsafe-eval' https: 'self' ; style-src 'unsafe-inline' https: 'self'; img-src https: data: 'self', frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ga.exim.gov/SAAS/auth/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Security-Policy
default-src blob: https: 'self' ; script-src 'unsafe-inline' 'unsafe-eval' https: 'self' ; style-src 'unsafe-inline' https: 'self'; img-src https: data: 'self', frame-ancestors 'self'
X-Content-Type-Options
nosniff
Date
Tue, 12 Dec 2023 19:20:15 GMT
Last-Modified
Sat, 10 Dec 2022 19:38:44 GMT
ETag
W/"897-1670701124000"
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
text/css;charset=UTF-8
Cache-Control
public, max-age=7776000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
897
X-XSS-Protection
1; mode=block
Expires
Mon, 11 Mar 2024 19:20:15 GMT
loading.gif
ga.exim.gov/SAAS/horizon/images/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ga.exim.gov/SAAS/horizon/images/loading.gif
Requested by
Host: ga.exim.gov
URL: https://ga.exim.gov/SAAS/auth/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.68.145.22 Falls Church, United States, ASN6223 (CENTURYLINK-MTIPS1-STN, US),
Reverse DNS
Software
/
Resource Hash
c9c02c50e8590006f5d50584b295476bd8c2142391d64223bb42febabdeaa598
Security Headers
Name Value
Content-Security-Policy default-src blob: https: 'self' ; script-src 'unsafe-inline' 'unsafe-eval' https: 'self' ; style-src 'unsafe-inline' https: 'self'; img-src https: data: 'self', frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ga.exim.gov/SAAS/auth/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Security-Policy
default-src blob: https: 'self' ; script-src 'unsafe-inline' 'unsafe-eval' https: 'self' ; style-src 'unsafe-inline' https: 'self'; img-src https: data: 'self', frame-ancestors 'self'
X-Content-Type-Options
nosniff
Date
Tue, 12 Dec 2023 19:20:15 GMT
Last-Modified
Sat, 10 Dec 2022 19:23:38 GMT
ETag
W/"37517-1670700218000"
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
image/gif;charset=UTF-8
Cache-Control
public, max-age=7776000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
37517
X-XSS-Protection
1; mode=block
Expires
Mon, 11 Mar 2024 19:20:15 GMT
page.adapter-login.js
ga.exim.gov/SAAS/horizon/js/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ga.exim.gov/SAAS/horizon/js/page.adapter-login.js
Requested by
Host: ga.exim.gov
URL: https://ga.exim.gov/SAAS/auth/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.68.145.22 Falls Church, United States, ASN6223 (CENTURYLINK-MTIPS1-STN, US),
Reverse DNS
Software
/
Resource Hash
7557cbd80f4cdc6fc80b2e79c9ac7a32f276b267d46671af3122b6a5ddb38c0a
Security Headers
Name Value
Content-Security-Policy default-src blob: https: 'self' ; script-src 'unsafe-inline' 'unsafe-eval' https: 'self' ; style-src 'unsafe-inline' https: 'self'; img-src https: data: 'self', frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ga.exim.gov/SAAS/auth/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Security-Policy
default-src blob: https: 'self' ; script-src 'unsafe-inline' 'unsafe-eval' https: 'self' ; style-src 'unsafe-inline' https: 'self'; img-src https: data: 'self', frame-ancestors 'self'
X-Content-Type-Options
nosniff
Date
Tue, 12 Dec 2023 19:20:15 GMT
Last-Modified
Sat, 10 Dec 2022 19:23:38 GMT
ETag
W/"4801-1670700218000"
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
application/javascript;charset=UTF-8
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
4801
X-XSS-Protection
1; mode=block
util.autofocus.js
ga.exim.gov/SAAS/horizon/js/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ga.exim.gov/SAAS/horizon/js/util.autofocus.js
Requested by
Host: ga.exim.gov
URL: https://ga.exim.gov/SAAS/auth/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.68.145.22 Falls Church, United States, ASN6223 (CENTURYLINK-MTIPS1-STN, US),
Reverse DNS
Software
/
Resource Hash
f3bda07eff79b023f19d06ab2753a6a70e4d69e9a212b521d4e956506c944935
Security Headers
Name Value
Content-Security-Policy default-src blob: https: 'self' ; script-src 'unsafe-inline' 'unsafe-eval' https: 'self' ; style-src 'unsafe-inline' https: 'self'; img-src https: data: 'self', frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ga.exim.gov/SAAS/auth/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Security-Policy
default-src blob: https: 'self' ; script-src 'unsafe-inline' 'unsafe-eval' https: 'self' ; style-src 'unsafe-inline' https: 'self'; img-src https: data: 'self', frame-ancestors 'self'
X-Content-Type-Options
nosniff
Date
Tue, 12 Dec 2023 19:20:15 GMT
Last-Modified
Sat, 10 Dec 2022 19:23:38 GMT
ETag
W/"1419-1670700218000"
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
application/javascript;charset=UTF-8
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
1419
X-XSS-Protection
1; mode=block
vmware_logo.svg
ga.exim.gov/SAAS/horizon/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ga.exim.gov/SAAS/horizon/images/vmware_logo.svg
Requested by
Host: ga.exim.gov
URL: https://ga.exim.gov/SAAS/auth/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.68.145.22 Falls Church, United States, ASN6223 (CENTURYLINK-MTIPS1-STN, US),
Reverse DNS
Software
/
Resource Hash
f8171f6b6cbef9a48fe3b867bfbf7354a44da0be1e2cf25e86ef7def3412586a
Security Headers
Name Value
Content-Security-Policy default-src blob: https: 'self' ; script-src 'unsafe-inline' 'unsafe-eval' https: 'self' ; style-src 'unsafe-inline' https: 'self'; img-src https: data: 'self', frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ga.exim.gov/SAAS/auth/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Security-Policy
default-src blob: https: 'self' ; script-src 'unsafe-inline' 'unsafe-eval' https: 'self' ; style-src 'unsafe-inline' https: 'self'; img-src https: data: 'self', frame-ancestors 'self'
X-Content-Type-Options
nosniff
Date
Tue, 12 Dec 2023 19:20:15 GMT
Last-Modified
Sat, 10 Dec 2022 19:23:38 GMT
ETag
W/"3317-1670700218000"
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
image/svg+xml;charset=UTF-8
Cache-Control
public, max-age=7776000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
3317
X-XSS-Protection
1; mode=block
Expires
Mon, 11 Mar 2024 19:20:15 GMT
branding
ga.exim.gov/SAAS/jersey/manager/api/ 		12 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ga.exim.gov/SAAS/jersey/manager/api/branding
Requested by
Host: ga.exim.gov
URL: https://ga.exim.gov/SAAS/horizon/js-lib/jquery.min.8fb8fee4fcc3cc86ff6c724154c49c42.js?v=8fb8fee4fcc3cc86ff6c724154c49c42
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.68.145.22 Falls Church, United States, ASN6223 (CENTURYLINK-MTIPS1-STN, US),
Reverse DNS
Software
/
Resource Hash
a138280bd6a48ab893a9072378cefeea623cadd09470c1f2e3d186997c6c8749
Security Headers
Name Value
Content-Security-Policy default-src blob: https: 'self' ; script-src 'unsafe-inline' 'unsafe-eval' https: 'self' ; style-src 'unsafe-inline' https: 'self'; img-src https: data: 'self', frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://ga.exim.gov/SAAS/auth/login
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Security-Policy
default-src blob: https: 'self' ; script-src 'unsafe-inline' 'unsafe-eval' https: 'self' ; style-src 'unsafe-inline' https: 'self'; img-src https: data: 'self', frame-ancestors 'self'
X-Content-Type-Options
nosniff
Date
Tue, 12 Dec 2023 19:20:15 GMT
Transfer-Encoding
chunked
Content-Type
application/vnd.vmware.horizon.manager.branding+json;charset=UTF-8
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control
no-cache, no-store, no-transform, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Connection
keep-alive
Keep-Alive
timeout=20
X-XSS-Protection
1; mode=block
OpenSans-Regular-webfont.woff
ga.exim.gov/SAAS/horizon/fonts/ 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ga.exim.gov/SAAS/horizon/fonts/OpenSans-Regular-webfont.woff
Requested by
Host: ga.exim.gov
URL: https://ga.exim.gov/SAAS/horizon/css/bootstrap-login.5896a56f1d301d0ea7cf6ce2058ae8e5.css?v=5896a56f1d301d0ea7cf6ce2058ae8e5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.68.145.22 Falls Church, United States, ASN6223 (CENTURYLINK-MTIPS1-STN, US),
Reverse DNS
Software
/
Resource Hash
9bab7109991e88338cdbcc9f1d6902c8c6bc1153592e8c4b0e64fd3608690a6a
Security Headers
Name Value
Content-Security-Policy default-src blob: https: 'self' ; script-src 'unsafe-inline' 'unsafe-eval' https: 'self' ; style-src 'unsafe-inline' https: 'self'; img-src https: data: 'self', frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ga.exim.gov/SAAS/horizon/css/bootstrap-login.5896a56f1d301d0ea7cf6ce2058ae8e5.css?v=5896a56f1d301d0ea7cf6ce2058ae8e5
Origin
https://ga.exim.gov
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Security-Policy
default-src blob: https: 'self' ; script-src 'unsafe-inline' 'unsafe-eval' https: 'self' ; style-src 'unsafe-inline' https: 'self'; img-src https: data: 'self', frame-ancestors 'self'
X-Content-Type-Options
nosniff
Date
Tue, 12 Dec 2023 19:20:15 GMT
Last-Modified
Sat, 10 Dec 2022 19:23:38 GMT
ETag
W/"24876-1670700218000"
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
font/woff;charset=UTF-8
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
24876
X-XSS-Protection
1; mode=block
1800
ga.exim.gov/SAAS/jersey/manager/api/images/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ga.exim.gov/SAAS/jersey/manager/api/images/1800
Requested by
Host: ga.exim.gov
URL: https://ga.exim.gov/SAAS/auth/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.68.145.22 Falls Church, United States, ASN6223 (CENTURYLINK-MTIPS1-STN, US),
Reverse DNS
Software
/
Resource Hash
d6c48cef2106e16bc8fd86443be32bfbd52992e1402580d2489993fa9edfe86e
Security Headers
Name Value
Content-Security-Policy default-src blob: https: 'self' ; script-src 'unsafe-inline' 'unsafe-eval' https: 'self' ; style-src 'unsafe-inline' https: 'self'; img-src https: data: 'self', frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ga.exim.gov/SAAS/auth/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Security-Policy
default-src blob: https: 'self' ; script-src 'unsafe-inline' 'unsafe-eval' https: 'self' ; style-src 'unsafe-inline' https: 'self'; img-src https: data: 'self', frame-ancestors 'self'
X-Content-Type-Options
nosniff
Date
Tue, 12 Dec 2023 19:20:15 GMT
ETag
"1800"
Transfer-Encoding
chunked
Content-Type
image/png;charset=UTF-8
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control
no-transform, max-age=7776000, s-maxage=7776000
Connection
keep-alive
Keep-Alive
timeout=20
X-XSS-Protection
1; mode=block
1801
ga.exim.gov/SAAS/jersey/manager/api/images/ 		144 KB
145 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ga.exim.gov/SAAS/jersey/manager/api/images/1801
Requested by
Host: ga.exim.gov
URL: https://ga.exim.gov/SAAS/auth/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.68.145.22 Falls Church, United States, ASN6223 (CENTURYLINK-MTIPS1-STN, US),
Reverse DNS
Software
/
Resource Hash
6b7e08b169b52c1d4f37163d0334bb0ffeb801fd03ce0b958369f43038c31914
Security Headers
Name Value
Content-Security-Policy default-src blob: https: 'self' ; script-src 'unsafe-inline' 'unsafe-eval' https: 'self' ; style-src 'unsafe-inline' https: 'self'; img-src https: data: 'self', frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ga.exim.gov/SAAS/auth/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Security-Policy
default-src blob: https: 'self' ; script-src 'unsafe-inline' 'unsafe-eval' https: 'self' ; style-src 'unsafe-inline' https: 'self'; img-src https: data: 'self', frame-ancestors 'self'
X-Content-Type-Options
nosniff
Date
Tue, 12 Dec 2023 19:20:15 GMT
ETag
"1801"
Transfer-Encoding
chunked
Content-Type
image/png;charset=UTF-8
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control
no-transform, max-age=7776000, s-maxage=7776000
Connection
keep-alive
Keep-Alive
timeout=20
X-XSS-Protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| $ function| jQuery object| utility undefined| isConsentPage object| adapterLoginPage

2 Cookies

Domain/Path Name / Value
ga.exim.gov/SAAS Name: LOGIN_XSRF
Value: TTOIRIAH4TyyrOa
ga.exim.gov/ Name: JSESSIONID
Value: 5EC615B6D155A96DFA88D777A9859615

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src blob: https: 'self' ; script-src 'unsafe-inline' 'unsafe-eval' https: 'self' ; style-src 'unsafe-inline' https: 'self'; img-src https: data: 'self' frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block