urlscan.io logo urlscan.io
SecurityTrails logo

ss6.experian.com Open in urlscan Pro
167.107.80.248  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://experian-nab.okta.com/help/login
Effective URL: https://ss6.experian.com/ewacs/login.jsp?fromURI=%2Fhelp%2Flogin
Submission: On May 15 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 12 HTTP transactions. The main IP is 167.107.80.248, located in United States and belongs to EXP-EC2000, US. The main domain is ss6.experian.com. The Cisco Umbrella rank of the primary domain is 547952.
TLS certificate: Issued by Entrust Certification Authority - L1M on July 1st 2022. Valid for: a year.
This is the only time ss6.experian.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 13.248.165.67 16509 (AMAZON-02)
10 167.107.80.248 14799 (EXP-EC2000)
2 205.174.34.39 14799 (EXP-EC2000)
12 2
Apex Domain
Subdomains		 Transfer
12 experian.com
ss6.experian.com — Cisco Umbrella Rank: 547952
ss1.experian.com — Cisco Umbrella Rank: 451546
137 KB
1 okta.com
experian-nab.okta.com — Cisco Umbrella Rank: 667604
2 KB
12 2
Domain Requested by
10 ss6.experian.com ss6.experian.com
2 ss1.experian.com ss6.experian.com
1 experian-nab.okta.com 1 redirects
12 3

This site contains links to these domains. Also see Links.

Domain
www.experian.com
Subject Issuer Validity Valid
ss6.experian.com
Entrust Certification Authority - L1M		 2022-07-01 -
2023-07-06		 a year crt.sh
ss1.experian.com
Entrust Certification Authority - L1M		 2022-06-13 -
2023-06-22		 a year crt.sh

This page contains 1 frames:

Primary Page: https://ss6.experian.com/ewacs/login.jsp?fromURI=%2Fhelp%2Flogin
Frame ID: 10EA4E300F23BE7518C4E69CE40B2917
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Experian Web Access Control System

Page URL History Show full URLs

  1. https://experian-nab.okta.com/help/login HTTP 302
    https://ss6.experian.com/ewacs/login.jsp?fromURI=%2Fhelp%2Flogin Page URL

Page Statistics

12
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

2
IPs

1
Countries

137 kB
Transfer

131 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://experian-nab.okta.com/help/login HTTP 302
    https://ss6.experian.com/ewacs/login.jsp?fromURI=%2Fhelp%2Flogin Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login.jsp
ss6.experian.com/ewacs/
Redirect Chain
  • https://experian-nab.okta.com/help/login
  • https://ss6.experian.com/ewacs/login.jsp?fromURI=%2Fhelp%2Flogin
3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ss6.experian.com/ewacs/login.jsp?fromURI=%2Fhelp%2Flogin
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.107.80.248 , United States, ASN14799 (EXP-EC2000, US),
Reverse DNS
ss6.experian.com
Software
/ JSP/2.2
Resource Hash
747c70377ff195ca79b2378a17ac2a8b636ad66cc947ea310e2558a22e15eac7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, no-store
Connection
Keep-Alive
Content-Language
en-US
Content-Length
2968
Content-Type
text/html;charset=UTF-8
Date
Mon, 15 May 2023 14:35:01 GMT
Keep-Alive
timeout=5, max=100
Strict-Transport-Security
max-age=31536000
WWW-Authenticate
Basic realm="CT"
X-Content-Type-Option
nosniff
X-FRAME-OPTIONS
SAMEORIGIN SAMEORIGIN
X-Powered-By
JSP/2.2
X-XSS-Protection
1; mode=block

Redirect headers

content-length
0
content-security-policy
default-src 'self' experian-nab.okta.com *.oktacdn.com; connect-src 'self' experian-nab.okta.com experian-nab-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com app.pendo.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com *.mtls.okta.com experian-nab.kerberos.okta.com https://oinmanager.okta.com data:; script-src 'unsafe-inline' 'unsafe-eval' 'self' experian-nab.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' experian-nab.okta.com *.oktacdn.com app.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; frame-src 'self' experian-nab.okta.com experian-nab-admin.okta.com login.okta.com; img-src 'self' experian-nab.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com app.pendo.io data.pendo.io cdn.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com data: blob:; font-src 'self' experian-nab.okta.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
date
Mon, 15 May 2023 14:35:00 GMT
location
https://ss6.experian.com/ewacs/login.jsp?fromURI=%2Fhelp%2Flogin
p3p
CP="HONK"
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
server
nginx
strict-transport-security
max-age=315360000; includeSubDomains
x-okta-request-id
ZGJDFLbsCLVnWLI2uxdhQwAAB58
x-rate-limit-limit
10000
x-rate-limit-remaining
9992
x-rate-limit-reset
1684161314
x-robots-tag
noindex,nofollow
x-xss-protection
0
sso.js
ss6.experian.com/securecontrol/ 		28 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ss6.experian.com/securecontrol/sso.js
Requested by
Host: ss6.experian.com
URL: https://ss6.experian.com/ewacs/login.jsp?fromURI=%2Fhelp%2Flogin
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.107.80.248 , United States, ASN14799 (EXP-EC2000, US),
Reverse DNS
ss6.experian.com
Software
/
Resource Hash
051ead832f64833706e3fb60841676df15a116eb3001065476cf294e2ad8235c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ss6.experian.com/ewacs/login.jsp?fromURI=%2Fhelp%2Flogin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 May 2023 14:35:01 GMT
Strict-Transport-Security
max-age=31536000
WWW-Authenticate
Basic realm="CT"
Last-Modified
Wed, 18 Aug 2021 08:24:39 GMT
ETag
W/"28898-1629275079000"
X-FRAME-OPTIONS
SAMEORIGIN
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate, no-cache, no-store
X-Content-Type-Option
nosniff
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
28898
X-XSS-Protection
1; mode=block
ewacsMain.css
ss6.experian.com/ewacs/stylesheet/ 		113 B
591 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ss6.experian.com/ewacs/stylesheet/ewacsMain.css
Requested by
Host: ss6.experian.com
URL: https://ss6.experian.com/ewacs/login.jsp?fromURI=%2Fhelp%2Flogin
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.107.80.248 , United States, ASN14799 (EXP-EC2000, US),
Reverse DNS
ss6.experian.com
Software
/
Resource Hash
c42d4eb158dd3b7561f729d6b638379a1b3b8472030c7343def23c81f9ae798d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ss6.experian.com/ewacs/login.jsp?fromURI=%2Fhelp%2Flogin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Mon, 15 May 2023 14:35:01 GMT
Strict-Transport-Security
max-age=31536000
WWW-Authenticate
Basic realm="CT"
Last-Modified
Fri, 15 Jan 2021 16:10:42 GMT
ETag
W/"113-1610727042005"
X-FRAME-OPTIONS
SAMEORIGIN
Content-Type
text/css;charset=UTF-8
Cache-Control
no-cache, no-store
X-Content-Type-Option
nosniff
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
113
X-XSS-Protection
1; mode=block
experian.gif
ss6.experian.com/ewacs/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ss6.experian.com/ewacs/img/experian.gif
Requested by
Host: ss6.experian.com
URL: https://ss6.experian.com/ewacs/login.jsp?fromURI=%2Fhelp%2Flogin
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.107.80.248 , United States, ASN14799 (EXP-EC2000, US),
Reverse DNS
ss6.experian.com
Software
/
Resource Hash
0dda8a9ca56c8f9bfbc352542a2f8f49aeffa7ceaa69bfa28bcc715e4532ccd4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ss6.experian.com/ewacs/login.jsp?fromURI=%2Fhelp%2Flogin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Mon, 15 May 2023 14:35:01 GMT
Strict-Transport-Security
max-age=31536000
WWW-Authenticate
Basic realm="CT"
Last-Modified
Fri, 15 Jan 2021 16:10:42 GMT
ETag
W/"2850-1610727042002"
X-FRAME-OPTIONS
SAMEORIGIN
Content-Type
image/gif;charset=UTF-8
Cache-Control
no-cache, no-store
X-Content-Type-Option
nosniff
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
2850
X-XSS-Protection
1; mode=block
ewacsLayout.css
ss6.experian.com/ewacs/stylesheet/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ss6.experian.com/ewacs/stylesheet/ewacsLayout.css
Requested by
Host: ss6.experian.com
URL: https://ss6.experian.com/ewacs/stylesheet/ewacsMain.css
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.107.80.248 , United States, ASN14799 (EXP-EC2000, US),
Reverse DNS
ss6.experian.com
Software
/
Resource Hash
8f0d806b9ebfb28868d45ef3808ce71ec2617df4fc5bbec22d1acb6668e24754
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ss6.experian.com/ewacs/stylesheet/ewacsMain.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Mon, 15 May 2023 14:35:01 GMT
Strict-Transport-Security
max-age=31536000
WWW-Authenticate
Basic realm="CT"
Last-Modified
Fri, 15 Jan 2021 16:10:42 GMT
ETag
W/"1926-1610727042004"
X-FRAME-OPTIONS
SAMEORIGIN
Content-Type
text/css;charset=UTF-8
Cache-Control
no-cache, no-store
X-Content-Type-Option
nosniff
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1926
X-XSS-Protection
1; mode=block
ewacsTheme.css
ss6.experian.com/ewacs/stylesheet/ 		24 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ss6.experian.com/ewacs/stylesheet/ewacsTheme.css
Requested by
Host: ss6.experian.com
URL: https://ss6.experian.com/ewacs/stylesheet/ewacsMain.css
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.107.80.248 , United States, ASN14799 (EXP-EC2000, US),
Reverse DNS
ss6.experian.com
Software
/
Resource Hash
9c45c16d84d1e457ec5064813d8cb8d4e03238ebec4e05413a66c8aec54d4898
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ss6.experian.com/ewacs/stylesheet/ewacsMain.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Mon, 15 May 2023 14:35:01 GMT
Strict-Transport-Security
max-age=31536000
WWW-Authenticate
Basic realm="CT"
Last-Modified
Fri, 15 Jan 2021 16:10:42 GMT
ETag
W/"24846-1610727042005"
X-FRAME-OPTIONS
SAMEORIGIN
Content-Type
text/css;charset=UTF-8
Cache-Control
no-cache, no-store
X-Content-Type-Option
nosniff
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
24846
X-XSS-Protection
1; mode=block
theme.css
ss6.experian.com/ewacs/stylesheet/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ss6.experian.com/ewacs/stylesheet/theme.css
Requested by
Host: ss6.experian.com
URL: https://ss6.experian.com/ewacs/stylesheet/ewacsMain.css
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.107.80.248 , United States, ASN14799 (EXP-EC2000, US),
Reverse DNS
ss6.experian.com
Software
/
Resource Hash
d85bdd8044b72416411bbfd6836c2321db0e30602c6e7708ca7512a379cdcca9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ss6.experian.com/ewacs/stylesheet/ewacsMain.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Mon, 15 May 2023 14:35:02 GMT
Strict-Transport-Security
max-age=31536000
WWW-Authenticate
Basic realm="CT"
Last-Modified
Fri, 15 Jan 2021 16:10:42 GMT
ETag
W/"3080-1610727042005"
X-FRAME-OPTIONS
SAMEORIGIN
Content-Type
text/css;charset=UTF-8
Cache-Control
no-cache, no-store
X-Content-Type-Option
nosniff
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
3080
X-XSS-Protection
1; mode=block
bottom_top_bandshadow.png
ss6.experian.com/ewacs/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ss6.experian.com/ewacs/img/bottom_top_bandshadow.png
Requested by
Host: ss6.experian.com
URL: https://ss6.experian.com/ewacs/stylesheet/ewacsLayout.css
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.107.80.248 , United States, ASN14799 (EXP-EC2000, US),
Reverse DNS
ss6.experian.com
Software
/
Resource Hash
c1325f16f8bae5d3e4867f1a4e14dc5af6e0d38f372458644721508b75caae00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ss6.experian.com/ewacs/stylesheet/ewacsLayout.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Mon, 15 May 2023 14:35:02 GMT
Strict-Transport-Security
max-age=31536000
WWW-Authenticate
Basic realm="CT"
Last-Modified
Fri, 15 Jan 2021 16:10:42 GMT
ETag
W/"1062-1610727042000"
X-FRAME-OPTIONS
SAMEORIGIN
Content-Type
image/png;charset=UTF-8
Cache-Control
no-cache, no-store
X-Content-Type-Option
nosniff
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
1062
X-XSS-Protection
1; mode=block
sprites_tabs-buttons.png
ss6.experian.com/ewacs/img/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ss6.experian.com/ewacs/img/sprites_tabs-buttons.png
Requested by
Host: ss6.experian.com
URL: https://ss6.experian.com/ewacs/stylesheet/ewacsTheme.css
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.107.80.248 , United States, ASN14799 (EXP-EC2000, US),
Reverse DNS
ss6.experian.com
Software
/
Resource Hash
90ad6a4a5ee244cfcbc95f0444f9fe202af281fd756b4f8e8180faecdb7f740e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ss6.experian.com/ewacs/stylesheet/ewacsTheme.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Mon, 15 May 2023 14:35:02 GMT
Strict-Transport-Security
max-age=31536000
WWW-Authenticate
Basic realm="CT"
Last-Modified
Fri, 15 Jan 2021 16:10:42 GMT
ETag
W/"2204-1610727042003"
X-FRAME-OPTIONS
SAMEORIGIN
Content-Type
image/png;charset=UTF-8
Cache-Control
no-cache, no-store
X-Content-Type-Option
nosniff
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
2204
X-XSS-Protection
1; mode=block
login_links.png
ss6.experian.com/ewacs/img/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ss6.experian.com/ewacs/img/login_links.png
Requested by
Host: ss6.experian.com
URL: https://ss6.experian.com/ewacs/stylesheet/ewacsTheme.css
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
167.107.80.248 , United States, ASN14799 (EXP-EC2000, US),
Reverse DNS
ss6.experian.com
Software
/
Resource Hash
159729fd3c91fb71c565db70e51ceade5e4c919d59b680c807946a043318a78b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ss6.experian.com/ewacs/stylesheet/ewacsTheme.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Mon, 15 May 2023 14:35:02 GMT
Strict-Transport-Security
max-age=31536000
WWW-Authenticate
Basic realm="CT"
Last-Modified
Fri, 15 Jan 2021 16:10:42 GMT
ETag
W/"2106-1610727042002"
X-FRAME-OPTIONS
SAMEORIGIN
Content-Type
image/png;charset=UTF-8
Cache-Control
no-cache, no-store
X-Content-Type-Option
nosniff
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2106
X-XSS-Protection
1; mode=block
deviceprint.js
ss1.experian.com/securecontrol/ 		46 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ss1.experian.com/securecontrol/deviceprint.js
Requested by
Host: ss6.experian.com
URL: https://ss6.experian.com/securecontrol/sso.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
205.174.34.39 Costa Mesa, United States, ASN14799 (EXP-EC2000, US),
Reverse DNS
ss1.experian.com
Software
/
Resource Hash
cb0d0af4e9d11996012ae591d1352ef0684bccfc0636ce2e82bb3bf5345ab832
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.experian.com *.secure.experian.com 'unsafe-inline' 'unsafe-eval' blob:; img-src * data:;font-src * data:
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ss6.experian.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 May 2023 14:35:02 GMT
Content-Security-Policy
default-src 'self' *.experian.com *.secure.experian.com 'unsafe-inline' 'unsafe-eval' blob:; img-src * data:;font-src * data:
WWW-Authenticate
Basic realm="CT"
Strict-Transport-Security
max-age=31536000
Last-Modified
Wed, 18 Aug 2021 08:23:59 GMT
ETag
W/"46665-1629275039000"
X-FRAME-OPTIONS
SAMEORIGIN
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate, no-cache, no-store
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
46665
X-XSS-Protection
1; mode=block
json2.js
ss1.experian.com/securecontrol/ 		17 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ss1.experian.com/securecontrol/json2.js
Requested by
Host: ss6.experian.com
URL: https://ss6.experian.com/securecontrol/sso.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
205.174.34.39 Costa Mesa, United States, ASN14799 (EXP-EC2000, US),
Reverse DNS
ss1.experian.com
Software
/
Resource Hash
ae861769dc92c87c7bac8fe3e39b3838281993099186c0b2d55167cb793005ea
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.experian.com *.secure.experian.com 'unsafe-inline' 'unsafe-eval' blob:; img-src * data:;font-src * data:
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ss6.experian.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 May 2023 14:35:02 GMT
Content-Security-Policy
default-src 'self' *.experian.com *.secure.experian.com 'unsafe-inline' 'unsafe-eval' blob:; img-src * data:;font-src * data:
WWW-Authenticate
Basic realm="CT"
Strict-Transport-Security
max-age=31536000
Last-Modified
Wed, 18 Aug 2021 08:24:00 GMT
ETag
W/"17570-1629275040000"
X-FRAME-OPTIONS
SAMEORIGIN
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate, no-cache, no-store
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
17570
X-XSS-Protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

103 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| App object| appMap function| importjs function| encode64 function| decode64 function| initApp function| findAppID function| findApp function| openpop function| getForm function| SetCookie function| getCookie function| getCookieVal function| getActrustCookie function| ifSpecialChar function| termsCondtionCheck function| jValidateLogon function| jValidateLogonAndSubmitForm function| submitSSO function| passwordResetLink function| acsLoginLink function| updateProfileLink function| consolidateIDLink function| initAADevice undefined| formname function| initTrojanThreatProtect function| ssoFormSubmit function| invokersa function| appendDeviceElmt undefined| formvar function| appendFormElements number| initAA number| initTrojan object| dom_data_collection string| baseSSOScriptUrl function| initDeviceJs function| addOnLoadMethod function| addOnSubmitMethod function| loadCSSFile function| trim function| getBaseApplication function| getMetaDomain function| getDomain string| consolidateIDURL string| updateProfileURL string| acsLoginURL string| passwordResetURL function| isAccessedFromIframe function| setfocus object| date string| domainName function| extJsonloadGuard function| Hashtable function| startsWith function| DomDataCollection function| IE_FingerPrint function| Mozilla_FingerPrint function| Opera_FingerPrint function| Timer function| getRandomPort object| ProxyCollector function| BlackberryLocationCollector function| detectFields string| SEP string| PAIR string| DEV function| FingerPrint function| urlEncode function| encode_deviceprint function| decode_deviceprint function| post_deviceprint function| post_fingerprints function| add_deviceprint function| form_add_data function| form_add_deviceprint string| HTML5 string| BLACKBERRY string| UNDEFINED string| GEO_LOCATION_DEFAULT_STRUCT object| geoLocator boolean| geoLocatorStatus function| detectDeviceCollectionAPIMode function| init function| startCollection function| stopCollection function| getGeolocationStruct function| HTML5LocationCollector object| UIEventCollector function| UIEvent function| InteractionElement function| UIElementList function| activeXDetect function| stripIllegalChars function| stripFullPath object| BrowserDetect function| convertTimestampToGMT function| getTimestampInMillis function| debug function| forceIE89Synchronicity object| plugin string| t function| loadJSON

4 Cookies

Domain/Path Name / Value
ss6.experian.com/ewacs Name: JSESSIONID
Value: URdak9U42fs-BfvcLufZjRp4.ewacsnode1
experian-nab.okta.com/ Name: JSESSIONID
Value: 8DA174DD6B21C1D039C5F8FF86CA6C74
.experian.com/ Name: Actrust-session-v002b
Value: L2V3YWNzL2FwcC9kYXNoYm9hcmQ%3D
.experian.com/ Name: SSO_URI
Value: /ewacs/app/dashboard

2 Console Messages

Source Level URL
Text
security error URL: https://ss6.experian.com/ewacs/login.jsp?fromURI=%2Fhelp%2Flogin(Line 17)
Message:
Blocked setting the `ctrust-session-v002b=;domain=.experian.com;path=/;secure` cookie from a `<meta>` tag.
security error URL: https://ss6.experian.com/ewacs/login.jsp?fromURI=%2Fhelp%2Flogin(Line 19)
Message:
Blocked setting the `SSO_URI=/ewacs/app/dashboard;domain=.experian.com;path=/;secure` cookie from a `<meta>` tag.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block