oidc.idp.elogin.e-access.hr-access.page
209.141.58.167  Malicious Activity!

URL: https://oidc.idp.elogin.e-access.hr-access.page/lrr/attLRR/LrrController?policyupdate_schedule_view=true
Submission: On December 04 via manual from US — Scanned from DE

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 26 HTTP transactions. The main IP is 209.141.58.167, located in Las Vegas, United States and belongs to PONYNET, US. The main domain is oidc.idp.elogin.e-access.hr-access.page.
TLS certificate: Issued by R3 on December 4th 2022. Valid for: 3 months.
This is the only time oidc.idp.elogin.e-access.hr-access.page was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: AT&T (Telecommunication)

Domain & IP information

IP Address AS Autonomous System
26 209.141.58.167 53667 (PONYNET)
26 1
Apex Domain
Subdomains
Transfer
26 hr-access.page
oidc.idp.elogin.e-access.hr-access.page
810 KB
26 1
Domain Requested by
26 oidc.idp.elogin.e-access.hr-access.page oidc.idp.elogin.e-access.hr-access.page
26 1

This site contains links to these domains. Also see Links.

Domain
oidc.idp.elogin.att.com
www.e-access.att.com
www.att.com
Subject Issuer Validity Valid
oidc.idp.elogin.e-access.hr-access.page
R3
2022-12-04 -
2023-03-04
3 months crt.sh

This page contains 1 frames:

Primary Page: https://oidc.idp.elogin.e-access.hr-access.page/lrr/attLRR/LrrController?policyupdate_schedule_view=true
Frame ID: 629F3C602A4899BCB4DE2DED5403902C
Requests: 26 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

26
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

810 kB
Transfer

1299 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request LrrController
oidc.idp.elogin.e-access.hr-access.page/lrr/attLRR/
137 KB
20 KB
Document
General
Full URL
https://oidc.idp.elogin.e-access.hr-access.page/lrr/attLRR/LrrController?policyupdate_schedule_view=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.141.58.167 Las Vegas, United States, ASN53667 (PONYNET, US),
Reverse DNS
Software
nginx / Express
Resource Hash
52ff301071b4cc16f63b368919bbd3ff39dd95bfe0adc2645d6892e99540d26e
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-security-policy
default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
content-type
text/html; charset=utf-8
date
Sun, 04 Dec 2022 22:24:47 GMT
etag
W/"224b8-Twhov/UfPrJM9JMfxlASHJeSlV8"
permissions-policy
interest-cohort=()
referrer-policy
no-referrer-when-downgrade
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-powered-by
Express
x-xss-protection
1; mode=block
main.css
oidc.idp.elogin.e-access.hr-access.page/css/
28 KB
6 KB
Stylesheet
General
Full URL
https://oidc.idp.elogin.e-access.hr-access.page/css/main.css
Requested by
Host: oidc.idp.elogin.e-access.hr-access.page
URL: https://oidc.idp.elogin.e-access.hr-access.page/lrr/attLRR/LrrController?policyupdate_schedule_view=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.141.58.167 Las Vegas, United States, ASN53667 (PONYNET, US),
Reverse DNS
Software
nginx / Express
Resource Hash
7b805db72e0cc834c7eb3d46314c1d24ba350c94c4984f00b293d2f5c479b961
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oidc.idp.elogin.e-access.hr-access.page/lrr/attLRR/LrrController?policyupdate_schedule_view=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 22:24:47 GMT
content-security-policy
default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 04 Dec 2022 20:56:49 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-powered-by
Express
etag
W/"71e7-184deed5fe0"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0
permissions-policy
interest-cohort=()
x-xss-protection
1; mode=block
fonts.css
oidc.idp.elogin.e-access.hr-access.page/css/
668 B
620 B
Stylesheet
General
Full URL
https://oidc.idp.elogin.e-access.hr-access.page/css/fonts.css
Requested by
Host: oidc.idp.elogin.e-access.hr-access.page
URL: https://oidc.idp.elogin.e-access.hr-access.page/lrr/attLRR/LrrController?policyupdate_schedule_view=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.141.58.167 Las Vegas, United States, ASN53667 (PONYNET, US),
Reverse DNS
Software
nginx / Express
Resource Hash
bf67b77cbcf754d433bbe446ffa8b71c0b754d8bfdc90de00e5302b395d673e2
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oidc.idp.elogin.e-access.hr-access.page/lrr/attLRR/LrrController?policyupdate_schedule_view=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 22:24:47 GMT
content-security-policy
default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 04 Dec 2022 20:56:49 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-powered-by
Express
etag
W/"29c-184deed60d0"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0
permissions-policy
interest-cohort=()
x-xss-protection
1; mode=block
cato.css
oidc.idp.elogin.e-access.hr-access.page/css/
240 B
606 B
Stylesheet
General
Full URL
https://oidc.idp.elogin.e-access.hr-access.page/css/cato.css
Requested by
Host: oidc.idp.elogin.e-access.hr-access.page
URL: https://oidc.idp.elogin.e-access.hr-access.page/lrr/attLRR/LrrController?policyupdate_schedule_view=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.141.58.167 Las Vegas, United States, ASN53667 (PONYNET, US),
Reverse DNS
Software
nginx / Express
Resource Hash
65be7ab7ebc8185b6bed8e5cf08d95eaa0e513c11c079c5cdd53f8a5bf1c3d8b
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oidc.idp.elogin.e-access.hr-access.page/lrr/attLRR/LrrController?policyupdate_schedule_view=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 22:24:47 GMT
content-security-policy
default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 04 Dec 2022 20:56:50 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-powered-by
Express
etag
W/"f0-184deed62ac"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0
permissions-policy
interest-cohort=()
x-xss-protection
1; mode=block
checkbox.css
oidc.idp.elogin.e-access.hr-access.page/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://oidc.idp.elogin.e-access.hr-access.page/css/checkbox.css
Requested by
Host: oidc.idp.elogin.e-access.hr-access.page
URL: https://oidc.idp.elogin.e-access.hr-access.page/lrr/attLRR/LrrController?policyupdate_schedule_view=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.141.58.167 Las Vegas, United States, ASN53667 (PONYNET, US),
Reverse DNS
Software
nginx / Express
Resource Hash
f6d42cb379699d42bdcdc1ca1d7fc6a2253691efc617edabb221052415f05eaa
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oidc.idp.elogin.e-access.hr-access.page/lrr/attLRR/LrrController?policyupdate_schedule_view=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 22:24:47 GMT
content-security-policy
default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 04 Dec 2022 20:56:49 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-powered-by
Express
etag
W/"c09-184deed61c4"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0
permissions-policy
interest-cohort=()
x-xss-protection
1; mode=block
att_common.js
oidc.idp.elogin.e-access.hr-access.page/js/
234 KB
128 KB
Script
General
Full URL
https://oidc.idp.elogin.e-access.hr-access.page/js/att_common.js
Requested by
Host: oidc.idp.elogin.e-access.hr-access.page
URL: https://oidc.idp.elogin.e-access.hr-access.page/lrr/attLRR/LrrController?policyupdate_schedule_view=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.141.58.167 Las Vegas, United States, ASN53667 (PONYNET, US),
Reverse DNS
Software
nginx / Express
Resource Hash
eeb53ea50b8125332e1fefe5184772b5e5ddbcd7fc53488c11d24199c5b239b4
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oidc.idp.elogin.e-access.hr-access.page/lrr/attLRR/LrrController?policyupdate_schedule_view=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 22:24:47 GMT
content-security-policy
default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 04 Dec 2022 20:56:44 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-powered-by
Express
etag
W/"3a925-184deed4b74"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
permissions-policy
interest-cohort=()
x-xss-protection
1; mode=block
jquery-1.12.4.min.js
oidc.idp.elogin.e-access.hr-access.page/js/
95 KB
33 KB
Script
General
Full URL
https://oidc.idp.elogin.e-access.hr-access.page/js/jquery-1.12.4.min.js
Requested by
Host: oidc.idp.elogin.e-access.hr-access.page
URL: https://oidc.idp.elogin.e-access.hr-access.page/lrr/attLRR/LrrController?policyupdate_schedule_view=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.141.58.167 Las Vegas, United States, ASN53667 (PONYNET, US),
Reverse DNS
Software
nginx / Express
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oidc.idp.elogin.e-access.hr-access.page/lrr/attLRR/LrrController?policyupdate_schedule_view=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 22:24:47 GMT
content-security-policy
default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 04 Dec 2022 20:56:43 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-powered-by
Express
etag
W/"17b8b-184deed4708"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
permissions-policy
interest-cohort=()
x-xss-protection
1; mode=block
jquery.blockUI.js
oidc.idp.elogin.e-access.hr-access.page/js/
10 KB
4 KB
Script
General
Full URL
https://oidc.idp.elogin.e-access.hr-access.page/js/jquery.blockUI.js
Requested by
Host: oidc.idp.elogin.e-access.hr-access.page
URL: https://oidc.idp.elogin.e-access.hr-access.page/lrr/attLRR/LrrController?policyupdate_schedule_view=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.141.58.167 Las Vegas, United States, ASN53667 (PONYNET, US),
Reverse DNS
Software
nginx / Express
Resource Hash
43d09eda46c8844e9674fe19c3efde71e12a8142491024e3d91976418e78f1c7
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oidc.idp.elogin.e-access.hr-access.page/lrr/attLRR/LrrController?policyupdate_schedule_view=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 22:24:47 GMT
content-security-policy
default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 04 Dec 2022 20:56:42 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-powered-by
Express
etag
W/"2746-184deed4590"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
permissions-policy
interest-cohort=()
x-xss-protection
1; mode=block
mk.js
oidc.idp.elogin.e-access.hr-access.page/js/
13 KB
4 KB
Script
General
Full URL
https://oidc.idp.elogin.e-access.hr-access.page/js/mk.js
Requested by
Host: oidc.idp.elogin.e-access.hr-access.page
URL: https://oidc.idp.elogin.e-access.hr-access.page/lrr/attLRR/LrrController?policyupdate_schedule_view=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.141.58.167 Las Vegas, United States, ASN53667 (PONYNET, US),
Reverse DNS
Software
nginx / Express
Resource Hash
bdbedf18f8a3a36256f6819fe27c6fc76c2e64dea340bce4ed775c77fd982032
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oidc.idp.elogin.e-access.hr-access.page/lrr/attLRR/LrrController?policyupdate_schedule_view=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 22:24:47 GMT
content-security-policy
default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 04 Dec 2022 20:56:42 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-powered-by
Express
etag
W/"3338-184deed4490"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
permissions-policy
interest-cohort=()
x-xss-protection
1; mode=block
utilities.js
oidc.idp.elogin.e-access.hr-access.page/js/
1 KB
1 KB
Script
General
Full URL
https://oidc.idp.elogin.e-access.hr-access.page/js/utilities.js
Requested by
Host: oidc.idp.elogin.e-access.hr-access.page
URL: https://oidc.idp.elogin.e-access.hr-access.page/lrr/attLRR/LrrController?policyupdate_schedule_view=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.141.58.167 Las Vegas, United States, ASN53667 (PONYNET, US),
Reverse DNS
Software
nginx / Express
Resource Hash
79581aa279a6149075cfbc81498d3cbf1a2f97d42e18f99ac31f0df146c51352
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oidc.idp.elogin.e-access.hr-access.page/lrr/attLRR/LrrController?policyupdate_schedule_view=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 22:24:47 GMT
content-security-policy
default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 04 Dec 2022 20:56:41 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-powered-by
Express
etag
W/"5d5-184deed4224"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
permissions-policy
interest-cohort=()
x-xss-protection
1; mode=block
script.js
oidc.idp.elogin.e-access.hr-access.page/js/
83 KB
17 KB
Script
General
Full URL
https://oidc.idp.elogin.e-access.hr-access.page/js/script.js
Requested by
Host: oidc.idp.elogin.e-access.hr-access.page
URL: https://oidc.idp.elogin.e-access.hr-access.page/lrr/attLRR/LrrController?policyupdate_schedule_view=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.141.58.167 Las Vegas, United States, ASN53667 (PONYNET, US),
Reverse DNS
Software
nginx / Express
Resource Hash
05ef89ea4818d5285c761e6810e57f42cb12887f87d7b551001b9fa9114ab281
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oidc.idp.elogin.e-access.hr-access.page/lrr/attLRR/LrrController?policyupdate_schedule_view=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 22:24:47 GMT
content-security-policy
default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 04 Dec 2022 20:56:42 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-powered-by
Express
etag
W/"14ac2-184deed4390"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
permissions-policy
interest-cohort=()
x-xss-protection
1; mode=block
backEndFunctions.js
oidc.idp.elogin.e-access.hr-access.page/js/
7 KB
2 KB
Script
General
Full URL
https://oidc.idp.elogin.e-access.hr-access.page/js/backEndFunctions.js
Requested by
Host: oidc.idp.elogin.e-access.hr-access.page
URL: https://oidc.idp.elogin.e-access.hr-access.page/lrr/attLRR/LrrController?policyupdate_schedule_view=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.141.58.167 Las Vegas, United States, ASN53667 (PONYNET, US),
Reverse DNS
Software
nginx / Express
Resource Hash
a68f3e45b7cff940ff8d8b0a52a33badc3b57f4a39a2c43c4ab39e48cea01e70
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oidc.idp.elogin.e-access.hr-access.page/lrr/attLRR/LrrController?policyupdate_schedule_view=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 22:24:47 GMT
content-security-policy
default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 04 Dec 2022 20:56:43 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-powered-by
Express
etag
W/"1c5a-184deed491c"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
permissions-policy
interest-cohort=()
x-xss-protection
1; mode=block
ie7.js
oidc.idp.elogin.e-access.hr-access.page/js/
5 KB
2 KB
Script
General
Full URL
https://oidc.idp.elogin.e-access.hr-access.page/js/ie7.js
Requested by
Host: oidc.idp.elogin.e-access.hr-access.page
URL: https://oidc.idp.elogin.e-access.hr-access.page/lrr/attLRR/LrrController?policyupdate_schedule_view=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.141.58.167 Las Vegas, United States, ASN53667 (PONYNET, US),
Reverse DNS
Software
nginx / Express
Resource Hash
e0d8b0a3e96ae24cdfe789d7fcf700a7facdaf123df06d7aa197a3d6d8fba239
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oidc.idp.elogin.e-access.hr-access.page/lrr/attLRR/LrrController?policyupdate_schedule_view=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 22:24:47 GMT
content-security-policy
default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 04 Dec 2022 20:56:43 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-powered-by
Express
etag
W/"14e2-184deed481c"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
permissions-policy
interest-cohort=()
x-xss-protection
1; mode=block
att_logo_97x40.png
oidc.idp.elogin.e-access.hr-access.page/img/
3 KB
4 KB
Image
General
Full URL
https://oidc.idp.elogin.e-access.hr-access.page/img/att_logo_97x40.png
Requested by
Host: oidc.idp.elogin.e-access.hr-access.page
URL: https://oidc.idp.elogin.e-access.hr-access.page/lrr/attLRR/LrrController?policyupdate_schedule_view=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.141.58.167 Las Vegas, United States, ASN53667 (PONYNET, US),
Reverse DNS
Software
nginx / Express
Resource Hash
5f43c44a03507663f45f0275597874d6ed132cf38a09775d997ba3669f64edb4
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oidc.idp.elogin.e-access.hr-access.page/lrr/attLRR/LrrController?policyupdate_schedule_view=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 22:24:48 GMT
content-security-policy
default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 04 Dec 2022 20:56:48 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-powered-by
Express
etag
W/"cf0-184deed5b30"
content-type
image/png
cache-control
public, max-age=0
permissions-policy
interest-cohort=()
accept-ranges
bytes
content-length
3312
x-xss-protection
1; mode=block
GLO_Question_Icon.png
oidc.idp.elogin.e-access.hr-access.page/img/
223 B
648 B
Image
General
Full URL
https://oidc.idp.elogin.e-access.hr-access.page/img/GLO_Question_Icon.png
Requested by
Host: oidc.idp.elogin.e-access.hr-access.page
URL: https://oidc.idp.elogin.e-access.hr-access.page/lrr/attLRR/LrrController?policyupdate_schedule_view=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.141.58.167 Las Vegas, United States, ASN53667 (PONYNET, US),
Reverse DNS
Software
nginx / Express
Resource Hash
4a6500fffb1823beca8bd2c203014d05111e97a82dbbb8516a642abb03bf7bf2
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oidc.idp.elogin.e-access.hr-access.page/lrr/attLRR/LrrController?policyupdate_schedule_view=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 22:24:48 GMT
content-security-policy
default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 04 Dec 2022 20:56:47 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-powered-by
Express
etag
W/"df-184deed5794"
content-type
image/png
cache-control
public, max-age=0
permissions-policy
interest-cohort=()
accept-ranges
bytes
content-length
223
x-xss-protection
1; mode=block
mobileKeyImg.png
oidc.idp.elogin.e-access.hr-access.page/img/
2 KB
3 KB
Image
General
Full URL
https://oidc.idp.elogin.e-access.hr-access.page/img/mobileKeyImg.png
Requested by
Host: oidc.idp.elogin.e-access.hr-access.page
URL: https://oidc.idp.elogin.e-access.hr-access.page/lrr/attLRR/LrrController?policyupdate_schedule_view=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.141.58.167 Las Vegas, United States, ASN53667 (PONYNET, US),
Reverse DNS
Software
nginx / Express
Resource Hash
af15a53c5aa232d5e484741b3ee4cb79a9389722511b68d8a6ed32d8187ff6e7
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oidc.idp.elogin.e-access.hr-access.page/lrr/attLRR/LrrController?policyupdate_schedule_view=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 22:24:48 GMT
content-security-policy
default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 04 Dec 2022 20:56:46 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-powered-by
Express
etag
W/"854-184deed5394"
content-type
image/png
cache-control
public, max-age=0
permissions-policy
interest-cohort=()
accept-ranges
bytes
content-length
2132
x-xss-protection
1; mode=block
rsaImg.png
oidc.idp.elogin.e-access.hr-access.page/img/
2 KB
3 KB
Image
General
Full URL
https://oidc.idp.elogin.e-access.hr-access.page/img/rsaImg.png
Requested by
Host: oidc.idp.elogin.e-access.hr-access.page
URL: https://oidc.idp.elogin.e-access.hr-access.page/lrr/attLRR/LrrController?policyupdate_schedule_view=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.141.58.167 Las Vegas, United States, ASN53667 (PONYNET, US),
Reverse DNS
Software
nginx / Express
Resource Hash
b49473946e0f559b9aacced166135ed5197eff465359dc8c16b3d275902d3c1f
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oidc.idp.elogin.e-access.hr-access.page/lrr/attLRR/LrrController?policyupdate_schedule_view=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 22:24:48 GMT
content-security-policy
default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 04 Dec 2022 20:56:45 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-powered-by
Express
etag
W/"889-184deed5070"
content-type
image/png
cache-control
public, max-age=0
permissions-policy
interest-cohort=()
accept-ranges
bytes
content-length
2185
x-xss-protection
1; mode=block
safeNetLogo.svg
oidc.idp.elogin.e-access.hr-access.page/img/
398 KB
301 KB
Image
General
Full URL
https://oidc.idp.elogin.e-access.hr-access.page/img/safeNetLogo.svg
Requested by
Host: oidc.idp.elogin.e-access.hr-access.page
URL: https://oidc.idp.elogin.e-access.hr-access.page/lrr/attLRR/LrrController?policyupdate_schedule_view=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.141.58.167 Las Vegas, United States, ASN53667 (PONYNET, US),
Reverse DNS
Software
nginx / Express
Resource Hash
797a15feeda1e7b357f44901a9928fb2966da4e03fb5b096086e6804e4019c57
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oidc.idp.elogin.e-access.hr-access.page/lrr/attLRR/LrrController?policyupdate_schedule_view=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 22:24:48 GMT
content-security-policy
default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 04 Dec 2022 20:56:45 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-powered-by
Express
etag
W/"63786-184deed4f7c"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=0
permissions-policy
interest-cohort=()
x-xss-protection
1; mode=block
mtipsLogo.png
oidc.idp.elogin.e-access.hr-access.page/img/
10 KB
10 KB
Image
General
Full URL
https://oidc.idp.elogin.e-access.hr-access.page/img/mtipsLogo.png
Requested by
Host: oidc.idp.elogin.e-access.hr-access.page
URL: https://oidc.idp.elogin.e-access.hr-access.page/lrr/attLRR/LrrController?policyupdate_schedule_view=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.141.58.167 Las Vegas, United States, ASN53667 (PONYNET, US),
Reverse DNS
Software
nginx / Express
Resource Hash
1e72341a06438f1ae82a3e9204b5f788179e0d7da87738c6fe8f4894dad63f65
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oidc.idp.elogin.e-access.hr-access.page/lrr/attLRR/LrrController?policyupdate_schedule_view=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 22:24:48 GMT
content-security-policy
default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 04 Dec 2022 20:56:45 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-powered-by
Express
etag
W/"26bc-184deed52ac"
content-type
image/png
cache-control
public, max-age=0
permissions-policy
interest-cohort=()
accept-ranges
bytes
content-length
9916
x-xss-protection
1; mode=block
howto-for-mobile-devices.gif
oidc.idp.elogin.e-access.hr-access.page/img/
95 KB
95 KB
Image
General
Full URL
https://oidc.idp.elogin.e-access.hr-access.page/img/howto-for-mobile-devices.gif
Requested by
Host: oidc.idp.elogin.e-access.hr-access.page
URL: https://oidc.idp.elogin.e-access.hr-access.page/lrr/attLRR/LrrController?policyupdate_schedule_view=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.141.58.167 Las Vegas, United States, ASN53667 (PONYNET, US),
Reverse DNS
Software
nginx / Express
Resource Hash
44f2d8ede3c0a0af465e298c70249dc11e197ab27f989a8533b711390cd4b3e5
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oidc.idp.elogin.e-access.hr-access.page/lrr/attLRR/LrrController?policyupdate_schedule_view=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 22:24:48 GMT
content-security-policy
default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 04 Dec 2022 20:56:46 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-powered-by
Express
etag
W/"17a53-184deed5520"
content-type
image/gif
cache-control
public, max-age=0
permissions-policy
interest-cohort=()
accept-ranges
bytes
content-length
96851
x-xss-protection
1; mode=block
howto-for-desktop-devices.gif
oidc.idp.elogin.e-access.hr-access.page/img/
93 KB
94 KB
Image
General
Full URL
https://oidc.idp.elogin.e-access.hr-access.page/img/howto-for-desktop-devices.gif
Requested by
Host: oidc.idp.elogin.e-access.hr-access.page
URL: https://oidc.idp.elogin.e-access.hr-access.page/lrr/attLRR/LrrController?policyupdate_schedule_view=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.141.58.167 Las Vegas, United States, ASN53667 (PONYNET, US),
Reverse DNS
Software
nginx / Express
Resource Hash
50fd4389b7d1b099131c94ec50bdc57448d81f12d67a4bddf99fce631c88f331
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oidc.idp.elogin.e-access.hr-access.page/lrr/attLRR/LrrController?policyupdate_schedule_view=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 22:24:48 GMT
content-security-policy
default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 04 Dec 2022 20:56:47 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-powered-by
Express
etag
W/"1744e-184deed56ac"
content-type
image/gif
cache-control
public, max-age=0
permissions-policy
interest-cohort=()
accept-ranges
bytes
content-length
95310
x-xss-protection
1; mode=block
flat_faq-reverse_icon_rgb_blu_modified_18x18.png
oidc.idp.elogin.e-access.hr-access.page/img/
1023 B
1 KB
Image
General
Full URL
https://oidc.idp.elogin.e-access.hr-access.page/img/flat_faq-reverse_icon_rgb_blu_modified_18x18.png
Requested by
Host: oidc.idp.elogin.e-access.hr-access.page
URL: https://oidc.idp.elogin.e-access.hr-access.page/lrr/attLRR/LrrController?policyupdate_schedule_view=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.141.58.167 Las Vegas, United States, ASN53667 (PONYNET, US),
Reverse DNS
Software
nginx / Express
Resource Hash
287e57ae4b394a4912f51899e4537fb4a9c3a9f307ad0e1f539f8aeb46bdb042
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oidc.idp.elogin.e-access.hr-access.page/lrr/attLRR/LrrController?policyupdate_schedule_view=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 22:24:48 GMT
content-security-policy
default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 04 Dec 2022 20:56:47 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-powered-by
Express
etag
W/"3ff-184deed5964"
content-type
image/png
cache-control
public, max-age=0
permissions-policy
interest-cohort=()
accept-ranges
bytes
content-length
1023
x-xss-protection
1; mode=block
ATTAleckSans_W_Md.woff
oidc.idp.elogin.e-access.hr-access.page/fonts/WOFF/
23 KB
24 KB
Font
General
Full URL
https://oidc.idp.elogin.e-access.hr-access.page/fonts/WOFF/ATTAleckSans_W_Md.woff
Requested by
Host: oidc.idp.elogin.e-access.hr-access.page
URL: https://oidc.idp.elogin.e-access.hr-access.page/css/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.141.58.167 Las Vegas, United States, ASN53667 (PONYNET, US),
Reverse DNS
Software
nginx / Express
Resource Hash
d0c4812c9f1b672a7ea3420b10ea389cabb4b50694418965003250c876a2b13b
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://oidc.idp.elogin.e-access.hr-access.page/css/fonts.css
Origin
https://oidc.idp.elogin.e-access.hr-access.page
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 22:24:48 GMT
content-security-policy
default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 04 Dec 2022 20:56:48 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-powered-by
Express
etag
W/"5d6c-184deed5d14"
content-type
font/woff
cache-control
public, max-age=0
permissions-policy
interest-cohort=()
accept-ranges
bytes
content-length
23916
x-xss-protection
1; mode=block
ATTAleckSans_W_Rg.woff
oidc.idp.elogin.e-access.hr-access.page/fonts/WOFF/
22 KB
23 KB
Font
General
Full URL
https://oidc.idp.elogin.e-access.hr-access.page/fonts/WOFF/ATTAleckSans_W_Rg.woff
Requested by
Host: oidc.idp.elogin.e-access.hr-access.page
URL: https://oidc.idp.elogin.e-access.hr-access.page/css/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.141.58.167 Las Vegas, United States, ASN53667 (PONYNET, US),
Reverse DNS
Software
nginx / Express
Resource Hash
07b3a3d0f02092988f8b70fa51992fa109b23bbc82638fc857dee5ee0e3ad5dc
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://oidc.idp.elogin.e-access.hr-access.page/css/fonts.css
Origin
https://oidc.idp.elogin.e-access.hr-access.page
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 22:24:48 GMT
content-security-policy
default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 04 Dec 2022 20:56:48 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-powered-by
Express
etag
W/"5948-184deed5c28"
content-type
font/woff
cache-control
public, max-age=0
permissions-policy
interest-cohort=()
accept-ranges
bytes
content-length
22856
x-xss-protection
1; mode=block
ATTAleckSans_W_Bd.woff
oidc.idp.elogin.e-access.hr-access.page/fonts/WOFF/
23 KB
23 KB
Font
General
Full URL
https://oidc.idp.elogin.e-access.hr-access.page/fonts/WOFF/ATTAleckSans_W_Bd.woff
Requested by
Host: oidc.idp.elogin.e-access.hr-access.page
URL: https://oidc.idp.elogin.e-access.hr-access.page/css/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.141.58.167 Las Vegas, United States, ASN53667 (PONYNET, US),
Reverse DNS
Software
nginx / Express
Resource Hash
f13ffc0adc7e47990e67bcfb8f355a65c29361b12f0f20d5067ac880393685bc
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://oidc.idp.elogin.e-access.hr-access.page/css/fonts.css
Origin
https://oidc.idp.elogin.e-access.hr-access.page
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 22:24:48 GMT
content-security-policy
default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 04 Dec 2022 20:56:48 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-powered-by
Express
etag
W/"5a0c-184deed5e04"
content-type
font/woff
cache-control
public, max-age=0
permissions-policy
interest-cohort=()
accept-ranges
bytes
content-length
23052
x-xss-protection
1; mode=block
flat_check_icon_rgb_wht.png
oidc.idp.elogin.e-access.hr-access.page/img/
9 KB
10 KB
Image
General
Full URL
https://oidc.idp.elogin.e-access.hr-access.page/img/flat_check_icon_rgb_wht.png
Requested by
Host: oidc.idp.elogin.e-access.hr-access.page
URL: https://oidc.idp.elogin.e-access.hr-access.page/css/checkbox.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.141.58.167 Las Vegas, United States, ASN53667 (PONYNET, US),
Reverse DNS
Software
nginx / Express
Resource Hash
adcfe7d308651f937a03cf9b9bdd684074a95be39186aa8cd229b57485f929b8
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oidc.idp.elogin.e-access.hr-access.page/css/checkbox.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 22:24:48 GMT
content-security-policy
default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 04 Dec 2022 20:56:47 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-powered-by
Express
etag
W/"24b2-184deed5a44"
content-type
image/png
cache-control
public, max-age=0
permissions-policy
interest-cohort=()
accept-ranges
bytes
content-length
9394
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: AT&T (Telecommunication)

248 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange object| globals function| $ function| jQuery object| constants function| MobileKeyHandler function| ErrorMsgs object| scriptConstants function| HaloEBrowserInfo object| haloEBrowserInfo function| haloEAlert function| getEventTargetElement object| g_BlockUISettings boolean| g_MockMobile object| g_StateCookieHandler object| g_SessionCookieHandler boolean| g_enterPressed object| g_selectedQuestion function| handleEnterKey function| isPopulated function| trimElementValue function| trimFormUserId function| preventMultipleEnterKeys function| mobileLanguageChanged function| changeVerificationForm function| updateUserId function| globalPasswordChangeForm function| mobileKeyChangeForm function| onClickUseMobileKeyPasscodeOrTemporaryPasscode function| onClickMobileKeyNotification function| securityKeyChangeForm function| bioKeyChangeForm function| windowsChangeForm function| changeForm function| genericChangeForm function| disableActiveForm function| doChangeForm function| setFocusOnActiveForm function| setMenuItem object| bdAuthorizationTypes function| toggleBusinessDirectSettings function| setMockMobile function| onMobile boolean| g_isMobileDevice function| isMobileDevice function| isDeskTop function| hardOrSoft function| toggleSelectDiv function| enableSubmit function| disableSubmit function| formInputHandler function| glopasswordInputHandler function| glopasswordVerificationButtonEnabler function| glopasswordVerificationButtonEnablerOnPaste function| mobileKeyInputHandler function| mobileKeyDeviceATTUIDInputHandler function| mobileKeyMFAButtonEnabler function| mobileKeyMFAButtonEnablerOnPaste function| securIDsoftwareTokenInputHandler function| securIDhardwareTokenInputHandler function| safenetButtonInputHandler function| safenetZkButtonInputHandler function| pickerPageUIDInputHandler function| mtipsButtonInputHandler function| mtipsMFAButtonEnabler function| mtipsMFAButtonEnablerOnPaste function| safenetMFAButtonEnabler function| safenetMFAButtonEnablerOnPaste function| securIDMFAsoftwareTokenButtonEnabler function| securIDMFAsoftwareTokenOnPaste function| securIDMFAhardwareTokenButtonEnabler function| securIDMFAhardwareTokenButtonEnablerOnPaste function| mobileCancelFrontEnd function| mobileTimeOutFrontEnd function| mobileDeniedFrontEnd function| mobileErrorFrontEnd function| sendPushFrontEnd function| hideDropdown function| showDropdown function| getUserIdErrorMsg function| doPasswordOnClick function| doMobileKeyOnClick function| doSecuridSoftTokenOnClick function| doSecuridHardTokenOnClick function| doSafenetOnClick function| doMtipsOnClick function| verifyMKUserOnClick function| setStrReqLnkCookieForWinAuth function| doWindowsOnClick function| setPageUsedCookie function| setCSPEnvURL function| setStateCookie function| setPageReqCookie function| getWinAuthAlways function| getHardTokenPin function| getSoftOrHardToken function| getUserId function| chkRememberMe function| doYubiKeyOnClick function| doBioKeyOnClick function| doSecondaryAuthFormOnClick function| setCookie function| deleteCookie function| deleteCookieWithDomain function| enableRememeberMe function| getCookie function| translateToSpanish function| translateToEnglish function| removeError_script function| setBackgroundToDevRed function| changeUserId function| isSliderEnabled function| isSelectBoxVisible function| toggleCheckBoxClass function| toggleRememberMe function| toggleBDUserId function| updateRememberMe function| setRememberMe function| toggleMobileKeyPasscode function| StateCookieHandler function| SessionCookieHandler function| BusinessDirectHandler object| g_BusinessDirectHandler function| switchTokenStepEnabled function| setBDUserId function| sendBDUserId function| getTargetAuthPolicyOrWebsealUrl function| showYubiOTP function| getNextTabIndexElement function| initTabbing function| gloAutoFillChecker function| displayAuthNotificationMessage function| getZenKeyLearnLink function| goToZenKey function| getEncodedWarnerMediaUrlParams function| getEncodedCricketADUserUrl function| setUserIdReadOnly function| initStepUpConfiguration function| initZKLinkConfiguration function| goToZkUnderConst function| goToZkUnauthIDV function| goBacktoGLO function| showPickerPage function| pickerPageDoMobileKey function| rsaPopup function| disableApp function| setLoginTypes function| getLevelFromAcrValue function| isSecurIdAuthType3 function| lrrError function| switchToCricket function| hasClass function| addClass function| removeClass function| displayError function| displayInfo function| loginError function| pushDeniedError function| passwordExpirationInfo function| removeError function| enableBusinessDirect function| displayCricketLogo function| displayATTLogo function| mobileCancel function| mobileTimeOut function| mobileDenied function| mobileResend function| setSuccessName function| enableDevStyling function| updateInnerHTML function| displayBanner function| displayPresetBannerMessage function| displayInfoSection function| displayInfoSectionMessage function| changeMobileKeySubmitValue function| getUserIdText function| changeLanguage function| switchLanguage function| setLanguageDisplayText object| g_validLanguages function| initLanguage function| setLink function| displayMFA function| IeVersion object| IE function| getFaqLink string| strReqLnkCookieForWinAuth string| strWinAuthErrorNoError string| strWinAuthErrorOccured string| strWinAuthErrorCancelled string| strWinAuthErrorWindowsAuthFailed string| strWinAuthErrorInvalidDomain string| strWinAuthErrorCantFindATTUID string| strWinAuthErrorIDNotInCSP string| strWinAuthErrorInvalidCSPDomain string| strWinAuthErrorPwdExpired string| strWinAuthErrorBlockedAutoAuth string| strWinAuthErrorCantAutoAuth string| strMobileKeyErrorHlte26NotFound string| strMobileKeyErrorRememberMeNotFound string| strMobileKeyErrorExcessiveFailures string| strMobileKeyErrorLoginWithAnotherMethod string| strMobileKeyErrorNoDevicesRegistered string| strMobileKeyErrorUnableToInitiate string| strMobileKeyErrorNoSessionId string| strMobileKeyErrorStatusDenied string| strMobileKeyErrorInvalidAction string| strMobileKeyErrorInvalidValues string| strMobileKeyErrorInvalidParameters string| strMobileKeyErrorSoftLock string| strTokenOnly string| strLogonOption string| strRememberMe boolean| strPwdPlusStepEnabled string| SQ1 string| SQ2 string| strTokenStepEnabled string| strWinAuthAlwaysEnabled string| strShowBd string| strShowBanner string| strExternalRequest string| strShowCricket string| strHideATT string| strAttOnly string| statusCookieName string| hlte26CookieName boolean| strMobileKeyEnabled boolean| strMobileKeyPasscodeEnabled string| strUser string| mkClassName object| elems undefined| bannerMessage undefined| d undefined| expires undefined| selectobject undefined| hlte26Value string| optOutOption boolean| showOptOutLink undefined| legacyCookieValue undefined| issuesDiv undefined| msg function| initMobileKeyHandler function| jspSendPush function| jspCancelMobileKey function| getErrorMessage function| doGlobalLoginPasswordOnclick string| type object| jQuery112409840921805668346

1 Cookies

Domain/Path Name / Value
oidc.idp.elogin.e-access.hr-access.page/ Name: connect.sid
Value: s%3A_LXwDRXXI3v5Oy1j_ydog8-VSA9pAeJE.1pUS0qkbv1%2Bx%2FMkt2zh%2F8AfEkgShJHVsT9MjxWKSAIo

1 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

oidc.idp.elogin.e-access.hr-access.page
209.141.58.167
05ef89ea4818d5285c761e6810e57f42cb12887f87d7b551001b9fa9114ab281
07b3a3d0f02092988f8b70fa51992fa109b23bbc82638fc857dee5ee0e3ad5dc
1e72341a06438f1ae82a3e9204b5f788179e0d7da87738c6fe8f4894dad63f65
287e57ae4b394a4912f51899e4537fb4a9c3a9f307ad0e1f539f8aeb46bdb042
43d09eda46c8844e9674fe19c3efde71e12a8142491024e3d91976418e78f1c7
44f2d8ede3c0a0af465e298c70249dc11e197ab27f989a8533b711390cd4b3e5
4a6500fffb1823beca8bd2c203014d05111e97a82dbbb8516a642abb03bf7bf2
50fd4389b7d1b099131c94ec50bdc57448d81f12d67a4bddf99fce631c88f331
52ff301071b4cc16f63b368919bbd3ff39dd95bfe0adc2645d6892e99540d26e
5f43c44a03507663f45f0275597874d6ed132cf38a09775d997ba3669f64edb4
65be7ab7ebc8185b6bed8e5cf08d95eaa0e513c11c079c5cdd53f8a5bf1c3d8b
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
79581aa279a6149075cfbc81498d3cbf1a2f97d42e18f99ac31f0df146c51352
797a15feeda1e7b357f44901a9928fb2966da4e03fb5b096086e6804e4019c57
7b805db72e0cc834c7eb3d46314c1d24ba350c94c4984f00b293d2f5c479b961
a68f3e45b7cff940ff8d8b0a52a33badc3b57f4a39a2c43c4ab39e48cea01e70
adcfe7d308651f937a03cf9b9bdd684074a95be39186aa8cd229b57485f929b8
af15a53c5aa232d5e484741b3ee4cb79a9389722511b68d8a6ed32d8187ff6e7
b49473946e0f559b9aacced166135ed5197eff465359dc8c16b3d275902d3c1f
bdbedf18f8a3a36256f6819fe27c6fc76c2e64dea340bce4ed775c77fd982032
bf67b77cbcf754d433bbe446ffa8b71c0b754d8bfdc90de00e5302b395d673e2
d0c4812c9f1b672a7ea3420b10ea389cabb4b50694418965003250c876a2b13b
e0d8b0a3e96ae24cdfe789d7fcf700a7facdaf123df06d7aa197a3d6d8fba239
eeb53ea50b8125332e1fefe5184772b5e5ddbcd7fc53488c11d24199c5b239b4
f13ffc0adc7e47990e67bcfb8f355a65c29361b12f0f20d5067ac880393685bc
f6d42cb379699d42bdcdc1ca1d7fc6a2253691efc617edabb221052415f05eaa