paperlesspay.talx.com Open in urlscan Pro
12.148.77.46 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://paperlesspay.talx.com/shell
Submission: On January 18 via manual (January 18th 2022, 3:43:54 am UTC) from IN — Scanned from DE

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 15 HTTP transactions. The main IP is 12.148.77.46, located in United States and belongs to INS-AS, US. The main domain is paperlesspay.talx.com. The Cisco Umbrella rank of the primary domain is 859734.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on December 7th 2021. Valid for: a year.

This is the only time paperlesspay.talx.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	12.148.77.46 12.148.77.46	2386 (INS-AS) (INS-AS)
1 1	107.162.153.204 107.162.153.204	55002 (DEFENSE-NET) (DEFENSE-NET)
1	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
15	2

14 12.148.77.46 (United States)

ASN2386 (INS-AS, US)
PTR: paperlesspay.talx.com

paperlesspay.talx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.162.153.204 (United States) 1 redirects

ASN55002 (DEFENSE-NET, US)

www.equifax.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

assets.equifax.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	talx.com paperlesspay.talx.com — Cisco Umbrella Rank: 859734	199 KB
2	equifax.com 1 redirects www.equifax.com — Cisco Umbrella Rank: 114015 assets.equifax.com — Cisco Umbrella Rank: 76394	43 KB
15	2

	Domain	Requested by
14	paperlesspay.talx.com	paperlesspay.talx.com
1	assets.equifax.com	paperlesspay.talx.com
1	www.equifax.com	1 redirects
15	3

This site contains no links.

Subject Issuer	Validity	Valid
paperlesspay.talx.com Sectigo RSA Organization Validation Secure Server CA	`2021-12-07` - `2022-12-07`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://paperlesspay.talx.com/shell
Frame ID: C0BF2349E109710F924877F895039E63
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Paperless Pay Login

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

15
Requests

93 %
HTTPS

33 %
IPv6

2
Domains

3
Subdomains

2
IPs

1
Countries

242 kB
Transfer

646 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://www.equifax.com/global/images/logos/logo_white_123x24.png HTTP 301
https://assets.equifax.com/global/images/logos/efxLogo_127x24.png

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request shell Show response
paperlesspay.talx.com/ 8 KB
9 KB 1035ms
628ms Document
text/html 12.148.77.46
INS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://paperlesspay.talx.com/shell

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

12.148.77.46 , United States, ASN2386 (INS-AS, US),

Reverse DNS

paperlesspay.talx.com

Software

Resource Hash

76f3d55dfda517129579f791f8d64cb47b62b2fec69ade98e6e83c8b344166ad

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' www.googletagmanager.com www.google-analytics.com www.gstatic.com www.google.com 'unsafe-inline' 'unsafe-eval' localhost:* https://equifax.122.2o7.net .equifax.com .sldmz1.com .qualtrics.com .walletinsights.com .limelight.com .googleapis.com .lvp.llnw.net .cloudflare.com blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Tue, 18 Jan 2022 03:43:44 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 7998
Connection: keep-alive
Cache-Control: private
Access-Control-Allow-Origin: *
X-Xss-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: script-src 'self' www.googletagmanager.com www.google-analytics.com www.gstatic.com www.google.com 'unsafe-inline' 'unsafe-eval' localhost:* https://equifax.122.2o7.net *.equifax.com *.sldmz1.com *.qualtrics.com *.walletinsights.com *.limelight.com *.googleapis.com *.lvp.llnw.net *.cloudflare.com blob:;

GET
H/1.1 200
OK jquery.min.js Show response
paperlesspay.talx.com/ewsweb/Scripts/ 86 KB
31 KB 200ms
200ms Script
application/javascript 12.148.77.46
INS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://paperlesspay.talx.com/ewsweb/Scripts/jquery.min.js

Requested by

Host: paperlesspay.talx.com
URL: https://paperlesspay.talx.com/shell

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

12.148.77.46 , United States, ASN2386 (INS-AS, US),

Reverse DNS

paperlesspay.talx.com

Software

Resource Hash

412b8ff9c5ab32b9019fcd84bcd4a54c0e265a14528474f4ee45b27a20abeaeb

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' www.googletagmanager.com www.google-analytics.com www.gstatic.com www.google.com 'unsafe-inline' 'unsafe-eval' localhost:* https://equifax.122.2o7.net .equifax.com .sldmz1.com .qualtrics.com .walletinsights.com .limelight.com .googleapis.com .lvp.llnw.net .cloudflare.com blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paperlesspay.talx.com/shell
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 18 Jan 2022 03:43:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 29 Nov 2021 16:15:32 GMT
ETag: "0ea24553ce5d71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Security-Policy: script-src 'self' www.googletagmanager.com www.google-analytics.com www.gstatic.com www.google.com 'unsafe-inline' 'unsafe-eval' localhost:* https://equifax.122.2o7.net *.equifax.com *.sldmz1.com *.qualtrics.com *.walletinsights.com *.limelight.com *.googleapis.com *.lvp.llnw.net *.cloudflare.com blob:;
Strict-Transport-Security: max-age=31536000; includeSubDomains
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 30747
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK bootstrap.min.css
paperlesspay.talx.com/ewsweb/src/assets/css/ 118 KB
20 KB 824ms
599ms Stylesheet
text/css 12.148.77.46
INS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://paperlesspay.talx.com/ewsweb/src/assets/css/bootstrap.min.css

Requested by

Host: paperlesspay.talx.com
URL: https://paperlesspay.talx.com/shell

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

12.148.77.46 , United States, ASN2386 (INS-AS, US),

Reverse DNS

paperlesspay.talx.com

Software

Resource Hash

3ff08528d38aa8cbfa5eb6df7a9f33d7497bdf7b70f2888bbd942afc41f0fa61

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' www.googletagmanager.com www.google-analytics.com www.gstatic.com www.google.com 'unsafe-inline' 'unsafe-eval' localhost:* https://equifax.122.2o7.net .equifax.com .sldmz1.com .qualtrics.com .walletinsights.com .limelight.com .googleapis.com .lvp.llnw.net .cloudflare.com blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paperlesspay.talx.com/shell
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 18 Jan 2022 03:43:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 29 Nov 2021 16:15:32 GMT
ETag: "0ea24553ce5d71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Security-Policy: script-src 'self' www.googletagmanager.com www.google-analytics.com www.gstatic.com www.google.com 'unsafe-inline' 'unsafe-eval' localhost:* https://equifax.122.2o7.net *.equifax.com *.sldmz1.com *.qualtrics.com *.walletinsights.com *.limelight.com *.googleapis.com *.lvp.llnw.net *.cloudflare.com blob:;
Strict-Transport-Security: max-age=31536000; includeSubDomains
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 19637
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK font-awesome.min.css
paperlesspay.talx.com/ewsweb/src/assets/css/ 28 KB
7 KB 609ms
383ms Stylesheet
text/css 12.148.77.46
INS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://paperlesspay.talx.com/ewsweb/src/assets/css/font-awesome.min.css

Requested by

Host: paperlesspay.talx.com
URL: https://paperlesspay.talx.com/shell

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

12.148.77.46 , United States, ASN2386 (INS-AS, US),

Reverse DNS

paperlesspay.talx.com

Software

Resource Hash

ed0f05101d480726c58bcd4956a1e7b02f12b538d02058f1b0ebfdabe8a7ef42

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' www.googletagmanager.com www.google-analytics.com www.gstatic.com www.google.com 'unsafe-inline' 'unsafe-eval' localhost:* https://equifax.122.2o7.net .equifax.com .sldmz1.com .qualtrics.com .walletinsights.com .limelight.com .googleapis.com .lvp.llnw.net .cloudflare.com blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paperlesspay.talx.com/shell
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 18 Jan 2022 03:43:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 29 Nov 2021 16:15:32 GMT
ETag: "0ea24553ce5d71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Security-Policy: script-src 'self' www.googletagmanager.com www.google-analytics.com www.gstatic.com www.google.com 'unsafe-inline' 'unsafe-eval' localhost:* https://equifax.122.2o7.net *.equifax.com *.sldmz1.com *.qualtrics.com *.walletinsights.com *.limelight.com *.googleapis.com *.lvp.llnw.net *.cloudflare.com blob:;
Strict-Transport-Security: max-age=31536000; includeSubDomains
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 6606
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK fonts.css
paperlesspay.talx.com/ewsweb/Content/coe/ 28 KB
8 KB 653ms
425ms Stylesheet
text/css 12.148.77.46
INS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://paperlesspay.talx.com/ewsweb/Content/coe/fonts.css

Requested by

Host: paperlesspay.talx.com
URL: https://paperlesspay.talx.com/shell

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

12.148.77.46 , United States, ASN2386 (INS-AS, US),

Reverse DNS

paperlesspay.talx.com

Software

Resource Hash

700101783abdbaa4c41ed4fff5327c51d1985960f92e25db991f29b923bc2160

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' www.googletagmanager.com www.google-analytics.com www.gstatic.com www.google.com 'unsafe-inline' 'unsafe-eval' localhost:* https://equifax.122.2o7.net .equifax.com .sldmz1.com .qualtrics.com .walletinsights.com .limelight.com .googleapis.com .lvp.llnw.net .cloudflare.com blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paperlesspay.talx.com/shell
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 18 Jan 2022 03:43:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 29 Nov 2021 16:15:32 GMT
ETag: "0ea24553ce5d71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Security-Policy: script-src 'self' www.googletagmanager.com www.google-analytics.com www.gstatic.com www.google.com 'unsafe-inline' 'unsafe-eval' localhost:* https://equifax.122.2o7.net *.equifax.com *.sldmz1.com *.qualtrics.com *.walletinsights.com *.limelight.com *.googleapis.com *.lvp.llnw.net *.cloudflare.com blob:;
Strict-Transport-Security: max-age=31536000; includeSubDomains
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 7085
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK ux-framework.css
paperlesspay.talx.com/ewsweb/Content/coe/ 48 KB
10 KB 735ms
507ms Stylesheet
text/css 12.148.77.46
INS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://paperlesspay.talx.com/ewsweb/Content/coe/ux-framework.css

Requested by

Host: paperlesspay.talx.com
URL: https://paperlesspay.talx.com/shell

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

12.148.77.46 , United States, ASN2386 (INS-AS, US),

Reverse DNS

paperlesspay.talx.com

Software

Resource Hash

934cd07cf8ab7d2e929574764b6d67e3bcf3c2bfeb91837a93076520b9921e51

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' www.googletagmanager.com www.google-analytics.com www.gstatic.com www.google.com 'unsafe-inline' 'unsafe-eval' localhost:* https://equifax.122.2o7.net .equifax.com .sldmz1.com .qualtrics.com .walletinsights.com .limelight.com .googleapis.com .lvp.llnw.net .cloudflare.com blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paperlesspay.talx.com/shell
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 18 Jan 2022 03:43:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 29 Nov 2021 16:15:32 GMT
ETag: "0ea24553ce5d71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Security-Policy: script-src 'self' www.googletagmanager.com www.google-analytics.com www.gstatic.com www.google.com 'unsafe-inline' 'unsafe-eval' localhost:* https://equifax.122.2o7.net *.equifax.com *.sldmz1.com *.qualtrics.com *.walletinsights.com *.limelight.com *.googleapis.com *.lvp.llnw.net *.cloudflare.com blob:;
Strict-Transport-Security: max-age=31536000; includeSubDomains
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 9184
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK white-label.css
paperlesspay.talx.com/ewsweb/Content/coe/ 6 KB
3 KB 502ms
273ms Stylesheet
text/css 12.148.77.46
INS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://paperlesspay.talx.com/ewsweb/Content/coe/white-label.css

Requested by

Host: paperlesspay.talx.com
URL: https://paperlesspay.talx.com/shell

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

12.148.77.46 , United States, ASN2386 (INS-AS, US),

Reverse DNS

paperlesspay.talx.com

Software

Resource Hash

9eca01a7a3923b54d01cbbba19634337e12dac003abde26d2bbc1fd08bd1373e

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' www.googletagmanager.com www.google-analytics.com www.gstatic.com www.google.com 'unsafe-inline' 'unsafe-eval' localhost:* https://equifax.122.2o7.net .equifax.com .sldmz1.com .qualtrics.com .walletinsights.com .limelight.com .googleapis.com .lvp.llnw.net .cloudflare.com blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paperlesspay.talx.com/shell
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 18 Jan 2022 03:43:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 29 Nov 2021 16:15:32 GMT
ETag: "0ea24553ce5d71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Security-Policy: script-src 'self' www.googletagmanager.com www.google-analytics.com www.gstatic.com www.google.com 'unsafe-inline' 'unsafe-eval' localhost:* https://equifax.122.2o7.net *.equifax.com *.sldmz1.com *.qualtrics.com *.walletinsights.com *.limelight.com *.googleapis.com *.lvp.llnw.net *.cloudflare.com blob:;
Strict-Transport-Security: max-age=31536000; includeSubDomains
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 1622
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK common.css
paperlesspay.talx.com/ewsweb/src/assets/css/ 102 KB
19 KB 485ms
167ms Stylesheet
text/css 12.148.77.46
INS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://paperlesspay.talx.com/ewsweb/src/assets/css/common.css

Requested by

Host: paperlesspay.talx.com
URL: https://paperlesspay.talx.com/shell

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

12.148.77.46 , United States, ASN2386 (INS-AS, US),

Reverse DNS

paperlesspay.talx.com

Software

Resource Hash

caf8ce4bb41e55ceea1d2ced54c640306219f3e7408a91ca5484aa1d99a82e8a

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' www.googletagmanager.com www.google-analytics.com www.gstatic.com www.google.com 'unsafe-inline' 'unsafe-eval' localhost:* https://equifax.122.2o7.net .equifax.com .sldmz1.com .qualtrics.com .walletinsights.com .limelight.com .googleapis.com .lvp.llnw.net .cloudflare.com blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paperlesspay.talx.com/shell
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 18 Jan 2022 03:43:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 29 Nov 2021 16:15:32 GMT
ETag: "0ea24553ce5d71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Security-Policy: script-src 'self' www.googletagmanager.com www.google-analytics.com www.gstatic.com www.google.com 'unsafe-inline' 'unsafe-eval' localhost:* https://equifax.122.2o7.net *.equifax.com *.sldmz1.com *.qualtrics.com *.walletinsights.com *.limelight.com *.googleapis.com *.lvp.llnw.net *.cloudflare.com blob:;
Strict-Transport-Security: max-age=31536000; includeSubDomains
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 18428
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK simple_login.css
paperlesspay.talx.com/ewsweb/Content/coe/ 3 KB
2 KB 665ms
162ms Stylesheet
text/css 12.148.77.46
INS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://paperlesspay.talx.com/ewsweb/Content/coe/simple_login.css

Requested by

Host: paperlesspay.talx.com
URL: https://paperlesspay.talx.com/shell

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

12.148.77.46 , United States, ASN2386 (INS-AS, US),

Reverse DNS

paperlesspay.talx.com

Software

Resource Hash

3a5ecdb293a28bcbf1923dd90f9ec01925ccff14d7d8d0fd4d11cac996edb33c

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' www.googletagmanager.com www.google-analytics.com www.gstatic.com www.google.com 'unsafe-inline' 'unsafe-eval' localhost:* https://equifax.122.2o7.net .equifax.com .sldmz1.com .qualtrics.com .walletinsights.com .limelight.com .googleapis.com .lvp.llnw.net .cloudflare.com blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paperlesspay.talx.com/shell
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 18 Jan 2022 03:43:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 29 Nov 2021 16:15:32 GMT
ETag: "0ea24553ce5d71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Security-Policy: script-src 'self' www.googletagmanager.com www.google-analytics.com www.gstatic.com www.google.com 'unsafe-inline' 'unsafe-eval' localhost:* https://equifax.122.2o7.net *.equifax.com *.sldmz1.com *.qualtrics.com *.walletinsights.com *.limelight.com *.googleapis.com *.lvp.llnw.net *.cloudflare.com blob:;
Strict-Transport-Security: max-age=31536000; includeSubDomains
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 855
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK footer.png
paperlesspay.talx.com/ewsweb/src/assets/ 13 KB
13 KB 309ms
309ms Image
image/png 12.148.77.46
INS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paperlesspay.talx.com/ewsweb/src/assets/footer.png

Requested by

Host: paperlesspay.talx.com
URL: https://paperlesspay.talx.com/shell

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

12.148.77.46 , United States, ASN2386 (INS-AS, US),

Reverse DNS

paperlesspay.talx.com

Software

Resource Hash

08006e8c198d9353e038027bfc9476359a1da1aaa4fcabdb6209bc813892e2e3

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' www.googletagmanager.com www.google-analytics.com www.gstatic.com www.google.com 'unsafe-inline' 'unsafe-eval' localhost:* https://equifax.122.2o7.net .equifax.com .sldmz1.com .qualtrics.com .walletinsights.com .limelight.com .googleapis.com .lvp.llnw.net .cloudflare.com blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paperlesspay.talx.com/shell
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 18 Jan 2022 03:43:46 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 29 Nov 2021 16:15:32 GMT
X-Frame-Options: SAMEORIGIN
ETag: "0ea24553ce5d71:0"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Access-Control-Allow-Origin: *
Content-Security-Policy: script-src 'self' www.googletagmanager.com www.google-analytics.com www.gstatic.com www.google.com 'unsafe-inline' 'unsafe-eval' localhost:* https://equifax.122.2o7.net *.equifax.com *.sldmz1.com *.qualtrics.com *.walletinsights.com *.limelight.com *.googleapis.com *.lvp.llnw.net *.cloudflare.com blob:;
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12839
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK bootstrap.min.js Show response
paperlesspay.talx.com/ewsweb/src/assets/js/ 66 KB
17 KB 348ms
348ms Script
application/javascript 12.148.77.46
INS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://paperlesspay.talx.com/ewsweb/src/assets/js/bootstrap.min.js

Requested by

Host: paperlesspay.talx.com
URL: https://paperlesspay.talx.com/shell

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

12.148.77.46 , United States, ASN2386 (INS-AS, US),

Reverse DNS

paperlesspay.talx.com

Software

Resource Hash

72a01bf6424f8086fad5bfe77fa75fad6396aafefb9d7c33ec5cccfaa26144cf

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' www.googletagmanager.com www.google-analytics.com www.gstatic.com www.google.com 'unsafe-inline' 'unsafe-eval' localhost:* https://equifax.122.2o7.net .equifax.com .sldmz1.com .qualtrics.com .walletinsights.com .limelight.com .googleapis.com .lvp.llnw.net .cloudflare.com blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paperlesspay.talx.com/shell
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 18 Jan 2022 03:43:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 29 Nov 2021 16:15:36 GMT
ETag: "04487573ce5d71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Security-Policy: script-src 'self' www.googletagmanager.com www.google-analytics.com www.gstatic.com www.google.com 'unsafe-inline' 'unsafe-eval' localhost:* https://equifax.122.2o7.net *.equifax.com *.sldmz1.com *.qualtrics.com *.walletinsights.com *.limelight.com *.googleapis.com *.lvp.llnw.net *.cloudflare.com blob:;
Strict-Transport-Security: max-age=31536000; includeSubDomains
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 16662
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK fastclick.js Show response
paperlesspay.talx.com/ewsweb/src/assets/js/ 26 KB
8 KB 175ms
174ms Script
application/javascript 12.148.77.46
INS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://paperlesspay.talx.com/ewsweb/src/assets/js/fastclick.js

Requested by

Host: paperlesspay.talx.com
URL: https://paperlesspay.talx.com/shell

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

12.148.77.46 , United States, ASN2386 (INS-AS, US),

Reverse DNS

paperlesspay.talx.com

Software

Resource Hash

32544945f4c6d64454e52fc7de9f86e8cd08fbbbe7b745dec9a86b2262f7912f

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' www.googletagmanager.com www.google-analytics.com www.gstatic.com www.google.com 'unsafe-inline' 'unsafe-eval' localhost:* https://equifax.122.2o7.net .equifax.com .sldmz1.com .qualtrics.com .walletinsights.com .limelight.com .googleapis.com .lvp.llnw.net .cloudflare.com blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paperlesspay.talx.com/shell
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 18 Jan 2022 03:43:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 29 Nov 2021 16:15:36 GMT
ETag: "04487573ce5d71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Security-Policy: script-src 'self' www.googletagmanager.com www.google-analytics.com www.gstatic.com www.google.com 'unsafe-inline' 'unsafe-eval' localhost:* https://equifax.122.2o7.net *.equifax.com *.sldmz1.com *.qualtrics.com *.walletinsights.com *.limelight.com *.googleapis.com *.lvp.llnw.net *.cloudflare.com blob:;
Strict-Transport-Security: max-age=31536000; includeSubDomains
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 7659
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK nprogress.js Show response
paperlesspay.talx.com/ewsweb/src/assets/js/ 12 KB
4 KB 172ms
171ms Script
application/javascript 12.148.77.46
INS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://paperlesspay.talx.com/ewsweb/src/assets/js/nprogress.js

Requested by

Host: paperlesspay.talx.com
URL: https://paperlesspay.talx.com/shell

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

12.148.77.46 , United States, ASN2386 (INS-AS, US),

Reverse DNS

paperlesspay.talx.com

Software

Resource Hash

a72012b3642be3b36f022c4a2168ee5d624631a511e0fd816ec9addf1767aa43

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' www.googletagmanager.com www.google-analytics.com www.gstatic.com www.google.com 'unsafe-inline' 'unsafe-eval' localhost:* https://equifax.122.2o7.net .equifax.com .sldmz1.com .qualtrics.com .walletinsights.com .limelight.com .googleapis.com .lvp.llnw.net .cloudflare.com blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paperlesspay.talx.com/shell
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 18 Jan 2022 03:43:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 29 Nov 2021 16:15:36 GMT
ETag: "04487573ce5d71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Security-Policy: script-src 'self' www.googletagmanager.com www.google-analytics.com www.gstatic.com www.google.com 'unsafe-inline' 'unsafe-eval' localhost:* https://equifax.122.2o7.net *.equifax.com *.sldmz1.com *.qualtrics.com *.walletinsights.com *.limelight.com *.googleapis.com *.lvp.llnw.net *.cloudflare.com blob:;
Strict-Transport-Security: max-age=31536000; includeSubDomains
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 3607
X-Xss-Protection: 1; mode=block

GET
H2

200

efxLogo_127x24.png
assets.equifax.com/global/images/logos/
Redirect Chain

https://www.equifax.com/global/images/logos/logo_white_123x24.png
https://assets.equifax.com/global/images/logos/efxLogo_127x24.png

55 KB
42 KB

109ms
9ms

Image
image/png

2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.equifax.com/global/images/logos/efxLogo_127x24.png
Requested by: Host: paperlesspay.talx.com
URL: https://paperlesspay.talx.com/ewsweb/Content/coe/ux-framework.css
Protocol: H2
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FA9) /
Resource Hash: 195f23df1a0008c86c3bf035a671b986a40715b87bc8344aaac4befb86ae9e08

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paperlesspay.talx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 18 Jan 2022 03:43:46 GMT
content-encoding: gzip
content-md5: phk5QNbP0pzPggN03O+0/Q==
age: 254986
x-cache: HIT
content-length: 42915
x-ms-lease-status: unlocked
last-modified: Mon, 18 Sep 2017 19:59:10 GMT
server: ECAcc (frc/8FA9)
etag: 0x8D4FECFBA45A112
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: e5a4d379-801e-003d-6ccb-096e53000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=604800
x-ms-version: 2009-09-19
expires: Tue, 25 Jan 2022 03:43:46 GMT

Redirect headers

Location: https://assets.equifax.com/global/images/logos/efxLogo_127x24.png
Date: Tue, 18 Jan 2022 03:43:46 GMT
Via: 1.1 fra1-bit12009
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 273
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK bcf54343-d033-41ee-bbd7-2b77df3fe7ba.woff
paperlesspay.talx.com/ewsweb/Content/coe/fonts/ 47 KB
48 KB 326ms
326ms Font
font/woff 12.148.77.46
INS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://paperlesspay.talx.com/ewsweb/Content/coe/fonts/bcf54343-d033-41ee-bbd7-2b77df3fe7ba.woff

Requested by

Host: paperlesspay.talx.com
URL: https://paperlesspay.talx.com/ewsweb/Content/coe/fonts.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

12.148.77.46 , United States, ASN2386 (INS-AS, US),

Reverse DNS

paperlesspay.talx.com

Software

Resource Hash

dac5803d6cbe40244dfd39661406239f83e94e86c976e7229a4e35305a9b5efe

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' www.googletagmanager.com www.google-analytics.com www.gstatic.com www.google.com 'unsafe-inline' 'unsafe-eval' localhost:* https://equifax.122.2o7.net .equifax.com .sldmz1.com .qualtrics.com .walletinsights.com .limelight.com .googleapis.com .lvp.llnw.net .cloudflare.com blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://paperlesspay.talx.com/ewsweb/Content/coe/fonts.css
Origin: https://paperlesspay.talx.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 18 Jan 2022 03:43:46 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 29 Nov 2021 16:15:32 GMT
X-Frame-Options: SAMEORIGIN
ETag: "0ea24553ce5d71:0"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: font/woff
Access-Control-Allow-Origin: *
Content-Security-Policy: script-src 'self' www.googletagmanager.com www.google-analytics.com www.gstatic.com www.google.com 'unsafe-inline' 'unsafe-eval' localhost:* https://equifax.122.2o7.net *.equifax.com *.sldmz1.com *.qualtrics.com *.walletinsights.com *.limelight.com *.googleapis.com *.lvp.llnw.net *.cloudflare.com blob:;
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 47748
X-Xss-Protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.paperlesspay.talx.com/	1969-12-31 23:59:59	Name: TS01e9839e Value: 01a1343a2450e99c9abe5ade8d510136cfcc1465bf36b103bb9929f2a3b17a338214e6bc5261804e07382dd7f878bebebb2d297917

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	script-src 'self' www.googletagmanager.com www.google-analytics.com www.gstatic.com www.google.com 'unsafe-inline' 'unsafe-eval' localhost:* https://equifax.122.2o7.net .equifax.com .sldmz1.com .qualtrics.com .walletinsights.com .limelight.com .googleapis.com .lvp.llnw.net .cloudflare.com blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.equifax.com
paperlesspay.talx.com
www.equifax.com
107.162.153.204
12.148.77.46
2606:2800:233:1cb7:261b:1f9c:2074:3c
08006e8c198d9353e038027bfc9476359a1da1aaa4fcabdb6209bc813892e2e3
195f23df1a0008c86c3bf035a671b986a40715b87bc8344aaac4befb86ae9e08
32544945f4c6d64454e52fc7de9f86e8cd08fbbbe7b745dec9a86b2262f7912f
3a5ecdb293a28bcbf1923dd90f9ec01925ccff14d7d8d0fd4d11cac996edb33c
3ff08528d38aa8cbfa5eb6df7a9f33d7497bdf7b70f2888bbd942afc41f0fa61
412b8ff9c5ab32b9019fcd84bcd4a54c0e265a14528474f4ee45b27a20abeaeb
700101783abdbaa4c41ed4fff5327c51d1985960f92e25db991f29b923bc2160
72a01bf6424f8086fad5bfe77fa75fad6396aafefb9d7c33ec5cccfaa26144cf
76f3d55dfda517129579f791f8d64cb47b62b2fec69ade98e6e83c8b344166ad
934cd07cf8ab7d2e929574764b6d67e3bcf3c2bfeb91837a93076520b9921e51
9eca01a7a3923b54d01cbbba19634337e12dac003abde26d2bbc1fd08bd1373e
a72012b3642be3b36f022c4a2168ee5d624631a511e0fd816ec9addf1767aa43
caf8ce4bb41e55ceea1d2ced54c640306219f3e7408a91ca5484aa1d99a82e8a
dac5803d6cbe40244dfd39661406239f83e94e86c976e7229a4e35305a9b5efe
ed0f05101d480726c58bcd4956a1e7b02f12b538d02058f1b0ebfdabe8a7ef42

paperlesspay.talx.com Open in urlscan Pro 12.148.77.46 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

15 Requests

93 %HTTPS

33 %IPv6

2 Domains

3 Subdomains

2 IPs

1 Countries

242 kBTransfer

646 kBSize

1 Cookies

0 Outgoing links

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

paperlesspay.talx.com Open in urlscan Pro
12.148.77.46 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

93 %
HTTPS

33 %
IPv6

2
Domains

3
Subdomains

2
IPs

1
Countries

242 kB
Transfer

646 kB
Size

1
Cookies

15 HTTP transactions
0 data transactions