urlscan.io logo urlscan.io
SecurityTrails logo

dhspens.athoc.com Open in urlscan Pro
15.205.58.124  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://dhspens.athoc.com/selfservice/PENSUSCIS
Effective URL: https://dhspens.athoc.com/SelfService/Responsive/ShowDisclaimer?ReturnUrl=https%3a%2f%2fdhspens.athoc.com%2fselfservice%2f...
Submission: On August 01 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 9 HTTP transactions. The main IP is 15.205.58.124, located in Boardman, United States and belongs to AMAZON EXPANSION, IE. The main domain is dhspens.athoc.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on April 2nd 2024. Valid for: a year.
This is the only time dhspens.athoc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 9 15.205.58.124 8987 (AMAZON EX...)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
9 2
Apex Domain
Subdomains		 Transfer
9 athoc.com
dhspens.athoc.com
236 KB
1 dhs.gov
www.dhs.gov — Cisco Umbrella Rank: 47398
37 KB
9 2
Domain Requested by
9 dhspens.athoc.com 1 redirects dhspens.athoc.com
1 www.dhs.gov dhspens.athoc.com
9 2

This site contains no links.

Subject Issuer Validity Valid
*.athoc.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-04-02 -
2025-05-03		 a year crt.sh
www.dhs.gov
GeoTrust RSA CA 2018		 2024-03-06 -
2025-02-13		 a year crt.sh

This page contains 1 frames:

Primary Page: https://dhspens.athoc.com/SelfService/Responsive/ShowDisclaimer?ReturnUrl=https%3a%2f%2fdhspens.athoc.com%2fselfservice%2fPENSUSCIS
Frame ID: F675FF8374AF2381806143EEF1030728
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

BlackBerry AtHoc | Haftungsausschluss

Page URL History Show full URLs

  1. https://dhspens.athoc.com/selfservice/PENSUSCIS HTTP 302
    https://dhspens.athoc.com/SelfService/Responsive/ShowDisclaimer?ReturnUrl=https%3a%2f%2fdhspens.athoc.... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

9
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

272 kB
Transfer

657 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://dhspens.athoc.com/selfservice/PENSUSCIS HTTP 302
    https://dhspens.athoc.com/SelfService/Responsive/ShowDisclaimer?ReturnUrl=https%3a%2f%2fdhspens.athoc.com%2fselfservice%2fPENSUSCIS Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ShowDisclaimer
dhspens.athoc.com/SelfService/Responsive/
Redirect Chain
  • https://dhspens.athoc.com/selfservice/PENSUSCIS
  • https://dhspens.athoc.com/SelfService/Responsive/ShowDisclaimer?ReturnUrl=https%3a%2f%2fdhspens.athoc.com%2fselfservice%2fPENSUSCIS
7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dhspens.athoc.com/SelfService/Responsive/ShowDisclaimer?ReturnUrl=https%3a%2f%2fdhspens.athoc.com%2fselfservice%2fPENSUSCIS
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
15.205.58.124 Boardman, United States, ASN8987 (AMAZON EXPANSION, IE),
Reverse DNS
ec2-15-205-58-124.us-gov-west-1.compute.amazonaws.com
Software
/
Resource Hash
1d733b612930b55d4c67b5ce2568a215917da7c2d18c1cc9530093d22af66c12
Security Headers
Name Value
Content-Security-Policy object-src 'none';default-src https: data: 'unsafe-inline' 'unsafe-eval' blob:;connect-src 'self' https: https://*.bbmenterprise.com wss://*.bbmenterprise.com ;img-src * 'self' blob: data:; frame-ancestors 'self' https://*.athoc.com
Strict-Transport-Security max-age=31536000; includeSubDomains; Preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Content-Encoding
gzip
Content-Length
3311
Content-Security-Policy
object-src 'none';default-src https: data: 'unsafe-inline' 'unsafe-eval' blob:;connect-src 'self' https: https://*.bbmenterprise.com wss://*.bbmenterprise.com ;img-src * 'self' blob: data:; frame-ancestors 'self' https://*.athoc.com
Content-Type
text/html; charset=utf-8
Date
Thu, 01 Aug 2024 10:07:26 GMT
Expires
-1
Pragma
no-cache
Referrer-Policy
same-origin
SERVER
Strict-Transport-Security
max-age=31536000; includeSubDomains; Preload
Vary
Accept-Encoding
X-ASPNET-VERSION
X-ASPNETMVC-VERSION
X-AspNetWebPages-Version
3.0
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN SAMEORIGIN
X-Powered-By
X-UA-Compatible
IE=Edge,chrome=1
X-Xss-Protection
1;mode=block

Redirect headers

Content-Length
223
Content-Security-Policy
object-src 'none';default-src https: data: 'unsafe-inline' 'unsafe-eval' blob:;connect-src 'self' https: https://*.bbmenterprise.com wss://*.bbmenterprise.com ;img-src * 'self' blob: data:; frame-ancestors 'self' https://*.athoc.com
Content-Type
text/html; charset=utf-8
Date
Thu, 01 Aug 2024 10:07:26 GMT
Location
/SelfService/Responsive/ShowDisclaimer?ReturnUrl=https%3a%2f%2fdhspens.athoc.com%2fselfservice%2fPENSUSCIS
Referrer-Policy
same-origin
SERVER
Strict-Transport-Security
max-age=31536000; includeSubDomains; Preload
X-ASPNET-VERSION
X-ASPNETMVC-VERSION
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Powered-By
X-UA-Compatible
IE=Edge,chrome=1
X-Xss-Protection
1;mode=block
bootstrap.min.css
dhspens.athoc.com/athoc-cdn/Content/css-vendor/bootstrap/4.5.0/ 		157 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dhspens.athoc.com/athoc-cdn/Content/css-vendor/bootstrap/4.5.0/bootstrap.min.css
Requested by
Host: dhspens.athoc.com
URL: https://dhspens.athoc.com/SelfService/Responsive/ShowDisclaimer?ReturnUrl=https%3a%2f%2fdhspens.athoc.com%2fselfservice%2fPENSUSCIS
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
15.205.58.124 Boardman, United States, ASN8987 (AMAZON EXPANSION, IE),
Reverse DNS
ec2-15-205-58-124.us-gov-west-1.compute.amazonaws.com
Software
/
Resource Hash
2f9b9bc7f602b0df4ab63b6a11cb61c1642ced5f07e8ed2e93f21e4593698b78
Security Headers
Name Value
Content-Security-Policy object-src 'none';default-src https: data: 'unsafe-inline' 'unsafe-eval' blob:;connect-src 'self' https: https://*.bbmenterprise.com wss://*.bbmenterprise.com ;img-src * 'self' blob: data:; frame-ancestors 'self' https://*.athoc.com
Strict-Transport-Security max-age=31536000; includeSubDomains; Preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://dhspens.athoc.com/SelfService/Responsive/ShowDisclaimer?ReturnUrl=https%3a%2f%2fdhspens.athoc.com%2fselfservice%2fPENSUSCIS
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Security-Policy
object-src 'none';default-src https: data: 'unsafe-inline' 'unsafe-eval' blob:;connect-src 'self' https: https://*.bbmenterprise.com wss://*.bbmenterprise.com ;img-src * 'self' blob: data:; frame-ancestors 'self' https://*.athoc.com
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; Preload
X-ASPNET-VERSION
X-Powered-By
Date
Thu, 01 Aug 2024 10:07:26 GMT
Content-Length
36447
X-Xss-Protection
1;mode=block
X-ASPNETMVC-VERSION
Last-Modified
Sun, 17 Dec 2023 21:30:46 GMT
SERVER
ETag
"047c14b3031da1:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
max-age=86400000
Accept-Ranges
bytes
custom-responsive.css
dhspens.athoc.com/athoc-cdn/Content/css/ 		324 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dhspens.athoc.com/athoc-cdn/Content/css/custom-responsive.css
Requested by
Host: dhspens.athoc.com
URL: https://dhspens.athoc.com/SelfService/Responsive/ShowDisclaimer?ReturnUrl=https%3a%2f%2fdhspens.athoc.com%2fselfservice%2fPENSUSCIS
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
15.205.58.124 Boardman, United States, ASN8987 (AMAZON EXPANSION, IE),
Reverse DNS
ec2-15-205-58-124.us-gov-west-1.compute.amazonaws.com
Software
/
Resource Hash
6abdaae7db1bb5d803aeaf414b95e7ee0e1e426aad5807ead7388f9aa7e3fe83
Security Headers
Name Value
Content-Security-Policy object-src 'none';default-src https: data: 'unsafe-inline' 'unsafe-eval' blob:;connect-src 'self' https: https://*.bbmenterprise.com wss://*.bbmenterprise.com ;img-src * 'self' blob: data:; frame-ancestors 'self' https://*.athoc.com
Strict-Transport-Security max-age=31536000; includeSubDomains; Preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://dhspens.athoc.com/SelfService/Responsive/ShowDisclaimer?ReturnUrl=https%3a%2f%2fdhspens.athoc.com%2fselfservice%2fPENSUSCIS
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Security-Policy
object-src 'none';default-src https: data: 'unsafe-inline' 'unsafe-eval' blob:;connect-src 'self' https: https://*.bbmenterprise.com wss://*.bbmenterprise.com ;img-src * 'self' blob: data:; frame-ancestors 'self' https://*.athoc.com
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; Preload
X-ASPNET-VERSION
X-Powered-By
Date
Thu, 01 Aug 2024 10:07:27 GMT
Content-Length
330
X-Xss-Protection
1;mode=block
X-ASPNETMVC-VERSION
Last-Modified
Thu, 10 Aug 2023 00:35:50 GMT
SERVER
ETag
"0b78d9c22cbd91:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
max-age=86400000
Accept-Ranges
bytes
custom-responsive-branding.css
dhspens.athoc.com/athoc-cdn/Content/BlackBerryAtHoc/css/responsive/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dhspens.athoc.com/athoc-cdn/Content/BlackBerryAtHoc/css/responsive/custom-responsive-branding.css
Requested by
Host: dhspens.athoc.com
URL: https://dhspens.athoc.com/SelfService/Responsive/ShowDisclaimer?ReturnUrl=https%3a%2f%2fdhspens.athoc.com%2fselfservice%2fPENSUSCIS
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
15.205.58.124 Boardman, United States, ASN8987 (AMAZON EXPANSION, IE),
Reverse DNS
ec2-15-205-58-124.us-gov-west-1.compute.amazonaws.com
Software
/
Resource Hash
bcc8001793ac81592705a41c2e2f460d42a8bcea37db5e9b6eebd2a08a1574b1
Security Headers
Name Value
Content-Security-Policy object-src 'none';default-src https: data: 'unsafe-inline' 'unsafe-eval' blob:;connect-src 'self' https: https://*.bbmenterprise.com wss://*.bbmenterprise.com ;img-src * 'self' blob: data:; frame-ancestors 'self' https://*.athoc.com
Strict-Transport-Security max-age=31536000; includeSubDomains; Preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://dhspens.athoc.com/SelfService/Responsive/ShowDisclaimer?ReturnUrl=https%3a%2f%2fdhspens.athoc.com%2fselfservice%2fPENSUSCIS
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Security-Policy
object-src 'none';default-src https: data: 'unsafe-inline' 'unsafe-eval' blob:;connect-src 'self' https: https://*.bbmenterprise.com wss://*.bbmenterprise.com ;img-src * 'self' blob: data:; frame-ancestors 'self' https://*.athoc.com
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; Preload
X-ASPNET-VERSION
X-Powered-By
Date
Thu, 01 Aug 2024 10:07:27 GMT
Content-Length
864
X-Xss-Protection
1;mode=block
X-ASPNETMVC-VERSION
Last-Modified
Thu, 10 Aug 2023 00:35:46 GMT
SERVER
ETag
"05d2b9a22cbd91:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
max-age=86400000
Accept-Ranges
bytes
20_0925_seal-uscis-500.jpg
www.dhs.gov/sites/default/files/images/ochco/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dhs.gov/sites/default/files/images/ochco/20_0925_seal-uscis-500.jpg
Requested by
Host: dhspens.athoc.com
URL: https://dhspens.athoc.com/SelfService/Responsive/ShowDisclaimer?ReturnUrl=https%3a%2f%2fdhspens.athoc.com%2fselfservice%2fPENSUSCIS
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:887::1955 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
49d19d414b4cc038f14a299f76644b83f36edf873b6ce98c43dc8b042b905bfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 10:07:27 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 25 Sep 2020 20:21:38 GMT
server
Apache
etag
"93fb-5b029105d2eeb"
content-type
image/jpeg
cache-control
max-age=259170
server-timing
cdn-cache; desc=REVALIDATE, edge; dur=71, origin; dur=152, ak_p; desc="1722506847399_388276619_710880324_22320_9591_34_77_182";dur=1
accept-ranges
bytes
content-length
37883
expires
Sun, 04 Aug 2024 10:06:57 GMT
jquery-3.7.0.js
dhspens.athoc.com/athoc-cdn/Scripts/lib-vendor/jquery/ 		278 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dhspens.athoc.com/athoc-cdn/Scripts/lib-vendor/jquery/jquery-3.7.0.js
Requested by
Host: dhspens.athoc.com
URL: https://dhspens.athoc.com/SelfService/Responsive/ShowDisclaimer?ReturnUrl=https%3a%2f%2fdhspens.athoc.com%2fselfservice%2fPENSUSCIS
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
15.205.58.124 Boardman, United States, ASN8987 (AMAZON EXPANSION, IE),
Reverse DNS
ec2-15-205-58-124.us-gov-west-1.compute.amazonaws.com
Software
/
Resource Hash
d3d8c7932d4452a5237f1eda031a242af93a3e7f18b9e03b68da61dcc2952241
Security Headers
Name Value
Content-Security-Policy object-src 'none';default-src https: data: 'unsafe-inline' 'unsafe-eval' blob:;connect-src 'self' https: https://*.bbmenterprise.com wss://*.bbmenterprise.com ;img-src * 'self' blob: data:; frame-ancestors 'self' https://*.athoc.com
Strict-Transport-Security max-age=31536000; includeSubDomains; Preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://dhspens.athoc.com/SelfService/Responsive/ShowDisclaimer?ReturnUrl=https%3a%2f%2fdhspens.athoc.com%2fselfservice%2fPENSUSCIS
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Security-Policy
object-src 'none';default-src https: data: 'unsafe-inline' 'unsafe-eval' blob:;connect-src 'self' https: https://*.bbmenterprise.com wss://*.bbmenterprise.com ;img-src * 'self' blob: data:; frame-ancestors 'self' https://*.athoc.com
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; Preload
X-ASPNET-VERSION
X-Powered-By
Date
Thu, 01 Aug 2024 10:07:27 GMT
Transfer-Encoding
chunked
X-Xss-Protection
1;mode=block
X-ASPNETMVC-VERSION
Last-Modified
Sun, 17 Dec 2023 21:30:48 GMT
SERVER
ETag
"074f24c3031da1:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
max-age=86400000
Accept-Ranges
bytes
popper.js
dhspens.athoc.com/athoc-cdn/Scripts/lib-vendor/popper/1.16.1/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dhspens.athoc.com/athoc-cdn/Scripts/lib-vendor/popper/1.16.1/popper.js
Requested by
Host: dhspens.athoc.com
URL: https://dhspens.athoc.com/SelfService/Responsive/ShowDisclaimer?ReturnUrl=https%3a%2f%2fdhspens.athoc.com%2fselfservice%2fPENSUSCIS
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
15.205.58.124 Boardman, United States, ASN8987 (AMAZON EXPANSION, IE),
Reverse DNS
ec2-15-205-58-124.us-gov-west-1.compute.amazonaws.com
Software
/
Resource Hash
e635fcaa1d33d1812116a3f44dfb27e6805cf115f0f066876cce0fbc9be51d64
Security Headers
Name Value
Content-Security-Policy object-src 'none';default-src https: data: 'unsafe-inline' 'unsafe-eval' blob:;connect-src 'self' https: https://*.bbmenterprise.com wss://*.bbmenterprise.com ;img-src * 'self' blob: data:; frame-ancestors 'self' https://*.athoc.com
Strict-Transport-Security max-age=31536000; includeSubDomains; Preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://dhspens.athoc.com/SelfService/Responsive/ShowDisclaimer?ReturnUrl=https%3a%2f%2fdhspens.athoc.com%2fselfservice%2fPENSUSCIS
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Security-Policy
object-src 'none';default-src https: data: 'unsafe-inline' 'unsafe-eval' blob:;connect-src 'self' https: https://*.bbmenterprise.com wss://*.bbmenterprise.com ;img-src * 'self' blob: data:; frame-ancestors 'self' https://*.athoc.com
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; Preload
X-ASPNET-VERSION
X-Powered-By
Date
Thu, 01 Aug 2024 10:07:27 GMT
Content-Length
30522
X-Xss-Protection
1;mode=block
X-ASPNETMVC-VERSION
Last-Modified
Sun, 17 Dec 2023 21:30:48 GMT
SERVER
ETag
"074f24c3031da1:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
max-age=86400000
Accept-Ranges
bytes
bootstrap.min.js
dhspens.athoc.com/athoc-cdn/Scripts/lib-vendor/bootstrap/4.5.0/ 		59 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dhspens.athoc.com/athoc-cdn/Scripts/lib-vendor/bootstrap/4.5.0/bootstrap.min.js
Requested by
Host: dhspens.athoc.com
URL: https://dhspens.athoc.com/SelfService/Responsive/ShowDisclaimer?ReturnUrl=https%3a%2f%2fdhspens.athoc.com%2fselfservice%2fPENSUSCIS
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
15.205.58.124 Boardman, United States, ASN8987 (AMAZON EXPANSION, IE),
Reverse DNS
ec2-15-205-58-124.us-gov-west-1.compute.amazonaws.com
Software
/
Resource Hash
9d3b005014393436204c0bdccb978a6915f920341514dd05cb4ef9dbb32cd25b
Security Headers
Name Value
Content-Security-Policy object-src 'none';default-src https: data: 'unsafe-inline' 'unsafe-eval' blob:;connect-src 'self' https: https://*.bbmenterprise.com wss://*.bbmenterprise.com ;img-src * 'self' blob: data:; frame-ancestors 'self' https://*.athoc.com
Strict-Transport-Security max-age=31536000; includeSubDomains; Preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://dhspens.athoc.com/SelfService/Responsive/ShowDisclaimer?ReturnUrl=https%3a%2f%2fdhspens.athoc.com%2fselfservice%2fPENSUSCIS
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Security-Policy
object-src 'none';default-src https: data: 'unsafe-inline' 'unsafe-eval' blob:;connect-src 'self' https: https://*.bbmenterprise.com wss://*.bbmenterprise.com ;img-src * 'self' blob: data:; frame-ancestors 'self' https://*.athoc.com
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; Preload
X-ASPNET-VERSION
X-Powered-By
Date
Thu, 01 Aug 2024 10:07:27 GMT
Content-Length
20949
X-Xss-Protection
1;mode=block
X-ASPNETMVC-VERSION
Last-Modified
Sun, 17 Dec 2023 21:30:48 GMT
SERVER
ETag
"074f24c3031da1:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
max-age=86400000
Accept-Ranges
bytes
favicon.ico
dhspens.athoc.com/athoc-cdn/Content/BlackBerryAtHoc/favicon/ 		29 KB
30 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://dhspens.athoc.com/athoc-cdn/Content/BlackBerryAtHoc/favicon/favicon.ico?version=UJD+oL6BdkdeX2A+tDClj0l/Zqe0OjIJNYPB2spwXEI=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
15.205.58.124 Boardman, United States, ASN8987 (AMAZON EXPANSION, IE),
Reverse DNS
ec2-15-205-58-124.us-gov-west-1.compute.amazonaws.com
Software
/
Resource Hash
33f9b30ef9d7516b3c11d083ff742005a3a0b56785e33099c4c7df90dee74967
Security Headers
Name Value
Content-Security-Policy object-src 'none';default-src https: data: 'unsafe-inline' 'unsafe-eval' blob:;connect-src 'self' https: https://*.bbmenterprise.com wss://*.bbmenterprise.com ;img-src * 'self' blob: data:; frame-ancestors 'self' https://*.athoc.com
Strict-Transport-Security max-age=31536000; includeSubDomains; Preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://dhspens.athoc.com/SelfService/Responsive/ShowDisclaimer?ReturnUrl=https%3a%2f%2fdhspens.athoc.com%2fselfservice%2fPENSUSCIS
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Security-Policy
object-src 'none';default-src https: data: 'unsafe-inline' 'unsafe-eval' blob:;connect-src 'self' https: https://*.bbmenterprise.com wss://*.bbmenterprise.com ;img-src * 'self' blob: data:; frame-ancestors 'self' https://*.athoc.com
Strict-Transport-Security
max-age=31536000; includeSubDomains; Preload
X-Content-Type-Options
nosniff
Date
Thu, 01 Aug 2024 10:07:28 GMT
X-ASPNET-VERSION
X-Powered-By
Content-Length
29926
X-Xss-Protection
1;mode=block
X-ASPNETMVC-VERSION
Last-Modified
Thu, 10 Aug 2023 00:35:46 GMT
SERVER
ETag
"05d2b9a22cbd91:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/x-icon
Cache-Control
max-age=86400000
Accept-Ranges
bytes

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| Popper object| bootstrap function| AcceptDisclaimer function| htmlDecode

3 Cookies

Domain/Path Name / Value
dhspens.athoc.com/ Name: SelfService_SessionId
Value: dsafprraapvve4gxvtxlkzvc
dhspens.athoc.com/ Name: AtHoc_ShowDisclaimer
Value: ProviderId=NDMwNTkwMA2&ShowDisclaimer=VHJ1ZQ2
dhspens.athoc.com/ Name: __RequestVerificationToken_L1NlbGZTZXJ2aWNl0
Value: EZNBepA_4weds4Uee-Q6XKXZf1Y0L9hCuo9BBrVr1x92s_n83J6DwsxpoWs4GcLs2QDCRaE9hoG9c6fMZkbp23byWPs2XYOOtLSThvs0tVw1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy object-src 'none';default-src https: data: 'unsafe-inline' 'unsafe-eval' blob:;connect-src 'self' https: https://*.bbmenterprise.com wss://*.bbmenterprise.com ;img-src * 'self' blob: data:; frame-ancestors 'self' https://*.athoc.com
Strict-Transport-Security max-age=31536000; includeSubDomains; Preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1;mode=block