e-access.cspdesk.net Open in urlscan Pro
185.254.198.243 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://e-access.cspdesk.net/redirect/
Effective URL:
https://e-access.cspdesk.net/lrr/attLRR/LrrControllerRSA
Submission Tags: phishing
Submission: On July 01 via api (July 1st 2022, 8:16:00 pm UTC) from US — Scanned from DE

Summary HTTP 22 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 22 HTTP transactions. The main IP is 185.254.198.243, located in New York, United States and belongs to YURTEH-AS, UA. The main domain is e-access.cspdesk.net.
TLS certificate: Issued by R3 on June 30th 2022. Valid for: 3 months.

This is the only time e-access.cspdesk.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: AT&T (Telecommunication)

Domain & IP information

	IP Address	AS Autonomous System
1 22	185.254.198.243 185.254.198.243	30860 (YURTEH-AS) (YURTEH-AS)
1 2	2606:4700::68... 2606:4700::6810:7caf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	2

22 185.254.198.243 (New York, United States) 1 redirects

ASN30860 (YURTEH-AS, UA)
PTR: dry.lorgric.co.uk

e-access.cspdesk.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7caf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	cspdesk.net 1 redirects e-access.cspdesk.net	674 KB
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 944	8 KB
22	2

	Domain	Requested by
22	e-access.cspdesk.net	1 redirects e-access.cspdesk.net
2	unpkg.com	1 redirects e-access.cspdesk.net
22	2

This site contains links to these domains. Also see Links.

Domain
oidc.idp.elogin.att.com
www.e-access.att.com
www.att.com

Subject Issuer	Validity	Valid
e-access.cspdesk.net R3	`2022-06-30` - `2022-09-28`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://e-access.cspdesk.net/lrr/attLRR/LrrControllerRSA
Frame ID: 0F9EECCBBD2194CA8D7F19EB3CCDE6EA
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

AT&T Security Server: Login

Page URL History Show full URLs

https://e-access.cspdesk.net/redirect/ HTTP 302
https://e-access.cspdesk.net/lrr/attLRR/LrrControllerRSA Page URL

Detected technologies

Axios (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

/axios(@|/)([\d.]+)(?:/[a-z]+)?/axios(?:.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

22
Requests

95 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

681 kB
Transfer

1067 kB
Size

0
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://oidc.idp.elogin.att.com/usersvcs/accountmgt/acctmgtMenu
Title: Forgot Password?

Search URL Search Domain Scan URL

URL: https://oidc.idp.elogin.att.com/iamportal-prod/iampwdmgmt/home#/home
Title: Password help for AT&T Employees/Contractors

Search URL Search Domain Scan URL

URL: https://oidc.idp.elogin.att.com/lrr/attLRR/LrrController?TAM_OP=login&USERNAME=unauthenticated&ERROR_CODE=0x00000000&ERROR_TEXT=HPDBA0521I%20%20%20Successful%20completion&METHOD=GET&URL=%2Fmga%2Fsps%2Foauth%2Foauth20%2Fauthorize%3Fnonce%3DAPqNWV0imE%26redirect_uri%3Dhttps%253A%252F%252Fwww.e-access.att.com%252Fisam%252Fsps%252Foidc%252Frp%252FATT-RP%252Fredirect%252FATT-Password%26response_mode%3Dform_post%26claims%3D%257B%2522id_token%2522%253A%257B%2522authenticationTypes%2522%253A%257B%2522essential%2522%253Afalse%257D%257D%257D%26scope%3Dopenid%26acr_values%3DAAL2%26Target%3Dhttps%253A%252F%252Fwww.e-access.att.com%252Fcou%26response_type%3Did_token%26state%3DbpSByCI1wY%26client_id%3DPassword-ATT&HOSTNAME=oidc.idp.elogin.att.com&AUTHNLEVEL=3&FAILREASON=&PROTOCOL=https&OLDSESSION=&EXPIRE_SECS=0
Title: Log on

Search URL Search Domain Scan URL

URL: https://www.e-access.att.com/iamportal-prod/pwdreset/#/editSecurityProfile
Title: Update Security Profile

Search URL Search Domain Scan URL

URL: http://www.att.com/legal/terms.attWebsiteTermsOfUse.html
Title: Terms

Search URL Search Domain Scan URL

URL: http://www.att.com/privacy
Title: Privacy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://e-access.cspdesk.net/redirect/ HTTP 302
https://e-access.cspdesk.net/lrr/attLRR/LrrControllerRSA Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://unpkg.com/axios/dist/axios.min.js HTTP 302
https://unpkg.com/axios@0.27.2/dist/axios.min.js

22 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request LrrControllerRSA Show response
e-access.cspdesk.net/lrr/attLRR/
Redirect Chain

https://e-access.cspdesk.net/redirect/
https://e-access.cspdesk.net/lrr/attLRR/LrrControllerRSA

146 KB
22 KB

126ms
126ms

Document
text/html

185.254.198.243
YURTEH-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://e-access.cspdesk.net/lrr/attLRR/LrrControllerRSA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.254.198.243 New York, United States, ASN30860 (YURTEH-AS, UA),

Reverse DNS

dry.lorgric.co.uk

Software

nginx / Express

Resource Hash

341ef46eac539be9d61a9a43aae7772d48269fe165899968fe20517f277be92e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
content-type: text/html; charset=utf-8
date: Fri, 01 Jul 2022 20:15:55 GMT
etag: W/"2474d-ILIP/ga2xJSrTu2y4M1G2BPfUQs"
permissions-policy: interest-cohort=()
referrer-policy: no-referrer-when-downgrade
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-powered-by: Express
x-xss-protection: 1; mode=block

Redirect headers

content-length: 100
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
content-type: text/html; charset=utf-8
date: Fri, 01 Jul 2022 20:15:55 GMT
location: /lrr/attLRR/LrrControllerRSA
permissions-policy: interest-cohort=()
referrer-policy: no-referrer-when-downgrade
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept
x-content-type-options: nosniff
x-powered-by: Express
x-xss-protection: 1; mode=block

GET
H2 200 main.css
e-access.cspdesk.net/css/ 23 KB
5 KB 66ms
63ms Stylesheet
text/css 185.254.198.243
YURTEH-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://e-access.cspdesk.net/css/main.css

Requested by

Host: e-access.cspdesk.net
URL: https://e-access.cspdesk.net/lrr/attLRR/LrrControllerRSA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.254.198.243 New York, United States, ASN30860 (YURTEH-AS, UA),

Reverse DNS

dry.lorgric.co.uk

Software

nginx / Express

Resource Hash

03a37051004b02b97886736d62f258fbbb12496458803c6001ea5c4e24b8bba4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e-access.cspdesk.net/lrr/attLRR/LrrControllerRSA
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 01 Jul 2022 20:15:56 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Jun 2022 15:52:43 GMT
server: nginx
x-powered-by: Express
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
x-xss-protection: 1; mode=block
cache-control: public, max-age=0
permissions-policy: interest-cohort=()
etag: W/"5cfc-181914404f8"
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff

GET
H2

200

axios.min.js Show response
unpkg.com/axios@0.27.2/dist/
Redirect Chain

https://unpkg.com/axios/dist/axios.min.js
https://unpkg.com/axios@0.27.2/dist/axios.min.js

20 KB
7 KB

34ms
34ms

Script
application/javascript

2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/axios@0.27.2/dist/axios.min.js

Requested by

Host: e-access.cspdesk.net
URL: https://e-access.cspdesk.net/lrr/attLRR/LrrControllerRSA

Protocol

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e373b70a5167485c73a265421bcfcd1fdddbae49c9c51605e6d2918a3de4ae0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e-access.cspdesk.net/lrr/attLRR/LrrControllerRSA
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 01 Jul 2022 20:15:56 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3198308
fly-request-id: 01G3YCC481C7S1PP7PQKP7RDQT-fra
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"511b-FCNxITHKHBRxCXquG/QTMqrMtJE"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7241d107d9fe6946-FRA

Redirect headers

date: Fri, 01 Jul 2022 20:15:56 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01G6XP995F6PKV1QB8K7FVJMZF-fra
server: cloudflare
age: 164
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /axios@0.27.2/dist/axios.min.js
cache-control: public, s-maxage=600, max-age=60
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 7241d107a9b56946-FRA
access-control-allow-origin: *

GET
H2 200 main.js Show response
e-access.cspdesk.net/js/ 9 KB
2 KB 67ms
65ms Script
application/javascript 185.254.198.243
YURTEH-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://e-access.cspdesk.net/js/main.js

Requested by

Host: e-access.cspdesk.net
URL: https://e-access.cspdesk.net/lrr/attLRR/LrrControllerRSA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.254.198.243 New York, United States, ASN30860 (YURTEH-AS, UA),

Reverse DNS

dry.lorgric.co.uk

Software

nginx / Express

Resource Hash

4cf4f8ca09f4b68016ecf0c878de29bf4f65bba3ec93692ba61a039d21e27a10

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e-access.cspdesk.net/lrr/attLRR/LrrControllerRSA
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 01 Jul 2022 20:15:56 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Jun 2022 20:45:44 GMT
server: nginx
x-powered-by: Express
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-xss-protection: 1; mode=block
cache-control: public, max-age=0
permissions-policy: interest-cohort=()
etag: W/"22a0-181925048c0"
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff

GET
H2 200 script.js Show response
e-access.cspdesk.net/js/ 81 KB
16 KB 69ms
67ms Script
application/javascript 185.254.198.243
YURTEH-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://e-access.cspdesk.net/js/script.js

Requested by

Host: e-access.cspdesk.net
URL: https://e-access.cspdesk.net/lrr/attLRR/LrrControllerRSA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.254.198.243 New York, United States, ASN30860 (YURTEH-AS, UA),

Reverse DNS

dry.lorgric.co.uk

Software

nginx / Express

Resource Hash

4bc3b89d1bf7cc829bc66ef4f5f45f21cfce4f753e761aeeb4523a9f959e3ea0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e-access.cspdesk.net/lrr/attLRR/LrrControllerRSA
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 01 Jul 2022 20:15:56 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 16 Jun 2022 20:06:34 GMT
server: nginx
x-powered-by: Express
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-xss-protection: 1; mode=block
cache-control: public, max-age=0
permissions-policy: interest-cohort=()
etag: W/"14467-1816e1fe910"
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff

GET
H2 200 jquery.js Show response
e-access.cspdesk.net/js/ 10 KB
4 KB 69ms
68ms Script
application/javascript 185.254.198.243
YURTEH-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://e-access.cspdesk.net/js/jquery.js

Requested by

Host: e-access.cspdesk.net
URL: https://e-access.cspdesk.net/lrr/attLRR/LrrControllerRSA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.254.198.243 New York, United States, ASN30860 (YURTEH-AS, UA),

Reverse DNS

dry.lorgric.co.uk

Software

nginx / Express

Resource Hash

43d09eda46c8844e9674fe19c3efde71e12a8142491024e3d91976418e78f1c7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e-access.cspdesk.net/lrr/attLRR/LrrControllerRSA
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 01 Jul 2022 20:15:56 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 17 May 2022 20:45:08 GMT
server: nginx
x-powered-by: Express
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-xss-protection: 1; mode=block
cache-control: public, max-age=0
permissions-policy: interest-cohort=()
etag: W/"2746-180d3c47020"
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff

GET
H2 200 jquery-1.js Show response
e-access.cspdesk.net/js/ 95 KB
33 KB 116ms
114ms Script
application/javascript 185.254.198.243
YURTEH-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://e-access.cspdesk.net/js/jquery-1.js

Requested by

Host: e-access.cspdesk.net
URL: https://e-access.cspdesk.net/lrr/attLRR/LrrControllerRSA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.254.198.243 New York, United States, ASN30860 (YURTEH-AS, UA),

Reverse DNS

dry.lorgric.co.uk

Software

nginx / Express

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e-access.cspdesk.net/lrr/attLRR/LrrControllerRSA
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 01 Jul 2022 20:15:56 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 17 May 2022 20:45:12 GMT
server: nginx
x-powered-by: Express
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-xss-protection: 1; mode=block
cache-control: public, max-age=0
permissions-policy: interest-cohort=()
etag: W/"17b8b-180d3c47fc0"
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff

GET
H2 200 cato.css
e-access.cspdesk.net/css/ 330 B
626 B 65ms
63ms Stylesheet
text/css 185.254.198.243
YURTEH-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://e-access.cspdesk.net/css/cato.css

Requested by

Host: e-access.cspdesk.net
URL: https://e-access.cspdesk.net/lrr/attLRR/LrrControllerRSA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.254.198.243 New York, United States, ASN30860 (YURTEH-AS, UA),

Reverse DNS

dry.lorgric.co.uk

Software

nginx / Express

Resource Hash

8dbe5f3fbf2eb3efa9fd6b0be8fad919a9fee283aab104ae60bb1afc23b4b598

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e-access.cspdesk.net/lrr/attLRR/LrrControllerRSA
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 01 Jul 2022 20:15:56 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 17 May 2022 19:14:50 GMT
server: nginx
x-powered-by: Express
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
x-xss-protection: 1; mode=block
cache-control: public, max-age=0
permissions-policy: interest-cohort=()
etag: W/"14a-180d371c410"
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff

GET
H2 200 checkbox.css
e-access.cspdesk.net/css/ 3 KB
1 KB 65ms
64ms Stylesheet
text/css 185.254.198.243
YURTEH-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://e-access.cspdesk.net/css/checkbox.css

Requested by

Host: e-access.cspdesk.net
URL: https://e-access.cspdesk.net/lrr/attLRR/LrrControllerRSA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.254.198.243 New York, United States, ASN30860 (YURTEH-AS, UA),

Reverse DNS

dry.lorgric.co.uk

Software

nginx / Express

Resource Hash

4a1379f5bed6a67ee1343e09d07e91d3b926814bb057334f284bdcfdd2d01e11

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e-access.cspdesk.net/lrr/attLRR/LrrControllerRSA
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 01 Jul 2022 20:15:56 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 22 May 2022 00:04:49 GMT
server: nginx
x-powered-by: Express
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
x-xss-protection: 1; mode=block
cache-control: public, max-age=0
permissions-policy: interest-cohort=()
etag: W/"b7b-180e914b0e8"
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff

GET
H2 200 att_logo_97x40.png
e-access.cspdesk.net/img/ 3 KB
4 KB 57ms
56ms Image
image/png 185.254.198.243
YURTEH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://e-access.cspdesk.net/img/att_logo_97x40.png

Requested by

Host: e-access.cspdesk.net
URL: https://e-access.cspdesk.net/lrr/attLRR/LrrControllerRSA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.254.198.243 New York, United States, ASN30860 (YURTEH-AS, UA),

Reverse DNS

dry.lorgric.co.uk

Software

nginx / Express

Resource Hash

5f43c44a03507663f45f0275597874d6ed132cf38a09775d997ba3669f64edb4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e-access.cspdesk.net/lrr/attLRR/LrrControllerRSA
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 01 Jul 2022 20:15:56 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 21 May 2022 01:24:34 GMT
server: nginx
x-powered-by: Express
etag: W/"cf0-180e4375850"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: public, max-age=0
permissions-policy: interest-cohort=()
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
accept-ranges: bytes
content-length: 3312
x-content-type-options: nosniff

GET
H2 200 GLO_Question_Icon.png
e-access.cspdesk.net/img/ 223 B
647 B 54ms
53ms Image
image/png 185.254.198.243
YURTEH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://e-access.cspdesk.net/img/GLO_Question_Icon.png

Requested by

Host: e-access.cspdesk.net
URL: https://e-access.cspdesk.net/lrr/attLRR/LrrControllerRSA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.254.198.243 New York, United States, ASN30860 (YURTEH-AS, UA),

Reverse DNS

dry.lorgric.co.uk

Software

nginx / Express

Resource Hash

4a6500fffb1823beca8bd2c203014d05111e97a82dbbb8516a642abb03bf7bf2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e-access.cspdesk.net/lrr/attLRR/LrrControllerRSA
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 01 Jul 2022 20:15:56 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 13 May 2022 04:21:56 GMT
server: nginx
x-powered-by: Express
etag: W/"df-180bba6daa0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: public, max-age=0
permissions-policy: interest-cohort=()
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
accept-ranges: bytes
content-length: 223
x-content-type-options: nosniff

GET
H2 200 mobileKeyImg.png
e-access.cspdesk.net/img/ 2 KB
3 KB 61ms
58ms Image
image/png 185.254.198.243
YURTEH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://e-access.cspdesk.net/img/mobileKeyImg.png

Requested by

Host: e-access.cspdesk.net
URL: https://e-access.cspdesk.net/lrr/attLRR/LrrControllerRSA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.254.198.243 New York, United States, ASN30860 (YURTEH-AS, UA),

Reverse DNS

dry.lorgric.co.uk

Software

nginx / Express

Resource Hash

af15a53c5aa232d5e484741b3ee4cb79a9389722511b68d8a6ed32d8187ff6e7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e-access.cspdesk.net/lrr/attLRR/LrrControllerRSA
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 01 Jul 2022 20:15:56 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 16 Jun 2022 19:33:54 GMT
server: nginx
x-powered-by: Express
etag: W/"854-1816e0200d0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: public, max-age=0
permissions-policy: interest-cohort=()
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
accept-ranges: bytes
content-length: 2132
x-content-type-options: nosniff

GET
H2 200 rsaImg.png
e-access.cspdesk.net/img/ 2 KB
3 KB 94ms
92ms Image
image/png 185.254.198.243
YURTEH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://e-access.cspdesk.net/img/rsaImg.png

Requested by

Host: e-access.cspdesk.net
URL: https://e-access.cspdesk.net/lrr/attLRR/LrrControllerRSA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.254.198.243 New York, United States, ASN30860 (YURTEH-AS, UA),

Reverse DNS

dry.lorgric.co.uk

Software

nginx / Express

Resource Hash

b49473946e0f559b9aacced166135ed5197eff465359dc8c16b3d275902d3c1f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e-access.cspdesk.net/lrr/attLRR/LrrControllerRSA
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 01 Jul 2022 20:15:56 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 16 Jun 2022 19:33:54 GMT
server: nginx
x-powered-by: Express
etag: W/"889-1816e0200d0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: public, max-age=0
permissions-policy: interest-cohort=()
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
accept-ranges: bytes
content-length: 2185
x-content-type-options: nosniff

GET
H2 200 safeNetLogo.svg
e-access.cspdesk.net/img/ 398 KB
301 KB 95ms
92ms Image
image/svg+xml 185.254.198.243
YURTEH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://e-access.cspdesk.net/img/safeNetLogo.svg

Requested by

Host: e-access.cspdesk.net
URL: https://e-access.cspdesk.net/lrr/attLRR/LrrControllerRSA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.254.198.243 New York, United States, ASN30860 (YURTEH-AS, UA),

Reverse DNS

dry.lorgric.co.uk

Software

nginx / Express

Resource Hash

797a15feeda1e7b357f44901a9928fb2966da4e03fb5b096086e6804e4019c57

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e-access.cspdesk.net/lrr/attLRR/LrrControllerRSA
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 01 Jul 2022 20:15:56 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 16 Jun 2022 19:33:54 GMT
server: nginx
x-powered-by: Express
vary: Accept-Encoding
content-type: image/svg+xml
x-xss-protection: 1; mode=block
cache-control: public, max-age=0
permissions-policy: interest-cohort=()
etag: W/"63786-1816e0200d0"
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff

GET
H2 200 mtipsLogo.png
e-access.cspdesk.net/img/ 10 KB
10 KB 95ms
93ms Image
image/png 185.254.198.243
YURTEH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://e-access.cspdesk.net/img/mtipsLogo.png

Requested by

Host: e-access.cspdesk.net
URL: https://e-access.cspdesk.net/lrr/attLRR/LrrControllerRSA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.254.198.243 New York, United States, ASN30860 (YURTEH-AS, UA),

Reverse DNS

dry.lorgric.co.uk

Software

nginx / Express

Resource Hash

1e72341a06438f1ae82a3e9204b5f788179e0d7da87738c6fe8f4894dad63f65

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e-access.cspdesk.net/lrr/attLRR/LrrControllerRSA
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 01 Jul 2022 20:15:56 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 16 Jun 2022 19:33:54 GMT
server: nginx
x-powered-by: Express
etag: W/"26bc-1816e0200d0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: public, max-age=0
permissions-policy: interest-cohort=()
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
accept-ranges: bytes
content-length: 9916
x-content-type-options: nosniff

GET
H2 200 howto-for-mobile-devices.gif
e-access.cspdesk.net/img/ 95 KB
95 KB 95ms
93ms Image
image/gif 185.254.198.243
YURTEH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://e-access.cspdesk.net/img/howto-for-mobile-devices.gif

Requested by

Host: e-access.cspdesk.net
URL: https://e-access.cspdesk.net/lrr/attLRR/LrrControllerRSA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.254.198.243 New York, United States, ASN30860 (YURTEH-AS, UA),

Reverse DNS

dry.lorgric.co.uk

Software

nginx / Express

Resource Hash

44f2d8ede3c0a0af465e298c70249dc11e197ab27f989a8533b711390cd4b3e5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e-access.cspdesk.net/lrr/attLRR/LrrControllerRSA
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 01 Jul 2022 20:15:56 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 16 Jun 2022 19:33:54 GMT
server: nginx
x-powered-by: Express
etag: W/"17a53-1816e0200d0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
x-xss-protection: 1; mode=block
cache-control: public, max-age=0
permissions-policy: interest-cohort=()
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
accept-ranges: bytes
content-length: 96851
x-content-type-options: nosniff

GET
H2 200 howto-for-desktop-devices.gif
e-access.cspdesk.net/img/ 93 KB
94 KB 95ms
94ms Image
image/gif 185.254.198.243
YURTEH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://e-access.cspdesk.net/img/howto-for-desktop-devices.gif

Requested by

Host: e-access.cspdesk.net
URL: https://e-access.cspdesk.net/lrr/attLRR/LrrControllerRSA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.254.198.243 New York, United States, ASN30860 (YURTEH-AS, UA),

Reverse DNS

dry.lorgric.co.uk

Software

nginx / Express

Resource Hash

50fd4389b7d1b099131c94ec50bdc57448d81f12d67a4bddf99fce631c88f331

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e-access.cspdesk.net/lrr/attLRR/LrrControllerRSA
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 01 Jul 2022 20:15:56 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 16 Jun 2022 19:33:54 GMT
server: nginx
x-powered-by: Express
etag: W/"1744e-1816e0200d0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
x-xss-protection: 1; mode=block
cache-control: public, max-age=0
permissions-policy: interest-cohort=()
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
accept-ranges: bytes
content-length: 95310
x-content-type-options: nosniff

GET
H2 404 flat_faq-reverse_icon_rgb_blu_modified_18x18.png
e-access.cspdesk.net/img/ 191 B
191 B 63ms
62ms Image
text/html 185.254.198.243
YURTEH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://e-access.cspdesk.net/img/flat_faq-reverse_icon_rgb_blu_modified_18x18.png

Requested by

Host: e-access.cspdesk.net
URL: https://e-access.cspdesk.net/lrr/attLRR/LrrControllerRSA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.254.198.243 New York, United States, ASN30860 (YURTEH-AS, UA),

Reverse DNS

dry.lorgric.co.uk

Software

nginx / Express

Resource Hash

a222971052bdb7dcd0d3cfca086a6f39fb80a7939528d60ca8334e3c086d3b59

Security Headers

Name	Value
Content-Security-Policy	default-src 'none', default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e-access.cspdesk.net/lrr/attLRR/LrrControllerRSA
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 01 Jul 2022 20:15:56 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
server: nginx
x-powered-by: Express
vary: Accept-Encoding
content-type: text/html; charset=utf-8
x-xss-protection: 1; mode=block
permissions-policy: interest-cohort=()
content-security-policy: default-src 'none', default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff, nosniff

GET
H2 200 ATTAleckSans_W_Md.woff
e-access.cspdesk.net/fonts/ 23 KB
24 KB 65ms
64ms Font
font/woff 185.254.198.243
YURTEH-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://e-access.cspdesk.net/fonts/ATTAleckSans_W_Md.woff

Requested by

Host: e-access.cspdesk.net
URL: https://e-access.cspdesk.net/lrr/attLRR/LrrControllerRSA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.254.198.243 New York, United States, ASN30860 (YURTEH-AS, UA),

Reverse DNS

dry.lorgric.co.uk

Software

nginx / Express

Resource Hash

d0c4812c9f1b672a7ea3420b10ea389cabb4b50694418965003250c876a2b13b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://e-access.cspdesk.net/lrr/attLRR/LrrControllerRSA
Origin: https://e-access.cspdesk.net
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 01 Jul 2022 20:15:56 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 13 May 2022 04:12:58 GMT
server: nginx
x-powered-by: Express
etag: W/"5d6c-180bb9ea510"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: font/woff
x-xss-protection: 1; mode=block
cache-control: public, max-age=0
permissions-policy: interest-cohort=()
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
accept-ranges: bytes
content-length: 23916
x-content-type-options: nosniff

GET
H2 200 ATTAleckSans_W_Rg.woff
e-access.cspdesk.net/fonts/ 22 KB
23 KB 92ms
91ms Font
font/woff 185.254.198.243
YURTEH-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://e-access.cspdesk.net/fonts/ATTAleckSans_W_Rg.woff

Requested by

Host: e-access.cspdesk.net
URL: https://e-access.cspdesk.net/lrr/attLRR/LrrControllerRSA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.254.198.243 New York, United States, ASN30860 (YURTEH-AS, UA),

Reverse DNS

dry.lorgric.co.uk

Software

nginx / Express

Resource Hash

07b3a3d0f02092988f8b70fa51992fa109b23bbc82638fc857dee5ee0e3ad5dc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://e-access.cspdesk.net/lrr/attLRR/LrrControllerRSA
Origin: https://e-access.cspdesk.net
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 01 Jul 2022 20:15:56 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 13 May 2022 04:16:30 GMT
server: nginx
x-powered-by: Express
etag: W/"5948-180bba1e130"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: font/woff
x-xss-protection: 1; mode=block
cache-control: public, max-age=0
permissions-policy: interest-cohort=()
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
accept-ranges: bytes
content-length: 22856
x-content-type-options: nosniff

GET
H2 200 ATTAleckSans_W_Bd.woff
e-access.cspdesk.net/fonts/ 23 KB
23 KB 92ms
91ms Font
font/woff 185.254.198.243
YURTEH-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://e-access.cspdesk.net/fonts/ATTAleckSans_W_Bd.woff

Requested by

Host: e-access.cspdesk.net
URL: https://e-access.cspdesk.net/lrr/attLRR/LrrControllerRSA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.254.198.243 New York, United States, ASN30860 (YURTEH-AS, UA),

Reverse DNS

dry.lorgric.co.uk

Software

nginx / Express

Resource Hash

f13ffc0adc7e47990e67bcfb8f355a65c29361b12f0f20d5067ac880393685bc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://e-access.cspdesk.net/lrr/attLRR/LrrControllerRSA
Origin: https://e-access.cspdesk.net
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 01 Jul 2022 20:15:56 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 13 May 2022 04:16:02 GMT
server: nginx
x-powered-by: Express
etag: W/"5a0c-180bba173d0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: font/woff
x-xss-protection: 1; mode=block
cache-control: public, max-age=0
permissions-policy: interest-cohort=()
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
accept-ranges: bytes
content-length: 23052
x-content-type-options: nosniff

GET
H2 200 flat_check_icon_rgb_wht.png
e-access.cspdesk.net/img/ 9 KB
10 KB 76ms
76ms Image
image/png 185.254.198.243
YURTEH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://e-access.cspdesk.net/img/flat_check_icon_rgb_wht.png

Requested by

Host: e-access.cspdesk.net
URL: https://e-access.cspdesk.net/css/checkbox.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.254.198.243 New York, United States, ASN30860 (YURTEH-AS, UA),

Reverse DNS

dry.lorgric.co.uk

Software

nginx / Express

Resource Hash

adcfe7d308651f937a03cf9b9bdd684074a95be39186aa8cd229b57485f929b8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e-access.cspdesk.net/css/checkbox.css
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 01 Jul 2022 20:15:56 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 22 May 2022 00:03:26 GMT
server: nginx
x-powered-by: Express
etag: W/"24b2-180e9136cb0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: public, max-age=0
permissions-policy: interest-cohort=()
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
accept-ranges: bytes
content-length: 9394
x-content-type-options: nosniff

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: AT&T (Telecommunication)

224 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://e-access.cspdesk.net/img/flat_faq-reverse_icon_rgb_blu_modified_18x18.png Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

e-access.cspdesk.net
unpkg.com
185.254.198.243
2606:4700::6810:7caf
03a37051004b02b97886736d62f258fbbb12496458803c6001ea5c4e24b8bba4
07b3a3d0f02092988f8b70fa51992fa109b23bbc82638fc857dee5ee0e3ad5dc
1e72341a06438f1ae82a3e9204b5f788179e0d7da87738c6fe8f4894dad63f65
341ef46eac539be9d61a9a43aae7772d48269fe165899968fe20517f277be92e
43d09eda46c8844e9674fe19c3efde71e12a8142491024e3d91976418e78f1c7
44f2d8ede3c0a0af465e298c70249dc11e197ab27f989a8533b711390cd4b3e5
4a1379f5bed6a67ee1343e09d07e91d3b926814bb057334f284bdcfdd2d01e11
4a6500fffb1823beca8bd2c203014d05111e97a82dbbb8516a642abb03bf7bf2
4bc3b89d1bf7cc829bc66ef4f5f45f21cfce4f753e761aeeb4523a9f959e3ea0
4cf4f8ca09f4b68016ecf0c878de29bf4f65bba3ec93692ba61a039d21e27a10
50fd4389b7d1b099131c94ec50bdc57448d81f12d67a4bddf99fce631c88f331
5f43c44a03507663f45f0275597874d6ed132cf38a09775d997ba3669f64edb4
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
797a15feeda1e7b357f44901a9928fb2966da4e03fb5b096086e6804e4019c57
8dbe5f3fbf2eb3efa9fd6b0be8fad919a9fee283aab104ae60bb1afc23b4b598
a222971052bdb7dcd0d3cfca086a6f39fb80a7939528d60ca8334e3c086d3b59
adcfe7d308651f937a03cf9b9bdd684074a95be39186aa8cd229b57485f929b8
af15a53c5aa232d5e484741b3ee4cb79a9389722511b68d8a6ed32d8187ff6e7
b49473946e0f559b9aacced166135ed5197eff465359dc8c16b3d275902d3c1f
d0c4812c9f1b672a7ea3420b10ea389cabb4b50694418965003250c876a2b13b
e373b70a5167485c73a265421bcfcd1fdddbae49c9c51605e6d2918a3de4ae0d
f13ffc0adc7e47990e67bcfb8f355a65c29361b12f0f20d5067ac880393685bc

e-access.cspdesk.net Open in urlscan Pro 185.254.198.243 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

22 Requests

95 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

681 kBTransfer

1067 kBSize

0 Cookies

6 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

224 JavaScript Global Variables

0 Cookies

2 Console Messages

Security Headers

Indicators

e-access.cspdesk.net Open in urlscan Pro
185.254.198.243 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

95 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

681 kB
Transfer

1067 kB
Size

0
Cookies

22 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!