www.employeenavigator.com Open in urlscan Pro
45.60.47.174 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.employeenavigator.com/benefits/Account/Login?loginHint=SNGlaspie
Effective URL:
https://www.employeenavigator.com/identity/Account/Login?ReturnUrl=%2Fidentity%2Fconnect%2Fauthorize%2Fcallback%3FauthzId%3D4CFA35...
Submission Tags: falconsandbox
Submission: On June 04 via api (June 4th 2024, 4:16:40 pm UTC) from US — Scanned from DE

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 13 HTTP transactions. The main IP is 45.60.47.174, located in United States and belongs to INCAPSULA, US. The main domain is www.employeenavigator.com. The Cisco Umbrella rank of the primary domain is 60203.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on September 24th 2023. Valid for: a year.

This is the only time www.employeenavigator.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 13	45.60.47.174 45.60.47.174	19551 (INCAPSULA) (INCAPSULA)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE)
13	4

13 45.60.47.174 (United States) 2 redirects

ASN19551 (INCAPSULA, US)

www.employeenavigator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	employeenavigator.com 2 redirects www.employeenavigator.com — Cisco Umbrella Rank: 60203	130 KB
1	gstatic.com fonts.gstatic.com	46 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 70	1 KB
13	3

	Domain	Requested by
13	www.employeenavigator.com	2 redirects www.employeenavigator.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	www.employeenavigator.com
13	3

This site contains no links.

Subject Issuer	Validity	Valid
*.employeenavigator.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-24` - `2024-09-29`	a year	crt.sh
upload.video.google.com WR2	`2024-05-13` - `2024-08-05`	3 months	crt.sh
*.gstatic.com WR2	`2024-05-13` - `2024-08-05`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.employeenavigator.com/identity/Account/Login?ReturnUrl=%2Fidentity%2Fconnect%2Fauthorize%2Fcallback%3FauthzId%3D4CFA35B3E8CF09FB72EDBB2C1FB3BCA7B71D31F2D79A0F214D579D266BB708C7
Frame ID: CEDEAA6CD6E98E792BA3CA1EF798BA1C
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Employee Navigator Identity Provider

Page URL History Show full URLs

https://www.employeenavigator.com/benefits/Account/Login?loginHint=SNGlaspie HTTP 302
https://www.employeenavigator.com/identity/connect/authorize?client_id=benefits-6bf92b19-25fc-449a-b13e-37c168... HTTP 302
https://www.employeenavigator.com/identity/Account/Login?ReturnUrl=%2Fidentity%2Fconnect%2Fauthorize%2Fcallbac... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

13
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

175 kB
Transfer

498 kB
Size

8
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.employeenavigator.com/benefits/Account/Login?loginHint=SNGlaspie HTTP 302
https://www.employeenavigator.com/identity/connect/authorize?client_id=benefits-6bf92b19-25fc-449a-b13e-37c1686ecb34&redirect_uri=https%3A%2F%2Fwww.employeenavigator.com%2Fbenefits%2Fsignin-oidc&response_type=code&scope=openid%20email&code_challenge=X3HUqNtPvLoxfE9_CFVY2XiI-LgBjHQHyn2GB0-MXXo&code_challenge_method=S256&response_mode=form_post&nonce=638531145952958858.OGZhMjUyYzEtMDY0YS00NGI5LWE3Y2YtOWFlMjJhNjNmMTdiODgxOWUwYmUtNTM3My00YjM1LWI4NDUtMWUwYzgyZGZlZDg3&login_hint=SNGlaspie&state=CfDJ8LJzxPmNnEJDmSoADVaacM6sHSIkufZ8kPkCIsLy5UFeAF6p3Liq8wId3HKiySR2rk5baWzkOOhoOmpWxnxznKpHtZPxDdp4GcvwJS2d8O4mKKNdcnCASEWxk-Xabi6kAE4wftNkIBWJ62KmsLqo7k9dZNUlbJYP5Bj0lEuHpCbJqlTHifa1RuR2G1L7J3COVR1dDNj6yfn2f2PPyZ15qDoGnFwLKsngU_yV-2hP1WgJgAOqs5pIG9zmyOt22ciX22l2KdlMefBupiMd5dTruP8sbQfxsHvaNMcs6X-ppmc2MViHwCocgZT1Na_ggTCKAMQft5MmF6b_vGgF58fmEv_ZrVLKIKG4yBnlOu3zBu0I6m8YLGdN0De4s2Il45sBotXC5fFLHO530PEOhtrHcG3qJiCaa2cqoRViN1WjeeN0qJ0DTJeTQ8fBBTUjTVFXizl8gdwmp8d-qKyYOv_9XbM&x-client-SKU=ID_NET8_0&x-client-ver=7.5.1.0 HTTP 302
https://www.employeenavigator.com/identity/Account/Login?ReturnUrl=%2Fidentity%2Fconnect%2Fauthorize%2Fcallback%3FauthzId%3D4CFA35B3E8CF09FB72EDBB2C1FB3BCA7B71D31F2D79A0F214D579D266BB708C7 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request Login Show response
www.employeenavigator.com/identity/Account/
Redirect Chain

https://www.employeenavigator.com/benefits/Account/Login?loginHint=SNGlaspie
https://www.employeenavigator.com/identity/connect/authorize?client_id=benefits-6bf92b19-25fc-449a-b13e-37c1686ecb34&redirect_uri=https%3A%2F%2Fwww.employeenavigator.com%2Fbenefits%2Fsignin-oidc&re...
https://www.employeenavigator.com/identity/Account/Login?ReturnUrl=%2Fidentity%2Fconnect%2Fauthorize%2Fcallback%3FauthzId%3D4CFA35B3E8CF09FB72EDBB2C1FB3BCA7B71D31F2D79A0F214D579D266BB708C7

2 KB
2 KB

136ms
136ms

Document
text/html

45.60.47.174
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.employeenavigator.com/identity/Account/Login?ReturnUrl=%2Fidentity%2Fconnect%2Fauthorize%2Fcallback%3FauthzId%3D4CFA35B3E8CF09FB72EDBB2C1FB3BCA7B71D31F2D79A0F214D579D266BB708C7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.47.174 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

6637891f38eacc506051e1296cf21f6d0788d1bf417b20bc833f418793a1e1b0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; default-src 'self'; object-src 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; style-src 'self' .employeenavigator.net .employeenavigator.com https://fonts.googleapis.com; font-src 'self' .employeenavigator.net .employeenavigator.com https://fonts.gstatic.com; img-src 'self' data:; frame-src 'self' *.duosecurity.com; script-src 'self';
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Security-Policy	frame-ancestors 'none'; default-src 'self'; object-src 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; style-src 'self' .employeenavigator.net .employeenavigator.com https://fonts.googleapis.com; font-src 'self' .employeenavigator.net .employeenavigator.com https://fonts.gstatic.com; img-src 'self' data:; frame-src 'self' *.duosecurity.com; script-src 'self';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-cache, no-store
content-encoding: gzip
content-security-policy: frame-ancestors 'none'; default-src 'self'; object-src 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; style-src 'self' *.employeenavigator.net *.employeenavigator.com https://fonts.googleapis.com; font-src 'self' *.employeenavigator.net *.employeenavigator.com https://fonts.gstatic.com; img-src 'self' data:; frame-src 'self' *.duosecurity.com; script-src 'self';
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.zendesk.com static.zdassets.com *.gstatic.com translate.google.com web-sdk.aptrinsic.com *.googleapis.com *.doubleclick.net *.zopim.com esp.aptrinsic.com api.connections.unum.com edge.fullstory.com harmonyenroll.coloniallife.com *.sentry.io www.google.com harmonyconnect.coloniallife.com *.employeenavigator.com cdn.jsdelivr.net gitcdn.github.io www.googletagmanager.com ekr.zdassets.com js.braintreegateway.com code.jquery.com *.vimeo.com cdnjs.cloudflare.com www.youtube.com rs.fullstory.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: text/html; charset=utf-8
date: Tue, 04 Jun 2024 16:16:35 GMT
pragma: no-cache
referrer-policy: no-referrer
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cdn: Imperva
x-content-security-policy: frame-ancestors 'none'; default-src 'self'; object-src 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; style-src 'self' *.employeenavigator.net *.employeenavigator.com https://fonts.googleapis.com; font-src 'self' *.employeenavigator.net *.employeenavigator.com https://fonts.gstatic.com; img-src 'self' data:; frame-src 'self' *.duosecurity.com; script-src 'self';
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-iinfo: 3-69189280-69189282 PNYN RT(1717517794886 625) q(0 0 0 -1) r(1 1) U12
x-powered-by: ASP.NET

Redirect headers

content-security-policy: frame-ancestors 'none'; default-src 'self'; object-src 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; style-src 'self' *.employeenavigator.net *.employeenavigator.com https://fonts.googleapis.com; font-src 'self' *.employeenavigator.net *.employeenavigator.com https://fonts.gstatic.com; img-src 'self' data:; frame-src 'self' *.duosecurity.com; script-src 'self';
date: Tue, 04 Jun 2024 16:16:35 GMT
location: https://www.employeenavigator.com/identity/Account/Login?ReturnUrl=%2Fidentity%2Fconnect%2Fauthorize%2Fcallback%3FauthzId%3D4CFA35B3E8CF09FB72EDBB2C1FB3BCA7B71D31F2D79A0F214D579D266BB708C7
referrer-policy: no-referrer
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cdn: Imperva
x-content-security-policy: frame-ancestors 'none'; default-src 'self'; object-src 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; style-src 'self' *.employeenavigator.net *.employeenavigator.com https://fonts.googleapis.com; font-src 'self' *.employeenavigator.net *.employeenavigator.com https://fonts.gstatic.com; img-src 'self' data:; frame-src 'self' *.duosecurity.com; script-src 'self';
x-content-type-options: nosniff
x-frame-options: DENY
x-iinfo: 3-69189280-69189282 PNNN RT(1717517794886 460) q(0 0 0 -1) r(1 1) U11
x-powered-by: ASP.NET

GET
H2 200 bootstrap.css
www.employeenavigator.com/identity/lib/bootstrap/css/ 144 KB
21 KB 107ms
105ms Stylesheet
text/css 45.60.47.174
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.employeenavigator.com/identity/lib/bootstrap/css/bootstrap.css
Requested by: Host: www.employeenavigator.com
URL: https://www.employeenavigator.com/identity/Account/Login?ReturnUrl=%2Fidentity%2Fconnect%2Fauthorize%2Fcallback%3FauthzId%3D4CFA35B3E8CF09FB72EDBB2C1FB3BCA7B71D31F2D79A0F214D579D266BB708C7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.47.174 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: ef9c554bca3ce5b9f978b626ff8c3a441c0468af2599bdb4e9b6b32f6743f058

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 16:16:35 GMT
content-encoding: gzip
last-modified: Sat, 01 Jun 2024 21:48:48 GMT
x-cdn: Imperva
etag: "1dab46d7bab9fe6"
content-type: text/css
x-iinfo: 3-69189280-69189365 2CNN RT(1717517794886 774) q(0 0 0 -1) r(0 0)
cache-control: max-age=9041, public
content-length: 21525
expires: Tue, 04 Jun 2024 18:47:16 GMT

GET
H2 200 css2
fonts.googleapis.com/ 12 KB
1 KB 164ms
60ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&display=swap

Requested by

Host: www.employeenavigator.com
URL: https://www.employeenavigator.com/identity/Account/Login?ReturnUrl=%2Fidentity%2Fconnect%2Fauthorize%2Fcallback%3FauthzId%3D4CFA35B3E8CF09FB72EDBB2C1FB3BCA7B71D31F2D79A0F214D579D266BB708C7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

00008d2a6bb44551ff155148e5fedbcc0fdf8d710d908581fdf04dd96dfb31ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Tue, 04 Jun 2024 16:16:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 04 Jun 2024 15:03:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 04 Jun 2024 16:16:35 GMT

GET
H2 200 style.1dfdc885c1476201.css
www.employeenavigator.com/identity/css/ 109 KB
18 KB 226ms
224ms Stylesheet
text/css 45.60.47.174
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.employeenavigator.com/identity/css/style.1dfdc885c1476201.css
Requested by: Host: www.employeenavigator.com
URL: https://www.employeenavigator.com/identity/Account/Login?ReturnUrl=%2Fidentity%2Fconnect%2Fauthorize%2Fcallback%3FauthzId%3D4CFA35B3E8CF09FB72EDBB2C1FB3BCA7B71D31F2D79A0F214D579D266BB708C7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.47.174 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 75c23aee9112cfe7ee441c3f774bd624e657a2be53cd6a8e5b5a394b71d147b7

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 16:16:35 GMT
content-encoding: gzip
last-modified: Sat, 01 Jun 2024 21:50:46 GMT
x-cdn: Imperva
etag: "1dab46dc1ff4ae4"
content-type: text/css
x-iinfo: 3-69189280-69189367 2CNN RT(1717517794886 776) q(0 0 0 -1) r(0 0)
cache-control: max-age=9041, public
content-length: 18104
expires: Tue, 04 Jun 2024 18:47:16 GMT

GET
H2 200 site.011a558a5f4a66cc.css
www.employeenavigator.com/identity/css/ 1 KB
641 B 61ms
60ms Stylesheet
text/css 45.60.47.174
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.employeenavigator.com/identity/css/site.011a558a5f4a66cc.css
Requested by: Host: www.employeenavigator.com
URL: https://www.employeenavigator.com/identity/Account/Login?ReturnUrl=%2Fidentity%2Fconnect%2Fauthorize%2Fcallback%3FauthzId%3D4CFA35B3E8CF09FB72EDBB2C1FB3BCA7B71D31F2D79A0F214D579D266BB708C7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.47.174 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 67c850ed571cf40f5b3dae1f53d07a7f446125523d63f560ce9a96f8df6930cc

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 16:16:35 GMT
content-encoding: gzip
last-modified: Sat, 01 Jun 2024 21:50:46 GMT
x-cdn: Imperva
etag: "1dab46dc1fefac9"
content-type: text/css
x-iinfo: 3-69189280-69186997 2CNN RT(1717517794886 777) q(0 0 0 -1) r(0 0)
cache-control: max-age=9041, public
content-length: 501
expires: Tue, 04 Jun 2024 18:47:16 GMT

GET
H2 200 login.691d0cf56eda1099.css
www.employeenavigator.com/identity/css/ 2 KB
895 B 56ms
55ms Stylesheet
text/css 45.60.47.174
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.employeenavigator.com/identity/css/login.691d0cf56eda1099.css
Requested by: Host: www.employeenavigator.com
URL: https://www.employeenavigator.com/identity/Account/Login?ReturnUrl=%2Fidentity%2Fconnect%2Fauthorize%2Fcallback%3FauthzId%3D4CFA35B3E8CF09FB72EDBB2C1FB3BCA7B71D31F2D79A0F214D579D266BB708C7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.47.174 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 6a64e0981e0cb92b72a00fb2915210c6e4af4b8cdeb80dc4f7637e2068f26848

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 16:16:35 GMT
content-encoding: gzip
last-modified: Sat, 01 Jun 2024 21:50:46 GMT
x-cdn: Imperva
etag: "1dab46dc1fef646"
content-type: text/css
x-iinfo: 3-69189280-0 0CNN RT(1717517794886 779) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=1255, public
content-length: 726
expires: Tue, 04 Jun 2024 16:37:30 GMT

GET
H2 200 duo-web-v2.min.js Show response
www.employeenavigator.com/identity/js/ 4 KB
2 KB 60ms
59ms Script
text/javascript 45.60.47.174
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.employeenavigator.com/identity/js/duo-web-v2.min.js
Requested by: Host: www.employeenavigator.com
URL: https://www.employeenavigator.com/identity/Account/Login?ReturnUrl=%2Fidentity%2Fconnect%2Fauthorize%2Fcallback%3FauthzId%3D4CFA35B3E8CF09FB72EDBB2C1FB3BCA7B71D31F2D79A0F214D579D266BB708C7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.47.174 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: f585c97cd2ac33703d1cb636b4940a8007885bd485e6c14af92fa3cbfb54dea6

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 16:16:35 GMT
content-encoding: gzip
last-modified: Sat, 01 Jun 2024 21:48:48 GMT
x-cdn: Imperva
etag: "1dab46d7ba9af4c"
content-type: text/javascript
x-iinfo: 3-69189280-0 0CNN RT(1717517794886 784) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=1254, public
content-length: 1757
expires: Tue, 04 Jun 2024 16:37:29 GMT

GET
H2 200 vendor.390820a87cf0fddb.js Show response
www.employeenavigator.com/identity/js/ 100 KB
36 KB 270ms
269ms Script
text/javascript 45.60.47.174
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.employeenavigator.com/identity/js/vendor.390820a87cf0fddb.js
Requested by: Host: www.employeenavigator.com
URL: https://www.employeenavigator.com/identity/Account/Login?ReturnUrl=%2Fidentity%2Fconnect%2Fauthorize%2Fcallback%3FauthzId%3D4CFA35B3E8CF09FB72EDBB2C1FB3BCA7B71D31F2D79A0F214D579D266BB708C7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.47.174 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 60e5cf305b0393e1aef77b77dcf172f17c7c4c2c5293f6cbf9945eea12136c5e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 16:16:35 GMT
content-encoding: gzip
last-modified: Sat, 01 Jun 2024 21:50:46 GMT
x-cdn: Imperva
etag: "1dab46dc1ff70e3"
content-type: text/javascript
x-iinfo: 3-69189280-69189372 2CNN RT(1717517794886 788) q(0 0 0 -1) r(0 0)
cache-control: max-age=9041, public
content-length: 36432
expires: Tue, 04 Jun 2024 18:47:16 GMT

GET
H2 200 login.de33b349f46b5dc5.js Show response
www.employeenavigator.com/identity/js/ 35 KB
11 KB 100ms
99ms Script
text/javascript 45.60.47.174
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.employeenavigator.com/identity/js/login.de33b349f46b5dc5.js
Requested by: Host: www.employeenavigator.com
URL: https://www.employeenavigator.com/identity/Account/Login?ReturnUrl=%2Fidentity%2Fconnect%2Fauthorize%2Fcallback%3FauthzId%3D4CFA35B3E8CF09FB72EDBB2C1FB3BCA7B71D31F2D79A0F214D579D266BB708C7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.47.174 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 1e45485b407d6ad9586f43214be48521ecf22063c4aa27cab6eb110b204d18cf

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 16:16:35 GMT
content-encoding: gzip
last-modified: Sat, 01 Jun 2024 21:50:46 GMT
x-cdn: Imperva
etag: "1dab46dc1fe734f"
content-type: text/javascript
x-iinfo: 3-69189280-0 0CNN RT(1717517794886 790) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=1255, public
content-length: 11064
expires: Tue, 04 Jun 2024 16:37:30 GMT

GET
H2 200 en_logo.30a05c91.png
www.employeenavigator.com/identity/img/ 35 KB
35 KB 43ms
43ms Image
image/png 45.60.47.174
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.employeenavigator.com/identity/img/en_logo.30a05c91.png
Requested by: Host: www.employeenavigator.com
URL: https://www.employeenavigator.com/identity/Account/Login?ReturnUrl=%2Fidentity%2Fconnect%2Fauthorize%2Fcallback%3FauthzId%3D4CFA35B3E8CF09FB72EDBB2C1FB3BCA7B71D31F2D79A0F214D579D266BB708C7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.47.174 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: fbd92dd4551b542d8813290bc4b227b4d87c9a64c8ed3aca239386bee645db1a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 16:16:36 GMT
last-modified: Sat, 01 Jun 2024 21:50:46 GMT
x-cdn: Imperva
etag: "1dab46dc1fe73bd"
content-type: image/png
x-iinfo: 3-69189280-69189372 2CNN RT(1717517794886 1205) q(0 0 0 -1) r(0 0)
cache-control: max-age=10832, public
content-length: 36029
expires: Tue, 04 Jun 2024 19:17:08 GMT

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f931b99e6b3fcd0015ad50f7f4a2b737197cef957af953a00102a1ad0efa3a9

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 46 KB
46 KB 160ms
43ms Font
font/woff2 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://www.employeenavigator.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 14:10:43 GMT
x-content-type-options: nosniff
age: 7553
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Jun 2025 14:10:43 GMT

GET
H2 200 favicon.ico
www.employeenavigator.com/identity/ 1 KB
1 KB 43ms
42ms Other
image/x-icon 45.60.47.174
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.employeenavigator.com/identity/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.47.174 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 494191d1f58659c3108c26bc8f7239826a80f060e26f5c2b23746ea27a37c3d0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 16:16:36 GMT
last-modified: Sat, 01 Jun 2024 21:50:46 GMT
x-cdn: Imperva
etag: "1dab46dc1fefb7e"
content-type: image/x-icon
x-iinfo: 3-69189280-69186767 2CNN RT(1717517794886 1440) q(0 0 0 -1) r(0 0)
cache-control: max-age=9042, public
content-length: 1150
expires: Tue, 04 Jun 2024 18:47:18 GMT

GET
H2 200 favicon.ico
www.employeenavigator.com/identity/ 1 KB
0 0ms
0ms Other
image/x-icon 45.60.47.174
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.employeenavigator.com/identity/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.47.174 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 494191d1f58659c3108c26bc8f7239826a80f060e26f5c2b23746ea27a37c3d0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 16:16:36 GMT
last-modified: Sat, 01 Jun 2024 21:50:46 GMT
x-cdn: Imperva
etag: "1dab46dc1fefb7e"
content-type: image/x-icon
x-iinfo: 3-69189280-69186767 2CNN RT(1717517794886 1440) q(0 0 0 -1) r(0 0)
cache-control: max-age=9042, public
content-length: 1150
expires: Tue, 04 Jun 2024 18:47:18 GMT

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| Duo object| webpackChunkclientapp

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.employeenavigator.com/benefits/signin-oidc	1970-01-20 21:05:21	Name: .AspNetCore.OpenIdConnect.Nonce.CfDJ8LJzxPmNnEJDmSoADVaacM4u0f-lqXKMcOG_TsHQDeNiMLnFrswWqhA44M2ns4ODV3pbzfnxXJ-ycik89lH0a-SVCdnOFs6TY6Juky3miP7L5nbCkYTOdGPSKzsopJE_STLgieN-F9UsDb22AhYaxVYzWjJBayv87YbiBuKq7ZJIPF9bHoKAbudJSSNj3C7xF5zvPDBtxonEy4q-ItsSkqCK-i2S-b41_IJjx7uqbFLFl3FTy8IA3od5JZ2reKk3vE_ImxtQIICpUEcMm3vFihs Value: N
www.employeenavigator.com/benefits/signin-oidc	1970-01-20 21:05:21	Name: .AspNetCore.Correlation.wsX3tR9Bp6CALDiuPi4_U6v1Z1_rN4n_sNsnoT4ayj4 Value: N
www.employeenavigator.com/identity	1969-12-31 23:59:59	Name: .AspNetCore.Antiforgery.MgzfRmisCz8 Value: CfDJ8MFC_FcVC5tFuRo0JarZx3xLO_NM_Xxv3YEJzs-pa6ijJl0AgOgaCfQXY9t3xg5dWCC_16lJGxKk0Q_i8KugP2iXcb3UI1ytGPZUAVaJAR5JDBlqKrvpndS8I9rGqf5Xs1ItxDZwklHv2Gr0mOV0JHk
www.employeenavigator.com/	1969-12-31 23:59:59	Name: ApplicationGatewayAffinityCORS Value: fce0ca3ef571091118b44f9cee0df729
www.employeenavigator.com/	1969-12-31 23:59:59	Name: ApplicationGatewayAffinity Value: fce0ca3ef571091118b44f9cee0df729
.employeenavigator.com/	1970-01-21 05:49:51	Name: visid_incap_1765523 Value: u5q/0To+S3yPDpYGjd17COI9X2YAAAAAQUIPAAAAAADgEwGsHux8pwaR9SwqVZBD
.employeenavigator.com/	1969-12-31 23:59:59	Name: nlbi_1765523 Value: 6PvdZ6dmXEzIVj4onSdEKQAAAAAtBPgi5gitTDuw2sRy0p+5
.employeenavigator.com/	1969-12-31 23:59:59	Name: incap_ses_730_1765523 Value: bxZ9DGAcK3IbDCrmPXshCuM9X2YAAAAARdr0xQGFBuImZ+U9rYXCEw==

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://www.employeenavigator.com/identity/Account/Login?ReturnUrl=%2Fidentity%2Fconnect%2Fauthorize%2Fcallback%3FauthzId%3D4CFA35B3E8CF09FB72EDBB2C1FB3BCA7B71D31F2D79A0F214D579D266BB708C7 Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'none'; default-src 'self'; object-src 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; style-src 'self' .employeenavigator.net .employeenavigator.com https://fonts.googleapis.com; font-src 'self' .employeenavigator.net .employeenavigator.com https://fonts.gstatic.com; img-src 'self' data:; frame-src 'self' *.duosecurity.com; script-src 'self';
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Security-Policy	frame-ancestors 'none'; default-src 'self'; object-src 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self'; style-src 'self' .employeenavigator.net .employeenavigator.com https://fonts.googleapis.com; font-src 'self' .employeenavigator.net .employeenavigator.com https://fonts.gstatic.com; img-src 'self' data:; frame-src 'self' *.duosecurity.com; script-src 'self';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
www.employeenavigator.com
2a00:1450:4001:812::200a
2a00:1450:4001:81d::2003
45.60.47.174
00008d2a6bb44551ff155148e5fedbcc0fdf8d710d908581fdf04dd96dfb31ca
1e45485b407d6ad9586f43214be48521ecf22063c4aa27cab6eb110b204d18cf
494191d1f58659c3108c26bc8f7239826a80f060e26f5c2b23746ea27a37c3d0
5f931b99e6b3fcd0015ad50f7f4a2b737197cef957af953a00102a1ad0efa3a9
60e5cf305b0393e1aef77b77dcf172f17c7c4c2c5293f6cbf9945eea12136c5e
6637891f38eacc506051e1296cf21f6d0788d1bf417b20bc833f418793a1e1b0
67c850ed571cf40f5b3dae1f53d07a7f446125523d63f560ce9a96f8df6930cc
6a64e0981e0cb92b72a00fb2915210c6e4af4b8cdeb80dc4f7637e2068f26848
75c23aee9112cfe7ee441c3f774bd624e657a2be53cd6a8e5b5a394b71d147b7
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
ef9c554bca3ce5b9f978b626ff8c3a441c0468af2599bdb4e9b6b32f6743f058
f585c97cd2ac33703d1cb636b4940a8007885bd485e6c14af92fa3cbfb54dea6
fbd92dd4551b542d8813290bc4b227b4d87c9a64c8ed3aca239386bee645db1a

www.employeenavigator.com Open in urlscan Pro 45.60.47.174 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

4 IPs

2 Countries

175 kBTransfer

498 kBSize

8 Cookies

0 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

8 Cookies

1 Console Messages

Security Headers

Indicators

www.employeenavigator.com Open in urlscan Pro
45.60.47.174 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

175 kB
Transfer

498 kB
Size

8
Cookies

13 HTTP transactions
1 data transactions