urlscan.io logo urlscan.io
SecurityTrails logo

drhrclient-app.origenate.com Open in urlscan Pro
66.77.52.11  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://drhrclient-app.origenate.com/
Effective URL: https://drhrclient-app.origenate.com/origenate/securitycontrol/default.cfm
Submission: On September 28 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 15 HTTP transactions. The main IP is 66.77.52.11, located in United States and belongs to CENTURYLINK-US-LEGACY-QWEST, US. The main domain is drhrclient-app.origenate.com.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on September 28th 2022. Valid for: a year.
This is the only time drhrclient-app.origenate.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
15 66.77.52.11 209 (CENTURYLI...)
15 1
Apex Domain
Subdomains		 Transfer
15 origenate.com
drhrclient-app.origenate.com
221 KB
15 1
Domain Requested by
15 drhrclient-app.origenate.com drhrclient-app.origenate.com
15 1

This site contains no links.

Subject Issuer Validity Valid
drhrclient-app.origenate.com
Sectigo RSA Organization Validation Secure Server CA		 2022-09-28 -
2023-10-28		 a year crt.sh

This page contains 1 frames:

Primary Page: https://drhrclient-app.origenate.com/origenate/securitycontrol/default.cfm
Frame ID: D63EC183B19F92DAACA400DEC91F68F6
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Origenate® by FIS - Login

Page URL History Show full URLs

  1. https://drhrclient-app.origenate.com/ Page URL
  2. https://drhrclient-app.origenate.com/origenate/securitycontrol/default.cfm Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.cfm(?:$|\?)

Page Statistics

15
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

221 kB
Transfer

214 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://drhrclient-app.origenate.com/ Page URL
  2. https://drhrclient-app.origenate.com/origenate/securitycontrol/default.cfm Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
drhrclient-app.origenate.com/ 		175 B
598 B 		Document
General
Check archive.org
Download Go to
Full URL
https://drhrclient-app.origenate.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
66.77.52.11 , United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS
Software
/
Resource Hash
58bb0de55fd78947276639a02ab9192eb641e9e15ee15cfc223fa7492f072f4f
Security Headers
Name Value
Content-Security-Policy default-src 'self';
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Language
en-US
Content-Security-Policy
default-src 'self';
Content-Type
text/html; charset=UTF-8
Date
Wed, 28 Sep 2022 14:10:00 GMT
Keep-Alive
timeout=10, max=100
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
Primary Request default.cfm
drhrclient-app.origenate.com/origenate/securitycontrol/ 		13 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://drhrclient-app.origenate.com/origenate/securitycontrol/default.cfm
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
66.77.52.11 , United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS
Software
/
Resource Hash
c294cf016852505685f9b6f5991108ae008709e792728e9483fa900359a0a7d2
Security Headers
Name Value
Content-Security-Policy default-src 'self';
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://drhrclient-app.origenate.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache="set-cookie, set-cookie2"
Connection
Keep-Alive
Content-Language
en-US
Content-Security-Policy
default-src 'self';
Content-Type
text/html; charset=UTF-8
Date
Wed, 28 Sep 2022 14:10:00 GMT
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Keep-Alive
timeout=10, max=99
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
detectIE.js
drhrclient-app.origenate.com/origenate/scripts/ 		428 B
876 B 		Script
General
Check archive.org
Download Go to
Full URL
https://drhrclient-app.origenate.com/origenate/scripts/detectIE.js
Requested by
Host: drhrclient-app.origenate.com
URL: https://drhrclient-app.origenate.com/origenate/securitycontrol/default.cfm
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
66.77.52.11 , United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS
Software
/
Resource Hash
05da182f3c305cf40cc36f40f2866e48ab6c39c5f83de872e97fb73eace929c6
Security Headers
Name Value
Content-Security-Policy default-src 'self';
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://drhrclient-app.origenate.com/origenate/securitycontrol/default.cfm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 14:10:01 GMT
Content-Security-Policy
default-src 'self';
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Last-Modified
Mon, 21 Mar 2022 07:49:02 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Content-Language
en-US
Connection
Keep-Alive
Keep-Alive
timeout=10, max=98
Content-Length
428
X-XSS-Protection
1; mode=block
exitpage.js
drhrclient-app.origenate.com/origenate/scripts/ 		13 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://drhrclient-app.origenate.com/origenate/scripts/exitpage.js
Requested by
Host: drhrclient-app.origenate.com
URL: https://drhrclient-app.origenate.com/origenate/securitycontrol/default.cfm
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
66.77.52.11 , United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS
Software
/
Resource Hash
ddbb8002ceabae97491abfb12a0ac1434ae225e52c395d015195709a507db7a4
Security Headers
Name Value
Content-Security-Policy default-src 'self';
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://drhrclient-app.origenate.com/origenate/securitycontrol/default.cfm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 14:10:01 GMT
Content-Security-Policy
default-src 'self';
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Last-Modified
Mon, 21 Mar 2022 07:49:02 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Content-Language
en-US
Connection
Keep-Alive
Keep-Alive
timeout=10, max=100
Content-Length
13411
X-XSS-Protection
1; mode=block
validatefield.js
drhrclient-app.origenate.com/origenate/scripts/ 		60 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://drhrclient-app.origenate.com/origenate/scripts/validatefield.js
Requested by
Host: drhrclient-app.origenate.com
URL: https://drhrclient-app.origenate.com/origenate/securitycontrol/default.cfm
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
66.77.52.11 , United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS
Software
/
Resource Hash
67ce946930f8eb6ccad6cf532a9f0fa75cc705be337cdb58756cfaf0f9e9c319
Security Headers
Name Value
Content-Security-Policy default-src 'self';
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://drhrclient-app.origenate.com/origenate/securitycontrol/default.cfm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 14:10:01 GMT
Content-Security-Policy
default-src 'self';
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Last-Modified
Mon, 21 Mar 2022 07:49:04 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Content-Language
en-US
Connection
Keep-Alive
Keep-Alive
timeout=10, max=100
Content-Length
60945
X-XSS-Protection
1; mode=block
sitewidestyle.css
drhrclient-app.origenate.com/origenate/ 		33 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://drhrclient-app.origenate.com/origenate/sitewidestyle.css
Requested by
Host: drhrclient-app.origenate.com
URL: https://drhrclient-app.origenate.com/origenate/securitycontrol/default.cfm
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
66.77.52.11 , United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS
Software
/
Resource Hash
7f3de15a3cf1058e30ddc037ae8498284c93242c046ff744a21c37c4e281d293
Security Headers
Name Value
Content-Security-Policy default-src 'self';
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://drhrclient-app.origenate.com/origenate/securitycontrol/default.cfm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 14:10:01 GMT
Content-Security-Policy
default-src 'self';
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Last-Modified
Mon, 21 Mar 2022 07:48:40 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Content-Language
en-US
Connection
Keep-Alive
Keep-Alive
timeout=10, max=97
Content-Length
33640
X-XSS-Protection
1; mode=block
img_money.jpg
drhrclient-app.origenate.com/origenate/securitycontrol/images/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://drhrclient-app.origenate.com/origenate/securitycontrol/images/img_money.jpg
Requested by
Host: drhrclient-app.origenate.com
URL: https://drhrclient-app.origenate.com/origenate/securitycontrol/default.cfm
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
66.77.52.11 , United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS
Software
/
Resource Hash
8e5b7d01f5b0dfa881db12a282d5f40bf33020fafcd4aecc3640e4420371ff41
Security Headers
Name Value
Content-Security-Policy default-src 'self';
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://drhrclient-app.origenate.com/origenate/securitycontrol/default.cfm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 14:10:01 GMT
Content-Security-Policy
default-src 'self';
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Last-Modified
Mon, 21 Mar 2022 07:48:40 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Content-Language
en-US
Connection
Keep-Alive
Keep-Alive
timeout=10, max=96
Content-Length
23777
X-XSS-Protection
1; mode=block
img_origenatelogosmall.gif
drhrclient-app.origenate.com/origenate/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://drhrclient-app.origenate.com/origenate/images/img_origenatelogosmall.gif
Requested by
Host: drhrclient-app.origenate.com
URL: https://drhrclient-app.origenate.com/origenate/securitycontrol/default.cfm
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
66.77.52.11 , United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS
Software
/
Resource Hash
90673478ebf202fa70a00fa1dc056e4a17b437c6a3d71b983968b356db83d4bc
Security Headers
Name Value
Content-Security-Policy default-src 'self';
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://drhrclient-app.origenate.com/origenate/securitycontrol/default.cfm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 14:10:01 GMT
Content-Security-Policy
default-src 'self';
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Last-Modified
Mon, 21 Mar 2022 07:48:28 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Content-Language
en-US
Connection
Keep-Alive
Keep-Alive
timeout=10, max=99
Content-Length
3283
X-XSS-Protection
1; mode=block
img_magnify.jpg
drhrclient-app.origenate.com/origenate/securitycontrol/images/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://drhrclient-app.origenate.com/origenate/securitycontrol/images/img_magnify.jpg
Requested by
Host: drhrclient-app.origenate.com
URL: https://drhrclient-app.origenate.com/origenate/securitycontrol/default.cfm
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
66.77.52.11 , United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS
Software
/
Resource Hash
68af297d16b5aa11aa1e70ef7e4a14a0adb013558fe4e95e0b50d8c522902403
Security Headers
Name Value
Content-Security-Policy default-src 'self';
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://drhrclient-app.origenate.com/origenate/securitycontrol/default.cfm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 14:10:01 GMT
Content-Security-Policy
default-src 'self';
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Last-Modified
Mon, 21 Mar 2022 07:48:40 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Content-Language
en-US
Connection
Keep-Alive
Keep-Alive
timeout=10, max=99
Content-Length
20207
X-XSS-Protection
1; mode=block
img_chess.jpg
drhrclient-app.origenate.com/origenate/securitycontrol/images/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://drhrclient-app.origenate.com/origenate/securitycontrol/images/img_chess.jpg
Requested by
Host: drhrclient-app.origenate.com
URL: https://drhrclient-app.origenate.com/origenate/securitycontrol/default.cfm
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
66.77.52.11 , United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS
Software
/
Resource Hash
cab86df0c9d0e91abbb93f8c20f31b4ebee507f828abca4392b5247b9c3a6ea7
Security Headers
Name Value
Content-Security-Policy default-src 'self';
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://drhrclient-app.origenate.com/origenate/securitycontrol/default.cfm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 14:10:01 GMT
Content-Security-Policy
default-src 'self';
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Last-Modified
Mon, 21 Mar 2022 07:48:40 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Content-Language
en-US
Connection
Keep-Alive
Keep-Alive
timeout=10, max=100
Content-Length
18775
X-XSS-Protection
1; mode=block
img_keyboard.jpg
drhrclient-app.origenate.com/origenate/securitycontrol/images/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://drhrclient-app.origenate.com/origenate/securitycontrol/images/img_keyboard.jpg
Requested by
Host: drhrclient-app.origenate.com
URL: https://drhrclient-app.origenate.com/origenate/securitycontrol/default.cfm
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
66.77.52.11 , United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS
Software
/
Resource Hash
7e16c2f9f79cbff7de13870b6e3c443099188d4c354908f1f00c80c93dfc6f32
Security Headers
Name Value
Content-Security-Policy default-src 'self';
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://drhrclient-app.origenate.com/origenate/securitycontrol/default.cfm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 14:10:01 GMT
Content-Security-Policy
default-src 'self';
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Last-Modified
Mon, 21 Mar 2022 07:48:40 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Content-Language
en-US
Connection
Keep-Alive
Keep-Alive
timeout=10, max=100
Content-Length
18387
X-XSS-Protection
1; mode=block
img_loginbluebullet.gif
drhrclient-app.origenate.com/origenate/securitycontrol/images/ 		145 B
581 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://drhrclient-app.origenate.com/origenate/securitycontrol/images/img_loginbluebullet.gif
Requested by
Host: drhrclient-app.origenate.com
URL: https://drhrclient-app.origenate.com/origenate/securitycontrol/default.cfm
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
66.77.52.11 , United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS
Software
/
Resource Hash
6a61502310049e3447bd9b7473db8622d7d51fa0dd00e8ea26f66f1d2d228cfe
Security Headers
Name Value
Content-Security-Policy default-src 'self';
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://drhrclient-app.origenate.com/origenate/securitycontrol/default.cfm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 14:10:01 GMT
Content-Security-Policy
default-src 'self';
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Last-Modified
Mon, 21 Mar 2022 07:48:40 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Content-Language
en-US
Connection
Keep-Alive
Keep-Alive
timeout=10, max=100
Content-Length
145
X-XSS-Protection
1; mode=block
img_button_left.gif
drhrclient-app.origenate.com/origenate/images/ 		964 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://drhrclient-app.origenate.com/origenate/images/img_button_left.gif
Requested by
Host: drhrclient-app.origenate.com
URL: https://drhrclient-app.origenate.com/origenate/securitycontrol/default.cfm
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
66.77.52.11 , United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS
Software
/
Resource Hash
cefb635f5f1e11494fed123ee1c7eefdcda51a9dc2410ea79469360d93b9eb67
Security Headers
Name Value
Content-Security-Policy default-src 'self';
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://drhrclient-app.origenate.com/origenate/securitycontrol/default.cfm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 14:10:01 GMT
Content-Security-Policy
default-src 'self';
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Last-Modified
Mon, 21 Mar 2022 07:48:28 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Content-Language
en-US
Connection
Keep-Alive
Keep-Alive
timeout=10, max=98
Content-Length
964
X-XSS-Protection
1; mode=block
img_button_right.gif
drhrclient-app.origenate.com/origenate/images/ 		991 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://drhrclient-app.origenate.com/origenate/images/img_button_right.gif
Requested by
Host: drhrclient-app.origenate.com
URL: https://drhrclient-app.origenate.com/origenate/securitycontrol/default.cfm
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
66.77.52.11 , United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS
Software
/
Resource Hash
d9037112e3af69af37be913bd3a14a76dffaac7a135d98dd0f9f95969e6b0e4f
Security Headers
Name Value
Content-Security-Policy default-src 'self';
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://drhrclient-app.origenate.com/origenate/securitycontrol/default.cfm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 14:10:01 GMT
Content-Security-Policy
default-src 'self';
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Last-Modified
Mon, 21 Mar 2022 07:48:28 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Content-Language
en-US
Connection
Keep-Alive
Keep-Alive
timeout=10, max=95
Content-Length
991
X-XSS-Protection
1; mode=block
CMSIlogo.png
drhrclient-app.origenate.com/origenate/images/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://drhrclient-app.origenate.com/origenate/images/CMSIlogo.png
Requested by
Host: drhrclient-app.origenate.com
URL: https://drhrclient-app.origenate.com/origenate/securitycontrol/default.cfm
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
66.77.52.11 , United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS
Software
/
Resource Hash
27c6016c987a1d0c830c916591d93395bc3a66e6197d741ca619023dae78b13a
Security Headers
Name Value
Content-Security-Policy default-src 'self';
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://drhrclient-app.origenate.com/origenate/securitycontrol/default.cfm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 14:10:01 GMT
Content-Security-Policy
default-src 'self';
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Last-Modified
Mon, 21 Mar 2022 07:48:28 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Content-Language
en-US
Connection
Keep-Alive
Keep-Alive
timeout=10, max=94
Content-Length
10383
X-XSS-Protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

135 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| detectIE string| objChangedFrame string| nextActURL number| multiSubmitFrmNo number| calcBfrSaveFldNo number| psm_scenario_select function| exitPage function| submitPage function| checkDataChange function| getAlertMessage function| isDataChanged function| ReportChange function| ReportMultiChange function| WndMaximize function| checkPSMCallChange function| mm_changeItemProperty function| mm_getItemProperty function| popupComment boolean| blnValueFailed string| strErrorMessage function| showErrors number| invalidFieldAlertRunning function| invalidField function| validField function| resetInvalidFields function| handleFailedFlag function| forceComment function| checkSpecialChar function| getPercentValue function| checkRequiredField function| checkEmptyValue function| checkRate function| checkRate2 function| checkRate4 function| checkRate5 function| checkRate6 function| checkSpecialChar2 function| checkDate function| checkDtFormat function| validateCanadianDate2 function| validateUSDate2 function| validateUSDate function| validateCanadianDate function| ValidateMonth function| checkCreditCardMonth function| checkCreditCardYear function| isNumberKey function| formatDateRemoveTime function| formatDateOfBirth function| maskDate function| formatDate function| formatDateMMDDYYYY function| formatDateYYYYMMDD function| validateBetweenDates function| getDateDiff function| toUSDate function| validateDateTime function| checkTime function| checkNumber function| validateNumeric function| checkInteger function| validateInteger function| checkPositiveInteger function| validateRange function| checkRange function| validateNum function| checkCurrency function| checkCurrencyValue function| getCurrencyValue function| formatNumericAndCurrency function| checkSSN function| validateSSN function| formatSSN function| checkSIN function| validateSIN function| formatSIN function| CheckYear function| CheckCollateralYear function| checkAppId function| validateAppId function| checkTaxID function| validateTaxID function| formatTaxID function| checkAreaCode function| validateAreaCode function| formatAreaCode function| checkPhoneNumber function| validatePhoneNumber function| formatPhoneNumber function| checkPhoneNumberNew function| validatePhoneNumberNew function| formatPhoneNumberNew function| checkAreaCdPhone function| checkPostalCode function| checkZipCode function| checkZipCodeExt function| validateZipCode function| validatePostalCode function| validateZipCodeExt function| checkTenDigitPhone function| removeCurrency function| removePhoneNumberFormat function| removeCommas function| removeDash function| removeParenthesis function| removePercent function| removeSpace function| updatePhone function| updateCurrency function| updateDate function| updateSSN function| updatePercent function| updateZipCode function| validYear function| validCurrency function| validPercent function| validateVIN function| clone function| encodeApostrophe function| trim function| decodeHTMLEntities function| getSelectedText function| checkAlphaNumeric function| isAlphaNumeric function| checkEntry function| rtrimZeroesInDecimal

0 Cookies

14 Console Messages

Source Level URL
Text
security error URL: https://drhrclient-app.origenate.com/origenate/securitycontrol/default.cfm(Line 10)
Message:
Refused to execute inline script because it violates the following Content Security Policy directive: "default-src 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-9nn8zeIalOlPyQ101eihm9Nss7T4ml8Y3/ous+JDEWk='), or a nonce ('nonce-...') is required to enable inline execution. Note also that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://drhrclient-app.origenate.com/origenate/securitycontrol/default.cfm(Line 27)
Message:
Refused to execute inline script because it violates the following Content Security Policy directive: "default-src 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-A9QeSa6z2TWE1aJUBzRSJDkgGTZiRmmWpKd5ZnmooUg='), or a nonce ('nonce-...') is required to enable inline execution. Note also that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://drhrclient-app.origenate.com/origenate/securitycontrol/default.cfm(Line 73)
Message:
Refused to execute inline script because it violates the following Content Security Policy directive: "default-src 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-06oLs12UAuQdFYQQnJf91BkNY5nM5TQF1wshYlulKF0='), or a nonce ('nonce-...') is required to enable inline execution. Note also that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://drhrclient-app.origenate.com/origenate/securitycontrol/default.cfm(Line 132)
Message:
Refused to execute inline script because it violates the following Content Security Policy directive: "default-src 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-Fh/v8YLUcj01lhRKRZZ7/5wOnZ8P38vWmlLyGgs8yGQ='), or a nonce ('nonce-...') is required to enable inline execution. Note also that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://drhrclient-app.origenate.com/origenate/securitycontrol/default.cfm(Line 149)
Message:
Refused to apply inline style because it violates the following Content Security Policy directive: "default-src 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-HTLuRZ9vJMRLSzkZ4Prs2Lf5vIV5vjySZU0a2pQ4K+k='), or a nonce ('nonce-...') is required to enable inline execution. Note also that 'style-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://drhrclient-app.origenate.com/origenate/securitycontrol/default.cfm(Line 190)
Message:
Refused to execute inline script because it violates the following Content Security Policy directive: "default-src 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-wrF79pi9yRLV4WZcRAkxLsdlIk7q9PtWEHFm3jiADJc='), or a nonce ('nonce-...') is required to enable inline execution. Note also that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://drhrclient-app.origenate.com/origenate/securitycontrol/default.cfm(Line 226)
Message:
Refused to apply inline style because it violates the following Content Security Policy directive: "default-src 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-zcaknFhlfGVoNuZqVyKmASJSUE9huN4V3Hlh7YqqGoU='), or a nonce ('nonce-...') is required to enable inline execution. Note that hashes do not apply to event handlers, style attributes and javascript: navigations unless the 'unsafe-hashes' keyword is present. Note also that 'style-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://drhrclient-app.origenate.com/origenate/securitycontrol/default.cfm(Line 337)
Message:
Refused to apply inline style because it violates the following Content Security Policy directive: "default-src 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-Kxvrtqt78chyqm/hPNGQuvGQgCyaeirEcab4gsDN/5g='), or a nonce ('nonce-...') is required to enable inline execution. Note that hashes do not apply to event handlers, style attributes and javascript: navigations unless the 'unsafe-hashes' keyword is present. Note also that 'style-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://drhrclient-app.origenate.com/origenate/securitycontrol/default.cfm(Line 339)
Message:
Refused to apply inline style because it violates the following Content Security Policy directive: "default-src 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-Ed5sSrSU+vETpCyjeFhfIJl0TI5dDezUHRhK6tulxfU='), or a nonce ('nonce-...') is required to enable inline execution. Note that hashes do not apply to event handlers, style attributes and javascript: navigations unless the 'unsafe-hashes' keyword is present. Note also that 'style-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://drhrclient-app.origenate.com/origenate/securitycontrol/default.cfm(Line 361)
Message:
Refused to apply inline style because it violates the following Content Security Policy directive: "default-src 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-Ed5sSrSU+vETpCyjeFhfIJl0TI5dDezUHRhK6tulxfU='), or a nonce ('nonce-...') is required to enable inline execution. Note that hashes do not apply to event handlers, style attributes and javascript: navigations unless the 'unsafe-hashes' keyword is present. Note also that 'style-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://drhrclient-app.origenate.com/origenate/securitycontrol/default.cfm(Line 368)
Message:
Refused to execute inline script because it violates the following Content Security Policy directive: "default-src 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-Bsbdc/wpJCGfEAYOmgYLrph7B315jeXancuMLtp/cMQ='), or a nonce ('nonce-...') is required to enable inline execution. Note also that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://drhrclient-app.origenate.com/origenate/securitycontrol/default.cfm(Line 380)
Message:
Refused to apply inline style because it violates the following Content Security Policy directive: "default-src 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-rZjNgGkd/mr7NXFPVOAM73lQ0hBzk06W7/M6FaBhsvw='), or a nonce ('nonce-...') is required to enable inline execution. Note that hashes do not apply to event handlers, style attributes and javascript: navigations unless the 'unsafe-hashes' keyword is present. Note also that 'style-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://drhrclient-app.origenate.com/origenate/securitycontrol/default.cfm(Line 226)
Message:
Refused to execute inline event handler because it violates the following Content Security Policy directive: "default-src 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-...'), or a nonce ('nonce-...') is required to enable inline execution. Note that hashes do not apply to event handlers, style attributes and javascript: navigations unless the 'unsafe-hashes' keyword is present. Note also that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 6)
Message:
Refused to execute inline event handler because it violates the following Content Security Policy directive: "default-src 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-...'), or a nonce ('nonce-...') is required to enable inline execution. Note that hashes do not apply to event handlers, style attributes and javascript: navigations unless the 'unsafe-hashes' keyword is present. Note also that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self';
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block