urlscan.io logo urlscan.io
SecurityTrails logo

uat-client.momentapeople.com Open in urlscan Pro
52.178.214.89  Public Scan

Go To Rescan Add Verdict Report
URL: https://uat-client.momentapeople.com/
Submission: On November 09 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 4 countries across 7 domains to perform 18 HTTP transactions. The main IP is 52.178.214.89, located in Dublin, Ireland and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is uat-client.momentapeople.com.
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on June 23rd 2024. Valid for: 6 months.
This is the only time uat-client.momentapeople.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 52.178.214.89 8075 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
8 2606:2800:133... 15133 (EDGECAST)
3 2a00:1450:400... 15169 (GOOGLE)
2 20.50.88.242 8075 (MICROSOFT...)
18 6
2    52.178.214.89 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
uat-client.momentapeople.com
2    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
8    2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)
momenta-live.azureedge.net
az416426.vo.msecnd.net
3    2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    20.50.88.242 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com
Apex Domain
Subdomains		 Transfer
7 azureedge.net
momenta-live.azureedge.net
2 MB
3 gstatic.com
fonts.gstatic.com
68 KB
2 visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 785
200 B
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
1 KB
2 momentapeople.com
uat-client.momentapeople.com
5 KB
1 msecnd.net
az416426.vo.msecnd.net — Cisco Umbrella Rank: 3081
22 KB
0 polyfill.io Failed
cdn.polyfill.io Failed
18 7
Domain Requested by
7 momenta-live.azureedge.net uat-client.momentapeople.com
3 fonts.gstatic.com fonts.googleapis.com
2 dc.services.visualstudio.com az416426.vo.msecnd.net
2 fonts.googleapis.com uat-client.momentapeople.com
momenta-live.azureedge.net
2 uat-client.momentapeople.com momenta-live.azureedge.net
1 az416426.vo.msecnd.net momenta-live.azureedge.net
0 cdn.polyfill.io Failed uat-client.momentapeople.com
18 7

This site contains no links.

Subject Issuer Validity Valid
uat-client.momentapeople.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2024-06-23 -
2024-12-23		 6 months crt.sh
upload.video.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2024-06-06 -
2025-06-06		 a year crt.sh
*.gstatic.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
prod.ai.ingestion.msftcloudes.com
Microsoft Azure RSA TLS Issuing CA 08		 2024-09-08 -
2025-09-03		 a year crt.sh

This page contains 1 frames:

Primary Page: https://uat-client.momentapeople.com/
Frame ID: A590BAFBD736CDBF09373F692B893615
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Momenta Client

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

18
Requests

94 %
HTTPS

60 %
IPv6

7
Domains

7
Subdomains

6
IPs

4
Countries

2096 kB
Transfer

2952 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
uat-client.momentapeople.com/ 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://uat-client.momentapeople.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.178.214.89 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2a5ad50fca3932fe6bc7f191f6461ee210feed633bff870acff59a895e50774e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Cache-Control
no-cache, no-store
Content-Encoding
gzip
Content-Security-Policy-Report-Only
default-src 'self' https: fonts.gstatic.com fonts.googleapis.com/ https://cdn.polyfill.io/ https://*.vo.msecnd.net https://momenta-live.azureedge.net/cdn;font-src 'self' https: https://momenta-live.azureedge.net/cdn data:
Content-Type
text/html
Date
Sat, 09 Nov 2024 19:32:42 GMT
Feature-Policy
geolocation 'self'; midi 'self'; notifications 'self'; push 'self'; sync-xhr 'self'; microphone 'self'; camera 'self'; magnetometer 'self'; gyroscope 'self'; speaker 'self'; vibrate 'self'; fullscreen 'self'; payment 'self'; accelerometer 'self'; ambient-light-sensor 'self'; autoplay 'self'; encrypted-media 'self'; picture-in-picture 'self'; usb 'self'; vr 'self'
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Request-Context
appId=cid-v1:b5fdf0cf-87c4-4632-818b-6d725ca17c7d
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-XSS-Protection
1; mode=block
x-ms-middleware-request-id
1d6624b7-18eb-4e74-a3c9-c8d023102be9
css
fonts.googleapis.com/ 		2 KB
908 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,700&display=swap
Requested by
Host: uat-client.momentapeople.com
URL: https://uat-client.momentapeople.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7f690815acf9314671e9db3d85906bdf1bde583bc9fa5ff2607de597bbeef379
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://uat-client.momentapeople.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sat, 09 Nov 2024 19:32:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 09 Nov 2024 19:32:43 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sat, 09 Nov 2024 17:35:47 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
92821267.css
momenta-live.azureedge.net/cdn/7.2.0.4866/vendors~associate~client~people~umbrella/css/ 		1 MB
1 MB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://momenta-live.azureedge.net/cdn/7.2.0.4866/vendors~associate~client~people~umbrella/css/92821267.css
Requested by
Host: uat-client.momentapeople.com
URL: https://uat-client.momentapeople.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5099a3af3e8108aa8a0ccb9d11d5cffec61ca95949718d3c7811183866bd4471

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://uat-client.momentapeople.com/

Response headers

content-md5
037dOuFFWXhWDAqAhcplAQ==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-lease-status
unlocked
x-ms-version
2009-09-19
etag
0x8DCFCE660B8BC5A
x-ms-request-id
969c3bab-601e-0039-7bde-32c12d000000
access-control-allow-origin
*
content-length
1419868
date
Sat, 09 Nov 2024 19:32:43 GMT
content-type
text/css
last-modified
Mon, 04 Nov 2024 15:35:57 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type
BlockBlob
40351694.css
momenta-live.azureedge.net/cdn/7.2.0.4866/client/css/ 		135 KB
135 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://momenta-live.azureedge.net/cdn/7.2.0.4866/client/css/40351694.css
Requested by
Host: uat-client.momentapeople.com
URL: https://uat-client.momentapeople.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
c2280c8931d7055bfcdae6e3249dd7eff4d19d1178fbbb68f8b4fc506455fa33

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://uat-client.momentapeople.com/

Response headers

content-md5
s/8RKSPtypeLfKsFq2Uw9Q==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-lease-status
unlocked
x-ms-version
2009-09-19
etag
0x8DCFCE6608B01C7
x-ms-request-id
da11c278-c01e-006d-0ade-328e7a000000
access-control-allow-origin
*
content-length
138036
date
Sat, 09 Nov 2024 19:32:42 GMT
content-type
text/css
last-modified
Mon, 04 Nov 2024 15:35:57 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type
BlockBlob
polyfill.min.js
cdn.polyfill.io/v2/ 		0
0
92821267.js
momenta-live.azureedge.net/cdn/7.2.0.4866/vendors~associate~client~people~umbrella/js/ 		948 KB
261 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://momenta-live.azureedge.net/cdn/7.2.0.4866/vendors~associate~client~people~umbrella/js/92821267.js
Requested by
Host: uat-client.momentapeople.com
URL: https://uat-client.momentapeople.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CCF) /
Resource Hash
bf5d06cc3313a92f006879456e19ad89f5f9e84f0acc118fc7913f03512e6cf6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://uat-client.momentapeople.com/

Response headers

content-md5
I2ML7gxUtbnqUvOCM7FVEA==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-lease-status
unlocked
etag
0x8DCFCE660BDBFD3
age
153190
x-ms-version
2009-09-19
x-cache
HIT
date
Sat, 09 Nov 2024 19:32:43 GMT
content-type
application/x-javascript
last-modified
Mon, 04 Nov 2024 15:35:57 GMT
vary
Accept-Encoding
x-ms-request-id
a163101b-e01e-0018-1579-31e556000000
access-control-allow-origin
*
content-length
266575
x-ms-blob-type
BlockBlob
server
ECAcc (frc/4CCF)
7e6351c9.js
momenta-live.azureedge.net/cdn/7.2.0.4866/client~umbrella/js/ 		139 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://momenta-live.azureedge.net/cdn/7.2.0.4866/client~umbrella/js/7e6351c9.js
Requested by
Host: uat-client.momentapeople.com
URL: https://uat-client.momentapeople.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
bf8122937b9171cfb54b34f1ba277bf01fd95211116bc122f7bb221ab35b58bf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://uat-client.momentapeople.com/

Response headers

content-md5
nSCaE1RxtQe+LcB9mSNjcg==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-lease-status
unlocked
x-ms-version
2009-09-19
etag
0x8DCFCE66092E82A
x-ms-request-id
a612fb88-801e-0043-5dde-32dc6d000000
access-control-allow-origin
*
content-length
142655
date
Sat, 09 Nov 2024 19:32:43 GMT
content-type
application/x-javascript
last-modified
Mon, 04 Nov 2024 15:35:57 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type
BlockBlob
40351694.js
momenta-live.azureedge.net/cdn/7.2.0.4866/client/js/ 		33 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://momenta-live.azureedge.net/cdn/7.2.0.4866/client/js/40351694.js
Requested by
Host: uat-client.momentapeople.com
URL: https://uat-client.momentapeople.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
aeaadd10f97ac1addef9797f06fa0ee89a02fc834133aa2b6ba3ce4b4a1631e8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://uat-client.momentapeople.com/

Response headers

content-md5
DTZXiz7tODJOtbgMIve17A==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-lease-status
unlocked
x-ms-version
2009-09-19
etag
0x8DCFCE6608F9098
x-ms-request-id
9236cc98-401e-0001-11de-3265ed000000
access-control-allow-origin
*
content-length
34114
date
Sat, 09 Nov 2024 19:32:42 GMT
content-type
application/x-javascript
last-modified
Mon, 04 Nov 2024 15:35:57 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type
BlockBlob
css
fonts.googleapis.com/ 		3 KB
573 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin
Requested by
Host: momenta-live.azureedge.net
URL: https://momenta-live.azureedge.net/cdn/7.2.0.4866/vendors~associate~client~people~umbrella/css/92821267.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d52a5150edb54fde546e89151c657cbc4f83edb87452f5cd4662feaa006d5540
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://momenta-live.azureedge.net/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sat, 09 Nov 2024 19:32:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 09 Nov 2024 19:32:43 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sat, 09 Nov 2024 19:10:53 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
currentuser
uat-client.momentapeople.com/api/ 		118 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://uat-client.momentapeople.com/api/currentuser
Requested by
Host: momenta-live.azureedge.net
URL: https://momenta-live.azureedge.net/cdn/7.2.0.4866/vendors~associate~client~people~umbrella/js/92821267.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.178.214.89 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
68356d57c2196d24484a3d2ea2101017854cdd033d654be638480befb40c76dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

X-XSRF-TOKEN
CfDJ8DSroDjz6i5GhNfDvn87rgvuNLOKDQrV_lTpG4itIcylu9Mwzcq1rsNvkcmFmNPVXJIB03pFIDL43eaKcII_p1u7OXO115yHUb3XwVbvObUCqbFZ9Aff_8djnsVH3jUnzL2QIxDIqZvBN8yjEX8fD7M
Referer
https://uat-client.momentapeople.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*

Response headers

Content-Encoding
gzip
X-Content-Type-Options
nosniff
x-ms-middleware-request-id
6d60e0d6-59db-4032-a44d-00e2007385f1
Date
Sat, 09 Nov 2024 19:32:43 GMT
Content-Type
application/json; charset=utf-8
Vary
Accept-Encoding
Feature-Policy
geolocation 'self'; midi 'self'; notifications 'self'; push 'self'; sync-xhr 'self'; microphone 'self'; camera 'self'; magnetometer 'self'; gyroscope 'self'; speaker 'self'; vibrate 'self'; fullscreen 'self'; payment 'self'; accelerometer 'self'; ambient-light-sensor 'self'; autoplay 'self'; encrypted-media 'self'; picture-in-picture 'self'; usb 'self'; vr 'self'
X-Frame-Options
DENY
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Cache-Control
no-cache, no-store
Pragma
no-cache
Content-Security-Policy-Report-Only
default-src 'self' https: fonts.gstatic.com fonts.googleapis.com/ https://cdn.polyfill.io/ https://*.vo.msecnd.net https://momenta-live.azureedge.net/cdn;font-src 'self' https: https://momenta-live.azureedge.net/cdn data:
Referrer-Policy
strict-origin-when-cross-origin
Request-Context
appId=cid-v1:b5fdf0cf-87c4-4632-818b-6d725ca17c7d
X-XSS-Protection
1; mode=block
momenta-logo.webp
momenta-live.azureedge.net/cdn/7.2.0.4866/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://momenta-live.azureedge.net/cdn/7.2.0.4866/images/momenta-logo.webp
Requested by
Host: uat-client.momentapeople.com
URL: https://uat-client.momentapeople.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
11c601d56b9ed91f53cc3001785032aab41129afdb83ccf61ea0b4fe7c18b43b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://uat-client.momentapeople.com/

Response headers

content-md5
PaeGrGDub5YACwaZzlINzQ==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-lease-status
unlocked
x-ms-version
2009-09-19
etag
0x8DCFCE660A302D8
x-ms-request-id
ab206003-001e-005d-0ede-3230b5000000
access-control-allow-origin
*
content-length
2078
date
Sat, 09 Nov 2024 19:32:43 GMT
content-type
application/octet-stream
last-modified
Mon, 04 Nov 2024 15:35:57 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type
BlockBlob
truncated
/ 		98 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2399025d7e6039ef061fe13c4f0862b33e2d6840875925d84f3a51a84e86f15b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
truncated
/ 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
434466b59545a8a1cac6ddb38197cdc6b35995a98c3f3812fb88d61b1c300dd3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://uat-client.momentapeople.com
Referer

Response headers

Content-Type
font/woff2
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://uat-client.momentapeople.com
Referer
https://fonts.googleapis.com/

Response headers

age
274363
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 06 Nov 2025 15:20:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 15:20:00 GMT
last-modified
Tue, 02 May 2023 15:07:25 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
23040
x-xss-protection
0
server
sffe
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://uat-client.momentapeople.com
Referer
https://fonts.googleapis.com/

Response headers

age
274109
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 06 Nov 2025 15:24:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 15:24:14 GMT
last-modified
Tue, 02 May 2023 15:17:22 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
23580
x-xss-protection
0
server
sffe
S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://uat-client.momentapeople.com
Referer
https://fonts.googleapis.com/

Response headers

age
273105
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 06 Nov 2025 15:40:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 15:40:58 GMT
last-modified
Tue, 02 May 2023 15:08:26 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
23236
x-xss-protection
0
server
sffe
ai.0.js
az416426.vo.msecnd.net/scripts/a/ 		94 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: momenta-live.azureedge.net
URL: https://momenta-live.azureedge.net/cdn/7.2.0.4866/vendors~associate~client~people~umbrella/js/92821267.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CD6) /
Resource Hash
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://uat-client.momentapeople.com/

Response headers

content-md5
HdY95yzx9wIyQkVEGES+Ew==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-lease-status
unlocked
etag
0x8D8E461DA1A5889
age
448
x-ms-version
2009-09-19
expires
Sat, 09 Nov 2024 20:02:43 GMT
x-cache
HIT
date
Sat, 09 Nov 2024 19:32:43 GMT
content-type
application/x-javascript
last-modified
Thu, 11 Mar 2021 07:46:59 GMT
vary
Accept-Encoding
cache-control
public, max-age=1800
x-ms-meta-lastmodified
2020-10-01 19:31:04
x-ms-request-id
65a14ce1-401e-000a-4ddd-3289f6000000
access-control-allow-origin
*
content-length
22495
x-ms-blob-type
BlockBlob
server
ECAcc (frc/4CD6)
favicon-32x32.png
momenta-live.azureedge.net/cdn/7.2.0.4866/images/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://momenta-live.azureedge.net/cdn/7.2.0.4866/images/favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
71035f23424e2ea3bdfa16d13eb56324083713e9b60d9916654b26b90a24c954

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://uat-client.momentapeople.com/

Response headers

content-md5
JjAg9nne6RDEHR88wdhyTA==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-lease-status
unlocked
x-ms-version
2009-09-19
etag
0x8DCFCE6609CC835
x-ms-request-id
d3b9740c-201e-0028-07de-325b99000000
access-control-allow-origin
*
content-length
1692
date
Sat, 09 Nov 2024 19:32:43 GMT
content-type
image/png
last-modified
Mon, 04 Nov 2024 15:35:57 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type
BlockBlob
track
dc.services.visualstudio.com/v2/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.88.242 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://uat-client.momentapeople.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context,X-Set-Cross-Origin-Resource-Policy
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
date
Sat, 09 Nov 2024 19:32:43 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
track
dc.services.visualstudio.com/v2/ 		96 B
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.88.242 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
5a48a35d12f6db4d62154c7a40ee24d8776b6304f142776591b7cad1ae40b015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://uat-client.momentapeople.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type
application/json
Sdk-Context
appId

Response headers

strict-transport-security
max-age=31536000
access-control-allow-origin
*
date
Sat, 09 Nov 2024 19:32:43 GMT
content-type
application/json; charset=utf-8
server
Microsoft-HTTPAPI/2.0
x-content-type-options
nosniff

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn.polyfill.io
URL
https://cdn.polyfill.io/v2/polyfill.min.js?features=Array.from,Array.prototype.findIndex,Array.prototype.keys,Object.assign,String.prototype.startsWith,String.prototype.endsWith,Promise

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| webpackJsonp object| appInsights function| _ object| AI object| Microsoft function| __extends function| _endsWith

5 Cookies

Domain/Path Name / Value
uat-client.momentapeople.com/ Name: XSRF
Value: CfDJ8DSroDjz6i5GhNfDvn87rgvC5UPq8mQ9p-kh1oiar2yW-4ZqCX-f2rRzkT_Q9FT7ENOyk9_-SgCUXyQMlrhK4_avILA7ccnzyRSR5QPaXgZHXcr1gjdvHAZE9FXQ4i2qpyHrdQLxbPqq9ZgUUc-lKTQ
uat-client.momentapeople.com/ Name: config
Value: %7B%22ApplicationInsightsInstrumentationKey%22%3A%22db425419-f16e-4a12-8406-4aa527e15560%22%2C%22EnvironmentName%22%3A%22UAT%22%2C%22ApplicationName%22%3A%22Momenta.Client%22%2C%22Region%22%3A%7B%22RedirectUri%22%3A%22https%3A%2F%2Fuat-client.momentapeople.com%2Fsignin-oidc%22%2C%22AzureIdClientId%22%3A%22f31bec04-36b1-4f23-9e24-32d5e0841526%22%2C%22CloudStorage%22%3Anull%2C%22CloudStoragePrefix%22%3Anull%2C%22Name%22%3A%22UK%22%2C%22Sql%22%3Anull%2C%22Country%22%3A826%2C%22AvailableRegion%22%3Atrue%2C%22BaseUrl%22%3A%22uat-client.momentapeople.com%22%2C%22CustomDomains%22%3A%22momentaassociateuat.azurewebsites.net%3Bmomentaclientuat.azurewebsites.net%3Bmomentapeopleuat.azurewebsites.net%3B%22%2C%22UsesSingleUmbrellaCompany%22%3Afalse%7D%7D
uat-client.momentapeople.com/ Name: XSRF-TOKEN
Value: CfDJ8DSroDjz6i5GhNfDvn87rgu4gBMAEkdHmxEjI8VjCosgoYb1WHfRwOCirir0ufB_sIOhRqnMlG6exaifNM8eiDNhgBUcG7Bx85u37S6m0uFo_PDyqi4wsCV_VELyvj5DUDOmSPXMpVwOEEC0NoJVWJc
uat-client.momentapeople.com/ Name: ai_user
Value: WtEBg|2024-11-09T19:32:43.872Z
uat-client.momentapeople.com/ Name: ai_session
Value: 0ADS/|1731180763973.7|1731180763973.7

8 Console Messages

Source Level URL
Text
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'notifications'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'push'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'speaker'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'vibrate'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'vr'.
network error URL: https://cdn.polyfill.io/v2/polyfill.min.js?features=Array.from,Array.prototype.findIndex,Array.prototype.keys,Object.assign,String.prototype.startsWith,String.prototype.endsWith,Promise
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security error URL: https://uat-client.momentapeople.com/
Message:
[Report Only] Refused to load the image 'data:image/jpeg;base64,/9j/4Q6IRXhpZgAATU0AKgAAAAgADAEAAAMAAAABHMAAAAEBAAMAAAABBw8AAAECAAMAAAADAAAAngEGAAMAAAABAAIAAAESAAMAAAABAAEAAAEVAAMAAAABAAMAAAEaAAUAAAABAAAApAEbAAUAAAABAAAArAEoAAMAAAABAAIAAAExAAIAAAAfAAAAtAEyAAIAAAAUAAAA04dpAAQAAAABAAAA6AAAASAACAAIAAgADqYAAAAnEAAOpgAAACcQQWRvYmUgUGhvdG9zaG9wIDIxLjAgKFdpbmRvd3MpADIwMTk6MTE6MjkgMTY6MDE6NDkAAAAEkAAABwAAAAQwMjMxoAEAAwAAAAH//wAAoAIABAAAAAEAAAWSoAMABAAAAAEAAAFeAAAAAAAAAAYBAwADAAAAAQAGAAABGgAFAAAAAQAAAW4BGwAFAAAAAQAAAXYBKAADAAAAAQACAAACAQAEAAAAAQAAAX4CAgAE...JxHp6laUp2jm/6pY35Lwx72odHuVPw6haNuK1jnA/5M4b8k8Me9WvtFnI/0vUbcCh40jm8f+MON+SOGPQpz5K0z0IZx9djmcsu4SYACm324lzGy2XKxCICfw2zrIOEyM3yk/imUbt3pR5iv9qOn/D/APNGH1MfSjo4rsxsGdQeLb/F4H/IyQtfS8BfQrXif9ykPX/fdx/1QzPB8nD4Y96U3ehabX95qcNf+Mdz/wBk+RvyRwx71ay0WyNTHqMIHYcLin/UPhvyXhj3shstCVxQ6nCi+Pp3B/VBkrPcvDHvQPmDy7aRJWLV4JTXcelcr+u3yJPkvDHv+xjcehRcjTU4K1/33cf9k+RvyZ8Me9NYNFiWhfUbdh4cLgf8yMjfknhHeqLpEJkJW/thHTccJz/zIxvyRwx70FNoVuXqdTth7CO4p/yYw8Xl9y8Me/7EPcaBZ121W32/4ruN/wDp3x4vL7k8Me9B/oKz/wCrpb/8i7j/AKoYb8vuRwjvf//Z' because it violates the following Content Security Policy directive: "default-src 'self' https: fonts.gstatic.com fonts.googleapis.com/ https://cdn.polyfill.io/ https://*.vo.msecnd.net https://momenta-live.azureedge.net/cdn". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

az416426.vo.msecnd.net
cdn.polyfill.io
dc.services.visualstudio.com
fonts.googleapis.com
fonts.gstatic.com
momenta-live.azureedge.net
uat-client.momentapeople.com
cdn.polyfill.io
20.50.88.242
2606:2800:133:206e:1315:22a5:2006:24fd
2a00:1450:4001:802::200a
2a00:1450:4001:81d::2003
52.178.214.89
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
11c601d56b9ed91f53cc3001785032aab41129afdb83ccf61ea0b4fe7c18b43b
2399025d7e6039ef061fe13c4f0862b33e2d6840875925d84f3a51a84e86f15b
2a5ad50fca3932fe6bc7f191f6461ee210feed633bff870acff59a895e50774e
434466b59545a8a1cac6ddb38197cdc6b35995a98c3f3812fb88d61b1c300dd3
5099a3af3e8108aa8a0ccb9d11d5cffec61ca95949718d3c7811183866bd4471
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
5a48a35d12f6db4d62154c7a40ee24d8776b6304f142776591b7cad1ae40b015
68356d57c2196d24484a3d2ea2101017854cdd033d654be638480befb40c76dc
71035f23424e2ea3bdfa16d13eb56324083713e9b60d9916654b26b90a24c954
7f690815acf9314671e9db3d85906bdf1bde583bc9fa5ff2607de597bbeef379
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
aeaadd10f97ac1addef9797f06fa0ee89a02fc834133aa2b6ba3ce4b4a1631e8
bf5d06cc3313a92f006879456e19ad89f5f9e84f0acc118fc7913f03512e6cf6
bf8122937b9171cfb54b34f1ba277bf01fd95211116bc122f7bb221ab35b58bf
c2280c8931d7055bfcdae6e3249dd7eff4d19d1178fbbb68f8b4fc506455fa33
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
d52a5150edb54fde546e89151c657cbc4f83edb87452f5cd4662feaa006d5540