urlscan.io logo urlscan.io
SecurityTrails logo

workforce.eu1.sterlingcheck.app Open in urlscan Pro
54.93.202.89  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://workforce.eu1.sterlingcheck.app/Account/Begin?PORTALDATA=RZi1CKyliV9RS%2fvd%7cByfRCS9JaE55LfcFLEzsv2WGPpWk%7cMdWcod9kjHf9aZd8DsM...
Effective URL: https://workforce.eu1.sterlingcheck.app/Login/
Submission: On July 09 via manual from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 2 countries across 9 domains to perform 31 HTTP transactions. The main IP is 54.93.202.89, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is workforce.eu1.sterlingcheck.app.
TLS certificate: Issued by Amazon RSA 2048 M03 on January 30th 2024. Valid for: a year.
This is the only time workforce.eu1.sterlingcheck.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

5    54.93.202.89 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-202-89.eu-central-1.compute.amazonaws.com
workforce.eu1.sterlingcheck.app
1    2600:9000:266e:e200:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.osano.com
2    18.245.31.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-44.fra56.r.cloudfront.net
cdn.backgroundcheck.com
7    18.245.46.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-127.fra56.r.cloudfront.net
portal.sterling.app
1    2600:9000:266e:7600:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.osano.com
2    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    18.245.46.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-34.fra56.r.cloudfront.net
sterling.app
1    18.244.18.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-88.fra56.r.cloudfront.net
client.rum.us-east-1.amazonaws.com
2    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2600:1f18:41d6:7401:7b56:3224:c687:40f7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
cognito-identity.us-east-1.amazonaws.com
1    52.119.196.222 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
sts.us-east-1.amazonaws.com
Apex Domain
Subdomains		 Transfer
9 sterling.app
portal.sterling.app — Cisco Umbrella Rank: 716412
sterling.app — Cisco Umbrella Rank: 469528
2 MB
5 amazonaws.com
client.rum.us-east-1.amazonaws.com — Cisco Umbrella Rank: 18248
cognito-identity.us-east-1.amazonaws.com — Cisco Umbrella Rank: 2130
sts.us-east-1.amazonaws.com — Cisco Umbrella Rank: 11026
34 KB
5 sterlingcheck.app
workforce.eu1.sterlingcheck.app
140 KB
2 gstatic.com
fonts.gstatic.com
34 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 108
3 KB
2 backgroundcheck.com
cdn.backgroundcheck.com — Cisco Umbrella Rank: 828592
4 KB
2 osano.com
cmp.osano.com — Cisco Umbrella Rank: 7701
58 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 110
101 KB
0 yoti.com Failed
account.yoti.com Failed
31 9
Domain Requested by
7 portal.sterling.app workforce.eu1.sterlingcheck.app
5 workforce.eu1.sterlingcheck.app 1 redirects workforce.eu1.sterlingcheck.app
3 cognito-identity.us-east-1.amazonaws.com workforce.eu1.sterlingcheck.app
2 fonts.gstatic.com fonts.googleapis.com
2 sterling.app workforce.eu1.sterlingcheck.app
2 fonts.googleapis.com client
2 cdn.backgroundcheck.com workforce.eu1.sterlingcheck.app
2 cmp.osano.com workforce.eu1.sterlingcheck.app
cmp.osano.com
1 sts.us-east-1.amazonaws.com workforce.eu1.sterlingcheck.app
1 www.googletagmanager.com cmp.osano.com
1 client.rum.us-east-1.amazonaws.com cmp.osano.com
0 account.yoti.com Failed portal.sterling.app
31 12

This site contains links to these domains. Also see Links.

Domain
www.sterlingcheck.com
www.sterlingtalentsolutions.com
Subject Issuer Validity Valid
*.eu1.sterlingcheck.app
Amazon RSA 2048 M03		 2024-01-30 -
2025-02-27		 a year crt.sh
*.osano.com
Amazon RSA 2048 M03		 2023-10-18 -
2024-11-15		 a year crt.sh
cdn.backgroundcheck.com
Amazon RSA 2048 M03		 2024-06-03 -
2025-07-01		 a year crt.sh
sterlingcheck.app
Amazon RSA 2048 M03		 2024-02-25 -
2025-03-25		 a year crt.sh
upload.video.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
client.rum.us-east-1.amazonaws.com
Amazon RSA 2048 M01		 2023-09-14 -
2024-10-13		 a year crt.sh
*.gstatic.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.google-analytics.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
cognito-identity.us-east-1.amazonaws.com
Amazon RSA 2048 M03		 2024-04-07 -
2025-05-06		 a year crt.sh
sts.us-east-1.amazonaws.com
Amazon RSA 2048 M01		 2024-01-18 -
2024-12-31		 a year crt.sh

This page contains 2 frames:

Frame: https://account.yoti.com/oauth2/authorize?client_id=d4016f73-fa63-4afe-bd7b-076de5461bd4&client_assertion=eyJhbGciOiJSUzI1NiIsImtpZCI6InJlcGxhY2UtbWUifQ.eyJpc3MiOiJkNDAxNmY3My1mYTYzLTRhZmUtYmQ3Yi0wNzZkZTU0NjFiZDQiLCJzdWIiOiJkNDAxNmY3My1mYTYzLTRhZmUtYmQ3Yi0wNzZkZTU0NjFiZDQiLCJhdWQiOiJodHRwczovL2FjY291bnQueW90aS5jb20vb2F1dGgyIiwianRpIjoiYmFiMWI4M2EtZTA1YS00NTAxLTk1YjYtMGMwZDdkMjdhMDhjIiwiZXhwIjoxNzIwNTQwMzY4LCJpYXQiOjE3MjA1MzY3Njh9.liM5cYQ6yLVEPI6XgvdpOCTuyftOihNdwxA4A4BBsYjtlRPRY-NAZvtmnup2U32PtInUMtMjtcqM9w9nTJrmGS3qY8IgokrgjxZwBLq5BIc2gUWvbVswHpwWhniFP3TrkvRUwhr0iG0ES_F_Z1-j1t35I5AjxnGJaL22435Pp_CF3-Fadcgbc9CMap7IM681UTSZHHMDSWIxDBjT-4QpDHAJKxBf_QcDA3g6WJFuKZ4vQ5QfbFHeJgEScyQuaZn4wSgOqwhfAHg_ODLjjtUn6DsyfHA8vBmpxoUaLMGdR-Q7StiUvt24CysG5fgeZvPot9yYk0jSASzCPN8Vbq4FUQ&request_uri=urn:ietf:params:oauth:request_uri:bcd042d7-9198-46d5-967b-2f78c978cc86
Frame ID: D0E74B29287D1B695E66AC9E691FE712
Requests: 29 HTTP requests in this frame

Frame: https://cmp.osano.com/
Frame ID: 3DDE1C85CA7DDC2493F11AD3A9239243
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login

Page URL History Show full URLs

  1. https://workforce.eu1.sterlingcheck.app/Account/Begin?PORTALDATA=RZi1CKyliV9RS%2fvd%7cByfRCS9JaE55LfcFLEzsv2WGPpWk%7... HTTP 302
    https://workforce.eu1.sterlingcheck.app/Login/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lodash.*\.js

Page Statistics

31
Requests

87 %
HTTPS

50 %
IPv6

9
Domains

12
Subdomains

13
IPs

2
Countries

2112 kB
Transfer

9744 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://workforce.eu1.sterlingcheck.app/Account/Begin?PORTALDATA=RZi1CKyliV9RS%2fvd%7cByfRCS9JaE55LfcFLEzsv2WGPpWk%7cMdWcod9kjHf9aZd8DsMnArxkOCkwmgEhjsmnM876gwvfwzgcCgWfxgFyw0DQ8%3d&locale=en-GB HTTP 302
    https://workforce.eu1.sterlingcheck.app/Login/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29
  • https://workforce.eu1.sterlingcheck.app/IDVerification/GetGlobalIdentityRedirectUrl?portaldata=RZi1CKyliV9RS/vd|ByfRCS9JaE55LfcFLEzsv2WGPpWk|MdWcod9kjHf9aZd8DsMnArxkOCkwmgEhjsmnM876gwvfwzgcCgWfxgFyw0DQ8= HTTP 302
  • https://account.yoti.com/oauth2/authorize?client_id=d4016f73-fa63-4afe-bd7b-076de5461bd4&client_assertion=eyJhbGciOiJSUzI1NiIsImtpZCI6InJlcGxhY2UtbWUifQ.eyJpc3MiOiJkNDAxNmY3My1mYTYzLTRhZmUtYmQ3Yi0wNzZkZTU0NjFiZDQiLCJzdWIiOiJkNDAxNmY3My1mYTYzLTRhZmUtYmQ3Yi0wNzZkZTU0NjFiZDQiLCJhdWQiOiJodHRwczovL2FjY291bnQueW90aS5jb20vb2F1dGgyIiwianRpIjoiYmFiMWI4M2EtZTA1YS00NTAxLTk1YjYtMGMwZDdkMjdhMDhjIiwiZXhwIjoxNzIwNTQwMzY4LCJpYXQiOjE3MjA1MzY3Njh9.liM5cYQ6yLVEPI6XgvdpOCTuyftOihNdwxA4A4BBsYjtlRPRY-NAZvtmnup2U32PtInUMtMjtcqM9w9nTJrmGS3qY8IgokrgjxZwBLq5BIc2gUWvbVswHpwWhniFP3TrkvRUwhr0iG0ES_F_Z1-j1t35I5AjxnGJaL22435Pp_CF3-Fadcgbc9CMap7IM681UTSZHHMDSWIxDBjT-4QpDHAJKxBf_QcDA3g6WJFuKZ4vQ5QfbFHeJgEScyQuaZn4wSgOqwhfAHg_ODLjjtUn6DsyfHA8vBmpxoUaLMGdR-Q7StiUvt24CysG5fgeZvPot9yYk0jSASzCPN8Vbq4FUQ&request_uri=urn:ietf:params:oauth:request_uri:bcd042d7-9198-46d5-967b-2f78c978cc86

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
workforce.eu1.sterlingcheck.app/Login/
Redirect Chain
  • https://workforce.eu1.sterlingcheck.app/Account/Begin?PORTALDATA=RZi1CKyliV9RS%2fvd%7cByfRCS9JaE55LfcFLEzsv2WGPpWk%7cMdWcod9kjHf9aZd8DsMnArxkOCkwmgEhjsmnM876gwvfwzgcCgWfxgFyw0DQ8%3d&locale=en-GB
  • https://workforce.eu1.sterlingcheck.app/Login/
64 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://workforce.eu1.sterlingcheck.app/Login/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.93.202.89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-202-89.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
4c75b6dd3d896872ca95af49d7b540709ce2b44374611a6785b0bfed0cf0a287
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.sterlingdirect.com https://*.sterlingcheck.app; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.sterling.app https://cdn.backgroundcheck.com https://cmp.osano.com https://client.rum.us-east-1.amazonaws.com https://www.googletagmanager.com https://js.stripe.com/v3/ https://maps.googleapis.com https://www.google-analytics.com https://js-agent.newrelic.com https://apis.google.com; style-src 'self' 'unsafe-inline' https://*.sterling.app https://cdn.backgroundcheck.com https://cmp.osano.com https://fonts.googleapis.com; worker-src 'self' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options ALLOW-FROM https://secure.eu1.sterlingcheck.app https://workforce.eu1.sterlingcheck.app

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Cache-Control
public, no-store, max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Length
27968
Content-Security-Policy
frame-ancestors https://*.sterlingdirect.com https://*.sterlingcheck.app; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.sterling.app https://cdn.backgroundcheck.com https://cmp.osano.com https://client.rum.us-east-1.amazonaws.com https://www.googletagmanager.com https://js.stripe.com/v3/ https://maps.googleapis.com https://www.google-analytics.com https://js-agent.newrelic.com https://apis.google.com; style-src 'self' 'unsafe-inline' https://*.sterling.app https://cdn.backgroundcheck.com https://cmp.osano.com https://fonts.googleapis.com; worker-src 'self' blob:
Content-Type
text/html; charset=utf-8
Date
Tue, 09 Jul 2024 14:52:43 GMT
Expires
Tue, 09 Jul 2024 14:52:43 GMT
Last-Modified
Tue, 09 Jul 2024 14:52:43 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
*
X-Frame-Options
ALLOW-FROM https://secure.eu1.sterlingcheck.app https://workforce.eu1.sterlingcheck.app
deploy
44210

Redirect headers

Cache-Control
public, no-cache="Set-Cookie", no-store, max-age=0
Connection
keep-alive
Content-Length
380
Content-Security-Policy
frame-ancestors https://*.sterlingdirect.com https://*.sterlingcheck.app; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.sterling.app https://cdn.backgroundcheck.com https://cmp.osano.com https://client.rum.us-east-1.amazonaws.com https://www.googletagmanager.com https://js.stripe.com/v3/ https://maps.googleapis.com https://www.google-analytics.com https://js-agent.newrelic.com https://apis.google.com; style-src 'self' 'unsafe-inline' https://*.sterling.app https://cdn.backgroundcheck.com https://cmp.osano.com https://fonts.googleapis.com; worker-src 'self' blob:
Content-Type
text/html; charset=utf-8
Date
Tue, 09 Jul 2024 14:52:43 GMT
Expires
Tue, 09 Jul 2024 14:52:42 GMT
Last-Modified
Tue, 09 Jul 2024 14:52:42 GMT
Location
https://workforce.eu1.sterlingcheck.app/Login/#/identity-confirm?portalData=RZi1CKyliV9RS/vd|ByfRCS9JaE55LfcFLEzsv2WGPpWk|MdWcod9kjHf9aZd8DsMnArxkOCkwmgEhjsmnM876gwvfwzgcCgWfxgFyw0DQ8=&provider=yoti&locale=en-GB&newUser=True&isDetailsFetched=False
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
*
X-Frame-Options
DENY ALLOW-FROM https://secure.eu1.sterlingcheck.app https://workforce.eu1.sterlingcheck.app
deploy
44210
osano.js
cmp.osano.com/AzZdIASnpdcMc54D5/4e6fa758-e2ab-470e-90d1-5a9e0dceebf7/ 		231 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.osano.com/AzZdIASnpdcMc54D5/4e6fa758-e2ab-470e-90d1-5a9e0dceebf7/osano.js
Requested by
Host: workforce.eu1.sterlingcheck.app
URL: https://workforce.eu1.sterlingcheck.app/Login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:e200:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
8cbc1857c343f3d12d3d2f9a46146b64d486b59b712fcd69da473247868d02f6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://workforce.eu1.sterlingcheck.app/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 10:26:44 GMT
content-encoding
br
via
1.1 ebc0709f2918acef5e26208dffcb618c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P8
age
15959
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58938
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 23 Jun 2022 17:11:24 GMT
server
CloudFront
etag
"c349f108a5edc5e3e4fb71e007015e56"
x-frame-options
SAMEORIGIN
vary
Origin
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-id
GURez7OdR2qMJu32Gr0W_Zt6bUTpLiMOZdozITSC-8acnFpndVRjPg==
outage.js
cdn.backgroundcheck.com/banners/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.backgroundcheck.com/banners/outage.js
Requested by
Host: workforce.eu1.sterlingcheck.app
URL: https://workforce.eu1.sterlingcheck.app/Login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-44.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2823b46ace0d92c7e6d219a1e5c02ff0e77fe220c228191f23192bc969cad0b7

Request headers

Referer
https://workforce.eu1.sterlingcheck.app/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 19:19:06 GMT
content-encoding
gzip
via
1.1 ebc0709f2918acef5e26208dffcb618c.cloudfront.net (CloudFront)
last-modified
Wed, 08 Nov 2023 19:17:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P8
age
21065618
etag
W/"ba6c8f07e5dee8ed4454e289184855a7"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=31536000
x-amz-cf-id
l4TIOvOyMZvytSL-PD3Th_KmcrJZLIUrwEt0V_lgpvyxHGokbJRxpg==
runtime~main.94d2e684f89180ba5088.chunk.js
portal.sterling.app/auth/eu1/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.sterling.app/auth/eu1/runtime~main.94d2e684f89180ba5088.chunk.js
Requested by
Host: workforce.eu1.sterlingcheck.app
URL: https://workforce.eu1.sterlingcheck.app/Login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-127.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
67b64380ce354e3049cdb29bbaa490e3a726a22b4bc895652daa4f0a1012e962
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://workforce.eu1.sterlingcheck.app/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 09 Jul 2024 08:27:27 GMT
via
1.1 f9b794511293751fa3df3ec945ab397e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P9
age
33188
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Thu, 27 Jun 2024 16:18:41 GMT
server
CloudFront
etag
W/"4ced73d131572ff4c0fa3beca5f711b7"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-amz-cf-id
vnarJkhNP0pGo6NTH9_TUQAChS31SFzO--0FjPSLeWErQygymNDlsg==
reactDom.d6991cd1178a2df21a1b.chunk.js
portal.sterling.app/auth/eu1/ 		1 MB
278 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.sterling.app/auth/eu1/reactDom.d6991cd1178a2df21a1b.chunk.js
Requested by
Host: workforce.eu1.sterlingcheck.app
URL: https://workforce.eu1.sterlingcheck.app/Login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-127.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
42d548f96c0cf81b8f695f28015e308f6b68f8712e78ed5a081dbc32652374a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://workforce.eu1.sterlingcheck.app/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 09 Jul 2024 03:48:39 GMT
via
1.1 f9b794511293751fa3df3ec945ab397e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P9
age
39845
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Thu, 27 Jun 2024 16:18:40 GMT
server
CloudFront
etag
W/"be4531b63d0da218e6c9fb28f56c47eb"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-amz-cf-id
j8mEwhp6sWdpqmjVZW8dn8KuSkgVWntL87QHHxGsrmKGl0yZGMIVHA==
moment.fb3fddc53458bd80ccf1.chunk.js
portal.sterling.app/auth/eu1/ 		287 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.sterling.app/auth/eu1/moment.fb3fddc53458bd80ccf1.chunk.js
Requested by
Host: workforce.eu1.sterlingcheck.app
URL: https://workforce.eu1.sterlingcheck.app/Login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-127.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
49eb90b289d8c24bf3c04274fea58e2eb9e240aba4989d2d451b71248cc06f51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://workforce.eu1.sterlingcheck.app/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 09 Jul 2024 06:02:20 GMT
via
1.1 f9b794511293751fa3df3ec945ab397e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P9
age
31823
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Thu, 27 Jun 2024 16:18:40 GMT
server
CloudFront
etag
W/"ee331c055a15265396dc5df991281927"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-amz-cf-id
tGVz0Z-GUeiYoF6ug6ef4ArCzo69UIA2k_kIoAM3OVzAaAjUbN_EBQ==
immutable.5bb1970737e22cf0aef8.chunk.js
portal.sterling.app/auth/eu1/ 		58 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.sterling.app/auth/eu1/immutable.5bb1970737e22cf0aef8.chunk.js
Requested by
Host: workforce.eu1.sterlingcheck.app
URL: https://workforce.eu1.sterlingcheck.app/Login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-127.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
824a2c2d5b474817cb54deb8e12e7ef38d0f497b0ffae784141d5850377c6b2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://workforce.eu1.sterlingcheck.app/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 09 Jul 2024 07:10:15 GMT
via
1.1 f9b794511293751fa3df3ec945ab397e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P9
age
43618
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Thu, 27 Jun 2024 16:18:40 GMT
server
CloudFront
etag
W/"311cd7423d7bc848e8da51a40a45be50"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-amz-cf-id
H81JuGxxM3RG8EbWYiIEkuCmOuQb0N_Z2kgJJmOuKLaxkD0XKB5PLg==
lodash.7414525b089fec077ac2.chunk.js
portal.sterling.app/auth/eu1/ 		69 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.sterling.app/auth/eu1/lodash.7414525b089fec077ac2.chunk.js
Requested by
Host: workforce.eu1.sterlingcheck.app
URL: https://workforce.eu1.sterlingcheck.app/Login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-127.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
a4d5163db8027ec7063055f9118966a3c6df0b2df86d85273874b5a52c331334
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://workforce.eu1.sterlingcheck.app/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 09 Jul 2024 05:54:47 GMT
via
1.1 f9b794511293751fa3df3ec945ab397e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P9
age
32383
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Thu, 27 Jun 2024 16:18:40 GMT
server
CloudFront
etag
W/"1b8b4bd8c8424faf1fb03da162d2c08e"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-amz-cf-id
Tv7Relh2sbVBWCHUcFQidJyCZqpM5toR5PgrOQXW_wK2AKAMhjc3_A==
vendors.17c8789a55ef226b43b3.chunk.js
portal.sterling.app/auth/eu1/ 		6 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.sterling.app/auth/eu1/vendors.17c8789a55ef226b43b3.chunk.js
Requested by
Host: workforce.eu1.sterlingcheck.app
URL: https://workforce.eu1.sterlingcheck.app/Login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-127.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
98dd6365394e2addd32cd1a4c61e12255ca5e1b5e5f174bf0293c6130ba93fe1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://workforce.eu1.sterlingcheck.app/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 09 Jul 2024 01:22:28 GMT
via
1.1 f9b794511293751fa3df3ec945ab397e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P9
age
48616
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Thu, 27 Jun 2024 16:18:41 GMT
server
CloudFront
etag
W/"819016cd965e3b27f4480fd3e1de4b34"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-amz-cf-id
Q-zbv44JZOopoqhiu3XAJM5pSG13K_vnIXJWxl7T4JhBWeOmrUlrIA==
main.18345e1c1d2a9e83b0aa.chunk.js
portal.sterling.app/auth/eu1/ 		670 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.sterling.app/auth/eu1/main.18345e1c1d2a9e83b0aa.chunk.js
Requested by
Host: workforce.eu1.sterlingcheck.app
URL: https://workforce.eu1.sterlingcheck.app/Login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-127.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
587554041d01c4ed6ed3337528207296e2ce8aac7fe83a214658052f61ef648a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://workforce.eu1.sterlingcheck.app/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 09 Jul 2024 01:22:28 GMT
via
1.1 f9b794511293751fa3df3ec945ab397e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P9
age
48616
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Thu, 27 Jun 2024 16:18:40 GMT
server
CloudFront
etag
W/"04dd7ab5ce92a406caf1a90986cda8c1"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-amz-cf-id
YhkrdjX1zsRghKuER95bA1mqDP2LoVHSlaAeGO1gLdpWwThXJOgQRA==
335d028d-9da8-4aab-8cf9-bc0a580d4227
https://workforce.eu1.sterlingcheck.app/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://workforce.eu1.sterlingcheck.app/335d028d-9da8-4aab-8cf9-bc0a580d4227
Requested by
Host: workforce.eu1.sterlingcheck.app
URL: https://workforce.eu1.sterlingcheck.app/Login/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
/
cmp.osano.com/ Frame 3DDE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cmp.osano.com/
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZdIASnpdcMc54D5/4e6fa758-e2ab-470e-90d1-5a9e0dceebf7/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:7600:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://workforce.eu1.sterlingcheck.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

age
50361
alt-svc
h3=":443"; ma=86400
content-encoding
br
content-type
text/html
date
Tue, 09 Jul 2024 07:32:49 GMT
etag
W/"48a0e738f84f45eb10ccd17ff6e09429"
last-modified
Tue, 06 Feb 2024 18:00:44 GMT
referrer-policy
strict-origin-when-cross-origin
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding Origin
via
1.1 1eee8db55908814c8f0cde754e3bee5a.cloudfront.net (CloudFront)
x-amz-cf-id
MIsVoLe-W2N23ohSjjbRmOrR4clMjzo2xgz7NxZmSwANo_sPZ5RRgw==
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
x-amz-version-id
POJv8cLnvurN8PIkBGZX7_kfH6.eePMP
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block
icon
fonts.googleapis.com/ 		569 B
775 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://workforce.eu1.sterlingcheck.app/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 09 Jul 2024 14:52:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 09 Jul 2024 14:52:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 09 Jul 2024 14:52:44 GMT
css
fonts.googleapis.com/ 		12 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans|Roboto:300,400,500
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
267b4a9304f2ff04c20fd885efb83a0ce59b9b688b8ee1d98fed1fb6a3bd4795
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://workforce.eu1.sterlingcheck.app/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 09 Jul 2024 14:52:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 09 Jul 2024 14:52:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 09 Jul 2024 14:52:44 GMT
f8ad9739-cd7a-492b-b5b5-13fbf982228d
https://workforce.eu1.sterlingcheck.app/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://workforce.eu1.sterlingcheck.app/f8ad9739-cd7a-492b-b5b5-13fbf982228d
Requested by
Host: workforce.eu1.sterlingcheck.app
URL: https://workforce.eu1.sterlingcheck.app/Login/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
dictionary.json
sterling.app/hub-translations/auth-ui/en-US/ 		43 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sterling.app/hub-translations/auth-ui/en-US/dictionary.json
Requested by
Host: workforce.eu1.sterlingcheck.app
URL: https://workforce.eu1.sterlingcheck.app/Login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-34.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
d6e2ab01479b7de9177021164fd855bde56a90536a70ed175b28824360e58a0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://workforce.eu1.sterlingcheck.app/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 09 Jul 2024 08:35:51 GMT
via
1.1 90b31bff657d66dd87e437e4a49bf7a6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P9
age
33183
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Thu, 27 Jun 2024 21:07:55 GMT
server
CloudFront
etag
W/"7bcfa68124fb25f5e5636a3895f871ec"
x-frame-options
DENY
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
https://workforce.eu1.sterlingcheck.app
vary
Accept-Encoding,Origin
access-control-allow-credentials
true
x-amz-cf-id
2XrMPQR5KNUQ9bOTB7mmHpimAnl2sWOc1NeZDqENokuxr8p4aV6wdA==
favicon.ico
workforce.eu1.sterlingcheck.app/ 		108 KB
109 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://workforce.eu1.sterlingcheck.app/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.93.202.89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-202-89.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
84cdd1aac3a2aca33cece0d16f28fa612692805f00e8d8e0b431f812d78119f7
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.sterlingdirect.com https://*.sterlingcheck.app; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.sterling.app https://cdn.backgroundcheck.com https://cmp.osano.com https://client.rum.us-east-1.amazonaws.com https://www.googletagmanager.com https://js.stripe.com/v3/ https://maps.googleapis.com https://www.google-analytics.com https://js-agent.newrelic.com https://apis.google.com; style-src 'self' 'unsafe-inline' https://*.sterling.app https://cdn.backgroundcheck.com https://cmp.osano.com https://fonts.googleapis.com; worker-src 'self' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options ALLOW-FROM https://secure.eu1.sterlingcheck.app https://workforce.eu1.sterlingcheck.app

Request headers

Referer
https://workforce.eu1.sterlingcheck.app/Login/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

deploy
44210
Date
Tue, 09 Jul 2024 14:52:44 GMT
Content-Security-Policy
frame-ancestors https://*.sterlingdirect.com https://*.sterlingcheck.app; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.sterling.app https://cdn.backgroundcheck.com https://cmp.osano.com https://client.rum.us-east-1.amazonaws.com https://www.googletagmanager.com https://js.stripe.com/v3/ https://maps.googleapis.com https://www.google-analytics.com https://js-agent.newrelic.com https://apis.google.com; style-src 'self' 'unsafe-inline' https://*.sterling.app https://cdn.backgroundcheck.com https://cmp.osano.com https://fonts.googleapis.com; worker-src 'self' blob:
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Fri, 05 Jul 2024 16:51:46 GMT
ETag
"0bdf79efbceda1:0"
X-Frame-Options
ALLOW-FROM https://secure.eu1.sterlingcheck.app https://workforce.eu1.sterlingcheck.app
Content-Type
image/x-icon
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
110598
cwr.js
client.rum.us-east-1.amazonaws.com/1.5.x/ 		120 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.rum.us-east-1.amazonaws.com/1.5.x/cwr.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZdIASnpdcMc54D5/4e6fa758-e2ab-470e-90d1-5a9e0dceebf7/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-88.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a505962a88ca6ebb02ede59d5f8b3bd5f5f1b097e405ca825ecfd0a273af069

Request headers

Referer
https://workforce.eu1.sterlingcheck.app/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
ifBxnQ7JzlBAO7_CIITowLPGDAd_wfm1
content-encoding
gzip
via
1.1 872b8cb7808b8e013ecc6c3cc24aa826.cloudfront.net (CloudFront)
date
Tue, 09 Jul 2024 14:01:29 GMT
last-modified
Mon, 16 May 2022 16:09:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P11
age
3075
etag
W/"53658aa296b39f84564c5f9a272f71ea"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=7200
x-amz-cf-id
yf7Eb3v_Fp5P53eSCeSJKRiZzDhi8rDYQTJqA3e6pqLvj0vrbkezMQ==
getCustomFooter
workforce.eu1.sterlingcheck.app/Account/ 		78 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://workforce.eu1.sterlingcheck.app/Account/getCustomFooter
Requested by
Host: workforce.eu1.sterlingcheck.app
URL: https://workforce.eu1.sterlingcheck.app/Login/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.93.202.89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-202-89.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
d20fabe0c43d5cc2b571aee85f4bd558444ff3cec8c65fad48b1458c3c4ee773
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.sterlingdirect.com https://*.sterlingcheck.app; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.sterling.app https://cdn.backgroundcheck.com https://cmp.osano.com https://client.rum.us-east-1.amazonaws.com https://www.googletagmanager.com https://js.stripe.com/v3/ https://maps.googleapis.com https://www.google-analytics.com https://js-agent.newrelic.com https://apis.google.com; style-src 'self' 'unsafe-inline' https://*.sterling.app https://cdn.backgroundcheck.com https://cmp.osano.com https://fonts.googleapis.com; worker-src 'self' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options ALLOW-FROM https://secure.eu1.sterlingcheck.app https://workforce.eu1.sterlingcheck.app

Request headers

Accept
application/json, text/plain, */*
X-NewRelic-ID
VwQEV1ZXDhABVFNTBQgBXlwD
Referer
https://workforce.eu1.sterlingcheck.app/Login/
tracestate
2940915@nr=0-1-3236046-1021298818-0f897656052ef212----1720536765062
traceparent
00-d0cea9f87c7fe5fba5c24c247e516278-0f897656052ef212-01
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMyMzYwNDYiLCJhcCI6IjEwMjEyOTg4MTgiLCJpZCI6IjBmODk3NjU2MDUyZWYyMTIiLCJ0ciI6ImQwY2VhOWY4N2M3ZmU1ZmJhNWMyNGMyNDdlNTE2Mjc4IiwidGkiOjE3MjA1MzY3NjUwNjIsInRrIjoiMjk0MDkxNSJ9fQ==

Response headers

deploy
44210
Date
Tue, 09 Jul 2024 14:52:45 GMT
Content-Encoding
gzip
Content-Security-Policy
frame-ancestors https://*.sterlingdirect.com https://*.sterlingcheck.app; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.sterling.app https://cdn.backgroundcheck.com https://cmp.osano.com https://client.rum.us-east-1.amazonaws.com https://www.googletagmanager.com https://js.stripe.com/v3/ https://maps.googleapis.com https://www.google-analytics.com https://js-agent.newrelic.com https://apis.google.com; style-src 'self' 'unsafe-inline' https://*.sterling.app https://cdn.backgroundcheck.com https://cmp.osano.com https://fonts.googleapis.com; worker-src 'self' blob:
Last-Modified
Tue, 09 Jul 2024 14:52:45 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
*
X-Frame-Options
ALLOW-FROM https://secure.eu1.sterlingcheck.app https://workforce.eu1.sterlingcheck.app
Content-Type
text/html; charset=utf-8
Cache-Control
public, no-store, max-age=0
Connection
keep-alive
Content-Length
186
Expires
Tue, 09 Jul 2024 14:52:45 GMT
dictionary.json
sterling.app/hub-translations/auth-ui/en-GB/ 		43 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sterling.app/hub-translations/auth-ui/en-GB/dictionary.json
Requested by
Host: workforce.eu1.sterlingcheck.app
URL: https://workforce.eu1.sterlingcheck.app/Login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-34.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
5f01bad1b522efe20905e19bb4480769050d345512c9d8cf4aadc9d88aa4b593
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://workforce.eu1.sterlingcheck.app/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 09 Jul 2024 07:57:05 GMT
via
1.1 90b31bff657d66dd87e437e4a49bf7a6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P9
age
30384
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Thu, 27 Jun 2024 21:07:55 GMT
server
CloudFront
etag
W/"7da4a94c23055350f2cd2ae4613a4542"
x-frame-options
DENY
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
https://workforce.eu1.sterlingcheck.app
vary
Accept-Encoding,Origin
access-control-allow-credentials
true
x-amz-cf-id
EeDmM_GEEnaxwO2o2txg6ygUHCtJjF0qt_cuszNRcfOeCvvOqDg9WA==
Task.svg
cdn.backgroundcheck.com/badgeIcons/ 		7 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.backgroundcheck.com/badgeIcons/Task.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-44.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2b56481b74ee85c91794d4c2cdd233c997413eee3d71a8b65a76070e314e5d72

Request headers

Referer
https://workforce.eu1.sterlingcheck.app/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 19:17:45 GMT
content-encoding
gzip
via
1.1 ebc0709f2918acef5e26208dffcb618c.cloudfront.net (CloudFront)
last-modified
Wed, 08 Nov 2023 19:17:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P8
age
21065701
etag
W/"7153ef91b4bdabb58b1968b7cc10814a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=31536000
x-amz-cf-id
OI_oMtG0PHVj8YLr1oN69xkJ7TtwPNvXzs72-mmnWYETedLZ-9wi1A==
favicon.ico
workforce.eu1.sterlingcheck.app/ 		108 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://workforce.eu1.sterlingcheck.app/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.93.202.89 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-202-89.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
84cdd1aac3a2aca33cece0d16f28fa612692805f00e8d8e0b431f812d78119f7
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.sterlingdirect.com https://*.sterlingcheck.app; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.sterling.app https://cdn.backgroundcheck.com https://cmp.osano.com https://client.rum.us-east-1.amazonaws.com https://www.googletagmanager.com https://js.stripe.com/v3/ https://maps.googleapis.com https://www.google-analytics.com https://js-agent.newrelic.com https://apis.google.com; style-src 'self' 'unsafe-inline' https://*.sterling.app https://cdn.backgroundcheck.com https://cmp.osano.com https://fonts.googleapis.com; worker-src 'self' blob:
X-Frame-Options ALLOW-FROM https://secure.eu1.sterlingcheck.app https://workforce.eu1.sterlingcheck.app

Request headers

Referer
https://workforce.eu1.sterlingcheck.app/Login/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

deploy
44210
Date
Tue, 09 Jul 2024 14:52:44 GMT
Content-Security-Policy
frame-ancestors https://*.sterlingdirect.com https://*.sterlingcheck.app; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.sterling.app https://cdn.backgroundcheck.com https://cmp.osano.com https://client.rum.us-east-1.amazonaws.com https://www.googletagmanager.com https://js.stripe.com/v3/ https://maps.googleapis.com https://www.google-analytics.com https://js-agent.newrelic.com https://apis.google.com; style-src 'self' 'unsafe-inline' https://*.sterling.app https://cdn.backgroundcheck.com https://cmp.osano.com https://fonts.googleapis.com; worker-src 'self' blob:
Last-Modified
Fri, 05 Jul 2024 16:51:46 GMT
ETag
"0bdf79efbceda1:0"
X-Frame-Options
ALLOW-FROM https://secure.eu1.sterlingcheck.app https://workforce.eu1.sterlingcheck.app
Content-Type
image/x-icon
Accept-Ranges
bytes
Content-Length
110598
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v40/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans|Roboto:300,400,500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://workforce.eu1.sterlingcheck.app
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 10:00:57 GMT
x-content-type-options
nosniff
age
17508
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18668
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:00:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Jul 2025 10:00:57 GMT
d6f69dbd-a0d8-4780-a567-d32d47947efc
https://workforce.eu1.sterlingcheck.app/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://workforce.eu1.sterlingcheck.app/d6f69dbd-a0d8-4780-a567-d32d47947efc
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans|Roboto:300,400,500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://workforce.eu1.sterlingcheck.app
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 09:41:41 GMT
x-content-type-options
nosniff
age
18664
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Jul 2025 09:41:41 GMT
js
www.googletagmanager.com/gtag/ 		300 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-NQGP1F6YVF
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/AzZdIASnpdcMc54D5/4e6fa758-e2ab-470e-90d1-5a9e0dceebf7/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5165721a868f2b60aea7520b4ea708b6f4f5a32bd14cc306b1492a076f0959b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://workforce.eu1.sterlingcheck.app/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 14:52:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
102626
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 09 Jul 2024 14:52:45 GMT
/
cognito-identity.us-east-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cognito-identity.us-east-1.amazonaws.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:41d6:7401:7b56:3224:c687:40f7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-amz-target
Access-Control-Request-Method
POST
Origin
https://workforce.eu1.sterlingcheck.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-amz-target
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
access-control-max-age
172800
content-length
0
date
Tue, 09 Jul 2024 14:52:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-amzn-requestid
f5bbbf8d-ab56-46c6-9284-b938253ebfb8
/
cognito-identity.us-east-1.amazonaws.com/ 		63 B
317 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cognito-identity.us-east-1.amazonaws.com/
Requested by
Host: workforce.eu1.sterlingcheck.app
URL: https://workforce.eu1.sterlingcheck.app/Login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:41d6:7401:7b56:3224:c687:40f7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
bb60cc797c26a05e49acadbd90ee8b31de3ff6d87e6c12322bb2680d2c9f8f1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://workforce.eu1.sterlingcheck.app/
x-amz-target
AWSCognitoIdentityService.GetId
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/x-amz-json-1.1

Response headers

access-control-allow-origin
*
date
Tue, 09 Jul 2024 14:52:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
x-amzn-requestid
924a09fc-41f2-44e0-9fa1-ad31cab95fb2
content-length
63
content-type
application/x-amz-json-1.1
/
cognito-identity.us-east-1.amazonaws.com/ 		771 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cognito-identity.us-east-1.amazonaws.com/
Requested by
Host: workforce.eu1.sterlingcheck.app
URL: https://workforce.eu1.sterlingcheck.app/Login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:41d6:7401:7b56:3224:c687:40f7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
b92299427fb1eeebbf5f2d7cb36f70836ce726a306bda56be8520235b8f7521c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://workforce.eu1.sterlingcheck.app/
x-amz-target
AWSCognitoIdentityService.GetOpenIdToken
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/x-amz-json-1.1

Response headers

access-control-allow-origin
*
date
Tue, 09 Jul 2024 14:52:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
x-amzn-requestid
f4be60e4-a0fc-4020-ba40-9a57e8a7f45c
content-length
771
content-type
application/x-amz-json-1.1
/
sts.us-east-1.amazonaws.com/ 		299 B
586 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sts.us-east-1.amazonaws.com/
Requested by
Host: workforce.eu1.sterlingcheck.app
URL: https://workforce.eu1.sterlingcheck.app/Login/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.119.196.222 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4e3890a584b4a68b27be79e899a4bf61c490217357a20c5407b4c2c85303ec66

Request headers

Referer
https://workforce.eu1.sterlingcheck.app/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
Date
Tue, 09 Jul 2024 14:52:46 GMT
x-amzn-RequestId
832addd7-b9e0-4ea5-bc7b-8e95b0e5966a
Content-Length
299
Content-Type
text/xml
authorize
account.yoti.com/oauth2/
Redirect Chain
  • https://workforce.eu1.sterlingcheck.app/IDVerification/GetGlobalIdentityRedirectUrl?portaldata=RZi1CKyliV9RS/vd|ByfRCS9JaE55LfcFLEzsv2WGPpWk|MdWcod9kjHf9aZd8DsMnArxkOCkwmgEhjsmnM876gwvfwzgcCgWfxgFy...
  • https://account.yoti.com/oauth2/authorize?client_id=d4016f73-fa63-4afe-bd7b-076de5461bd4&client_assertion=eyJhbGciOiJSUzI1NiIsImtpZCI6InJlcGxhY2UtbWUifQ.eyJpc3MiOiJkNDAxNmY3My1mYTYzLTRhZmUtYmQ3Yi0w...
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
account.yoti.com
URL
https://account.yoti.com/oauth2/authorize?client_id=d4016f73-fa63-4afe-bd7b-076de5461bd4&client_assertion=eyJhbGciOiJSUzI1NiIsImtpZCI6InJlcGxhY2UtbWUifQ.eyJpc3MiOiJkNDAxNmY3My1mYTYzLTRhZmUtYmQ3Yi0wNzZkZTU0NjFiZDQiLCJzdWIiOiJkNDAxNmY3My1mYTYzLTRhZmUtYmQ3Yi0wNzZkZTU0NjFiZDQiLCJhdWQiOiJodHRwczovL2FjY291bnQueW90aS5jb20vb2F1dGgyIiwianRpIjoiYmFiMWI4M2EtZTA1YS00NTAxLTk1YjYtMGMwZDdkMjdhMDhjIiwiZXhwIjoxNzIwNTQwMzY4LCJpYXQiOjE3MjA1MzY3Njh9.liM5cYQ6yLVEPI6XgvdpOCTuyftOihNdwxA4A4BBsYjtlRPRY-NAZvtmnup2U32PtInUMtMjtcqM9w9nTJrmGS3qY8IgokrgjxZwBLq5BIc2gUWvbVswHpwWhniFP3TrkvRUwhr0iG0ES_F_Z1-j1t35I5AjxnGJaL22435Pp_CF3-Fadcgbc9CMap7IM681UTSZHHMDSWIxDBjT-4QpDHAJKxBf_QcDA3g6WJFuKZ4vQ5QfbFHeJgEScyQuaZn4wSgOqwhfAHg_ODLjjtUn6DsyfHA8vBmpxoUaLMGdR-Q7StiUvt24CysG5fgeZvPot9yYk0jSASzCPN8Vbq4FUQ&request_uri=urn:ietf:params:oauth:request_uri:bcd042d7-9198-46d5-967b-2f78c978cc86

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| Osano object| Sterling function| setIcon function| setMsg function| addFont function| createBanner function| setTitle object| NREUM object| webpackChunk:NRBA-1.261.2.PROD object| newrelic object| litHtmlVersions object| webpackChunkauth_ui function| clearImmediate function| setImmediate number| 2f1acc6c3a606b082e5eef5e54414ffb function| _ object| core object| global object| System function| asap function| Observable object| regeneratorRuntime boolean| _babelPolyfill number| __MUI_GENERATOR_COUNTER__ object| intlTelInputGlobals object| intlTelInputUtils object| AwsRumClient function| cwr object| dataLayer function| gtag object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

4 Cookies

Domain/Path Name / Value
workforce.eu1.sterlingcheck.app/ Name: ASP.NET_SessionId
Value: q4ep4e2mlko4y4rhjc53hmxa
.workforce.eu1.sterlingcheck.app/ Name: cwr_u
Value: 773b0e7d-b437-4c01-90be-f6e98ba9e13b
.workforce.eu1.sterlingcheck.app/ Name: cwr_s
Value: eyJzZXNzaW9uSWQiOiJlZWVjOTk1OS0wMzdiLTQ0OTItOWViMi0xYTdhOGJmYmY5OWQiLCJyZWNvcmQiOnRydWUsImV2ZW50Q291bnQiOjMsInBhZ2UiOnsicGFnZUlkIjoiL0xvZ2luLyIsImludGVyYWN0aW9uIjowLCJzdGFydCI6MTcyMDUzNjc2NTI1MH19
.sterlingcheck.app/ Name: _ga_NQGP1F6YVF
Value: GS1.1.1720536765.1.0.1720536765.0.0.0

1 Console Messages

Source Level URL
Text
network error URL: https://sts.us-east-1.amazonaws.com/
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors https://*.sterlingdirect.com https://*.sterlingcheck.app; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.sterling.app https://cdn.backgroundcheck.com https://cmp.osano.com https://client.rum.us-east-1.amazonaws.com https://www.googletagmanager.com https://js.stripe.com/v3/ https://maps.googleapis.com https://www.google-analytics.com https://js-agent.newrelic.com https://apis.google.com; style-src 'self' 'unsafe-inline' https://*.sterling.app https://cdn.backgroundcheck.com https://cmp.osano.com https://fonts.googleapis.com; worker-src 'self' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options ALLOW-FROM https://secure.eu1.sterlingcheck.app https://workforce.eu1.sterlingcheck.app

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

account.yoti.com
cdn.backgroundcheck.com
client.rum.us-east-1.amazonaws.com
cmp.osano.com
cognito-identity.us-east-1.amazonaws.com
fonts.googleapis.com
fonts.gstatic.com
portal.sterling.app
sterling.app
sts.us-east-1.amazonaws.com
workforce.eu1.sterlingcheck.app
www.googletagmanager.com
account.yoti.com
18.244.18.88
18.245.31.44
18.245.46.127
18.245.46.34
2600:1f18:41d6:7401:7b56:3224:c687:40f7
2600:9000:266e:7600:3:b7e:8940:93a1
2600:9000:266e:e200:3:b7e:8940:93a1
2a00:1450:4001:810::200a
2a00:1450:4001:827::2008
2a00:1450:4001:830::2003
52.119.196.222
54.93.202.89
267b4a9304f2ff04c20fd885efb83a0ce59b9b688b8ee1d98fed1fb6a3bd4795
2823b46ace0d92c7e6d219a1e5c02ff0e77fe220c228191f23192bc969cad0b7
2b56481b74ee85c91794d4c2cdd233c997413eee3d71a8b65a76070e314e5d72
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
3a505962a88ca6ebb02ede59d5f8b3bd5f5f1b097e405ca825ecfd0a273af069
42d548f96c0cf81b8f695f28015e308f6b68f8712e78ed5a081dbc32652374a2
49eb90b289d8c24bf3c04274fea58e2eb9e240aba4989d2d451b71248cc06f51
4c75b6dd3d896872ca95af49d7b540709ce2b44374611a6785b0bfed0cf0a287
4e3890a584b4a68b27be79e899a4bf61c490217357a20c5407b4c2c85303ec66
5165721a868f2b60aea7520b4ea708b6f4f5a32bd14cc306b1492a076f0959b1
587554041d01c4ed6ed3337528207296e2ce8aac7fe83a214658052f61ef648a
5f01bad1b522efe20905e19bb4480769050d345512c9d8cf4aadc9d88aa4b593
67b64380ce354e3049cdb29bbaa490e3a726a22b4bc895652daa4f0a1012e962
824a2c2d5b474817cb54deb8e12e7ef38d0f497b0ffae784141d5850377c6b2f
84cdd1aac3a2aca33cece0d16f28fa612692805f00e8d8e0b431f812d78119f7
8cbc1857c343f3d12d3d2f9a46146b64d486b59b712fcd69da473247868d02f6
98dd6365394e2addd32cd1a4c61e12255ca5e1b5e5f174bf0293c6130ba93fe1
a4d5163db8027ec7063055f9118966a3c6df0b2df86d85273874b5a52c331334
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5
b92299427fb1eeebbf5f2d7cb36f70836ce726a306bda56be8520235b8f7521c
bb60cc797c26a05e49acadbd90ee8b31de3ff6d87e6c12322bb2680d2c9f8f1f
d20fabe0c43d5cc2b571aee85f4bd558444ff3cec8c65fad48b1458c3c4ee773
d6e2ab01479b7de9177021164fd855bde56a90536a70ed175b28824360e58a0c
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef