urlscan.io logo urlscan.io
SecurityTrails logo

auth0.ermes.company Open in urlscan Pro
2606:4700::6813:9913  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://api.poc.shield.ermessecurity.com/
Effective URL: https://auth0.ermes.company/authorize?client_id=YV3eFur7OeLh8tXEF8gPV4NBvfhRAOL1&scope=openid+profile+email+offline_access&a...
Submission: On June 05 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 21 HTTP transactions. The main IP is 2606:4700::6813:9913, located in United States and belongs to CLOUDFLARENET, US. The main domain is auth0.ermes.company.
TLS certificate: Issued by E1 on April 18th 2024. Valid for: 3 months.
This is the only time auth0.ermes.company was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 54.195.238.86 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
8 2600:9000:266... 16509 (AMAZON-02)
1 52.218.91.88 16509 (AMAZON-02)
21 5
8    54.195.238.86 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-195-238-86.eu-west-1.compute.amazonaws.com
api.poc.shield.ermessecurity.com
2    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2606:4700::6813:9913 (United States)

ASN13335 (CLOUDFLARENET, US)
auth0.ermes.company
8    2600:9000:2662:ac00:10:474e:104a:2961 (United States)

ASN16509 (AMAZON-02, US)
cdn.auth0.com
1    52.218.91.88 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1-r-w.amazonaws.com
sme-logo.s3-eu-west-1.amazonaws.com
Apex Domain
Subdomains		 Transfer
8 auth0.com
cdn.auth0.com — Cisco Umbrella Rank: 7125
158 KB
8 ermessecurity.com
api.poc.shield.ermessecurity.com
5 MB
2 ermes.company
auth0.ermes.company
4 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
165 KB
1 amazonaws.com
sme-logo.s3-eu-west-1.amazonaws.com
15 KB
21 5
Domain Requested by
8 cdn.auth0.com auth0.ermes.company
cdn.auth0.com
8 api.poc.shield.ermessecurity.com api.poc.shield.ermessecurity.com
2 auth0.ermes.company api.poc.shield.ermessecurity.com
2 www.googletagmanager.com api.poc.shield.ermessecurity.com
www.googletagmanager.com
1 sme-logo.s3-eu-west-1.amazonaws.com auth0.ermes.company
21 5

This site contains links to these domains. Also see Links.

Domain
manage.auth0.com
www.ermes.company
Subject Issuer Validity Valid
api.poc.shield.ermessecurity.com
Amazon RSA 2048 M03		 2024-06-03 -
2025-07-02		 a year crt.sh
*.google-analytics.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
auth0.ermes.company
E1		 2024-04-18 -
2024-07-17		 3 months crt.sh
*.auth0.com
Amazon RSA 2048 M03		 2024-01-25 -
2025-02-22		 a year crt.sh
*.s3-eu-west-1.amazonaws.com
Amazon RSA 2048 M01		 2024-01-31 -
2025-01-15		 a year crt.sh

This page contains 1 frames:

Primary Page: https://auth0.ermes.company/authorize?client_id=YV3eFur7OeLh8tXEF8gPV4NBvfhRAOL1&scope=openid+profile+email+offline_access&audience=dashboard_api&redirect_uri=https%3A%2F%2Fapi.poc.shield.ermessecurity.com&response_type=code&response_mode=query&state=LXllOGJMZEMzOWJCTHN%2BQmpXaC13RktpdkR4TXBXQTdiMHMzY0pua01qRg%3D%3D&nonce=Z09pNVFITTVxT0hlMmlSc354VTA3OS5vWE1kYVdLM3MzMC5Fa29NNHREQg%3D%3D&code_challenge=NWvkRIFldVMVNOVzoOu22VvA0WPtJ6t1HSeU9yXE2tw&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiQGF1dGgwL2F1dGgwLWFuZ3VsYXIiLCJ2ZXJzaW9uIjoiMi4yLjMiLCJlbnYiOnsiYW5ndWxhci9jb3JlIjoiMTcuMy41In19
Frame ID: E5A64C401ECB420144012ADFE3BE26BC
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Ermes Cyber Security

Page URL History Show full URLs

  1. https://api.poc.shield.ermessecurity.com/ Page URL
  2. https://auth0.ermes.company/authorize?client_id=YV3eFur7OeLh8tXEF8gPV4NBvfhRAOL1&scope=openid+profile+em... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

21
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

5074 kB
Transfer

5576 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://api.poc.shield.ermessecurity.com/ Page URL
  2. https://auth0.ermes.company/authorize?client_id=YV3eFur7OeLh8tXEF8gPV4NBvfhRAOL1&scope=openid+profile+email+offline_access&audience=dashboard_api&redirect_uri=https%3A%2F%2Fapi.poc.shield.ermessecurity.com&response_type=code&response_mode=query&state=LXllOGJMZEMzOWJCTHN%2BQmpXaC13RktpdkR4TXBXQTdiMHMzY0pua01qRg%3D%3D&nonce=Z09pNVFITTVxT0hlMmlSc354VTA3OS5vWE1kYVdLM3MzMC5Fa29NNHREQg%3D%3D&code_challenge=NWvkRIFldVMVNOVzoOu22VvA0WPtJ6t1HSeU9yXE2tw&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiQGF1dGgwL2F1dGgwLWFuZ3VsYXIiLCJ2ZXJzaW9uIjoiMi4yLjMiLCJlbnYiOnsiYW5ndWxhci9jb3JlIjoiMTcuMy41In19 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
api.poc.shield.ermessecurity.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://api.poc.shield.ermessecurity.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.195.238.86 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-195-238-86.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5ddd674a013979919ed4619a0d1033c862099c545ae0a656739c955d33418cdc
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://www.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com; style-src 'self' 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.googletagmanager.com https://www.google-analytics.com data:; object-src 'none'; connect-src 'self' https://www.google-analytics.com https://auth0.ermes.company/oauth/token https://bl.ermessecurity.com/ https://api.shield.ermessecurity.com/ https://updates.ermessecurity.com/; frame-src 'self' https://auth0.ermes.company; frame-ancestors 'self';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-security-policy
default-src 'self'; script-src 'self' https://www.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com; style-src 'self' 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.googletagmanager.com https://www.google-analytics.com data:; object-src 'none'; connect-src 'self' https://www.google-analytics.com https://auth0.ermes.company/oauth/token https://bl.ermessecurity.com/ https://api.shield.ermessecurity.com/ https://updates.ermessecurity.com/; frame-src 'self' https://auth0.ermes.company; frame-ancestors 'self';
content-type
text/html
date
Wed, 05 Jun 2024 13:42:56 GMT
etag
W/"6659a0c4-d5a"
last-modified
Fri, 31 May 2024 10:04:52 GMT
referrer-policy
no-referrer
server
nginx
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
styles.952f5cfa9b455a8f.css
api.poc.shield.ermessecurity.com/ 		933 KB
935 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://api.poc.shield.ermessecurity.com/styles.952f5cfa9b455a8f.css
Requested by
Host: api.poc.shield.ermessecurity.com
URL: https://api.poc.shield.ermessecurity.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.195.238.86 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-195-238-86.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4f53a460890d2023572388fdff47d6ceff8ab2eaa4877306b84d40cf6ff8a336
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://www.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com; style-src 'self' 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.googletagmanager.com https://www.google-analytics.com data:; object-src 'none'; connect-src 'self' https://www.google-analytics.com https://auth0.ermes.company/oauth/token https://bl.ermessecurity.com/ https://api.shield.ermessecurity.com/ https://updates.ermessecurity.com/; frame-src 'self' https://auth0.ermes.company; frame-ancestors 'self';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 13:42:56 GMT
content-security-policy
default-src 'self'; script-src 'self' https://www.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com; style-src 'self' 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.googletagmanager.com https://www.google-analytics.com data:; object-src 'none'; connect-src 'self' https://www.google-analytics.com https://auth0.ermes.company/oauth/token https://bl.ermessecurity.com/ https://api.shield.ermessecurity.com/ https://updates.ermessecurity.com/; frame-src 'self' https://auth0.ermes.company; frame-ancestors 'self';
x-content-type-options
nosniff
referrer-policy
no-referrer
last-modified
Fri, 31 May 2024 10:04:52 GMT
server
nginx
etag
"6659a0c4-e94b6"
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
content-length
955574
x-xss-protection
1; mode=block
logo_white.svg
api.poc.shield.ermessecurity.com/assets/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.poc.shield.ermessecurity.com/assets/images/logo_white.svg
Requested by
Host: api.poc.shield.ermessecurity.com
URL: https://api.poc.shield.ermessecurity.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.195.238.86 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-195-238-86.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b19407297ed83fbe1e0a94b7a0962e31b3195bad124a6d451256baf591dbd729
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://www.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com; style-src 'self' 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.googletagmanager.com https://www.google-analytics.com data:; object-src 'none'; connect-src 'self' https://www.google-analytics.com https://auth0.ermes.company/oauth/token https://bl.ermessecurity.com/ https://api.shield.ermessecurity.com/ https://updates.ermessecurity.com/; frame-src 'self' https://auth0.ermes.company; frame-ancestors 'self';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 13:42:56 GMT
content-security-policy
default-src 'self'; script-src 'self' https://www.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com; style-src 'self' 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.googletagmanager.com https://www.google-analytics.com data:; object-src 'none'; connect-src 'self' https://www.google-analytics.com https://auth0.ermes.company/oauth/token https://bl.ermessecurity.com/ https://api.shield.ermessecurity.com/ https://updates.ermessecurity.com/; frame-src 'self' https://auth0.ermes.company; frame-ancestors 'self';
x-content-type-options
nosniff
referrer-policy
no-referrer
last-modified
Fri, 31 May 2024 10:04:50 GMT
server
nginx
etag
"6659a0c2-534"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
accept-ranges
bytes
content-length
1332
x-xss-protection
1; mode=block
runtime.93818431d6d33b7f.js
api.poc.shield.ermessecurity.com/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.poc.shield.ermessecurity.com/runtime.93818431d6d33b7f.js
Requested by
Host: api.poc.shield.ermessecurity.com
URL: https://api.poc.shield.ermessecurity.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.195.238.86 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-195-238-86.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
135f28a82dda810aa887a5be265b572bcb796a24a74aa9e34bc18666450df670
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://www.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com; style-src 'self' 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.googletagmanager.com https://www.google-analytics.com data:; object-src 'none'; connect-src 'self' https://www.google-analytics.com https://auth0.ermes.company/oauth/token https://bl.ermessecurity.com/ https://api.shield.ermessecurity.com/ https://updates.ermessecurity.com/; frame-src 'self' https://auth0.ermes.company; frame-ancestors 'self';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin
https://api.poc.shield.ermessecurity.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 13:42:56 GMT
content-security-policy
default-src 'self'; script-src 'self' https://www.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com; style-src 'self' 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.googletagmanager.com https://www.google-analytics.com data:; object-src 'none'; connect-src 'self' https://www.google-analytics.com https://auth0.ermes.company/oauth/token https://bl.ermessecurity.com/ https://api.shield.ermessecurity.com/ https://updates.ermessecurity.com/; frame-src 'self' https://auth0.ermes.company; frame-ancestors 'self';
x-content-type-options
nosniff
referrer-policy
no-referrer
last-modified
Fri, 31 May 2024 10:04:52 GMT
server
nginx
etag
"6659a0c4-d00"
x-frame-options
SAMEORIGIN
content-type
application/javascript
accept-ranges
bytes
content-length
3328
x-xss-protection
1; mode=block
polyfills.2e9d455730e88637.js
api.poc.shield.ermessecurity.com/ 		58 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.poc.shield.ermessecurity.com/polyfills.2e9d455730e88637.js
Requested by
Host: api.poc.shield.ermessecurity.com
URL: https://api.poc.shield.ermessecurity.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.195.238.86 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-195-238-86.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
fbf83cd98a6fa27e991249711c2e47eedf1b039806df2b077614f693871a2160
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://www.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com; style-src 'self' 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.googletagmanager.com https://www.google-analytics.com data:; object-src 'none'; connect-src 'self' https://www.google-analytics.com https://auth0.ermes.company/oauth/token https://bl.ermessecurity.com/ https://api.shield.ermessecurity.com/ https://updates.ermessecurity.com/; frame-src 'self' https://auth0.ermes.company; frame-ancestors 'self';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin
https://api.poc.shield.ermessecurity.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 13:42:56 GMT
content-security-policy
default-src 'self'; script-src 'self' https://www.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com; style-src 'self' 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.googletagmanager.com https://www.google-analytics.com data:; object-src 'none'; connect-src 'self' https://www.google-analytics.com https://auth0.ermes.company/oauth/token https://bl.ermessecurity.com/ https://api.shield.ermessecurity.com/ https://updates.ermessecurity.com/; frame-src 'self' https://auth0.ermes.company; frame-ancestors 'self';
x-content-type-options
nosniff
referrer-policy
no-referrer
last-modified
Fri, 31 May 2024 10:04:52 GMT
server
nginx
etag
"6659a0c4-e693"
x-frame-options
SAMEORIGIN
content-type
application/javascript
accept-ranges
bytes
content-length
59027
x-xss-protection
1; mode=block
scripts.e4dca64bc973768c.js
api.poc.shield.ermessecurity.com/ 		128 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.poc.shield.ermessecurity.com/scripts.e4dca64bc973768c.js
Requested by
Host: api.poc.shield.ermessecurity.com
URL: https://api.poc.shield.ermessecurity.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.195.238.86 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-195-238-86.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
79dd2d517f19a8eb17bc698d0279f80abaa99b12b01a674b8f5c4815d0e6a61b
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://www.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com; style-src 'self' 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.googletagmanager.com https://www.google-analytics.com data:; object-src 'none'; connect-src 'self' https://www.google-analytics.com https://auth0.ermes.company/oauth/token https://bl.ermessecurity.com/ https://api.shield.ermessecurity.com/ https://updates.ermessecurity.com/; frame-src 'self' https://auth0.ermes.company; frame-ancestors 'self';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 13:42:56 GMT
content-security-policy
default-src 'self'; script-src 'self' https://www.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com; style-src 'self' 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.googletagmanager.com https://www.google-analytics.com data:; object-src 'none'; connect-src 'self' https://www.google-analytics.com https://auth0.ermes.company/oauth/token https://bl.ermessecurity.com/ https://api.shield.ermessecurity.com/ https://updates.ermessecurity.com/; frame-src 'self' https://auth0.ermes.company; frame-ancestors 'self';
x-content-type-options
nosniff
referrer-policy
no-referrer
last-modified
Fri, 31 May 2024 10:04:52 GMT
server
nginx
etag
"6659a0c4-1ffcf"
x-frame-options
SAMEORIGIN
content-type
application/javascript
accept-ranges
bytes
content-length
131023
x-xss-protection
1; mode=block
main.257b2cb301a480ab.js
api.poc.shield.ermessecurity.com/ 		3 MB
3 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.poc.shield.ermessecurity.com/main.257b2cb301a480ab.js
Requested by
Host: api.poc.shield.ermessecurity.com
URL: https://api.poc.shield.ermessecurity.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.195.238.86 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-195-238-86.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e980443558871b8f9e32fae1c16ae4cfb2bd1eb132e6ebc4f9c20829f5a820f7
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://www.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com; style-src 'self' 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.googletagmanager.com https://www.google-analytics.com data:; object-src 'none'; connect-src 'self' https://www.google-analytics.com https://auth0.ermes.company/oauth/token https://bl.ermessecurity.com/ https://api.shield.ermessecurity.com/ https://updates.ermessecurity.com/; frame-src 'self' https://auth0.ermes.company; frame-ancestors 'self';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin
https://api.poc.shield.ermessecurity.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 13:42:56 GMT
content-security-policy
default-src 'self'; script-src 'self' https://www.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com; style-src 'self' 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.googletagmanager.com https://www.google-analytics.com data:; object-src 'none'; connect-src 'self' https://www.google-analytics.com https://auth0.ermes.company/oauth/token https://bl.ermessecurity.com/ https://api.shield.ermessecurity.com/ https://updates.ermessecurity.com/; frame-src 'self' https://auth0.ermes.company; frame-ancestors 'self';
x-content-type-options
nosniff
referrer-policy
no-referrer
last-modified
Fri, 31 May 2024 10:04:52 GMT
server
nginx
etag
"6659a0c4-37babb"
x-frame-options
SAMEORIGIN
content-type
application/javascript
accept-ranges
bytes
content-length
3652283
x-xss-protection
1; mode=block
RMNeue-Regular.25177b497eae9462.woff2
api.poc.shield.ermessecurity.com/ 		31 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://api.poc.shield.ermessecurity.com/RMNeue-Regular.25177b497eae9462.woff2
Requested by
Host: api.poc.shield.ermessecurity.com
URL: https://api.poc.shield.ermessecurity.com/styles.952f5cfa9b455a8f.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.195.238.86 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-195-238-86.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6a17e3cb0fee9c3191facfcc6cf0529b78534eb9c1d23a07592739566667e13a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://www.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com; style-src 'self' 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.googletagmanager.com https://www.google-analytics.com data:; object-src 'none'; connect-src 'self' https://www.google-analytics.com https://auth0.ermes.company/oauth/token https://bl.ermessecurity.com/ https://api.shield.ermessecurity.com/ https://updates.ermessecurity.com/; frame-src 'self' https://auth0.ermes.company; frame-ancestors 'self';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin
https://api.poc.shield.ermessecurity.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 13:42:57 GMT
content-security-policy
default-src 'self'; script-src 'self' https://www.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com; style-src 'self' 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.googletagmanager.com https://www.google-analytics.com data:; object-src 'none'; connect-src 'self' https://www.google-analytics.com https://auth0.ermes.company/oauth/token https://bl.ermessecurity.com/ https://api.shield.ermessecurity.com/ https://updates.ermessecurity.com/; frame-src 'self' https://auth0.ermes.company; frame-ancestors 'self';
x-content-type-options
nosniff
referrer-policy
no-referrer
last-modified
Fri, 31 May 2024 10:04:44 GMT
server
nginx
etag
"6659a0bc-7c8c"
x-frame-options
SAMEORIGIN
content-type
font/woff2
accept-ranges
bytes
content-length
31884
x-xss-protection
1; mode=block
gtm.js
www.googletagmanager.com/ 		188 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PMQMXR7
Requested by
Host: api.poc.shield.ermessecurity.com
URL: https://api.poc.shield.ermessecurity.com/main.257b2cb301a480ab.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 13:42:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69065
x-xss-protection
0
last-modified
Wed, 05 Jun 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 05 Jun 2024 13:42:57 GMT
Primary Request authorize
auth0.ermes.company/ 		3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://auth0.ermes.company/authorize?client_id=YV3eFur7OeLh8tXEF8gPV4NBvfhRAOL1&scope=openid+profile+email+offline_access&audience=dashboard_api&redirect_uri=https%3A%2F%2Fapi.poc.shield.ermessecurity.com&response_type=code&response_mode=query&state=LXllOGJMZEMzOWJCTHN%2BQmpXaC13RktpdkR4TXBXQTdiMHMzY0pua01qRg%3D%3D&nonce=Z09pNVFITTVxT0hlMmlSc354VTA3OS5vWE1kYVdLM3MzMC5Fa29NNHREQg%3D%3D&code_challenge=NWvkRIFldVMVNOVzoOu22VvA0WPtJ6t1HSeU9yXE2tw&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiQGF1dGgwL2F1dGgwLWFuZ3VsYXIiLCJ2ZXJzaW9uIjoiMi4yLjMiLCJlbnYiOnsiYW5ndWxhci9jb3JlIjoiMTcuMy41In19
Requested by
Host: api.poc.shield.ermessecurity.com
URL: https://api.poc.shield.ermessecurity.com/main.257b2cb301a480ab.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9913 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86dadd741f281eb37b4360e3a30e97231a194357d17bf6c78efce1c5c516b3a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, max-age=0, no-transform
cf-cache-status
DYNAMIC
cf-ray
88f096c1edcb1bc3-FRA
content-type
text/html; charset=utf-8
date
Wed, 05 Jun 2024 13:42:57 GMT
etag
W/"aee-mcbas/FOk2XBIdoIo1uQWtml9Bc"
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-auth0-requestid
cc92267eb3dbca45fa48
x-content-type-options
nosniff
x-ratelimit-limit
300
x-ratelimit-remaining
299
x-ratelimit-reset
1717594978
js
www.googletagmanager.com/gtag/ 		284 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-050TNFBRY4&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PMQMXR7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 13:42:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
99190
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 05 Jun 2024 13:42:57 GMT
index.min.css
cdn.auth0.com/styleguide/latest/ 		253 KB
55 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.auth0.com/styleguide/latest/index.min.css
Requested by
Host: auth0.ermes.company
URL: https://auth0.ermes.company/authorize?client_id=YV3eFur7OeLh8tXEF8gPV4NBvfhRAOL1&scope=openid+profile+email+offline_access&audience=dashboard_api&redirect_uri=https%3A%2F%2Fapi.poc.shield.ermessecurity.com&response_type=code&response_mode=query&state=LXllOGJMZEMzOWJCTHN%2BQmpXaC13RktpdkR4TXBXQTdiMHMzY0pua01qRg%3D%3D&nonce=Z09pNVFITTVxT0hlMmlSc354VTA3OS5vWE1kYVdLM3MzMC5Fa29NNHREQg%3D%3D&code_challenge=NWvkRIFldVMVNOVzoOu22VvA0WPtJ6t1HSeU9yXE2tw&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiQGF1dGgwL2F1dGgwLWFuZ3VsYXIiLCJ2ZXJzaW9uIjoiMi4yLjMiLCJlbnYiOnsiYW5ndWxhci9jb3JlIjoiMTcuMy41In19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2662:ac00:10:474e:104a:2961 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c10c601443eeb6d79100eaca7911ad24334ccb39f0861e697ea7f33684c35d86
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://auth0.ermes.company/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
s5gNrOynyxO2.89b_njJNZ9heZAhlr7e
content-encoding
gzip
via
1.1 7dbaa8a9c9721618336a04139decd204.cloudfront.net (CloudFront)
date
Wed, 05 Jun 2024 13:41:22 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
x-amz-cf-pop
CDG55-P1
age
95
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 03 Jan 2017 19:34:31 GMT
server
AmazonS3
etag
W/"9357a87b18a1d356741527b43d110705"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
public, max-age=300
x-robots-tag
noindex
x-amz-cf-id
mo3R7MgBdWQ933jBWB8JkbdfW0BpYebcz9f4dn7kHe7LN725KtsyXQ==
main.css
cdn.auth0.com/backend-templates/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.auth0.com/backend-templates/main.css
Requested by
Host: auth0.ermes.company
URL: https://auth0.ermes.company/authorize?client_id=YV3eFur7OeLh8tXEF8gPV4NBvfhRAOL1&scope=openid+profile+email+offline_access&audience=dashboard_api&redirect_uri=https%3A%2F%2Fapi.poc.shield.ermessecurity.com&response_type=code&response_mode=query&state=LXllOGJMZEMzOWJCTHN%2BQmpXaC13RktpdkR4TXBXQTdiMHMzY0pua01qRg%3D%3D&nonce=Z09pNVFITTVxT0hlMmlSc354VTA3OS5vWE1kYVdLM3MzMC5Fa29NNHREQg%3D%3D&code_challenge=NWvkRIFldVMVNOVzoOu22VvA0WPtJ6t1HSeU9yXE2tw&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiQGF1dGgwL2F1dGgwLWFuZ3VsYXIiLCJ2ZXJzaW9uIjoiMi4yLjMiLCJlbnYiOnsiYW5ndWxhci9jb3JlIjoiMTcuMy41In19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2662:ac00:10:474e:104a:2961 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
082c7dcaed1c848b1b6f7ca58609f1f0bc28c5797630b87ad9e2108c66c117d0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://auth0.ermes.company/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
MgCvivs3wxxxvhbJVkjBKX0QzHOAvslY
content-encoding
gzip
via
1.1 7dbaa8a9c9721618336a04139decd204.cloudfront.net (CloudFront)
date
Wed, 05 Jun 2024 13:41:20 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
x-amz-cf-pop
CDG55-P1
age
99
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 04 Apr 2017 20:35:27 GMT
server
AmazonS3
etag
W/"a0cfb67e0bb38eccbfad358b34eae828"
vary
Accept-Encoding
content-type
text/css
x-robots-tag
noindex
x-amz-cf-id
4NW0pxrsEtwkws16-VLbmfCCTAHyYhPLuYHvJ5bfvbYwgOGV1txw5A==
main.js
cdn.auth0.com/backend-templates/ 		698 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.auth0.com/backend-templates/main.js?v=1
Requested by
Host: auth0.ermes.company
URL: https://auth0.ermes.company/authorize?client_id=YV3eFur7OeLh8tXEF8gPV4NBvfhRAOL1&scope=openid+profile+email+offline_access&audience=dashboard_api&redirect_uri=https%3A%2F%2Fapi.poc.shield.ermessecurity.com&response_type=code&response_mode=query&state=LXllOGJMZEMzOWJCTHN%2BQmpXaC13RktpdkR4TXBXQTdiMHMzY0pua01qRg%3D%3D&nonce=Z09pNVFITTVxT0hlMmlSc354VTA3OS5vWE1kYVdLM3MzMC5Fa29NNHREQg%3D%3D&code_challenge=NWvkRIFldVMVNOVzoOu22VvA0WPtJ6t1HSeU9yXE2tw&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiQGF1dGgwL2F1dGgwLWFuZ3VsYXIiLCJ2ZXJzaW9uIjoiMi4yLjMiLCJlbnYiOnsiYW5ndWxhci9jb3JlIjoiMTcuMy41In19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2662:ac00:10:474e:104a:2961 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f10f0982087c01de72c16baf674d8107d41d10ecff66667b0f7b0890ef52edd1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://auth0.ermes.company/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
mXF1zWEI5fYfKmWAbfsmvlm2BVGmtOeT
date
Wed, 05 Jun 2024 13:42:05 GMT
via
1.1 7dbaa8a9c9721618336a04139decd204.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
x-amz-cf-pop
CDG55-P1
age
53
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
698
last-modified
Fri, 28 Sep 2018 17:40:38 GMT
server
AmazonS3
etag
"0f81e3b9236c8ffc79c7cc852a54f38d"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
x-robots-tag
noindex
x-amz-cf-id
vBGreWXBaRZbwC9MuHYEfY3sWBgjj0cyXfpWdy2KTCh8Z1vSEtkHPA==
ermes_logo_black.png
sme-logo.s3-eu-west-1.amazonaws.com/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sme-logo.s3-eu-west-1.amazonaws.com/ermes_logo_black.png
Requested by
Host: auth0.ermes.company
URL: https://auth0.ermes.company/authorize?client_id=YV3eFur7OeLh8tXEF8gPV4NBvfhRAOL1&scope=openid+profile+email+offline_access&audience=dashboard_api&redirect_uri=https%3A%2F%2Fapi.poc.shield.ermessecurity.com&response_type=code&response_mode=query&state=LXllOGJMZEMzOWJCTHN%2BQmpXaC13RktpdkR4TXBXQTdiMHMzY0pua01qRg%3D%3D&nonce=Z09pNVFITTVxT0hlMmlSc354VTA3OS5vWE1kYVdLM3MzMC5Fa29NNHREQg%3D%3D&code_challenge=NWvkRIFldVMVNOVzoOu22VvA0WPtJ6t1HSeU9yXE2tw&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiQGF1dGgwL2F1dGgwLWFuZ3VsYXIiLCJ2ZXJzaW9uIjoiMi4yLjMiLCJlbnYiOnsiYW5ndWxhci9jb3JlIjoiMTcuMy41In19
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.218.91.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
a24e4dd02fef91f68de538f0de53bca5a7cf053bdb6467396df7760e4250a5bd

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://auth0.ermes.company/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 05 Jun 2024 13:42:58 GMT
Last-Modified
Fri, 08 Sep 2023 15:12:52 GMT
Server
AmazonS3
x-amz-request-id
YB7SQXE8XNN1DFQV
ETag
"33e6fdf27ad26f9fa4d5bc7b7a74fbbb"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
15368
x-amz-id-2
clx2A2Ir900FJzPdxPmjT54+uk62fVQiJk4BIRnAKr/aZ2ZBQelMDaexn0NISMF1HuqBjDdYQek=
icon-contact.svg
cdn.auth0.com/backend-templates/imgs/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.auth0.com/backend-templates/imgs/icon-contact.svg
Requested by
Host: cdn.auth0.com
URL: https://cdn.auth0.com/backend-templates/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2662:ac00:10:474e:104a:2961 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b3195e74e9b208bb15e7cde62ceb065b1a69523bbdf715fad6ecbaae30781c4f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cdn.auth0.com/backend-templates/main.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
MlVxtOuuHBqzdQQCSeobSr5J.detOoxe
content-encoding
gzip
via
1.1 7dbaa8a9c9721618336a04139decd204.cloudfront.net (CloudFront)
date
Wed, 05 Jun 2024 13:40:30 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
x-amz-cf-pop
CDG55-P1
age
148
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 04 Apr 2017 20:35:27 GMT
server
AmazonS3
etag
W/"384cc7b4a8e9a34a50f22e5e4f009d43"
vary
Accept-Encoding
content-type
image/svg+xml
x-robots-tag
noindex
x-amz-cf-id
WYG-HbgrsWdgd1X-QEaHzZb7VcQ7389kkfxl8VMWVc1EvQCo-oaIJQ==
icon-mail.svg
cdn.auth0.com/backend-templates/imgs/ 		999 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.auth0.com/backend-templates/imgs/icon-mail.svg
Requested by
Host: cdn.auth0.com
URL: https://cdn.auth0.com/backend-templates/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2662:ac00:10:474e:104a:2961 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
56b04666d08125e0c24896bc5523808578eabe094b0b0a1b3baa9d2fdc0e667a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cdn.auth0.com/backend-templates/main.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
apty9aRghhUkrsmZ.AY_4pmk0_u9M62P
date
Wed, 05 Jun 2024 13:42:50 GMT
via
1.1 7dbaa8a9c9721618336a04139decd204.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
x-amz-cf-pop
CDG55-P1
age
13
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
999
last-modified
Tue, 04 Apr 2017 20:35:27 GMT
server
AmazonS3
etag
"96d614e98f509ce310f047f290049f0d"
vary
Accept-Encoding
content-type
image/svg+xml
accept-ranges
bytes
x-robots-tag
noindex
x-amz-cf-id
_t8oPNbwFbCwUzVVl9PLwevPUaT5ZKMDKD0uF0kd7wB9UawIf_U1Ag==
avenir-next-regular.woff2
cdn.auth0.com/styleguide/latest/lib/font/avenir-next/ 		31 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.auth0.com/styleguide/latest/lib/font/avenir-next/avenir-next-regular.woff2
Requested by
Host: cdn.auth0.com
URL: https://cdn.auth0.com/styleguide/latest/index.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2662:ac00:10:474e:104a:2961 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3b110c9a55d7de7315aebc7d717ef510e2a717c5d8fbe26a749e2382f7b858d7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cdn.auth0.com/styleguide/latest/index.min.css
Origin
https://auth0.ermes.company
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
mQFCr2jXiTlrCF7Cw8imgFDyGCp_5pfi
date
Wed, 05 Jun 2024 13:42:59 GMT
via
1.1 bc7f3dfaddaebf9f4730d8a430bb7590.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
x-amz-cf-pop
CDG55-P1
x-cache
RefreshHit from cloudfront
x-amz-replication-status
COMPLETED
content-length
31944
last-modified
Tue, 03 Jan 2017 19:34:34 GMT
server
AmazonS3
etag
"851774df81a3d857ed6d149e0b8e6c60"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=300
vary
Accept-Encoding,Origin
accept-ranges
bytes
x-robots-tag
noindex
x-amz-cf-id
tZjq-KU2Uitl1qAHfP_g9gPw4pDogjstWp76tVpnDBO5y8mbB3R4Cg==
avenir-next-medium.woff2
cdn.auth0.com/styleguide/latest/lib/font/avenir-next/ 		31 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.auth0.com/styleguide/latest/lib/font/avenir-next/avenir-next-medium.woff2
Requested by
Host: cdn.auth0.com
URL: https://cdn.auth0.com/styleguide/latest/index.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2662:ac00:10:474e:104a:2961 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7444f8b2cca0e59929913024a2cbdb33d7301b06407f94d62f5f2e5a835ac637
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cdn.auth0.com/styleguide/latest/index.min.css
Origin
https://auth0.ermes.company
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
0dOlBROtZt3h3zMSus9QSR_.XrjXSxty
date
Wed, 05 Jun 2024 13:42:59 GMT
via
1.1 bc7f3dfaddaebf9f4730d8a430bb7590.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
x-amz-cf-pop
CDG55-P1
x-cache
RefreshHit from cloudfront
x-amz-replication-status
COMPLETED
content-length
32236
last-modified
Tue, 03 Jan 2017 19:34:34 GMT
server
AmazonS3
etag
"13068386fe66fd9afd7e13e415885f50"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=300
vary
Accept-Encoding,Origin
accept-ranges
bytes
x-robots-tag
noindex
x-amz-cf-id
P3QsYAElnx3Ro4IgqVh3ODCaUnc89IWVKUQ5yMNs08mfNK9UR2QeVQ==
avenir-next-regular-italic.woff2
cdn.auth0.com/styleguide/latest/lib/font/avenir-next/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.auth0.com/styleguide/latest/lib/font/avenir-next/avenir-next-regular-italic.woff2
Requested by
Host: cdn.auth0.com
URL: https://cdn.auth0.com/styleguide/latest/index.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2662:ac00:10:474e:104a:2961 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dcc69817e6231784436b3dd693d9715f62466a5e7cbc8b2036c74df28fb7e4b0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cdn.auth0.com/styleguide/latest/index.min.css
Origin
https://auth0.ermes.company
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
Bbziqstg1OInngHAFJK4lXY0kTLHzGGS
date
Wed, 05 Jun 2024 13:42:59 GMT
via
1.1 bc7f3dfaddaebf9f4730d8a430bb7590.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
x-amz-cf-pop
CDG55-P1
x-cache
RefreshHit from cloudfront
x-amz-replication-status
COMPLETED
content-length
33116
last-modified
Tue, 03 Jan 2017 19:34:34 GMT
server
AmazonS3
etag
"d97f2f7c6cba5c5250a56da8df848e23"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=300
vary
Accept-Encoding,Origin
accept-ranges
bytes
x-robots-tag
noindex
x-amz-cf-id
OPTbmjtm-oR7uj5CjyBy4bT86f6NSUWnFSLgGiFYtM0BVKa5oZpqXw==
favicon.ico
auth0.ermes.company/ 		9 B
194 B 		Other
General
Check archive.org
Download Go to
Full URL
https://auth0.ermes.company/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9913 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://auth0.ermes.company/authorize?client_id=YV3eFur7OeLh8tXEF8gPV4NBvfhRAOL1&scope=openid+profile+email+offline_access&audience=dashboard_api&redirect_uri=https%3A%2F%2Fapi.poc.shield.ermessecurity.com&response_type=code&response_mode=query&state=LXllOGJMZEMzOWJCTHN%2BQmpXaC13RktpdkR4TXBXQTdiMHMzY0pua01qRg%3D%3D&nonce=Z09pNVFITTVxT0hlMmlSc354VTA3OS5vWE1kYVdLM3MzMC5Fa29NNHREQg%3D%3D&code_challenge=NWvkRIFldVMVNOVzoOu22VvA0WPtJ6t1HSeU9yXE2tw&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiQGF1dGgwL2F1dGgwLWFuZ3VsYXIiLCJ2ZXJzaW9uIjoiMi4yLjMiLCJlbnYiOnsiYW5ndWxhci9jb3JlIjoiMTcuMy41In19
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 13:42:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-auth0-not-found
1
cf-cache-status
MISS
x-auth0-requestid
414e2dac03cbc52afe02
server
cloudflare
x-content-type-options
nosniff
etag
W/"9-0gXL1ngzMqISxa6S1zx3F4wtLyg"
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
cache-control
public, max-age=300
cf-ray
88f096c8091c1bc3-FRA
alt-svc
h3=":443"; ma=86400
content-length
9

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Domain/Path Name / Value
.ermessecurity.com/ Name: _ga
Value: GA1.1.1520524089.1717594978
.ermessecurity.com/ Name: _ga_050TNFBRY4
Value: GS1.1.1717594977.1.0.1717594977.0.0.0
auth0.ermes.company/ Name: did
Value: s%3Av0%3A849cf520-2341-11ef-acf3-cf73f80e30f6.uRNGKCeGHMjHoauNWQiRVpbGlQIJfgau1FEjMcH2xOM
auth0.ermes.company/ Name: did_compat
Value: s%3Av0%3A849cf520-2341-11ef-acf3-cf73f80e30f6.uRNGKCeGHMjHoauNWQiRVpbGlQIJfgau1FEjMcH2xOM
.auth0.ermes.company/ Name: __cf_bm
Value: 4VGMXHB42ncVFrEXI1r8coAGeedbdkc7op5YesYXXlU-1717594977-1.0.1.1-.JgSb2H9PxXZZzGHOJItRZTa86S42Z5ag1KlQ3kg_VU0B3eTIdWDEWTty_OH7IZS

3 Console Messages

Source Level URL
Text
security error URL: https://www.googletagmanager.com/gtag/js?id=G-050TNFBRY4&l=dataLayer&cx=c(Line 193)
Message:
Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-050TNFBRY4&gtm=45je4630v878438063z8857461213za200zb857461213&_p=1717594977318&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1520524089.1717594978&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1717594977&sct=1&seg=0&dl=https%3A%2F%2Fapi.poc.shield.ermessecurity.com%2F&dt=Ermes%20Browser%20Security&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1005' because it violates the following Content Security Policy directive: "connect-src 'self' https://www.google-analytics.com https://auth0.ermes.company/oauth/token https://bl.ermessecurity.com/ https://api.shield.ermessecurity.com/ https://updates.ermessecurity.com/".
network error URL: https://auth0.ermes.company/authorize?client_id=YV3eFur7OeLh8tXEF8gPV4NBvfhRAOL1&scope=openid+profile+email+offline_access&audience=dashboard_api&redirect_uri=https%3A%2F%2Fapi.poc.shield.ermessecurity.com&response_type=code&response_mode=query&state=LXllOGJMZEMzOWJCTHN%2BQmpXaC13RktpdkR4TXBXQTdiMHMzY0pua01qRg%3D%3D&nonce=Z09pNVFITTVxT0hlMmlSc354VTA3OS5vWE1kYVdLM3MzMC5Fa29NNHREQg%3D%3D&code_challenge=NWvkRIFldVMVNOVzoOu22VvA0WPtJ6t1HSeU9yXE2tw&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiQGF1dGgwL2F1dGgwLWFuZ3VsYXIiLCJ2ZXJzaW9uIjoiMi4yLjMiLCJlbnYiOnsiYW5ndWxhci9jb3JlIjoiMTcuMy41In19
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://auth0.ermes.company/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; script-src 'self' https://www.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com; style-src 'self' 'unsafe-inline'; font-src 'self' data:; img-src 'self' https://www.googletagmanager.com https://www.google-analytics.com data:; object-src 'none'; connect-src 'self' https://www.google-analytics.com https://auth0.ermes.company/oauth/token https://bl.ermessecurity.com/ https://api.shield.ermessecurity.com/ https://updates.ermessecurity.com/; frame-src 'self' https://auth0.ermes.company; frame-ancestors 'self';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.poc.shield.ermessecurity.com
auth0.ermes.company
cdn.auth0.com
sme-logo.s3-eu-west-1.amazonaws.com
www.googletagmanager.com
2600:9000:2662:ac00:10:474e:104a:2961
2606:4700::6813:9913
2a00:1450:4001:831::2008
52.218.91.88
54.195.238.86
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5
082c7dcaed1c848b1b6f7ca58609f1f0bc28c5797630b87ad9e2108c66c117d0
135f28a82dda810aa887a5be265b572bcb796a24a74aa9e34bc18666450df670
3b110c9a55d7de7315aebc7d717ef510e2a717c5d8fbe26a749e2382f7b858d7
4f53a460890d2023572388fdff47d6ceff8ab2eaa4877306b84d40cf6ff8a336
56b04666d08125e0c24896bc5523808578eabe094b0b0a1b3baa9d2fdc0e667a
5ddd674a013979919ed4619a0d1033c862099c545ae0a656739c955d33418cdc
6a17e3cb0fee9c3191facfcc6cf0529b78534eb9c1d23a07592739566667e13a
7444f8b2cca0e59929913024a2cbdb33d7301b06407f94d62f5f2e5a835ac637
79dd2d517f19a8eb17bc698d0279f80abaa99b12b01a674b8f5c4815d0e6a61b
86dadd741f281eb37b4360e3a30e97231a194357d17bf6c78efce1c5c516b3a9
a24e4dd02fef91f68de538f0de53bca5a7cf053bdb6467396df7760e4250a5bd
b19407297ed83fbe1e0a94b7a0962e31b3195bad124a6d451256baf591dbd729
b3195e74e9b208bb15e7cde62ceb065b1a69523bbdf715fad6ecbaae30781c4f
c10c601443eeb6d79100eaca7911ad24334ccb39f0861e697ea7f33684c35d86
dcc69817e6231784436b3dd693d9715f62466a5e7cbc8b2036c74df28fb7e4b0
e980443558871b8f9e32fae1c16ae4cfb2bd1eb132e6ebc4f9c20829f5a820f7
f10f0982087c01de72c16baf674d8107d41d10ecff66667b0f7b0890ef52edd1
fbf83cd98a6fa27e991249711c2e47eedf1b039806df2b077614f693871a2160