urlscan.io logo urlscan.io
SecurityTrails logo

payrollstagingweb.ey.com Open in urlscan Pro
145.62.84.28  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://payrollstagingweb.ey.com/
Effective URL: https://payrollstagingweb.ey.com/login?ReturnUrl=%2f
Submission: On February 18 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 18 HTTP transactions. The main IP is 145.62.84.28, located in Netherlands and belongs to GFIS-GMBH, DE. The main domain is payrollstagingweb.ey.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on March 25th 2019. Valid for: 2 years.
This is the only time payrollstagingweb.ey.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 11 145.62.84.28 201208 (GFIS-GMBH)
3 152.199.19.160 15133 (EDGECAST)
5 92.123.148.55 16625 (AKAMAI-AS)
18 3
Apex Domain
Subdomains		 Transfer
11 ey.com
payrollstagingweb.ey.com
300 KB
5 walkme.com
cdn.walkme.com
516 KB
3 aspnetcdn.com
ajax.aspnetcdn.com
128 KB
18 3
Domain Requested by
11 payrollstagingweb.ey.com 1 redirects payrollstagingweb.ey.com
5 cdn.walkme.com payrollstagingweb.ey.com
cdn.walkme.com
3 ajax.aspnetcdn.com payrollstagingweb.ey.com
18 3

This site contains links to these domains. Also see Links.

Domain
info.unit4bedrijfssoftware.nl
Subject Issuer Validity Valid
salarisstagingweb.ey.com
Entrust Certification Authority - L1K		 2019-03-25 -
2021-03-25		 2 years crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2020-11-16 -
2021-11-10		 a year crt.sh
walkme.com
DigiCert SHA2 Secure Server CA		 2020-11-01 -
2021-11-30		 a year crt.sh

This page contains 1 frames:

Primary Page: https://payrollstagingweb.ey.com/login?ReturnUrl=%2f
Frame ID: 0B617A5B643D7093B4E2CF1899832446
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://payrollstagingweb.ey.com/ HTTP 302
    https://payrollstagingweb.ey.com/login?ReturnUrl=%2f Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

18
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

943 kB
Transfer

3335 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://payrollstagingweb.ey.com/ HTTP 302
    https://payrollstagingweb.ey.com/login?ReturnUrl=%2f Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set login
payrollstagingweb.ey.com/
Redirect Chain
  • https://payrollstagingweb.ey.com/
  • https://payrollstagingweb.ey.com/login?ReturnUrl=%2f
16 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://payrollstagingweb.ey.com/login?ReturnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
145.62.84.28 , Netherlands, ASN201208 (GFIS-GMBH, DE),
Reverse DNS
payrollstagingweb.ey.com
Software
/
Resource Hash
86d80759478a4dbdf9ae35d49054576a5927af453a1850073e3e9fdec8baef10
Security Headers
Name Value
Content-Security-Policy script-src 'strict-dynamic' 'nonce-EmbdzO/sgBp07sUKRbHR' https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://maps.googleapis.com/maps/api/ 'self'; frame-src https://player.vimeo.com/ https://www.google.com/recaptcha/ https://cdn.walkme.com/ https://info.unit4bedrijfssoftware.nl/ https://selfservice.unit4.nl/ 'self'; object-src 'self'
Strict-Transport-Security max-age=604800 max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Frame-Options Deny SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
payrollstagingweb.ey.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
.U4OnlineSIDMainVersion=lnti1w50mbzmmigx0dp10tcg; language=nl-NL
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control
public, no-store, max-age=0
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Expires
Thu, 18 Feb 2021 05:02:07 GMT
Last-Modified
Thu, 18 Feb 2021 05:02:07 GMT
Vary
*
Strict-Transport-Security
max-age=604800 max-age=31536000; includeSubDomains
Feature-Policy
microphone 'none'; camera 'none'; display-capture 'none' usb 'none'
X-Frame-Options
Deny SAMEORIGIN
X-Robots-Tag
noindex, nofollow, noarchive, nosnippet, noimageindex
X-Content-Type-Options
nosniff nosniff
X-Download-Options
noopen
Referrer-Policy
no-referrer no-referrer
X-XSS-Protection
1; mode=block
Content-Security-Policy
script-src 'strict-dynamic' 'nonce-EmbdzO/sgBp07sUKRbHR' https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://maps.googleapis.com/maps/api/ 'self'; frame-src https://player.vimeo.com/ https://www.google.com/recaptcha/ https://cdn.walkme.com/ https://info.unit4bedrijfssoftware.nl/ https://selfservice.unit4.nl/ 'self'; object-src 'self'
Set-Cookie
__RequestVerificationToken=HggMSB8PVYeshZ0Jcd68JtVKXLW_HbIqTpiYCakUJxATygf6LQNfAAiVKbQeocCse1z3UFngFUH2nHleXZqse6VeaS01; path=/; secure; HttpOnly
X-UA-Compatible
IE=EmulateIE9
Date
Thu, 18 Feb 2021 05:02:07 GMT
Content-Length
6292

Redirect headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Location
/login?ReturnUrl=%2f
Strict-Transport-Security
max-age=604800 max-age=31536000; includeSubDomains
Feature-Policy
microphone 'none'; camera 'none'; display-capture 'none' usb 'none'
X-Frame-Options
Deny SAMEORIGIN
X-Robots-Tag
noindex, nofollow, noarchive, nosnippet, noimageindex
X-Content-Type-Options
nosniff nosniff
X-Download-Options
noopen
Referrer-Policy
no-referrer no-referrer
X-XSS-Protection
1; mode=block
Content-Security-Policy
script-src 'strict-dynamic' 'nonce-MuHdIc1sXSEcmEr3g+fY' https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://maps.googleapis.com/maps/api/ 'self'; frame-src https://player.vimeo.com/ https://www.google.com/recaptcha/ https://cdn.walkme.com/ https://info.unit4bedrijfssoftware.nl/ https://selfservice.unit4.nl/ 'self'; object-src 'self'
Set-Cookie
.U4OnlineSIDMainVersion=lnti1w50mbzmmigx0dp10tcg; path=/; secure; HttpOnly; SameSite=Lax language=nl-NL; expires=Fri, 18-Feb-2022 05:02:07 GMT; path=/; secure; HttpOnly
X-UA-Compatible
IE=EmulateIE9
Date
Thu, 18 Feb 2021 05:02:07 GMT
Content-Length
137
jquery-ui
payrollstagingweb.ey.com/assets/content/themes/base/ 		30 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payrollstagingweb.ey.com/assets/content/themes/base/jquery-ui?v=0S-e0_J1Yktshp8rZf-N_AZJeQPZq2A-CmCyT6vFMGA1
Requested by
Host: payrollstagingweb.ey.com
URL: https://payrollstagingweb.ey.com/login?ReturnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
145.62.84.28 , Netherlands, ASN201208 (GFIS-GMBH, DE),
Reverse DNS
payrollstagingweb.ey.com
Software
/
Resource Hash
84929c8080a9222236b537424a2eb3def7cbfdaa2ed28b55c43c46b297c50459
Security Headers
Name Value
Strict-Transport-Security max-age=604800, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options Deny, SAMEORIGIN

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800, max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff, nosniff
Content-Length
9248
X-UA-Compatible
IE=EmulateIE9
Referrer-Policy
no-referrer, no-referrer
Last-Modified
Thu, 18 Feb 2021 05:02:08 GMT
X-Frame-Options
Deny, SAMEORIGIN
Date
Thu, 18 Feb 2021 05:02:07 GMT
X-Download-Options
noopen
Vary
User-Agent,Accept-Encoding
Content-Type
text/css; charset=utf-8
Cache-Control
public
Feature-Policy
microphone 'none'; camera 'none'; display-capture 'none', usb 'none'
X-Robots-Tag
noindex, nofollow, noarchive, nosnippet, noimageindex
Expires
Fri, 18 Feb 2022 05:02:08 GMT
css
payrollstagingweb.ey.com/assets/css/ 		751 KB
99 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payrollstagingweb.ey.com/assets/css/css?v=5K9jq6jA1SVfV8Y2b114JKX9yWQ4nzehxq1ETyQJ84c1
Requested by
Host: payrollstagingweb.ey.com
URL: https://payrollstagingweb.ey.com/login?ReturnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
145.62.84.28 , Netherlands, ASN201208 (GFIS-GMBH, DE),
Reverse DNS
payrollstagingweb.ey.com
Software
/
Resource Hash
e209e38ef73b9e8b8116be49e0c7eda7c58c91b478e0fd12ce77f275d07cc3ec
Security Headers
Name Value
Strict-Transport-Security max-age=604800, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options Deny, SAMEORIGIN

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800, max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff, nosniff
Transfer-Encoding
chunked
X-UA-Compatible
IE=EmulateIE9
Referrer-Policy
no-referrer, no-referrer
Last-Modified
Thu, 18 Feb 2021 05:02:08 GMT
X-Frame-Options
Deny, SAMEORIGIN
Date
Thu, 18 Feb 2021 05:02:07 GMT
X-Download-Options
noopen
Vary
User-Agent,Accept-Encoding
Content-Type
text/css; charset=utf-8
Cache-Control
public
Feature-Policy
microphone 'none'; camera 'none'; display-capture 'none', usb 'none'
X-Robots-Tag
noindex, nofollow, noarchive, nosnippet, noimageindex
Expires
Fri, 18 Feb 2022 05:02:08 GMT
unit4logo_portrait_extended_white.png
payrollstagingweb.ey.com/Assets/Images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payrollstagingweb.ey.com/Assets/Images/unit4logo_portrait_extended_white.png
Requested by
Host: payrollstagingweb.ey.com
URL: https://payrollstagingweb.ey.com/login?ReturnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
145.62.84.28 , Netherlands, ASN201208 (GFIS-GMBH, DE),
Reverse DNS
payrollstagingweb.ey.com
Software
/
Resource Hash
2b765b1a3882fe4de6a85c0d4c8b45008e82aa64a39c22c73c28c86077e12dfd
Security Headers
Name Value
Strict-Transport-Security max-age=604800, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options Deny, SAMEORIGIN

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800, max-age=31536000; includeSubDomains
Referrer-Policy
no-referrer, no-referrer
Last-Modified
Thu, 10 Dec 2020 07:22:16 GMT
ETag
"044cf2fc5ced61:0"
X-Download-Options
noopen
X-Frame-Options
Deny, SAMEORIGIN
Content-Type
image/png
Feature-Policy
microphone 'none'; camera 'none'; display-capture 'none', usb 'none'
Date
Thu, 18 Feb 2021 05:02:07 GMT
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow, noarchive, nosnippet, noimageindex
Content-Length
5499
X-Content-Type-Options
nosniff, nosniff
X-UA-Compatible
IE=EmulateIE9
unit4logo_portrait.png
payrollstagingweb.ey.com/assets/Images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payrollstagingweb.ey.com/assets/Images/unit4logo_portrait.png
Requested by
Host: payrollstagingweb.ey.com
URL: https://payrollstagingweb.ey.com/login?ReturnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
145.62.84.28 , Netherlands, ASN201208 (GFIS-GMBH, DE),
Reverse DNS
payrollstagingweb.ey.com
Software
/
Resource Hash
fc0ccf530a9a959736d26813de74ebf777966bba16fd50bc1765f0e2914494db
Security Headers
Name Value
Strict-Transport-Security max-age=604800, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options Deny, SAMEORIGIN

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800, max-age=31536000; includeSubDomains
Referrer-Policy
no-referrer, no-referrer
Last-Modified
Thu, 10 Dec 2020 07:22:16 GMT
ETag
"044cf2fc5ced61:0"
X-Download-Options
noopen
X-Frame-Options
Deny, SAMEORIGIN
Content-Type
image/png
Feature-Policy
microphone 'none'; camera 'none'; display-capture 'none', usb 'none'
Date
Thu, 18 Feb 2021 05:02:07 GMT
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow, noarchive, nosnippet, noimageindex
Content-Length
3011
X-Content-Type-Options
nosniff, nosniff
X-UA-Compatible
IE=EmulateIE9
jquery-3.5.1.min.js
ajax.aspnetcdn.com/ajax/jQuery/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-3.5.1.min.js
Requested by
Host: payrollstagingweb.ey.com
URL: https://payrollstagingweb.ey.com/login?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FE5) /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Origin
https://payrollstagingweb.ey.com
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 05:02:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16460535
x-cache
HIT
content-length
30976
x-xss-protection
1; mode=block
last-modified
Tue, 11 Aug 2020 16:38:03 GMT
server
ECAcc (frc/8FE5)
etag
W/"80e72fc8fd6fd61:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
jquery-ui.min.js
ajax.aspnetcdn.com/ajax/jquery.ui/1.12.1/ 		248 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.aspnetcdn.com/ajax/jquery.ui/1.12.1/jquery-ui.min.js
Requested by
Host: payrollstagingweb.ey.com
URL: https://payrollstagingweb.ey.com/login?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F08) /
Resource Hash
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Origin
https://payrollstagingweb.ey.com
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 05:02:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16086581
x-cache
HIT
content-length
91266
x-xss-protection
1; mode=block
last-modified
Mon, 31 Oct 2016 23:13:56 GMT
server
ECAcc (frc/8F08)
etag
"d9616b74cc33d21:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
jquery.validate.min.js
ajax.aspnetcdn.com/ajax/jquery.validate/1.19.1/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.aspnetcdn.com/ajax/jquery.validate/1.19.1/jquery.validate.min.js
Requested by
Host: payrollstagingweb.ey.com
URL: https://payrollstagingweb.ey.com/login?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F60) /
Resource Hash
b0f074179d185032b4a2d0e7b1f3476b0626039334a638d47f84ef44990616b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Origin
https://payrollstagingweb.ey.com
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 18 Feb 2021 05:02:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20192139
x-cache
HIT
content-length
7832
x-xss-protection
1; mode=block
last-modified
Fri, 28 Jun 2019 17:47:03 GMT
server
ECAcc (frc/8F60)
etag
"8045747ed92dd51:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
jqueryextra
payrollstagingweb.ey.com/bundle/ 		91 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payrollstagingweb.ey.com/bundle/jqueryextra?v=hsjRo3eHmr_ZcTn35eIxXNRlso8M6dT9b9svXAIrgLs1
Requested by
Host: payrollstagingweb.ey.com
URL: https://payrollstagingweb.ey.com/login?ReturnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
145.62.84.28 , Netherlands, ASN201208 (GFIS-GMBH, DE),
Reverse DNS
payrollstagingweb.ey.com
Software
/
Resource Hash
a477c65b89d443e7658d2a925bd455d06c1e1c21ea33d10a475c0ff4013b20f6
Security Headers
Name Value
Strict-Transport-Security max-age=604800, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options Deny, SAMEORIGIN

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800, max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff, nosniff
Content-Length
37044
X-UA-Compatible
IE=EmulateIE9
Referrer-Policy
no-referrer, no-referrer
Last-Modified
Thu, 18 Feb 2021 05:02:08 GMT
X-Frame-Options
Deny, SAMEORIGIN
Date
Thu, 18 Feb 2021 05:02:07 GMT
X-Download-Options
noopen
Vary
User-Agent,Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public
Feature-Policy
microphone 'none'; camera 'none'; display-capture 'none', usb 'none'
X-Robots-Tag
noindex, nofollow, noarchive, nosnippet, noimageindex
Expires
Fri, 18 Feb 2022 05:02:08 GMT
sitescripts
payrollstagingweb.ey.com/bundle/ 		236 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payrollstagingweb.ey.com/bundle/sitescripts?v=G4VeiSwok92Jw8I5KBdrIbENXKtdNlfFkbvzUHXnxGM1
Requested by
Host: payrollstagingweb.ey.com
URL: https://payrollstagingweb.ey.com/login?ReturnUrl=%2f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
145.62.84.28 , Netherlands, ASN201208 (GFIS-GMBH, DE),
Reverse DNS
payrollstagingweb.ey.com
Software
/
Resource Hash
2dcf815ba3f3051342a71e57fc12c673a3c4eee4d58b6ae154b2cbddf542077c
Security Headers
Name Value
Strict-Transport-Security max-age=604800, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options Deny, SAMEORIGIN

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800, max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff, nosniff
Transfer-Encoding
chunked
X-UA-Compatible
IE=EmulateIE9
Referrer-Policy
no-referrer, no-referrer
Last-Modified
Thu, 18 Feb 2021 05:02:08 GMT
X-Frame-Options
Deny, SAMEORIGIN
Date
Thu, 18 Feb 2021 05:02:07 GMT
X-Download-Options
noopen
Vary
User-Agent,Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public
Feature-Policy
microphone 'none'; camera 'none'; display-capture 'none', usb 'none'
X-Robots-Tag
noindex, nofollow, noarchive, nosnippet, noimageindex
Expires
Fri, 18 Feb 2022 05:02:08 GMT
walkme_aade1b34b1f04eebac94665f25dad2f2_https.js
cdn.walkme.com/users/aade1b34b1f04eebac94665f25dad2f2/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/users/aade1b34b1f04eebac94665f25dad2f2/walkme_aade1b34b1f04eebac94665f25dad2f2_https.js
Requested by
Host: payrollstagingweb.ey.com
URL: https://payrollstagingweb.ey.com/login?ReturnUrl=%2f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.148.55 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-148-55.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3dafa7bc2e569183af25a99955d65de75aff41e44a6086ea13fac056931bf51f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
TtqkxAOMH0b9ylzRU1RQAlQelIblCGMw
content-encoding
gzip
x-content-type-options
nosniff
x-amz-request-id
32F5E8791DCAB2C9
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
vary
Accept-Encoding
content-length
6707
x-amz-id-2
sEVihD7nA0+QF+nMBVc4a1FLNH/TxRNTgAKX+xy7Et1RshIFzuIS24miCJIYqdJWZwbH/nCNouE=
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 11 Feb 2021 16:03:22 GMT
date
Thu, 18 Feb 2021 05:02:08 GMT
strict-transport-security
max-age=31536000;includeSubdomains
content-type
application/x-javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=11201
etag
"3beb0f414b5f68c98647106daeb3ae77"
accept-ranges
bytes
layout_image.jpg
payrollstagingweb.ey.com/assets/Images/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payrollstagingweb.ey.com/assets/Images/layout_image.jpg
Requested by
Host: payrollstagingweb.ey.com
URL: https://payrollstagingweb.ey.com/assets/css/css?v=5K9jq6jA1SVfV8Y2b114JKX9yWQ4nzehxq1ETyQJ84c1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
145.62.84.28 , Netherlands, ASN201208 (GFIS-GMBH, DE),
Reverse DNS
payrollstagingweb.ey.com
Software
/
Resource Hash
c7f938a740a7d66476c9daa4c826251c8af5354d47e8ee8ab07e60345b4d4334
Security Headers
Name Value
Strict-Transport-Security max-age=604800, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options Deny, SAMEORIGIN

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800, max-age=31536000; includeSubDomains
Referrer-Policy
no-referrer, no-referrer
Last-Modified
Thu, 14 Jun 2018 11:12:30 GMT
ETag
"c92b095d03d41:0"
X-Download-Options
noopen
X-Frame-Options
Deny, SAMEORIGIN
Content-Type
image/jpeg
Feature-Policy
microphone 'none'; camera 'none'; display-capture 'none', usb 'none'
Date
Thu, 18 Feb 2021 05:02:07 GMT
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow, noarchive, nosnippet, noimageindex
Content-Length
26221
X-Content-Type-Options
nosniff, nosniff
X-UA-Compatible
IE=EmulateIE9
open-sans-v15-latin-regular.woff
payrollstagingweb.ey.com/assets/Fonts/OpenSansRegular/ 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://payrollstagingweb.ey.com/assets/Fonts/OpenSansRegular/open-sans-v15-latin-regular.woff
Requested by
Host: payrollstagingweb.ey.com
URL: https://payrollstagingweb.ey.com/assets/css/css?v=5K9jq6jA1SVfV8Y2b114JKX9yWQ4nzehxq1ETyQJ84c1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
145.62.84.28 , Netherlands, ASN201208 (GFIS-GMBH, DE),
Reverse DNS
payrollstagingweb.ey.com
Software
/
Resource Hash
054349dda27b80bb105fbc59b5973ef9889ed976aca1fbe39f77688dcff8c552
Security Headers
Name Value
Strict-Transport-Security max-age=604800, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options Deny, SAMEORIGIN

Request headers

Origin
https://payrollstagingweb.ey.com
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800, max-age=31536000; includeSubDomains
Referrer-Policy
no-referrer, no-referrer
Last-Modified
Thu, 10 Dec 2020 07:22:16 GMT
ETag
"044cf2fc5ced61:0"
X-Download-Options
noopen
X-Frame-Options
Deny, SAMEORIGIN
Content-Type
font/x-woff
Feature-Policy
microphone 'none'; camera 'none'; display-capture 'none', usb 'none'
Date
Thu, 18 Feb 2021 05:02:07 GMT
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow, noarchive, nosnippet, noimageindex
Content-Length
17704
X-Content-Type-Options
nosniff, nosniff
X-UA-Compatible
IE=EmulateIE9
overview.svg
payrollstagingweb.ey.com/assets/Images/icons/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payrollstagingweb.ey.com/assets/Images/icons/overview.svg
Requested by
Host: payrollstagingweb.ey.com
URL: https://payrollstagingweb.ey.com/assets/css/css?v=5K9jq6jA1SVfV8Y2b114JKX9yWQ4nzehxq1ETyQJ84c1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
145.62.84.28 , Netherlands, ASN201208 (GFIS-GMBH, DE),
Reverse DNS
payrollstagingweb.ey.com
Software
/
Resource Hash
799c09b6b29400fbf684e4a7db6394ca9fa299048052a9efc66f49f19fa18f8e
Security Headers
Name Value
Strict-Transport-Security max-age=604800, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options Deny, SAMEORIGIN

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800, max-age=31536000; includeSubDomains
Referrer-Policy
no-referrer, no-referrer
Last-Modified
Thu, 10 Dec 2020 07:22:16 GMT
ETag
"044cf2fc5ced61:0"
X-Download-Options
noopen
X-Frame-Options
Deny, SAMEORIGIN
Content-Type
image/svg+xml
Feature-Policy
microphone 'none'; camera 'none'; display-capture 'none', usb 'none'
Date
Thu, 18 Feb 2021 05:02:07 GMT
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow, noarchive, nosnippet, noimageindex
Content-Length
17057
X-Content-Type-Options
nosniff, nosniff
X-UA-Compatible
IE=EmulateIE9
settings.txt
cdn.walkme.com/users/aade1b34b1f04eebac94665f25dad2f2/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/users/aade1b34b1f04eebac94665f25dad2f2/settings.txt
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/users/aade1b34b1f04eebac94665f25dad2f2/walkme_aade1b34b1f04eebac94665f25dad2f2_https.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.148.55 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-148-55.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
754af9b93c84c8d12df583b43b03fdf9587b8364d5a2552294b8a4323bd643e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
t1mY.0_QK9thjSeRMdpWhpcbKaEFKnjj
content-encoding
gzip
x-content-type-options
nosniff
x-amz-request-id
31209322353D7216
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
vary
Accept-Encoding
content-length
571
x-amz-id-2
dgiPJKr8FWdp5tGWbj4D8BQyJEAVrAJ7Jh32ahe2u2lSqWWSL+OksHincfBsj5xBwHBEnlqFMDE=
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 11 Feb 2021 16:03:22 GMT
date
Thu, 18 Feb 2021 05:02:08 GMT
strict-transport-security
max-age=31536000;includeSubdomains
content-type
application/javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=900
etag
"73f126d883b13911c201550fb88ee78e"
accept-ranges
bytes
wmjQuery1715.js
cdn.walkme.com/player/resources/ 		94 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/player/resources/wmjQuery1715.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/users/aade1b34b1f04eebac94665f25dad2f2/walkme_aade1b34b1f04eebac94665f25dad2f2_https.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.148.55 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-148-55.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
56c3f4f36d43b9b4331e7e60daf59f0bf314e4e02907983f491bfb7fd205425a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
CI10JaCmn6A7.08RaKtVaHXGG_kcrG0S
content-encoding
gzip
x-content-type-options
nosniff
x-amz-request-id
ECD6F9CB9EE8E0BB
x-amz-replication-status
COMPLETED
vary
Accept-Encoding
content-length
33807
x-amz-id-2
m0OXKWLxE9gWycFNTHj6F46BPA4PjjirU4QJOwgwKlKDdTPLAbuzJzQmsAtMeoB/MvC3i6xBriM=
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 31 Aug 2017 15:41:38 GMT
date
Thu, 18 Feb 2021 05:02:08 GMT
strict-transport-security
max-age=31536000;includeSubdomains
content-type
application/javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=13818796
etag
"6d1f86e0ece9e839680bb3518c93f700"
accept-ranges
bytes
walkme_lib_20210128-085244-bacaa2f9.js
cdn.walkme.com/player/lib/ 		2 MB
473 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/player/lib/walkme_lib_20210128-085244-bacaa2f9.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/users/aade1b34b1f04eebac94665f25dad2f2/walkme_aade1b34b1f04eebac94665f25dad2f2_https.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.148.55 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-148-55.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
923ab554146a7abc1d45e2cbc7e5df7a41da490dd07828defa92c91797a544a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
Hs3P.n7Mu.SNpwvnVMBBbc58Ey9vWrnN
content-encoding
gzip
x-content-type-options
nosniff
x-amz-request-id
E5F9B88BCEABA191
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
vary
Accept-Encoding
content-length
482384
x-amz-id-2
HrydcoErWSVPEj6I9aat2Cz8uRlQhiNww+ssBxmOgtwsrpipTX1q7E0pmIXOOQYpplOfeOnDZdA=
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 31 Jan 2021 06:25:48 GMT
date
Thu, 18 Feb 2021 05:02:08 GMT
strict-transport-security
max-age=31536000;includeSubdomains
content-type
application/javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=30001099
etag
"6d2c5cfc4c8b98afcfbe02f088e6d092"
accept-ranges
bytes
walkme_config_71921f87db714198bd3dcf5c471242f4.js
cdn.walkme.com/users/aade1b34b1f04eebac94665f25dad2f2/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/users/aade1b34b1f04eebac94665f25dad2f2/walkme_config_71921f87db714198bd3dcf5c471242f4.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/users/aade1b34b1f04eebac94665f25dad2f2/walkme_aade1b34b1f04eebac94665f25dad2f2_https.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.148.55 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-148-55.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
93e2dba39fe0918d4ad1739430591e8e994f1e3fea533c00fd6f12c91741b0e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
a2LoLWqiw4MQ0zQsIQPAaa9rIT4pNf5l
content-encoding
gzip
x-content-type-options
nosniff
x-amz-request-id
7EC9A20C451AFBFE
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
vary
Accept-Encoding
content-length
1557
x-amz-id-2
/oK4cmpzreFqSOZfIRJob1yahlx5gJ0+SPjAnq6chtyQbpVsG4vRxNFall+z5jevEHonoO62qzY=
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 11 Feb 2021 16:03:19 GMT
date
Thu, 18 Feb 2021 05:02:09 GMT
strict-transport-security
max-age=31536000;includeSubdomains
content-type
application/javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=30971030
etag
"1192b5afed51037908bdddf8b69ef6cf"
accept-ranges
bytes

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| antiClickjack object| _walkmeConfig string| rootUrl string| enforceSecure string| enforcePath string| language string| sessionCRC string| keepSessionAliveUrl string| keepSessionAliveTimeout string| keepSessionAliveInactivityTimeout string| webPush_ServiceWorkerJsUrl string| webPush_ApplicationServerPublicKey string| webPush_FindDeviceSubscriptionUrl string| webPush_RegisterSubscriptionUrl string| webPush_UnregisterSubscriptionUrl string| webPush_UpdateSubscriptionUrl string| webPush_UserName string| webPush_LoginDate object| DatepickerTexts object| TimepickerTexts object| Texts object| ConfirmTexts object| WalkMeVariables function| $ function| jQuery function| WalkmeSnippet object| _walkmeInternals object| wmSnippet undefined| fixedCallback function| DocumentInitialize function| DocumentInitializeComplete function| PlugginsDefaults function| InitializeControls function| InitializeControlsStart function| InitializeControlsPhase1 function| InitializeControlsPhase2 function| InitializeControlsPhase3 function| InitializeControlsPhase4 function| InitializeControlsPhase5 function| InitializeControlsPhase6 function| InitializeControlsComplete function| InitializeValidator function| ReInitializeControlsBegin function| ReInitializeControlsSucceeded function| ReInitializeControlsFailed function| InitializeDashboard boolean| IsReferencedValidation object| UtilityLibrary object| Loader object| KeepSessionAlive object| ModalDialog object| AnimationStateCookie object| Controls object| ControlsLibrary object| FormsLibrary object| QueryLeave object| Specifics object| WindowObject object| DocumentObject object| BodyObject object| JavascriptObjects object| U4WebPushSubscriptionService function| mtjQuery function| wmjQuery object| _walkmeWebpackJP object| _makeTutorialEv

5 Cookies

Domain/Path Name / Value
payrollstagingweb.ey.com/ Name: MobilePhone
Value: false
payrollstagingweb.ey.com/ Name: __RequestVerificationToken
Value: HggMSB8PVYeshZ0Jcd68JtVKXLW_HbIqTpiYCakUJxATygf6LQNfAAiVKbQeocCse1z3UFngFUH2nHleXZqse6VeaS01
payrollstagingweb.ey.com/ Name: language
Value: nl-NL
payrollstagingweb.ey.com/ Name: restoreFocus
Value: null
payrollstagingweb.ey.com/ Name: .U4OnlineSIDMainVersion
Value: lnti1w50mbzmmigx0dp10tcg

2 Console Messages

Source Level URL
Text
console-api log URL: https://payrollstagingweb.ey.com/bundle/sitescripts?v=G4VeiSwok92Jw8I5KBdrIbENXKtdNlfFkbvzUHXnxGM1(Line 1)
Message:
Promise is supported.
console-api log URL: https://payrollstagingweb.ey.com/bundle/sitescripts?v=G4VeiSwok92Jw8I5KBdrIbENXKtdNlfFkbvzUHXnxGM1(Line 1)
Message:
Push messaging is not supported.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy script-src 'strict-dynamic' 'nonce-EmbdzO/sgBp07sUKRbHR' https://ajax.aspnetcdn.com/ https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://maps.googleapis.com/maps/api/ 'self'; frame-src https://player.vimeo.com/ https://www.google.com/recaptcha/ https://cdn.walkme.com/ https://info.unit4bedrijfssoftware.nl/ https://selfservice.unit4.nl/ 'self'; object-src 'self'
Strict-Transport-Security max-age=604800 max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Frame-Options Deny SAMEORIGIN
X-Xss-Protection 1; mode=block