login-staging.eurostar.com Open in urlscan Pro
35.158.3.54 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://eil-accounts-stg-pr-985.dev.eurostar.com/
Effective URL:
https://login-staging.eurostar.com/login?state=g6Fo2SBwVEN3M1Jma01SWUdsUi1XWHowcWxtS1U1ZklCNXpoOKN0aWTZIDhsUzdmVXR5bksyOGdEZHlITHE1...
Submission: On September 28 via automatic, source certstream-suspicious (September 28th 2020, 10:03:51 am UTC)

Summary HTTP 49 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 12 IPs in 5 countries across 6 domains to perform 49 HTTP transactions. The main IP is 35.158.3.54, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is login-staging.eurostar.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on September 11th 2020. Valid for: 3 months.

This is the only time login-staging.eurostar.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 11	52.17.47.166 52.17.47.166	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:eb:... 2a02:26f0:eb:38e::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a04:4e42:3::621 2a04:4e42:3::621	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6811:4e6b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.111.215.136 104.111.215.136	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.113.106 151.101.113.106	54113 (FASTLY) (FASTLY)
1	104.108.68.187 104.108.68.187	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	35.158.3.54 35.158.3.54	16509 (AMAZON-02) (AMAZON-02)
14	151.101.193.106 151.101.193.106	54113 (FASTLY) (FASTLY)
1	2a04:4e42:600... 2a04:4e42:600::621	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:820::200e	15169 (GOOGLE) (GOOGLE)
49	12

11 52.17.47.166 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-47-166.eu-west-1.compute.amazonaws.com

eil-accounts-stg-pr-985.dev.eurostar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:eb:38e::13b8 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:3::621 (Ascension Island)

ASN54113 (FASTLY, US)

cdn.polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:4e6b (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.215.136 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-136.deploy.static.akamaitechnologies.com

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.113.106 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

staging.eurostar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.108.68.187 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-68-187.deploy.static.akamaitechnologies.com

a8551211269.cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.158.3.54 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-3-54.eu-central-1.compute.amazonaws.com

login-staging.eurostar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 151.101.193.106 (United States)

ASN54113 (FASTLY, US)

static.eurostar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
auth0-static.eurostar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::621 (Ascension Island)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	eurostar.com 2 redirects eil-accounts-stg-pr-985.dev.eurostar.com staging.eurostar.com static.eurostar.com Failed login-staging.eurostar.com auth0-static.eurostar.com	953 KB
3	polyfill.io cdn.polyfill.io polyfill.io	3 KB
2	tiqcdn.com tags.tiqcdn.com	60 KB
2	optimizely.com cdn.optimizely.com a8551211269.cdn.optimizely.com	69 KB
1	google-analytics.com www.google-analytics.com
1	cloudflare.com cdnjs.cloudflare.com	12 KB
49	6

	Domain	Requested by
12	static.eurostar.com	eil-accounts-stg-pr-985.dev.eurostar.com login-staging.eurostar.com
11	eil-accounts-stg-pr-985.dev.eurostar.com	1 redirects eil-accounts-stg-pr-985.dev.eurostar.com
2	auth0-static.eurostar.com	login-staging.eurostar.com
2	login-staging.eurostar.com	1 redirects eil-accounts-stg-pr-985.dev.eurostar.com
2	tags.tiqcdn.com	eil-accounts-stg-pr-985.dev.eurostar.com tags.tiqcdn.com
2	cdn.polyfill.io	eil-accounts-stg-pr-985.dev.eurostar.com
1	www.google-analytics.com	auth0-static.eurostar.com
1	polyfill.io	login-staging.eurostar.com
1	a8551211269.cdn.optimizely.com	cdn.optimizely.com
1	staging.eurostar.com	eil-accounts-stg-pr-985.dev.eurostar.com
1	cdnjs.cloudflare.com	eil-accounts-stg-pr-985.dev.eurostar.com
1	cdn.optimizely.com	eil-accounts-stg-pr-985.dev.eurostar.com
49	12

This site contains links to these domains. Also see Links.

Domain
staging.eurostar.com
accounts-staging.eurostar.com

Subject Issuer	Validity	Valid
eil-accounts-stg-pr-985.dev.eurostar.com Let's Encrypt Authority X3	`2020-09-28` - `2020-12-27`	3 months	crt.sh
cdn.optimizely.com DigiCert SHA2 Secure Server CA	`2020-01-20` - `2021-03-20`	a year	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-09-21` - `2021-04-17`	7 months	crt.sh
cdnjs.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-12` - `2022-08-17`	2 years	crt.sh
*.tiqcdn.com DigiCert SHA2 Secure Server CA	`2020-03-16` - `2021-06-15`	a year	crt.sh
*.eurostar.com DigiCert SHA2 Secure Server CA	`2020-02-12` - `2022-04-22`	2 years	crt.sh
*.cdn.optimizely.com GeoTrust RSA CA 2018	`2020-03-05` - `2021-06-04`	a year	crt.sh
login-staging.eurostar.com Let's Encrypt Authority X3	`2020-09-11` - `2020-12-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://login-staging.eurostar.com/login?state=g6Fo2SBwVEN3M1Jma01SWUdsUi1XWHowcWxtS1U1ZklCNXpoOKN0aWTZIDhsUzdmVXR5bksyOGdEZHlITHE1MWgzU3hxbHpXZ3dHo2NpZNkgNkE2emxYaTQycERXSzJsWUtVZFFyUk1hVWNxVGcxR20&client=6A6zlXi42pDWK2lYKUdQrRMaUcqTg1Gm&protocol=oauth2&response_type=token%20id_token&redirect_uri=https%3A%2F%2Feil-accounts-stg-pr-985.dev.eurostar.com%2Fuk-en%2F&ui_locales=en&connection=Accounts-Service&nonce=Q0_4BxVwxAk7GMUrKw9xPg27t_QZ6.hc&scope=openid%20profile%20email&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xMC4wIn0%3D
Frame ID: 4A8BCD3C202B8BB3DF9C448D9D000EE8
Requests: 48 HTTP requests in this frame

Frame: https://a8551211269.cdn.optimizely.com/client_storage/a8551211269.html
Frame ID: A4FD6AA1925BBA26754615877D5D4AD3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://eil-accounts-stg-pr-985.dev.eurostar.com/ HTTP 307
https://eil-accounts-stg-pr-985.dev.eurostar.com/uk-en Page URL
https://login-staging.eurostar.com/authorize?client_id=6A6zlXi42pDWK2lYKUdQrRMaUcqTg1Gm&response_type=token%20i... HTTP 302
https://login-staging.eurostar.com/login?state=g6Fo2SBwVEN3M1Jma01SWUdsUi1XWHowcWxtS1U1ZklCNXpoOKN0aWTZIDhsUzdm... Page URL

Detected technologies

Erlang (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /^Cowboy$/i

Cowboy (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

headers server /^Cowboy$/i

Page Statistics

49
Requests

71 %
HTTPS

45 %
IPv6

6
Domains

12
Subdomains

12
IPs

5
Countries

1094 kB
Transfer

3299 kB
Size

7
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://staging.eurostar.com/

Search URL Search Domain Scan URL

URL: https://accounts-staging.eurostar.com/uk-en/forgotten-password
Title: Forgotten your password?

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://eil-accounts-stg-pr-985.dev.eurostar.com/ HTTP 307
https://eil-accounts-stg-pr-985.dev.eurostar.com/uk-en Page URL
https://login-staging.eurostar.com/authorize?client_id=6A6zlXi42pDWK2lYKUdQrRMaUcqTg1Gm&response_type=token%20id_token&redirect_uri=https%3A%2F%2Feil-accounts-stg-pr-985.dev.eurostar.com%2Fuk-en%2F&ui_locales=en&state=bpjW2pHcemBKfksitEGIU&connection=Accounts-Service&nonce=Q0_4BxVwxAk7GMUrKw9xPg27t_QZ6.hc&scope=openid%20profile%20email&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xMC4wIn0%3D HTTP 302
https://login-staging.eurostar.com/login?state=g6Fo2SBwVEN3M1Jma01SWUdsUi1XWHowcWxtS1U1ZklCNXpoOKN0aWTZIDhsUzdmVXR5bksyOGdEZHlITHE1MWgzU3hxbHpXZ3dHo2NpZNkgNkE2emxYaTQycERXSzJsWUtVZFFyUk1hVWNxVGcxR20&client=6A6zlXi42pDWK2lYKUdQrRMaUcqTg1Gm&protocol=oauth2&response_type=token%20id_token&redirect_uri=https%3A%2F%2Feil-accounts-stg-pr-985.dev.eurostar.com%2Fuk-en%2F&ui_locales=en&connection=Accounts-Service&nonce=Q0_4BxVwxAk7GMUrKw9xPg27t_QZ6.hc&scope=openid%20profile%20email&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xMC4wIn0%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://eil-accounts-stg-pr-985.dev.eurostar.com/ HTTP 307
https://eil-accounts-stg-pr-985.dev.eurostar.com/uk-en

49 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Cookie set uk-en Show response
eil-accounts-stg-pr-985.dev.eurostar.com/
Redirect Chain

https://eil-accounts-stg-pr-985.dev.eurostar.com/
https://eil-accounts-stg-pr-985.dev.eurostar.com/uk-en

21 KB
22 KB

105ms
105ms

Document
text/html

52.17.47.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eil-accounts-stg-pr-985.dev.eurostar.com/uk-en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.17.47.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-17-47-166.eu-west-1.compute.amazonaws.com

Software

Cowboy /

Resource Hash

fa91ca58010d60f988f3003bf14d5a4957ba1da1f1b549a0d9f068458eab0418

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; frame-src 'self' https: .doubleclick.net; script-src .monetate.net .google.com .facebook.net .googletagmanager.com .google-analytics.com 'self' https: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: .google-analytics.com https:; font-src 'self' .gstatic.com data: .googleapis.com https://static.eurostar.com; style-src 'self' .eurostar.com eurostarhelp.secure.force.com .googleapis.com .gstatic.com *.google.com 'unsafe-inline'; connect-src 'self' https:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Host: eil-accounts-stg-pr-985.dev.eurostar.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: Cowboy
Connection: keep-alive
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin
X-Frame-Options: DENY
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'self' https:; frame-src 'self' https: *.doubleclick.net; script-src *.monetate.net *.google.com *.facebook.net *.googletagmanager.com *.google-analytics.com 'self' https: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com https:; font-src 'self' *.gstatic.com data: *.googleapis.com https://static.eurostar.com; style-src 'self' *.eurostar.com eurostarhelp.secure.force.com *.googleapis.com *.gstatic.com *.google.com 'unsafe-inline'; connect-src 'self' https:
Set-Cookie: _estarCID=ACL-P3AU5-YSRGP; path=/; secure esMarket=uk-en; path=/; secure; httponly
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Mon, 28 Sep 2020 10:03:33 GMT
Etag: W/"5538-174d42ae026"
Content-Type: text/html; charset=UTF-8
Content-Length: 21816
Date: Mon, 28 Sep 2020 10:03:33 GMT
Via: 1.1 vegur

Redirect headers

Server: Cowboy
Connection: keep-alive
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin
X-Frame-Options: DENY
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'self' https:; frame-src 'self' https: *.doubleclick.net; script-src *.monetate.net *.google.com *.facebook.net *.googletagmanager.com *.google-analytics.com 'self' https: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com https:; font-src 'self' *.gstatic.com data: *.googleapis.com https://static.eurostar.com; style-src 'self' *.eurostar.com eurostarhelp.secure.force.com *.googleapis.com *.gstatic.com *.google.com 'unsafe-inline'; connect-src 'self' https:
Location: /uk-en
Vary: Accept
Content-Type: text/html; charset=utf-8
Content-Length: 69
Date: Mon, 28 Sep 2020 10:03:33 GMT
Via: 1.1 vegur

GET
H2 200 11109464064.js Show response
cdn.optimizely.com/js/ 229 KB
69 KB 172ms
156ms Script
text/javascript 2a02:26f0:eb:38e::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/11109464064.js

Requested by

Host: eil-accounts-stg-pr-985.dev.eurostar.com
URL: https://eil-accounts-stg-pr-985.dev.eurostar.com/uk-en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:eb:38e::13b8 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4f04b4763955e708c919426aafb804f077923d20e5a6086e280745541832fbdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://eil-accounts-stg-pr-985.dev.eurostar.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: QNv7UgiQVIifYyylf33174hesGfdl2.c
content-encoding: gzip
etag: "3a799277a4acfeb72f710a709aff1484"
x-amz-request-id: 914E8F914108E059
status: 200
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET, HEAD
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="5";dur=0,cdnip;desc="2a02:26f0:eb:38e::13b8";dur=0,cdnmap;desc="";dur=0,proto;desc="h2";dur=0
vary: Accept-Encoding
content-length: 69697
x-amz-id-2: YswAB/xBott6IRwdwY5U6q+5huJcgoZCS0V0nrUUA0by1AKhbm3BdsGO1xEOTfg3h8b4UsCdGWY=
last-modified: Tue, 01 Oct 2019 16:04:53 GMT
server: AmazonS3
date: Mon, 28 Sep 2020 10:03:34 GMT
access-control-max-age: 86400
strict-transport-security: max-age=15768000
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=900
x-amz-meta-revision: 432
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 polyfill.min.js Show response
cdn.polyfill.io/v2/ 4 KB
1 KB 23ms
7ms Script
text/javascript 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.polyfill.io/v2/polyfill.min.js?features=es6,URL,Object.values,Array.prototype.includes,Intl.~locale.en,Intl.~locale.fr,Intl.~locale.nl,HTMLPictureElement

Requested by

Host: eil-accounts-stg-pr-985.dev.eurostar.com
URL: https://eil-accounts-stg-pr-985.dev.eurostar.com/uk-en

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e8af73fa4560eec175777bb3599db76a417328e8b6a2efecb9f6c1629c7dc67b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://eil-accounts-stg-pr-985.dev.eurostar.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 11547410
detected-user-agent: Chrome/83.0.4103
status: 200
request_came_from_shield: FRA
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT-CLUSTER, fastly;desc="Edge time";dur=2
content-length: 926
referrer-policy: origin-when-cross-origin
last-modified: Sun, 17 May 2020 18:03:55 GMT
date: Mon, 28 Sep 2020 10:03:33 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/83.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK vendors.6a3f1ba3.css
eil-accounts-stg-pr-985.dev.eurostar.com/static/css/ 71 KB
11 KB 80ms
78ms Stylesheet
text/css 52.17.47.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eil-accounts-stg-pr-985.dev.eurostar.com/static/css/vendors.6a3f1ba3.css

Requested by

Host: eil-accounts-stg-pr-985.dev.eurostar.com
URL: https://eil-accounts-stg-pr-985.dev.eurostar.com/uk-en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.17.47.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-17-47-166.eu-west-1.compute.amazonaws.com

Software

Cowboy /

Resource Hash

2d956f7a62daaf3ffaad9181be9fcbdf33c1e9d20d1221419d0d9f9fcaf3cb48

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; frame-src 'self' https: .doubleclick.net; script-src .monetate.net .google.com .facebook.net .googletagmanager.com .google-analytics.com 'self' https: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: .google-analytics.com https:; font-src 'self' .gstatic.com data: .googleapis.com https://static.eurostar.com; style-src 'self' .eurostar.com eurostarhelp.secure.force.com .googleapis.com .gstatic.com *.google.com 'unsafe-inline'; connect-src 'self' https:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eil-accounts-stg-pr-985.dev.eurostar.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: br
Etag: W/"2718-174d426a6e8"
Connection: keep-alive
Content-Length: 10008
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Mon, 28 Sep 2020 09:58:57 GMT
Server: Cowboy
X-Frame-Options: DENY
Date: Mon, 28 Sep 2020 10:03:33 GMT
Vary: Accept-Encoding
Content-Type: text/css; charset=UTF-8
Via: 1.1 vegur
Cache-Control: public, max-age=0
Content-Security-Policy: default-src 'self' https:; frame-src 'self' https: *.doubleclick.net; script-src *.monetate.net *.google.com *.facebook.net *.googletagmanager.com *.google-analytics.com 'self' https: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com https:; font-src 'self' *.gstatic.com data: *.googleapis.com https://static.eurostar.com; style-src 'self' *.eurostar.com eurostarhelp.secure.force.com *.googleapis.com *.gstatic.com *.google.com 'unsafe-inline'; connect-src 'self' https:
Accept-Ranges: bytes
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK app.0b0a63a1.css
eil-accounts-stg-pr-985.dev.eurostar.com/static/css/ 160 KB
20 KB 163ms
82ms Stylesheet
text/css 52.17.47.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eil-accounts-stg-pr-985.dev.eurostar.com/static/css/app.0b0a63a1.css

Requested by

Host: eil-accounts-stg-pr-985.dev.eurostar.com
URL: https://eil-accounts-stg-pr-985.dev.eurostar.com/uk-en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.17.47.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-17-47-166.eu-west-1.compute.amazonaws.com

Software

Cowboy /

Resource Hash

1a3a366b0f241c4c8c3a9da7e525d5c2a149c955c809cdf4cfc902d98d290add

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; frame-src 'self' https: .doubleclick.net; script-src .monetate.net .google.com .facebook.net .googletagmanager.com .google-analytics.com 'self' https: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: .google-analytics.com https:; font-src 'self' .gstatic.com data: .googleapis.com https://static.eurostar.com; style-src 'self' .eurostar.com eurostarhelp.secure.force.com .googleapis.com .gstatic.com *.google.com 'unsafe-inline'; connect-src 'self' https:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eil-accounts-stg-pr-985.dev.eurostar.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: br
Etag: W/"4be5-174d426a6e8"
Connection: keep-alive
Content-Length: 19429
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Mon, 28 Sep 2020 09:58:57 GMT
Server: Cowboy
X-Frame-Options: DENY
Date: Mon, 28 Sep 2020 10:03:33 GMT
Vary: Accept-Encoding
Content-Type: text/css; charset=UTF-8
Via: 1.1 vegur
Cache-Control: public, max-age=0
Content-Security-Policy: default-src 'self' https:; frame-src 'self' https: *.doubleclick.net; script-src *.monetate.net *.google.com *.facebook.net *.googletagmanager.com *.google-analytics.com 'self' https: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com https:; font-src 'self' *.gstatic.com data: *.googleapis.com https://static.eurostar.com; style-src 'self' *.eurostar.com eurostarhelp.secure.force.com *.googleapis.com *.gstatic.com *.google.com 'unsafe-inline'; connect-src 'self' https:
Accept-Ranges: bytes
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK runtime-polyfills.c5e8b9b7.js Show response
eil-accounts-stg-pr-985.dev.eurostar.com/static/js/ 2 KB
3 KB 217ms
74ms Script
application/javascript 52.17.47.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eil-accounts-stg-pr-985.dev.eurostar.com/static/js/runtime-polyfills.c5e8b9b7.js

Requested by

Host: eil-accounts-stg-pr-985.dev.eurostar.com
URL: https://eil-accounts-stg-pr-985.dev.eurostar.com/uk-en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.17.47.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-17-47-166.eu-west-1.compute.amazonaws.com

Software

Cowboy /

Resource Hash

71c4d63c8d18737af49f68503255868d882215ca137f719355a740ff4590405e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; frame-src 'self' https: .doubleclick.net; script-src .monetate.net .google.com .facebook.net .googletagmanager.com .google-analytics.com 'self' https: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: .google-analytics.com https:; font-src 'self' .gstatic.com data: .googleapis.com https://static.eurostar.com; style-src 'self' .eurostar.com eurostarhelp.secure.force.com .googleapis.com .gstatic.com *.google.com 'unsafe-inline'; connect-src 'self' https:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eil-accounts-stg-pr-985.dev.eurostar.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Via: 1.1 vegur
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 1550
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Mon, 28 Sep 2020 09:58:57 GMT
Server: Cowboy
Date: Mon, 28 Sep 2020 10:03:34 GMT
X-Frame-Options: DENY
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=0
Etag: W/"60e-174d426a6e8"
Content-Security-Policy: default-src 'self' https:; frame-src 'self' https: *.doubleclick.net; script-src *.monetate.net *.google.com *.facebook.net *.googletagmanager.com *.google-analytics.com 'self' https: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com https:; font-src 'self' *.gstatic.com data: *.googleapis.com https://static.eurostar.com; style-src 'self' *.eurostar.com eurostarhelp.secure.force.com *.googleapis.com *.gstatic.com *.google.com 'unsafe-inline'; connect-src 'self' https:
Accept-Ranges: bytes

GET
H/1.1 200
OK polyfills.8da331e6.chunk.js Show response
eil-accounts-stg-pr-985.dev.eurostar.com/static/js/ 410 B
1 KB 218ms
74ms Script
application/javascript 52.17.47.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eil-accounts-stg-pr-985.dev.eurostar.com/static/js/polyfills.8da331e6.chunk.js

Requested by

Host: eil-accounts-stg-pr-985.dev.eurostar.com
URL: https://eil-accounts-stg-pr-985.dev.eurostar.com/uk-en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.17.47.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-17-47-166.eu-west-1.compute.amazonaws.com

Software

Cowboy /

Resource Hash

9871308cc9e50fc3bc35dbec6df708ae129ebbf5833ee3e359d41edad9700cbe

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; frame-src 'self' https: .doubleclick.net; script-src .monetate.net .google.com .facebook.net .googletagmanager.com .google-analytics.com 'self' https: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: .google-analytics.com https:; font-src 'self' .gstatic.com data: .googleapis.com https://static.eurostar.com; style-src 'self' .eurostar.com eurostarhelp.secure.force.com .googleapis.com .gstatic.com *.google.com 'unsafe-inline'; connect-src 'self' https:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eil-accounts-stg-pr-985.dev.eurostar.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Via: 1.1 vegur
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 410
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Mon, 28 Sep 2020 09:58:57 GMT
Server: Cowboy
Date: Mon, 28 Sep 2020 10:03:34 GMT
X-Frame-Options: DENY
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=0
Etag: W/"19a-174d426a6e8"
Content-Security-Policy: default-src 'self' https:; frame-src 'self' https: *.doubleclick.net; script-src *.monetate.net *.google.com *.facebook.net *.googletagmanager.com *.google-analytics.com 'self' https: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com https:; font-src 'self' *.gstatic.com data: *.googleapis.com https://static.eurostar.com; style-src 'self' *.eurostar.com eurostarhelp.secure.force.com *.googleapis.com *.gstatic.com *.google.com 'unsafe-inline'; connect-src 'self' https:
Accept-Ranges: bytes

GET
H/1.1 200
OK runtime-app.a130bdbc.js Show response
eil-accounts-stg-pr-985.dev.eurostar.com/static/js/ 2 KB
3 KB 219ms
75ms Script
application/javascript 52.17.47.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eil-accounts-stg-pr-985.dev.eurostar.com/static/js/runtime-app.a130bdbc.js

Requested by

Host: eil-accounts-stg-pr-985.dev.eurostar.com
URL: https://eil-accounts-stg-pr-985.dev.eurostar.com/uk-en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.17.47.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-17-47-166.eu-west-1.compute.amazonaws.com

Software

Cowboy /

Resource Hash

3d3d5c0cdadd590873d7bdf7fe2c6c83a396835afb00cb29b5d8bb7b585660ac

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; frame-src 'self' https: .doubleclick.net; script-src .monetate.net .google.com .facebook.net .googletagmanager.com .google-analytics.com 'self' https: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: .google-analytics.com https:; font-src 'self' .gstatic.com data: .googleapis.com https://static.eurostar.com; style-src 'self' .eurostar.com eurostarhelp.secure.force.com .googleapis.com .gstatic.com *.google.com 'unsafe-inline'; connect-src 'self' https:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eil-accounts-stg-pr-985.dev.eurostar.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Via: 1.1 vegur
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 2411
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Mon, 28 Sep 2020 09:58:57 GMT
Server: Cowboy
Date: Mon, 28 Sep 2020 10:03:34 GMT
X-Frame-Options: DENY
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=0
Etag: W/"96b-174d426a6e8"
Content-Security-Policy: default-src 'self' https:; frame-src 'self' https: *.doubleclick.net; script-src *.monetate.net *.google.com *.facebook.net *.googletagmanager.com *.google-analytics.com 'self' https: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com https:; font-src 'self' *.gstatic.com data: *.googleapis.com https://static.eurostar.com; style-src 'self' *.eurostar.com eurostarhelp.secure.force.com *.googleapis.com *.gstatic.com *.google.com 'unsafe-inline'; connect-src 'self' https:
Accept-Ranges: bytes

GET
H/1.1 200
OK vendors.d348e24b.chunk.js Show response
eil-accounts-stg-pr-985.dev.eurostar.com/static/js/ 777 KB
181 KB 241ms
82ms Script
application/javascript 52.17.47.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eil-accounts-stg-pr-985.dev.eurostar.com/static/js/vendors.d348e24b.chunk.js

Requested by

Host: eil-accounts-stg-pr-985.dev.eurostar.com
URL: https://eil-accounts-stg-pr-985.dev.eurostar.com/uk-en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.17.47.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-17-47-166.eu-west-1.compute.amazonaws.com

Software

Cowboy /

Resource Hash

770180c7fee0aef1f0401e2d13a5bbf8258125c6b9206abf0f90285561227374

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; frame-src 'self' https: .doubleclick.net; script-src .monetate.net .google.com .facebook.net .googletagmanager.com .google-analytics.com 'self' https: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: .google-analytics.com https:; font-src 'self' .gstatic.com data: .googleapis.com https://static.eurostar.com; style-src 'self' .eurostar.com eurostarhelp.secure.force.com .googleapis.com .gstatic.com *.google.com 'unsafe-inline'; connect-src 'self' https:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eil-accounts-stg-pr-985.dev.eurostar.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: br
Etag: W/"2ceb0-174d426a6e8"
Connection: keep-alive
Content-Length: 183984
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Mon, 28 Sep 2020 09:58:57 GMT
Server: Cowboy
X-Frame-Options: DENY
Date: Mon, 28 Sep 2020 10:03:34 GMT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Via: 1.1 vegur
Cache-Control: public, max-age=0
Content-Security-Policy: default-src 'self' https:; frame-src 'self' https: *.doubleclick.net; script-src *.monetate.net *.google.com *.facebook.net *.googletagmanager.com *.google-analytics.com 'self' https: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com https:; font-src 'self' *.gstatic.com data: *.googleapis.com https://static.eurostar.com; style-src 'self' *.eurostar.com eurostarhelp.secure.force.com *.googleapis.com *.gstatic.com *.google.com 'unsafe-inline'; connect-src 'self' https:
Accept-Ranges: bytes
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK app.5038b329.chunk.js Show response
eil-accounts-stg-pr-985.dev.eurostar.com/static/js/ 384 KB
59 KB 289ms
122ms Script
application/javascript 52.17.47.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eil-accounts-stg-pr-985.dev.eurostar.com/static/js/app.5038b329.chunk.js

Requested by

Host: eil-accounts-stg-pr-985.dev.eurostar.com
URL: https://eil-accounts-stg-pr-985.dev.eurostar.com/uk-en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.17.47.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-17-47-166.eu-west-1.compute.amazonaws.com

Software

Cowboy /

Resource Hash

735d9f1b6c01b7ed9b8fda142956f0fcc277bb5e5a21badd18ac9cef45f9421f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; frame-src 'self' https: .doubleclick.net; script-src .monetate.net .google.com .facebook.net .googletagmanager.com .google-analytics.com 'self' https: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: .google-analytics.com https:; font-src 'self' .gstatic.com data: .googleapis.com https://static.eurostar.com; style-src 'self' .eurostar.com eurostarhelp.secure.force.com .googleapis.com .gstatic.com *.google.com 'unsafe-inline'; connect-src 'self' https:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eil-accounts-stg-pr-985.dev.eurostar.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: br
Etag: W/"e6e5-174d426a6e8"
Connection: keep-alive
Content-Length: 59109
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Mon, 28 Sep 2020 09:58:57 GMT
Server: Cowboy
X-Frame-Options: DENY
Date: Mon, 28 Sep 2020 10:03:34 GMT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Via: 1.1 vegur
Cache-Control: public, max-age=0
Content-Security-Policy: default-src 'self' https:; frame-src 'self' https: *.doubleclick.net; script-src *.monetate.net *.google.com *.facebook.net *.googletagmanager.com *.google-analytics.com 'self' https: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com https:; font-src 'self' *.gstatic.com data: *.googleapis.com https://static.eurostar.com; style-src 'self' *.eurostar.com eurostarhelp.secure.force.com *.googleapis.com *.gstatic.com *.google.com 'unsafe-inline'; connect-src 'self' https:
Accept-Ranges: bytes
X-Content-Type-Options: nosniff

GET
H2 200 rollbar.min.js Show response
cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.0.1/ 38 KB
12 KB 27ms
13ms Script
application/javascript 2606:4700::6811:4e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.0.1/rollbar.min.js

Requested by

Host: eil-accounts-stg-pr-985.dev.eurostar.com
URL: https://eil-accounts-stg-pr-985.dev.eurostar.com/uk-en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4e6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d429a20b4686e7341900cacb0e4a41310f6f724bc3ee9b4cb6f9051de9bad8b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Origin: https://eil-accounts-stg-pr-985.dev.eurostar.com
Referer: https://eil-accounts-stg-pr-985.dev.eurostar.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Sep 2020 10:03:34 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 982034
x-via: cfworker/kv
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11397
cf-request-id: 0575c3fa8a0000178246b0e200000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:00 GMT
server: cloudflare
etag: "5eb03fc0-976c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5d9ca2a41cc31782-FRA
expires: Sat, 18 Sep 2021 10:03:34 GMT

GET
H2 200 utag.js
tags.tiqcdn.com/utag/eurostar/accounts/qa/ 284 KB
60 KB 341ms
219ms Script
application/x-javascript 104.111.215.136
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/eurostar/accounts/qa/utag.js
Requested by: Host: eil-accounts-stg-pr-985.dev.eurostar.com
URL: https://eil-accounts-stg-pr-985.dev.eurostar.com/uk-en
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.215.136 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-136.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

Referer: https://eil-accounts-stg-pr-985.dev.eurostar.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Sep 2020 10:03:34 GMT
content-encoding: gzip
last-modified: Fri, 25 Sep 2020 11:18:30 GMT
server: AkamaiNetStorage
etag: "aa1d854796e2382b0dafe978b81ae222:1601032710.193511"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=300
accept-ranges: bytes
expires: Mon, 28 Sep 2020 10:08:34 GMT

GET
H2 200 cookie-banner.js Show response
staging.eurostar.com/static/ 26 KB
12 KB 174ms
57ms Script
application/javascript 151.101.113.106
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://staging.eurostar.com/static/cookie-banner.js?language=en

Requested by

Host: eil-accounts-stg-pr-985.dev.eurostar.com
URL: https://eil-accounts-stg-pr-985.dev.eurostar.com/uk-en

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.106 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b57aaf4703f60adb5be9762a21f2c8e9e29b84579f1bfa560f60ee2f12b0e0b3

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' data: blob: https: 'unsafe-inline' 'unsafe-eval' .eurostar.com scripts-staging.eurostar.tech analytics.twitter.com bat.bing.com beacon.krxd.net cdn.kommunicate.io cdn.applozic.com cdn.krxd.net connect.facebook.net consumer.krxd.net eus.cdn-v3.conductrics.com googleads.g.doubleclick.net polyfill.io rules.quantcount.com s.yimg.com sc-static.net secure.quantserve.com sp.analytics.yahoo.com static.ads-twitter.com tag.yieldoptimizer.com tags.tiqcdn.com visitor-service-eu-west-1.tealiumiq.com w.usabilla.com widget.kommunicate.io www.google-analytics.com www.googletagmanager.com pagead2.googlesyndication.com www.googletagservices.com ad.doubleclick.net www.paypal.com www.googleadservices.com maps.googleapis.com apply.workable.com snap.licdn.com; connect-src 'self' https: .eurostar.com bat.bing.com collect-eu-west-1.tealiumiq.com c.contentsquare.net www.google-analytics.com cdn.kommunicate.io api.kommunicate.io chat.kommunicate.io www.paypal.com googleads4.g.doubleclick.net api.rollbar.com www.facebook.com r.contentsquare.net bots.applozic.com stats.g.doubleclick.net wss://socket5.applozic.com wss://socket.applozic.com:80 adservice.google.com pagead2.googlesyndication.com jslog.krxd.net t.co beacon.krxd.net www.bing.com pubads.g.doubleclick.net; report-uri https://endpoint1.collection.eu.sumologic.com/receiver/v1/http/ZaVnC4dhaV3WAq4FBpvzaYUfonZBSBawmz-eGCj6ZSv4OwYu77fihhHNVHx_Oon1hGsmc7qmN8MMVchKeUM3VpYcrqcvHj9kc5D3pHBvbMUEOs_QrcEQiQ==
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eil-accounts-stg-pr-985.dev.eurostar.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Sep 2020 10:03:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 274146
content-security-policy-report-only: default-src * data: blob: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' data: blob: https: 'unsafe-inline' 'unsafe-eval' *.eurostar.com scripts-staging.eurostar.tech analytics.twitter.com bat.bing.com beacon.krxd.net cdn.kommunicate.io cdn.applozic.com cdn.krxd.net connect.facebook.net consumer.krxd.net eus.cdn-v3.conductrics.com googleads.g.doubleclick.net polyfill.io rules.quantcount.com s.yimg.com sc-static.net secure.quantserve.com sp.analytics.yahoo.com static.ads-twitter.com tag.yieldoptimizer.com tags.tiqcdn.com visitor-service-eu-west-1.tealiumiq.com w.usabilla.com widget.kommunicate.io www.google-analytics.com www.googletagmanager.com pagead2.googlesyndication.com www.googletagservices.com ad.doubleclick.net www.paypal.com www.googleadservices.com maps.googleapis.com apply.workable.com snap.licdn.com; connect-src 'self' https: *.eurostar.com bat.bing.com collect-eu-west-1.tealiumiq.com c.contentsquare.net www.google-analytics.com cdn.kommunicate.io api.kommunicate.io chat.kommunicate.io www.paypal.com googleads4.g.doubleclick.net api.rollbar.com www.facebook.com r.contentsquare.net bots.applozic.com stats.g.doubleclick.net wss://socket5.applozic.com wss://socket.applozic.com:80 adservice.google.com pagead2.googlesyndication.com jslog.krxd.net t.co beacon.krxd.net www.bing.com pubads.g.doubleclick.net; report-uri https://endpoint1.collection.eu.sumologic.com/receiver/v1/http/ZaVnC4dhaV3lVpT9MVI8fVx6BQNBPjIqYg2w8Ut1HFnEA8yN8jIj3mxsWcuP_cX2PA1-usuuHgiWdvqPmG1CkYL1Z4GyPkf6UFO3d011iYlXG7TcdBeslg==
x-cache: HIT
status: 200
vary: Accept-Encoding
content-length: 9690
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4069-HHN
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 08 Sep 2020 07:51:57 GMT
x-frame-options: SAMEORIGIN
etag: W/"692b-1746cb33148"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=604800
content-security-policy: default-src * data: blob: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' data: blob: https: 'unsafe-inline' 'unsafe-eval' *.eurostar.com scripts-staging.eurostar.tech analytics.twitter.com bat.bing.com beacon.krxd.net cdn.kommunicate.io cdn.applozic.com cdn.krxd.net connect.facebook.net consumer.krxd.net eus.cdn-v3.conductrics.com googleads.g.doubleclick.net polyfill.io rules.quantcount.com s.yimg.com sc-static.net secure.quantserve.com sp.analytics.yahoo.com static.ads-twitter.com tag.yieldoptimizer.com tags.tiqcdn.com visitor-service-eu-west-1.tealiumiq.com w.usabilla.com widget.kommunicate.io www.google-analytics.com www.googletagmanager.com pagead2.googlesyndication.com www.googletagservices.com ad.doubleclick.net www.paypal.com www.googleadservices.com maps.googleapis.com apply.workable.com snap.licdn.com; connect-src 'self' https: *.eurostar.com bat.bing.com collect-eu-west-1.tealiumiq.com c.contentsquare.net www.google-analytics.com cdn.kommunicate.io api.kommunicate.io chat.kommunicate.io www.paypal.com googleads4.g.doubleclick.net api.rollbar.com www.facebook.com r.contentsquare.net bots.applozic.com stats.g.doubleclick.net wss://socket5.applozic.com wss://socket.applozic.com:80 adservice.google.com pagead2.googlesyndication.com jslog.krxd.net t.co beacon.krxd.net www.bing.com pubads.g.doubleclick.net; report-uri https://endpoint1.collection.eu.sumologic.com/receiver/v1/http/ZaVnC4dhaV3WAq4FBpvzaYUfonZBSBawmz-eGCj6ZSv4OwYu77fihhHNVHx_Oon1hGsmc7qmN8MMVchKeUM3VpYcrqcvHj9kc5D3pHBvbMUEOs_QrcEQiQ==
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 polyfill.min.js
cdn.polyfill.io/v2/ 4 KB
1 KB 7ms
6ms Other
text/javascript 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.polyfill.io/v2/polyfill.min.js?features=es6,URL,Object.values,Array.prototype.includes,Intl.~locale.en,Intl.~locale.fr,Intl.~locale.nl,HTMLPictureElement

Requested by

Host: eil-accounts-stg-pr-985.dev.eurostar.com
URL: https://eil-accounts-stg-pr-985.dev.eurostar.com/uk-en

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e8af73fa4560eec175777bb3599db76a417328e8b6a2efecb9f6c1629c7dc67b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://eil-accounts-stg-pr-985.dev.eurostar.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 11547411
detected-user-agent: Chrome/83.0.4103
status: 200
request_came_from_shield: FRA
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT, fastly;desc="Edge time";dur=1
content-length: 926
referrer-policy: origin-when-cross-origin
last-modified: Sun, 17 May 2020 18:03:55 GMT
date: Mon, 28 Sep 2020 10:03:34 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/83.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 a8551211269.html
a8551211269.cdn.optimizely.com/client_storage/ Frame A4FD 0
0 282ms
168ms Document
text/html 104.108.68.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://a8551211269.cdn.optimizely.com/client_storage/a8551211269.html

Requested by

Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/11109464064.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.108.68.187 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-108-68-187.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

:method: GET
:authority: a8551211269.cdn.optimizely.com
:scheme: https
:path: /client_storage/a8551211269.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://eil-accounts-stg-pr-985.dev.eurostar.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://eil-accounts-stg-pr-985.dev.eurostar.com/

Response headers

status: 200
x-amz-id-2: zXLraomMmIN9X6knMOCgjITlze4Ueh4zQLRycTfrWtoQJtKuvhvvtSzktm/ddL6d5hKkg8yuNU0=
x-amz-request-id: 7G3KAK0QBQ4G2RAG
x-amz-replication-status: COMPLETED
last-modified: Tue, 01 Oct 2019 16:05:53 GMT
etag: "ac2150d543c4bd75832fcca896555eb4"
x-amz-meta-pci_enabled: False
content-encoding: gzip
x-amz-version-id: 7ddQ6NEfnp.Bczh9k3nr.oYFLXwzbaUP
accept-ranges: bytes
content-type: text/html; charset=utf-8
content-length: 754
server: AmazonS3
vary: Accept-Encoding
cache-control: max-age=120
date: Mon, 28 Sep 2020 10:03:34 GMT
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="14";dur=0,cdnip;desc="104.108.68.187";dur=0,cdnmap;desc="a4343.x.akamaiedge.net";dur=0,proto;desc="h2";dur=0
strict-transport-security: max-age=15768000

GET
H/1.1 200
OK 0.c084d01f.chunk.js Show response
eil-accounts-stg-pr-985.dev.eurostar.com/static/js/ 29 KB
6 KB 80ms
79ms Script
application/javascript 52.17.47.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eil-accounts-stg-pr-985.dev.eurostar.com/static/js/0.c084d01f.chunk.js

Requested by

Host: eil-accounts-stg-pr-985.dev.eurostar.com
URL: https://eil-accounts-stg-pr-985.dev.eurostar.com/static/js/runtime-app.a130bdbc.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.17.47.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-17-47-166.eu-west-1.compute.amazonaws.com

Software

Cowboy /

Resource Hash

0e5bcdd6d1d13af5d577db9a561442f78124841bc49819a1bc67335dda2d3a51

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; frame-src 'self' https: .doubleclick.net; script-src .monetate.net .google.com .facebook.net .googletagmanager.com .google-analytics.com 'self' https: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: .google-analytics.com https:; font-src 'self' .gstatic.com data: .googleapis.com https://static.eurostar.com; style-src 'self' .eurostar.com eurostarhelp.secure.force.com .googleapis.com .gstatic.com *.google.com 'unsafe-inline'; connect-src 'self' https:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eil-accounts-stg-pr-985.dev.eurostar.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: br
Etag: W/"126d-174d426a6e8"
Connection: keep-alive
Content-Length: 4717
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Mon, 28 Sep 2020 09:58:57 GMT
Server: Cowboy
X-Frame-Options: DENY
Date: Mon, 28 Sep 2020 10:03:34 GMT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Via: 1.1 vegur
Cache-Control: public, max-age=0
Content-Security-Policy: default-src 'self' https:; frame-src 'self' https: *.doubleclick.net; script-src *.monetate.net *.google.com *.facebook.net *.googletagmanager.com *.google-analytics.com 'self' https: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com https:; font-src 'self' *.gstatic.com data: *.googleapis.com https://static.eurostar.com; style-src 'self' *.eurostar.com eurostarhelp.secure.force.com *.googleapis.com *.gstatic.com *.google.com 'unsafe-inline'; connect-src 'self' https:
Accept-Ranges: bytes
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK 10.adb6bdfc.chunk.js Show response
eil-accounts-stg-pr-985.dev.eurostar.com/static/js/ 42 KB
9 KB 82ms
81ms Script
application/javascript 52.17.47.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eil-accounts-stg-pr-985.dev.eurostar.com/static/js/10.adb6bdfc.chunk.js

Requested by

Host: eil-accounts-stg-pr-985.dev.eurostar.com
URL: https://eil-accounts-stg-pr-985.dev.eurostar.com/static/js/runtime-app.a130bdbc.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.17.47.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-17-47-166.eu-west-1.compute.amazonaws.com

Software

Cowboy /

Resource Hash

0bf54566150f774c6ddc29ca635b7d2f30a5f6ac8c073a701ba6933d71cbd0e0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https:; frame-src 'self' https: .doubleclick.net; script-src .monetate.net .google.com .facebook.net .googletagmanager.com .google-analytics.com 'self' https: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: .google-analytics.com https:; font-src 'self' .gstatic.com data: .googleapis.com https://static.eurostar.com; style-src 'self' .eurostar.com eurostarhelp.secure.force.com .googleapis.com .gstatic.com *.google.com 'unsafe-inline'; connect-src 'self' https:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eil-accounts-stg-pr-985.dev.eurostar.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: br
Etag: W/"20cc-174d426a6e8"
Connection: keep-alive
Content-Length: 8396
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Mon, 28 Sep 2020 09:58:57 GMT
Server: Cowboy
X-Frame-Options: DENY
Date: Mon, 28 Sep 2020 10:03:34 GMT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Via: 1.1 vegur
Cache-Control: public, max-age=0
Content-Security-Policy: default-src 'self' https:; frame-src 'self' https: *.doubleclick.net; script-src *.monetate.net *.google.com *.facebook.net *.googletagmanager.com *.google-analytics.com 'self' https: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com https:; font-src 'self' *.gstatic.com data: *.googleapis.com https://static.eurostar.com; style-src 'self' *.eurostar.com eurostarhelp.secure.force.com *.googleapis.com *.gstatic.com *.google.com 'unsafe-inline'; connect-src 'self' https:
Accept-Ranges: bytes
X-Content-Type-Options: nosniff

GET icons_v1.3.9.svg
static.eurostar.com/shared/iconography/ 0
0

GET
H/1.1

200
OK

Primary Request login Show response
login-staging.eurostar.com/
Redirect Chain

https://login-staging.eurostar.com/authorize?client_id=6A6zlXi42pDWK2lYKUdQrRMaUcqTg1Gm&response_type=token%20id_token&redirect_uri=https%3A%2F%2Feil-accounts-stg-pr-985.dev.eurostar.com%2Fuk-en%2F...
https://login-staging.eurostar.com/login?state=g6Fo2SBwVEN3M1Jma01SWUdsUi1XWHowcWxtS1U1ZklCNXpoOKN0aWTZIDhsUzdmVXR5bksyOGdEZHlITHE1MWgzU3hxbHpXZ3dHo2NpZNkgNkE2emxYaTQycERXSzJsWUtVZFFyUk1hVWNxVGcxR2...

3 KB
3 KB

75ms
74ms

Document
text/html

35.158.3.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login-staging.eurostar.com/login?state=g6Fo2SBwVEN3M1Jma01SWUdsUi1XWHowcWxtS1U1ZklCNXpoOKN0aWTZIDhsUzdmVXR5bksyOGdEZHlITHE1MWgzU3hxbHpXZ3dHo2NpZNkgNkE2emxYaTQycERXSzJsWUtVZFFyUk1hVWNxVGcxR20&client=6A6zlXi42pDWK2lYKUdQrRMaUcqTg1Gm&protocol=oauth2&response_type=token%20id_token&redirect_uri=https%3A%2F%2Feil-accounts-stg-pr-985.dev.eurostar.com%2Fuk-en%2F&ui_locales=en&connection=Accounts-Service&nonce=Q0_4BxVwxAk7GMUrKw9xPg27t_QZ6.hc&scope=openid%20profile%20email&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xMC4wIn0%3D

Requested by

Host: eil-accounts-stg-pr-985.dev.eurostar.com
URL: https://eil-accounts-stg-pr-985.dev.eurostar.com/static/js/vendors.d348e24b.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.158.3.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-158-3-54.eu-central-1.compute.amazonaws.com

Software

openresty /

Resource Hash

dc982d96fd2b1c3d6487af373d1279b3c2ac3bcebbe05fad821dd417ffa84c80

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Host: login-staging.eurostar.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://eil-accounts-stg-pr-985.dev.eurostar.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: optimizelyEndUserId=oeu1601287414370r0.31574413767048637; OPTOUTMULTI=0:0%7Cc4:0%7Cc3:0%7Cc2:0; utag_main=v_id:0174d42ae42c0016ae030a58963200078003f07000b08$_sn:1$_se:1$_ss:1$_st:1601289214830$ses_id:1601287414830%3Bexp-session$_pn:1%3Bexp-session; did=s%3Av0%3Adeebf530-0171-11eb-85d7-cbc35107ff66.P5%2BwpszWM2Hc9DFMs%2BrRHL16%2BuOIhTVRWsEZei7jW5w; auth0=s%3AgjWus0edKDhq1KUrV82rnTAqiexkEexD.738r3WKDwU%2FSgoh8SH0z%2BG4wrbqHuY6NqLjKI%2BPKtDk; did_compat=s%3Av0%3Adeebf530-0171-11eb-85d7-cbc35107ff66.P5%2BwpszWM2Hc9DFMs%2BrRHL16%2BuOIhTVRWsEZei7jW5w; auth0_compat=s%3AgjWus0edKDhq1KUrV82rnTAqiexkEexD.738r3WKDwU%2FSgoh8SH0z%2BG4wrbqHuY6NqLjKI%2BPKtDk
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://eil-accounts-stg-pr-985.dev.eurostar.com/uk-en/overview

Response headers

Server: openresty
Date: Mon, 28 Sep 2020 10:03:34 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ot-tracer-spanid: 5cdbef96777e9bc6
ot-tracer-traceid: 5e3bb0fe40f3932c
ot-tracer-sampled: true
ot-baggage-auth0-request-id: 12165-1601287414.908-185.156.175.107-1796-332496389-2-0.000
X-Auth0-RequestId: e1c3aac6754c740ce9b9
X-RateLimit-Limit: 1000
X-RateLimit-Remaining: 999
X-RateLimit-Reset: 1601287415
set-cookie: _csrf=_m3Zd6s2Y5FFuhpFF0yEPtj4; Max-Age=864000; Path=/usernamepassword/login; HttpOnly; Secure
X-Robots-Tag: noindex, nofollow
X-Frame-Options: deny
Content-Security-Policy: frame-ancestors 'none'
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
ETag: W/"cf8-E9dmCDclWHyWrkou0f8frFUeKcs"
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-transform
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000

Redirect headers

Server: openresty
Date: Mon, 28 Sep 2020 10:03:34 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 1134
Connection: keep-alive
ot-tracer-spanid: 06908f8000a8b8c2
ot-tracer-traceid: 198b93be670ba74e
ot-tracer-sampled: true
ot-baggage-auth0-request-id: 12165-1601287414.773-185.156.175.107-1062-332496389-1-0.000
X-Auth0-RequestId: 3c82ac175516ca1aa677
Set-Cookie: did=s%3Av0%3Adeebf530-0171-11eb-85d7-cbc35107ff66.P5%2BwpszWM2Hc9DFMs%2BrRHL16%2BuOIhTVRWsEZei7jW5w; Max-Age=31557600; Path=/; Expires=Tue, 28 Sep 2021 16:03:34 GMT; HttpOnly; Secure; SameSite=None auth0=s%3AgjWus0edKDhq1KUrV82rnTAqiexkEexD.738r3WKDwU%2FSgoh8SH0z%2BG4wrbqHuY6NqLjKI%2BPKtDk; Path=/; Expires=Thu, 01 Oct 2020 10:03:34 GMT; HttpOnly; Secure; SameSite=None did_compat=s%3Av0%3Adeebf530-0171-11eb-85d7-cbc35107ff66.P5%2BwpszWM2Hc9DFMs%2BrRHL16%2BuOIhTVRWsEZei7jW5w; Max-Age=31557600; Path=/; Expires=Tue, 28 Sep 2021 16:03:34 GMT; HttpOnly; Secure auth0_compat=s%3AgjWus0edKDhq1KUrV82rnTAqiexkEexD.738r3WKDwU%2FSgoh8SH0z%2BG4wrbqHuY6NqLjKI%2BPKtDk; Path=/; Expires=Thu, 01 Oct 2020 10:03:34 GMT; HttpOnly; Secure
X-RateLimit-Limit: 1000
X-RateLimit-Remaining: 999
X-RateLimit-Reset: 1601287415
Location: /login?state=g6Fo2SBwVEN3M1Jma01SWUdsUi1XWHowcWxtS1U1ZklCNXpoOKN0aWTZIDhsUzdmVXR5bksyOGdEZHlITHE1MWgzU3hxbHpXZ3dHo2NpZNkgNkE2emxYaTQycERXSzJsWUtVZFFyUk1hVWNxVGcxR20&client=6A6zlXi42pDWK2lYKUdQrRMaUcqTg1Gm&protocol=oauth2&response_type=token%20id_token&redirect_uri=https%3A%2F%2Feil-accounts-stg-pr-985.dev.eurostar.com%2Fuk-en%2F&ui_locales=en&connection=Accounts-Service&nonce=Q0_4BxVwxAk7GMUrKw9xPg27t_QZ6.hc&scope=openid%20profile%20email&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xMC4wIn0%3D
Vary: Accept
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-transform
Strict-Transport-Security: max-age=31536000

GET
H2 200 logo.svg
static.eurostar.com/shared/images/logos/ 2 KB
2 KB 216ms
114ms Image
image/svg+xml 151.101.193.106
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.eurostar.com/shared/images/logos/logo.svg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.106 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://eil-accounts-stg-pr-985.dev.eurostar.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Sep 2020 10:03:34 GMT
via: 1.1 varnish
last-modified: Fri, 04 Sep 2020 08:30:03 GMT
x-timer: S1601287415.753970,VS0,VE70
etag: "b6dceef5e0290cfb3c5566b693b941b4"
x-served-by: cache-hhn4060-HHN
vary: Accept-Encoding
x-cache: MISS
content-type: image/svg+xml
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2044
x-cache-hits: 0

GET
H2 200 logo-desktop.svg
static.eurostar.com/shared/images/logos/ 10 KB
10 KB 222ms
121ms Image
image/svg+xml 151.101.193.106
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.eurostar.com/shared/images/logos/logo-desktop.svg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.106 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://eil-accounts-stg-pr-985.dev.eurostar.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Sep 2020 10:03:34 GMT
via: 1.1 varnish
last-modified: Fri, 04 Sep 2020 08:30:03 GMT
x-timer: S1601287415.753998,VS0,VE73
etag: "913b600d61ae14c1b0a7b2c6037ebb9c"
x-served-by: cache-hhn4060-HHN
vary: Accept-Encoding
x-cache: MISS
content-type: image/svg+xml
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
access-control-allow-origin: *
content-length: 10558
x-cache-hits: 0

GET
H2 200 train-loader.svg
static.eurostar.com/shared/images/ 8 KB
9 KB 219ms
118ms Image
image/svg+xml 151.101.193.106
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.eurostar.com/shared/images/train-loader.svg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.106 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://eil-accounts-stg-pr-985.dev.eurostar.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Sep 2020 10:03:34 GMT
via: 1.1 varnish
last-modified: Fri, 04 Sep 2020 08:30:03 GMT
x-timer: S1601287415.754001,VS0,VE72
etag: "82348349a14496fa0fb1a953b1d252f7"
x-served-by: cache-hhn4060-HHN
vary: Accept-Encoding
x-cache: MISS
content-type: image/svg+xml
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8625
x-cache-hits: 0

GET
H2 200 icons_v1.3.9.svg
static.eurostar.com/shared/iconography/ 316 KB
114 KB 245ms
145ms XHR
image/svg+xml 151.101.193.106
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.eurostar.com/shared/iconography/icons_v1.3.9.svg
Requested by: Host: eil-accounts-stg-pr-985.dev.eurostar.com
URL: https://eil-accounts-stg-pr-985.dev.eurostar.com/static/js/vendors.d348e24b.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.106 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://eil-accounts-stg-pr-985.dev.eurostar.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Sep 2020 10:03:34 GMT
content-encoding: gzip
age: 358441
x-cache: HIT
status: 200
content-length: 116436
x-served-by: cache-hhn4072-HHN
access-control-allow-origin: *
last-modified: Fri, 04 Sep 2020 08:30:02 GMT
x-timer: S1601287415.754363,VS0,VE1
etag: "696392299fdd54bc9a2fdcf48a409f77"
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 varnish
cache-control: public, max-age=604800
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 pembrokeweb-bold.woff2
static.eurostar.com/shared/fonts/ 40 KB
40 KB 143ms
47ms Font
binary/octet-stream 151.101.193.106
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.eurostar.com/shared/fonts/pembrokeweb-bold.woff2
Requested by: Host: eil-accounts-stg-pr-985.dev.eurostar.com
URL: https://eil-accounts-stg-pr-985.dev.eurostar.com/uk-en
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.106 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Origin: https://eil-accounts-stg-pr-985.dev.eurostar.com
Referer: https://eil-accounts-stg-pr-985.dev.eurostar.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Sep 2020 10:03:34 GMT
content-encoding: gzip
age: 357712
x-cache: HIT
status: 200
content-length: 40748
x-served-by: cache-hhn4072-HHN
access-control-allow-origin: *
last-modified: Fri, 04 Sep 2020 08:30:01 GMT
x-timer: S1601287415.754491,VS0,VE1
etag: "707f0e7cf84356411db3e642a3c47217"
vary: Accept-Encoding
content-type: binary/octet-stream
via: 1.1 varnish
cache-control: public, max-age=604800
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 pemw-rg.woff2
static.eurostar.com/shared/fonts-licensed/PemW-Rg/ 38 KB
38 KB 240ms
145ms Font
binary/octet-stream 151.101.193.106
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.eurostar.com/shared/fonts-licensed/PemW-Rg/pemw-rg.woff2
Requested by: Host: eil-accounts-stg-pr-985.dev.eurostar.com
URL: https://eil-accounts-stg-pr-985.dev.eurostar.com/uk-en
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.106 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Origin: https://eil-accounts-stg-pr-985.dev.eurostar.com
Referer: https://eil-accounts-stg-pr-985.dev.eurostar.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Sep 2020 10:03:34 GMT
content-encoding: gzip
age: 264499
x-cache: HIT
status: 200
content-length: 38832
x-served-by: cache-hhn4072-HHN
access-control-allow-origin: *
last-modified: Fri, 04 Sep 2020 08:30:01 GMT
x-timer: S1601287415.754446,VS0,VE1
etag: "207c3e7bf83156021b04c5e9a9c4443d"
vary: Accept-Encoding
content-type: binary/octet-stream
via: 1.1 varnish
cache-control: public, max-age=604800
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 pemw-lt.woff2
static.eurostar.com/shared/fonts-licensed/PemW-Lt/ 38 KB
38 KB 142ms
47ms Font
binary/octet-stream 151.101.193.106
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.eurostar.com/shared/fonts-licensed/PemW-Lt/pemw-lt.woff2
Requested by: Host: eil-accounts-stg-pr-985.dev.eurostar.com
URL: https://eil-accounts-stg-pr-985.dev.eurostar.com/static/css/vendors.6a3f1ba3.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.106 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Origin: https://eil-accounts-stg-pr-985.dev.eurostar.com
Referer: https://eil-accounts-stg-pr-985.dev.eurostar.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Sep 2020 10:03:34 GMT
content-encoding: gzip
age: 472442
x-cache: HIT
status: 200
content-length: 38803
x-served-by: cache-hhn4072-HHN
access-control-allow-origin: *
last-modified: Fri, 04 Sep 2020 08:30:01 GMT
x-timer: S1601287415.754431,VS0,VE1
etag: "349bee77b9ff0761472abd837ee9894f"
vary: Accept-Encoding
content-type: binary/octet-stream
via: 1.1 varnish
cache-control: public, max-age=604800
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 pemw-md.woff2
static.eurostar.com/shared/fonts-licensed/PemW-Md/ 39 KB
39 KB 142ms
47ms Font
binary/octet-stream 151.101.193.106
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.eurostar.com/shared/fonts-licensed/PemW-Md/pemw-md.woff2
Requested by: Host: eil-accounts-stg-pr-985.dev.eurostar.com
URL: https://eil-accounts-stg-pr-985.dev.eurostar.com/static/css/vendors.6a3f1ba3.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.106 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Origin: https://eil-accounts-stg-pr-985.dev.eurostar.com
Referer: https://eil-accounts-stg-pr-985.dev.eurostar.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Sep 2020 10:03:34 GMT
content-encoding: gzip
age: 264499
x-cache: HIT
status: 200
content-length: 40305
x-served-by: cache-hhn4072-HHN
access-control-allow-origin: *
last-modified: Fri, 04 Sep 2020 08:30:01 GMT
x-timer: S1601287415.754417,VS0,VE1
etag: "aa7272a51cfe7d49072b21632e1e5754"
vary: Accept-Encoding
content-type: binary/octet-stream
via: 1.1 varnish
cache-control: public, max-age=604800
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 pemw-rg.woff2
static.eurostar.com/shared/fonts-licensed/PemW-Rg/ 38 KB
38 KB 240ms
145ms Font
binary/octet-stream 151.101.193.106
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.eurostar.com/shared/fonts-licensed/PemW-Rg/pemw-rg.woff2
Requested by: Host: eil-accounts-stg-pr-985.dev.eurostar.com
URL: https://eil-accounts-stg-pr-985.dev.eurostar.com/static/css/vendors.6a3f1ba3.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.106 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Origin: https://eil-accounts-stg-pr-985.dev.eurostar.com
Referer: https://eil-accounts-stg-pr-985.dev.eurostar.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Sep 2020 10:03:34 GMT
content-encoding: gzip
age: 264499
x-cache: HIT
status: 200
content-length: 38832
x-served-by: cache-hhn4072-HHN
access-control-allow-origin: *
last-modified: Fri, 04 Sep 2020 08:30:01 GMT
x-timer: S1601287415.754444,VS0,VE1
etag: "207c3e7bf83156021b04c5e9a9c4443d"
vary: Accept-Encoding
content-type: binary/octet-stream
via: 1.1 varnish
cache-control: public, max-age=604800
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 pemw-md.woff2
static.eurostar.com/shared/fonts-licensed/PemW-Md/ 39 KB
40 KB 112ms
46ms Font
binary/octet-stream 151.101.193.106
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.eurostar.com/shared/fonts-licensed/PemW-Md/pemw-md.woff2
Requested by: Host: eil-accounts-stg-pr-985.dev.eurostar.com
URL: https://eil-accounts-stg-pr-985.dev.eurostar.com/uk-en
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.106 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Origin: https://eil-accounts-stg-pr-985.dev.eurostar.com
Referer: https://eil-accounts-stg-pr-985.dev.eurostar.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Sep 2020 10:03:34 GMT
content-encoding: gzip
age: 264499
x-cache: HIT
status: 200
content-length: 40305
x-served-by: cache-hhn4072-HHN
access-control-allow-origin: *
last-modified: Fri, 04 Sep 2020 08:30:01 GMT
x-timer: S1601287415.754388,VS0,VE1
etag: "aa7272a51cfe7d49072b21632e1e5754"
vary: Accept-Encoding
content-type: binary/octet-stream
via: 1.1 varnish
cache-control: public, max-age=604800
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 2 B
202 B 74ms
74ms Script
application/x-javascript 104.111.215.136
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=eurostar/accounts/202009241036&cb=1601287414857
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/eurostar/accounts/qa/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.215.136 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-136.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

Referer: https://eil-accounts-stg-pr-985.dev.eurostar.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Sep 2020 10:03:34 GMT
last-modified: Thu, 14 Apr 2016 16:57:51 GMT
server: AkamaiNetStorage
etag: "7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type: application/x-javascript
status: 200
cache-control: max-age=600
accept-ranges: bytes
content-length: 2
expires: Mon, 28 Sep 2020 10:13:34 GMT

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ 72 B
555 B 21ms
7ms Script
text/javascript 2a04:4e42:600::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js?features=es5,es6,fetch,URL,Array.prototype.includes&flags=gated

Requested by

Host: login-staging.eurostar.com
URL: https://login-staging.eurostar.com/login?state=g6Fo2SBwVEN3M1Jma01SWUdsUi1XWHowcWxtS1U1ZklCNXpoOKN0aWTZIDhsUzdmVXR5bksyOGdEZHlITHE1MWgzU3hxbHpXZ3dHo2NpZNkgNkE2emxYaTQycERXSzJsWUtVZFFyUk1hVWNxVGcxR20&client=6A6zlXi42pDWK2lYKUdQrRMaUcqTg1Gm&protocol=oauth2&response_type=token%20id_token&redirect_uri=https%3A%2F%2Feil-accounts-stg-pr-985.dev.eurostar.com%2Fuk-en%2F&ui_locales=en&connection=Accounts-Service&nonce=Q0_4BxVwxAk7GMUrKw9xPg27t_QZ6.hc&scope=openid%20profile%20email&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xMC4wIn0%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 11557692
detected-user-agent: Chrome/83.0.4103
status: 200
request_came_from_shield: FRA
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT-CLUSTER, fastly;desc="Edge time";dur=1
content-length: 74
referrer-policy: origin-when-cross-origin
last-modified: Sat, 16 May 2020 17:29:31 GMT
date: Mon, 28 Sep 2020 10:03:34 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/83.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 login-bundle.gz.js Show response
auth0-static.eurostar.com/auth-form/1.1.108/ 573 KB
172 KB 126ms
119ms Script
application/javascript 151.101.193.106
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://auth0-static.eurostar.com/auth-form/1.1.108/login-bundle.gz.js
Requested by: Host: login-staging.eurostar.com
URL: https://login-staging.eurostar.com/login?state=g6Fo2SBwVEN3M1Jma01SWUdsUi1XWHowcWxtS1U1ZklCNXpoOKN0aWTZIDhsUzdmVXR5bksyOGdEZHlITHE1MWgzU3hxbHpXZ3dHo2NpZNkgNkE2emxYaTQycERXSzJsWUtVZFFyUk1hVWNxVGcxR20&client=6A6zlXi42pDWK2lYKUdQrRMaUcqTg1Gm&protocol=oauth2&response_type=token%20id_token&redirect_uri=https%3A%2F%2Feil-accounts-stg-pr-985.dev.eurostar.com%2Fuk-en%2F&ui_locales=en&connection=Accounts-Service&nonce=Q0_4BxVwxAk7GMUrKw9xPg27t_QZ6.hc&scope=openid%20profile%20email&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xMC4wIn0%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.106 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 329cea15dbe1c52f3acb76109e2fcbe2cb901fb0ef39b2c56fc552a0d855a16f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Sep 2020 10:03:35 GMT
content-encoding: gzip
access-control-allow-origin: *
x-cache: MISS
status: 200
content-length: 175589
x-served-by: cache-hhn4060-HHN
last-modified: Thu, 24 Sep 2020 10:42:49 GMT
x-timer: S1601287415.003053,VS0,VE75
etag: "39bd650cc9dc3a6117e1e8f65e8eda18"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=1200, must-revalidate, no-transform
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 show-password-icon.svg
auth0-static.eurostar.com/static/images/ 2 KB
2 KB 87ms
86ms Image
image/svg+xml 151.101.193.106
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://auth0-static.eurostar.com/static/images/show-password-icon.svg
Requested by: Host: login-staging.eurostar.com
URL: https://login-staging.eurostar.com/login?state=g6Fo2SBwVEN3M1Jma01SWUdsUi1XWHowcWxtS1U1ZklCNXpoOKN0aWTZIDhsUzdmVXR5bksyOGdEZHlITHE1MWgzU3hxbHpXZ3dHo2NpZNkgNkE2emxYaTQycERXSzJsWUtVZFFyUk1hVWNxVGcxR20&client=6A6zlXi42pDWK2lYKUdQrRMaUcqTg1Gm&protocol=oauth2&response_type=token%20id_token&redirect_uri=https%3A%2F%2Feil-accounts-stg-pr-985.dev.eurostar.com%2Fuk-en%2F&ui_locales=en&connection=Accounts-Service&nonce=Q0_4BxVwxAk7GMUrKw9xPg27t_QZ6.hc&scope=openid%20profile%20email&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xMC4wIn0%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.106 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 818e14580b9416dde2678e26018b8e4aaa52172952fd4308f946dc5c08a6f259

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Sep 2020 10:03:35 GMT
via: 1.1 varnish
last-modified: Thu, 24 Sep 2020 10:42:49 GMT
x-timer: S1601287415.360031,VS0,VE41
etag: "a05f46c6e634efff65e45d02ffeb09bd"
x-served-by: cache-hhn4060-HHN
vary: Accept-Encoding
x-cache: MISS
content-type: image/svg+xml
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1702
x-cache-hits: 0

GET
H2 200 pembrokeweb-regular.woff2
static.eurostar.com/shared/fonts/ 39 KB
39 KB 50ms
50ms Font
binary/octet-stream 151.101.193.106
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.eurostar.com/shared/fonts/pembrokeweb-regular.woff2
Requested by: Host: login-staging.eurostar.com
URL: https://login-staging.eurostar.com/login?state=g6Fo2SBwVEN3M1Jma01SWUdsUi1XWHowcWxtS1U1ZklCNXpoOKN0aWTZIDhsUzdmVXR5bksyOGdEZHlITHE1MWgzU3hxbHpXZ3dHo2NpZNkgNkE2emxYaTQycERXSzJsWUtVZFFyUk1hVWNxVGcxR20&client=6A6zlXi42pDWK2lYKUdQrRMaUcqTg1Gm&protocol=oauth2&response_type=token%20id_token&redirect_uri=https%3A%2F%2Feil-accounts-stg-pr-985.dev.eurostar.com%2Fuk-en%2F&ui_locales=en&connection=Accounts-Service&nonce=Q0_4BxVwxAk7GMUrKw9xPg27t_QZ6.hc&scope=openid%20profile%20email&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xMC4wIn0%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.106 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c8fe91186dafe2bc5d7049614f03615eb4f10e9216d0e195e6a48dbedc93bb26

Request headers

Origin: https://login-staging.eurostar.com
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Sep 2020 10:03:35 GMT
content-encoding: gzip
age: 262198
x-cache: HIT
status: 200
content-length: 39643
x-served-by: cache-hhn4072-HHN
access-control-allow-origin: *
last-modified: Fri, 04 Sep 2020 08:30:01 GMT
x-timer: S1601287415.361643,VS0,VE1
etag: "86238cc09df56ea64bbd5290c46b4710"
vary: Accept-Encoding
content-type: binary/octet-stream
via: 1.1 varnish
cache-control: public, max-age=604800
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 pembrokeweb-bold.woff2
static.eurostar.com/shared/fonts/ 40 KB
40 KB 47ms
47ms Font
binary/octet-stream 151.101.193.106
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.eurostar.com/shared/fonts/pembrokeweb-bold.woff2
Requested by: Host: login-staging.eurostar.com
URL: https://login-staging.eurostar.com/login?state=g6Fo2SBwVEN3M1Jma01SWUdsUi1XWHowcWxtS1U1ZklCNXpoOKN0aWTZIDhsUzdmVXR5bksyOGdEZHlITHE1MWgzU3hxbHpXZ3dHo2NpZNkgNkE2emxYaTQycERXSzJsWUtVZFFyUk1hVWNxVGcxR20&client=6A6zlXi42pDWK2lYKUdQrRMaUcqTg1Gm&protocol=oauth2&response_type=token%20id_token&redirect_uri=https%3A%2F%2Feil-accounts-stg-pr-985.dev.eurostar.com%2Fuk-en%2F&ui_locales=en&connection=Accounts-Service&nonce=Q0_4BxVwxAk7GMUrKw9xPg27t_QZ6.hc&scope=openid%20profile%20email&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xMC4wIn0%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.106 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6ec2ecefa129f44e24ba0c43ee0a5bddc860b16dd0b48e00291443729befd84d

Request headers

Origin: https://login-staging.eurostar.com
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Sep 2020 10:03:35 GMT
content-encoding: gzip
age: 357713
x-cache: HIT
status: 200
content-length: 40748
x-served-by: cache-hhn4072-HHN
access-control-allow-origin: *
last-modified: Fri, 04 Sep 2020 08:30:01 GMT
x-timer: S1601287415.361650,VS0,VE0
etag: "707f0e7cf84356411db3e642a3c47217"
vary: Accept-Encoding
content-type: binary/octet-stream
via: 1.1 varnish
cache-control: public, max-age=604800
accept-ranges: bytes
x-cache-hits: 2

POST
H2 200 collect
www.google-analytics.com/ 35 B
0 31ms
13ms Fetch
image/gif 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: auth0-static.eurostar.com
URL: https://auth0-static.eurostar.com/auth-form/1.1.108/login-bundle.gz.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 28 Sep 2020 10:03:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: https://login-staging.eurostar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.eurostar.com
URL: https://static.eurostar.com/shared/iconography/icons_v1.3.9.svg

Domain: static.eurostar.com
URL: https://static.eurostar.com/shared/iconography/icons_v1.3.9.svg

Domain: static.eurostar.com
URL: https://static.eurostar.com/shared/iconography/icons_v1.3.9.svg

Domain: static.eurostar.com
URL: https://static.eurostar.com/shared/iconography/icons_v1.3.9.svg

Domain: static.eurostar.com
URL: https://static.eurostar.com/shared/iconography/icons_v1.3.9.svg

Domain: static.eurostar.com
URL: https://static.eurostar.com/shared/iconography/icons_v1.3.9.svg

Domain: static.eurostar.com
URL: https://static.eurostar.com/shared/iconography/icons_v1.3.9.svg

Domain: static.eurostar.com
URL: https://static.eurostar.com/shared/iconography/icons_v1.3.9.svg

Domain: static.eurostar.com
URL: https://static.eurostar.com/shared/iconography/icons_v1.3.9.svg

Domain: static.eurostar.com
URL: https://static.eurostar.com/shared/iconography/icons_v1.3.9.svg

Domain: static.eurostar.com
URL: https://static.eurostar.com/shared/iconography/icons_v1.3.9.svg

Domain: static.eurostar.com
URL: https://static.eurostar.com/shared/iconography/icons_v1.3.9.svg

Domain: static.eurostar.com
URL: https://static.eurostar.com/shared/iconography/icons_v1.3.9.svg

Domain: static.eurostar.com
URL: https://static.eurostar.com/shared/iconography/icons_v1.3.9.svg

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
login-staging.eurostar.com/	1970-01-19 12:52:26	Name: auth0_compat Value: s%3AgjWus0edKDhq1KUrV82rnTAqiexkEexD.738r3WKDwU%2FSgoh8SH0z%2BG4wrbqHuY6NqLjKI%2BPKtDk
login-staging.eurostar.com/	1970-01-19 21:34:05	Name: did_compat Value: s%3Av0%3Adeebf530-0171-11eb-85d7-cbc35107ff66.P5%2BwpszWM2Hc9DFMs%2BrRHL16%2BuOIhTVRWsEZei7jW5w
login-staging.eurostar.com/	1970-01-19 12:52:26	Name: auth0 Value: s%3AgjWus0edKDhq1KUrV82rnTAqiexkEexD.738r3WKDwU%2FSgoh8SH0z%2BG4wrbqHuY6NqLjKI%2BPKtDk
login-staging.eurostar.com/	1970-01-19 21:34:05	Name: did Value: s%3Av0%3Adeebf530-0171-11eb-85d7-cbc35107ff66.P5%2BwpszWM2Hc9DFMs%2BrRHL16%2BuOIhTVRWsEZei7jW5w
.eurostar.com/	1970-01-19 21:33:43	Name: utag_main Value: v_id:0174d42ae42c0016ae030a58963200078003f07000b08$_sn:1$_se:1$_ss:1$_st:1601289214830$ses_id:1601287414830%3Bexp-session$_pn:1%3Bexp-session
.eurostar.com/	1970-01-19 14:57:47	Name: OPTOUTMULTI Value: 0:0%7Cc4:0%7Cc3:0%7Cc2:0
.eurostar.com/	1970-01-19 17:07:19	Name: optimizelyEndUserId Value: oeu1601287414370r0.31574413767048637

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' https:; frame-src 'self' https: .doubleclick.net; script-src .monetate.net .google.com .facebook.net .googletagmanager.com .google-analytics.com 'self' https: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: .google-analytics.com https:; font-src 'self' .gstatic.com data: .googleapis.com https://static.eurostar.com; style-src 'self' .eurostar.com eurostarhelp.secure.force.com .googleapis.com .gstatic.com *.google.com 'unsafe-inline'; connect-src 'self' https:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a8551211269.cdn.optimizely.com
auth0-static.eurostar.com
cdn.optimizely.com
cdn.polyfill.io
cdnjs.cloudflare.com
eil-accounts-stg-pr-985.dev.eurostar.com
login-staging.eurostar.com
polyfill.io
staging.eurostar.com
static.eurostar.com
tags.tiqcdn.com
www.google-analytics.com
static.eurostar.com
104.108.68.187
104.111.215.136
151.101.113.106
151.101.193.106
2606:4700::6811:4e6b
2a00:1450:4001:820::200e
2a02:26f0:eb:38e::13b8
2a04:4e42:3::621
2a04:4e42:600::621
35.158.3.54
52.17.47.166
0bf54566150f774c6ddc29ca635b7d2f30a5f6ac8c073a701ba6933d71cbd0e0
0e5bcdd6d1d13af5d577db9a561442f78124841bc49819a1bc67335dda2d3a51
1a3a366b0f241c4c8c3a9da7e525d5c2a149c955c809cdf4cfc902d98d290add
2d956f7a62daaf3ffaad9181be9fcbdf33c1e9d20d1221419d0d9f9fcaf3cb48
329cea15dbe1c52f3acb76109e2fcbe2cb901fb0ef39b2c56fc552a0d855a16f
3d3d5c0cdadd590873d7bdf7fe2c6c83a396835afb00cb29b5d8bb7b585660ac
4f04b4763955e708c919426aafb804f077923d20e5a6086e280745541832fbdd
6ec2ecefa129f44e24ba0c43ee0a5bddc860b16dd0b48e00291443729befd84d
71c4d63c8d18737af49f68503255868d882215ca137f719355a740ff4590405e
735d9f1b6c01b7ed9b8fda142956f0fcc277bb5e5a21badd18ac9cef45f9421f
770180c7fee0aef1f0401e2d13a5bbf8258125c6b9206abf0f90285561227374
818e14580b9416dde2678e26018b8e4aaa52172952fd4308f946dc5c08a6f259
9871308cc9e50fc3bc35dbec6df708ae129ebbf5833ee3e359d41edad9700cbe
aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11
b57aaf4703f60adb5be9762a21f2c8e9e29b84579f1bfa560f60ee2f12b0e0b3
c8fe91186dafe2bc5d7049614f03615eb4f10e9216d0e195e6a48dbedc93bb26
d429a20b4686e7341900cacb0e4a41310f6f724bc3ee9b4cb6f9051de9bad8b9
dc982d96fd2b1c3d6487af373d1279b3c2ac3bcebbe05fad821dd417ffa84c80
e8af73fa4560eec175777bb3599db76a417328e8b6a2efecb9f6c1629c7dc67b
fa91ca58010d60f988f3003bf14d5a4957ba1da1f1b549a0d9f068458eab0418

login-staging.eurostar.com Open in urlscan Pro 35.158.3.54 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

49 Requests

71 %HTTPS

45 %IPv6

6 Domains

12 Subdomains

12 IPs

5 Countries

1094 kBTransfer

3299 kBSize

7 Cookies

2 Outgoing links

Page URL History

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

login-staging.eurostar.com Open in urlscan Pro
35.158.3.54 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

71 %
HTTPS

45 %
IPv6

6
Domains

12
Subdomains

12
IPs

5
Countries

1094 kB
Transfer

3299 kB
Size

7
Cookies

49 HTTP transactions
0 data transactions