urlscan.io logo urlscan.io
SecurityTrails logo

blue.customer-portal.playground.nonprod.globaldatacompany.com Open in urlscan Pro
52.88.162.94  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://blue.customer-portal.playground.nonprod.globaldatacompany.com/
Effective URL: https://blue.customer-portal.playground.nonprod.globaldatacompany.com/account/logon
Submission: On May 24 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 10 HTTP transactions. The main IP is 52.88.162.94, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is blue.customer-portal.playground.nonprod.globaldatacompany.com.
TLS certificate: Issued by Amazon on May 24th 2021. Valid for: a year.
This is the only time blue.customer-portal.playground.nonprod.globaldatacompany.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 11 52.88.162.94 16509 (AMAZON-02)
10 1
Apex Domain
Subdomains		 Transfer
11 globaldatacompany.com
blue.customer-portal.playground.nonprod.globaldatacompany.com
1 MB
10 1
Domain Requested by
11 blue.customer-portal.playground.nonprod.globaldatacompany.com 1 redirects blue.customer-portal.playground.nonprod.globaldatacompany.com
10 1

This site contains no links.

Subject Issuer Validity Valid
blue.customer-portal.playground.nonprod.globaldatacompany.com
Amazon		 2021-05-24 -
2022-06-22		 a year crt.sh

This page contains 1 frames:

Primary Page: https://blue.customer-portal.playground.nonprod.globaldatacompany.com/account/logon
Frame ID: 5D6194B70CFC2194FB772AEE216C2EB9
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://blue.customer-portal.playground.nonprod.globaldatacompany.com/ HTTP 302
    https://blue.customer-portal.playground.nonprod.globaldatacompany.com/account/logon Page URL

Page Statistics

10
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

1280 kB
Transfer

1274 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://blue.customer-portal.playground.nonprod.globaldatacompany.com/ HTTP 302
    https://blue.customer-portal.playground.nonprod.globaldatacompany.com/account/logon Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request logon
blue.customer-portal.playground.nonprod.globaldatacompany.com/account/
Redirect Chain
  • https://blue.customer-portal.playground.nonprod.globaldatacompany.com/
  • https://blue.customer-portal.playground.nonprod.globaldatacompany.com/account/logon
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://blue.customer-portal.playground.nonprod.globaldatacompany.com/account/logon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.88.162.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-162-94.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
3bc72fdd08593862be44704a2610f6da5497771916cdc8f6ff8e6f084320d14c
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src api-a2e1256d.duosecurity.com; style-src 'self' 'unsafe-inline'; script-src 'self'; img-src 'self' data:; report-uri /Error/ContentSecurityPolicy; frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
blue.customer-portal.playground.nonprod.globaldatacompany.com
:scheme
https
:path
/account/logon
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 24 May 2021 23:50:24 GMT
content-type
text/html; charset=utf-8
content-length
1896
cache-control
private,no-cache, no-store
pragma
no-cache
x-content-type-options
nosniff
x-frame-options
DENY
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
content-security-policy
default-src 'self'; frame-src api-a2e1256d.duosecurity.com; style-src 'self' 'unsafe-inline'; script-src 'self'; img-src 'self' data:; report-uri /Error/ContentSecurityPolicy; frame-ancestors 'none'
referrer-policy
strict-origin

Redirect headers

date
Mon, 24 May 2021 23:50:23 GMT
content-type
text/html; charset=utf-8
content-length
131
cache-control
private,no-cache, no-store
pragma
no-cache
location
/account/logon
x-content-type-options
nosniff
x-frame-options
DENY
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
content-security-policy
default-src 'self'; frame-src api-a2e1256d.duosecurity.com; style-src 'self' 'unsafe-inline'; script-src 'self'; img-src 'self' data:; report-uri /Error/ContentSecurityPolicy; frame-ancestors 'none'
referrer-policy
strict-origin
publicstyles
blue.customer-portal.playground.nonprod.globaldatacompany.com/Content/ 		149 KB
150 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blue.customer-portal.playground.nonprod.globaldatacompany.com/Content/publicstyles?v=xta33IkrrLE_khDtQoGOV4P8nV_LWgz2_4SJVsH_mOE1
Requested by
Host: blue.customer-portal.playground.nonprod.globaldatacompany.com
URL: https://blue.customer-portal.playground.nonprod.globaldatacompany.com/account/logon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.88.162.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-162-94.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
a3a6936d6ee37d9e77de9a4a11aba0ffbd4fd28620fe2f35e956c40e2296722f
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self'; script-src 'self'; img-src 'self' data:; report-uri /Error/ContentSecurityPolicy; frame-ancestors 'none'
Strict-Transport-Security max-age=30000000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/Content/publicstyles?v=xta33IkrrLE_khDtQoGOV4P8nV_LWgz2_4SJVsH_mOE1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
blue.customer-portal.playground.nonprod.globaldatacompany.com
referer
https://blue.customer-portal.playground.nonprod.globaldatacompany.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blue.customer-portal.playground.nonprod.globaldatacompany.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
max-age=86400
date
Mon, 24 May 2021 23:50:24 GMT
x-content-type-options
nosniff
last-modified
Mon, 24 May 2021 23:50:24 GMT
x-frame-options
DENY
content-type
text/css; charset=utf-8
cache-control
public,private, max-age=86400
content-security-policy
default-src 'self'; style-src 'self'; script-src 'self'; img-src 'self' data:; report-uri /Error/ContentSecurityPolicy; frame-ancestors 'none'
strict-transport-security
max-age=30000000
vary
User-Agent
content-length
153069
x-xss-protection
1; mode=block
referrer-policy
strict-origin
expires
Tue, 24 May 2022 23:50:24 GMT
main-js
blue.customer-portal.playground.nonprod.globaldatacompany.com/bundles/ 		878 KB
879 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blue.customer-portal.playground.nonprod.globaldatacompany.com/bundles/main-js?v=REUrQmC23Sl97yP7wi6DbKONv1m5JZOcvg5BvfPtl601
Requested by
Host: blue.customer-portal.playground.nonprod.globaldatacompany.com
URL: https://blue.customer-portal.playground.nonprod.globaldatacompany.com/account/logon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.88.162.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-162-94.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d7f1069ef0c4f20200b2d67cbddf38661e76b643eb4b7da23eb684e22d7850eb
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src api-a2e1256d.duosecurity.com; style-src 'self' 'unsafe-inline'; script-src 'self'; img-src 'self' data:; report-uri /Error/ContentSecurityPolicy; frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/bundles/main-js?v=REUrQmC23Sl97yP7wi6DbKONv1m5JZOcvg5BvfPtl601
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
blue.customer-portal.playground.nonprod.globaldatacompany.com
referer
https://blue.customer-portal.playground.nonprod.globaldatacompany.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blue.customer-portal.playground.nonprod.globaldatacompany.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 May 2021 23:50:24 GMT
x-content-type-options
nosniff
last-modified
Mon, 24 May 2021 23:50:24 GMT
x-frame-options
DENY
content-type
text/javascript; charset=utf-8
cache-control
public,no-cache, no-store
content-security-policy
default-src 'self'; frame-src api-a2e1256d.duosecurity.com; style-src 'self' 'unsafe-inline'; script-src 'self'; img-src 'self' data:; report-uri /Error/ContentSecurityPolicy; frame-ancestors 'none'
strict-transport-security
max-age=31536000
vary
User-Agent
content-length
898864
x-xss-protection
1; mode=block
referrer-policy
strict-origin
expires
Tue, 24 May 2022 23:50:24 GMT
Trulioo_Building_Trust_Online.png
blue.customer-portal.playground.nonprod.globaldatacompany.com/Content/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blue.customer-portal.playground.nonprod.globaldatacompany.com/Content/images/Trulioo_Building_Trust_Online.png
Requested by
Host: blue.customer-portal.playground.nonprod.globaldatacompany.com
URL: https://blue.customer-portal.playground.nonprod.globaldatacompany.com/account/logon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.88.162.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-162-94.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
e06014e06da39a96704ac1d5360da1c2e901c1c486c035bdc5cc7f3b41091eb7
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self'; script-src 'self'; img-src 'self' data:; report-uri /Error/ContentSecurityPolicy; frame-ancestors 'none'
Strict-Transport-Security max-age=30000000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/Content/images/Trulioo_Building_Trust_Online.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
blue.customer-portal.playground.nonprod.globaldatacompany.com
referer
https://blue.customer-portal.playground.nonprod.globaldatacompany.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blue.customer-portal.playground.nonprod.globaldatacompany.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
max-age=86400
date
Mon, 24 May 2021 23:50:25 GMT
x-content-type-options
nosniff
last-modified
Fri, 14 May 2021 16:17:02 GMT
server
Microsoft-IIS/10.0
etag
"0939592dc48d71:0"
x-frame-options
DENY
content-type
image/png
cache-control
private, max-age=86400
content-security-policy
default-src 'self'; style-src 'self'; script-src 'self'; img-src 'self' data:; report-uri /Error/ContentSecurityPolicy; frame-ancestors 'none'
strict-transport-security
max-age=30000000
accept-ranges
bytes
content-length
3710
x-xss-protection
1; mode=block
referrer-policy
strict-origin
globalgateway_large.png
blue.customer-portal.playground.nonprod.globaldatacompany.com/Content/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blue.customer-portal.playground.nonprod.globaldatacompany.com/Content/images/globalgateway_large.png
Requested by
Host: blue.customer-portal.playground.nonprod.globaldatacompany.com
URL: https://blue.customer-portal.playground.nonprod.globaldatacompany.com/account/logon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.88.162.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-162-94.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
14a9bbd95114fa883c26902a9dda7732b90a7c69ef5f13dd7a9065335d570dbd
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self'; script-src 'self'; img-src 'self' data:; report-uri /Error/ContentSecurityPolicy; frame-ancestors 'none'
Strict-Transport-Security max-age=30000000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/Content/images/globalgateway_large.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
blue.customer-portal.playground.nonprod.globaldatacompany.com
referer
https://blue.customer-portal.playground.nonprod.globaldatacompany.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blue.customer-portal.playground.nonprod.globaldatacompany.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
max-age=86400
date
Mon, 24 May 2021 23:50:25 GMT
x-content-type-options
nosniff
last-modified
Fri, 14 May 2021 16:17:02 GMT
server
Microsoft-IIS/10.0
etag
"0939592dc48d71:0"
x-frame-options
DENY
content-type
image/png
cache-control
private, max-age=86400
content-security-policy
default-src 'self'; style-src 'self'; script-src 'self'; img-src 'self' data:; report-uri /Error/ContentSecurityPolicy; frame-ancestors 'none'
strict-transport-security
max-age=30000000
accept-ranges
bytes
content-length
3128
x-xss-protection
1; mode=block
referrer-policy
strict-origin
login
blue.customer-portal.playground.nonprod.globaldatacompany.com/bundles/ 		462 B
957 B 		Script
General
Check archive.org
Download Go to
Full URL
https://blue.customer-portal.playground.nonprod.globaldatacompany.com/bundles/login?v=Q1yad7O5krR0gV1ts1jrSchZbJ-iyhX7k55E6VBaJT01
Requested by
Host: blue.customer-portal.playground.nonprod.globaldatacompany.com
URL: https://blue.customer-portal.playground.nonprod.globaldatacompany.com/account/logon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.88.162.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-162-94.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
6e1b0df0eb33c8189264c1c0c3db740fa9845eceb7fc952747a5a76b6232c4b1
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src api-a2e1256d.duosecurity.com; style-src 'self' 'unsafe-inline'; script-src 'self'; img-src 'self' data:; report-uri /Error/ContentSecurityPolicy; frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/bundles/login?v=Q1yad7O5krR0gV1ts1jrSchZbJ-iyhX7k55E6VBaJT01
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
blue.customer-portal.playground.nonprod.globaldatacompany.com
referer
https://blue.customer-portal.playground.nonprod.globaldatacompany.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blue.customer-portal.playground.nonprod.globaldatacompany.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 May 2021 23:50:25 GMT
x-content-type-options
nosniff
last-modified
Mon, 24 May 2021 23:50:25 GMT
x-frame-options
DENY
content-type
text/javascript; charset=utf-8
cache-control
public,no-cache, no-store
content-security-policy
default-src 'self'; frame-src api-a2e1256d.duosecurity.com; style-src 'self' 'unsafe-inline'; script-src 'self'; img-src 'self' data:; report-uri /Error/ContentSecurityPolicy; frame-ancestors 'none'
strict-transport-security
max-age=31536000
vary
User-Agent
content-length
462
x-xss-protection
1; mode=block
referrer-policy
strict-origin
expires
Tue, 24 May 2022 23:50:25 GMT
login-babel-libs
blue.customer-portal.playground.nonprod.globaldatacompany.com/bundles/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blue.customer-portal.playground.nonprod.globaldatacompany.com/bundles/login-babel-libs?v=y5wo-8GBl60uQTGK_rIP9o0UWkLH9yaxaX6AaIMfvKw1
Requested by
Host: blue.customer-portal.playground.nonprod.globaldatacompany.com
URL: https://blue.customer-portal.playground.nonprod.globaldatacompany.com/account/logon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.88.162.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-162-94.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
28240c4366b1b1aee2e7c0a6b2efb117055566c145292eb0ac80ccb9df85c541
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src api-a2e1256d.duosecurity.com; style-src 'self' 'unsafe-inline'; script-src 'self'; img-src 'self' data:; report-uri /Error/ContentSecurityPolicy; frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/bundles/login-babel-libs?v=y5wo-8GBl60uQTGK_rIP9o0UWkLH9yaxaX6AaIMfvKw1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
blue.customer-portal.playground.nonprod.globaldatacompany.com
referer
https://blue.customer-portal.playground.nonprod.globaldatacompany.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blue.customer-portal.playground.nonprod.globaldatacompany.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 May 2021 23:50:25 GMT
x-content-type-options
nosniff
last-modified
Mon, 24 May 2021 23:50:25 GMT
x-frame-options
DENY
content-type
text/javascript; charset=utf-8
cache-control
public,no-cache, no-store
content-security-policy
default-src 'self'; frame-src api-a2e1256d.duosecurity.com; style-src 'self' 'unsafe-inline'; script-src 'self'; img-src 'self' data:; report-uri /Error/ContentSecurityPolicy; frame-ancestors 'none'
strict-transport-security
max-age=31536000
vary
User-Agent
content-length
4411
x-xss-protection
1; mode=block
referrer-policy
strict-origin
expires
Tue, 24 May 2022 23:50:25 GMT
logonsettings
blue.customer-portal.playground.nonprod.globaldatacompany.com/account/ 		125 B
548 B 		Script
General
Check archive.org
Download Go to
Full URL
https://blue.customer-portal.playground.nonprod.globaldatacompany.com/account/logonsettings
Requested by
Host: blue.customer-portal.playground.nonprod.globaldatacompany.com
URL: https://blue.customer-portal.playground.nonprod.globaldatacompany.com/account/logon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.88.162.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-162-94.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
74424a283687a26742e4044685096f6f681f610dce649bce0d292d3236b95384
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src api-a2e1256d.duosecurity.com; style-src 'self' 'unsafe-inline'; script-src 'self'; img-src 'self' data:; report-uri /Error/ContentSecurityPolicy; frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/account/logonsettings
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
blue.customer-portal.playground.nonprod.globaldatacompany.com
referer
https://blue.customer-portal.playground.nonprod.globaldatacompany.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blue.customer-portal.playground.nonprod.globaldatacompany.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 May 2021 23:50:25 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
private,no-cache, no-store
content-security-policy
default-src 'self'; frame-src api-a2e1256d.duosecurity.com; style-src 'self' 'unsafe-inline'; script-src 'self'; img-src 'self' data:; report-uri /Error/ContentSecurityPolicy; frame-ancestors 'none'
strict-transport-security
max-age=31536000
content-length
125
x-xss-protection
1; mode=block
referrer-policy
strict-origin
earth_faded.jpg
blue.customer-portal.playground.nonprod.globaldatacompany.com/content/images/ 		114 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blue.customer-portal.playground.nonprod.globaldatacompany.com/content/images/earth_faded.jpg
Requested by
Host: blue.customer-portal.playground.nonprod.globaldatacompany.com
URL: https://blue.customer-portal.playground.nonprod.globaldatacompany.com/Content/publicstyles?v=xta33IkrrLE_khDtQoGOV4P8nV_LWgz2_4SJVsH_mOE1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.88.162.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-162-94.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
ffdb0cd27153525ce06cd8710a791eb014dc9b51b71774f72f2749b78c9c60db
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self'; script-src 'self'; img-src 'self' data:; report-uri /Error/ContentSecurityPolicy; frame-ancestors 'none'
Strict-Transport-Security max-age=30000000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/content/images/earth_faded.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
blue.customer-portal.playground.nonprod.globaldatacompany.com
referer
https://blue.customer-portal.playground.nonprod.globaldatacompany.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://blue.customer-portal.playground.nonprod.globaldatacompany.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
max-age=86400
date
Mon, 24 May 2021 23:50:25 GMT
x-content-type-options
nosniff
last-modified
Fri, 14 May 2021 16:17:02 GMT
server
Microsoft-IIS/10.0
etag
"0939592dc48d71:0"
x-frame-options
DENY
content-type
image/jpeg
cache-control
private, max-age=86400
content-security-policy
default-src 'self'; style-src 'self'; script-src 'self'; img-src 'self' data:; report-uri /Error/ContentSecurityPolicy; frame-ancestors 'none'
strict-transport-security
max-age=30000000
accept-ranges
bytes
content-length
116741
x-xss-protection
1; mode=block
referrer-policy
strict-origin
Lato-Light.ttf
blue.customer-portal.playground.nonprod.globaldatacompany.com/Content/fonts/lato/ 		120 KB
120 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://blue.customer-portal.playground.nonprod.globaldatacompany.com/Content/fonts/lato/Lato-Light.ttf
Requested by
Host: blue.customer-portal.playground.nonprod.globaldatacompany.com
URL: https://blue.customer-portal.playground.nonprod.globaldatacompany.com/Content/publicstyles?v=xta33IkrrLE_khDtQoGOV4P8nV_LWgz2_4SJVsH_mOE1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.88.162.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-162-94.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
05903540a0675491fda9015a78c05bb589769951befab12a58a5568175566b49
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self'; script-src 'self'; img-src 'self' data:; report-uri /Error/ContentSecurityPolicy; frame-ancestors 'none'
Strict-Transport-Security max-age=30000000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:path
/Content/fonts/lato/Lato-Light.ttf
pragma
no-cache
origin
https://blue.customer-portal.playground.nonprod.globaldatacompany.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
blue.customer-portal.playground.nonprod.globaldatacompany.com
referer
https://blue.customer-portal.playground.nonprod.globaldatacompany.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://blue.customer-portal.playground.nonprod.globaldatacompany.com
Referer
https://blue.customer-portal.playground.nonprod.globaldatacompany.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
max-age=86400
date
Mon, 24 May 2021 23:50:25 GMT
x-content-type-options
nosniff
last-modified
Fri, 14 May 2021 16:17:02 GMT
server
Microsoft-IIS/10.0
etag
"0939592dc48d71:0"
x-frame-options
DENY
content-type
application/octet-stream
cache-control
private, max-age=86400
content-security-policy
default-src 'self'; style-src 'self'; script-src 'self'; img-src 'self' data:; report-uri /Error/ContentSecurityPolicy; frame-ancestors 'none'
strict-transport-security
max-age=30000000
accept-ranges
bytes
content-length
122524
x-xss-protection
1; mode=block
referrer-policy
strict-origin

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| global function| $ function| jQuery object| React object| ReactDOM function| P function| moment function| linkify object| core object| __core-js_shared__ function| setImmediate function| clearImmediate object| regeneratorRuntime function| classNames function| _classCallCheck function| _possibleConstructorReturn function| _inherits function| _createClass function| LoginPage function| TextField

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; frame-src api-a2e1256d.duosecurity.com; style-src 'self' 'unsafe-inline'; script-src 'self'; img-src 'self' data:; report-uri /Error/ContentSecurityPolicy; frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block