urlscan.io logo urlscan.io
SecurityTrails logo

expenseadmin.eurocard.com Open in urlscan Pro
195.110.45.218  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://t.info.eurocard.se/r/?id=3Dha588f47,120d03f9,120dd0f9
Effective URL: https://expenseadmin.eurocard.com/
Submission: On April 19 via manual from PT — Scanned from SE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 4 countries across 4 domains to perform 13 HTTP transactions. The main IP is 195.110.45.218, located in Sweden and belongs to S24, SE. The main domain is expenseadmin.eurocard.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on April 28th 2022. Valid for: a year.
This is the only time expenseadmin.eurocard.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 3.250.249.143 16509 (AMAZON-02)
10 195.110.45.218 49949 (S24)
1 34.120.195.249 396982 (GOOGLE-CL...)
1 1 35.190.13.22 15169 (GOOGLE)
1 156.146.33.18 60068 (CDN77 ^_^)
13 4
1    3.250.249.143 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-250-249-143.eu-west-1.compute.amazonaws.com
t.info.eurocard.se
10    195.110.45.218 (Sweden)

ASN49949 (S24, SE)
expenseadmin.eurocard.com
1    34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com
o309727.ingest.sentry.io
1    35.190.13.22 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 22.13.190.35.bc.googleusercontent.com
inlinemanual.com
1    156.146.33.18 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: 494557430.fra.cdn77.com
cdn.inlinemanual.com
Apex Domain
Subdomains		 Transfer
10 eurocard.com
expenseadmin.eurocard.com
2 MB
2 inlinemanual.com
inlinemanual.com — Cisco Umbrella Rank: 38041
cdn.inlinemanual.com — Cisco Umbrella Rank: 41542
225 KB
1 sentry.io
o309727.ingest.sentry.io
301 B
1 eurocard.se
t.info.eurocard.se
417 B
13 4
Domain Requested by
10 expenseadmin.eurocard.com expenseadmin.eurocard.com
1 cdn.inlinemanual.com
1 inlinemanual.com 1 redirects
1 o309727.ingest.sentry.io expenseadmin.eurocard.com
1 t.info.eurocard.se 1 redirects
13 5

This site contains no links.

Subject Issuer Validity Valid
expenseadmin.eurocard.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-28 -
2023-05-29		 a year crt.sh
*.ingest.sentry.io
R3		 2023-04-17 -
2023-07-16		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://expenseadmin.eurocard.com/
Frame ID: 7976554BCFB92145A9C3B9FBAFDDF24E
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Eurocard Expense Admin

Page URL History Show full URLs

  1. https://t.info.eurocard.se/r/?id=3Dha588f47,120d03f9,120dd0f9 HTTP 302
    https://expenseadmin.eurocard.com/ Page URL

Page Statistics

13
Requests

85 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

4
IPs

4
Countries

1863 kB
Transfer

5977 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t.info.eurocard.se/r/?id=3Dha588f47,120d03f9,120dd0f9 HTTP 302
    https://expenseadmin.eurocard.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://inlinemanual.com/embed/player.3df24bc7638938f7f6c56b66372422e4.bare.js HTTP 301
  • https://cdn.inlinemanual.com/embed/player.3df24bc7638938f7f6c56b66372422e4.bare.js

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
expenseadmin.eurocard.com/
Redirect Chain
  • https://t.info.eurocard.se/r/?id=3Dha588f47,120d03f9,120dd0f9
  • https://expenseadmin.eurocard.com/
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://expenseadmin.eurocard.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.110.45.218 , Sweden, ASN49949 (S24, SE),
Reverse DNS
Software
/
Resource Hash
9eacce22421e12067627cffd0c3df2670b9cbcf813d9e0922767aab6f3395edf
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' data: https://*.sentry.io *.inlinemanual.com https://api.amplitude.com https://*.cardlay.com; default-src 'none'; font-src 'self' https://app.inlinemanual.com https://fonts.gstatic.com data:; frame-src 'self' https://*.cardlay.com; img-src 'self' https://*.amazonaws.com https://*.inlinemanual.com https://ssl.google-analytics.com blob: data:; manifest-src 'self'; media-src 'self'; script-src 'self' https://ssl.google-analytics.com https://*.cardlay.com https://inlinemanual.com https://*.inlinemanual.com; style-src 'self' 'unsafe-inline' https://*.inlinemanual.com https://fonts.googleapis.com;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

Cache-Control
no-cache
Content-Encoding
gzip
Content-Security-Policy
base-uri 'none'; connect-src 'self' data: https://*.sentry.io *.inlinemanual.com https://api.amplitude.com https://*.cardlay.com; default-src 'none'; font-src 'self' https://app.inlinemanual.com https://fonts.gstatic.com data:; frame-src 'self' https://*.cardlay.com; img-src 'self' https://*.amazonaws.com https://*.inlinemanual.com https://ssl.google-analytics.com blob: data:; manifest-src 'self'; media-src 'self'; script-src 'self' https://ssl.google-analytics.com https://*.cardlay.com https://inlinemanual.com https://*.inlinemanual.com; style-src 'self' 'unsafe-inline' https://*.inlinemanual.com https://fonts.googleapis.com;
Content-Type
text/html
Date
Wed, 19 Apr 2023 14:53:21 GMT
ETag
W/"64099733-741"
Expires
Wed, 19 Apr 2023 14:53:20 GMT
Last-Modified
Thu, 09 Mar 2023 08:22:11 GMT
Referrer-Policy
no-referrer-when-downgrade
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1;mode=block

Redirect headers

content-length
17
content-type
text/plain; charset=utf-8
date
Wed, 19 Apr 2023 14:53:21 GMT
location
https://expenseadmin.eurocard.com
p3p
CP="CAO DSP COR CURa DEVa TAIa OUR BUS IND UNI COM NAV"
server
Apache
x-robots-tag
noindex
2.86ea657f.chunk.css
expenseadmin.eurocard.com/static/css/ 		41 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://expenseadmin.eurocard.com/static/css/2.86ea657f.chunk.css
Requested by
Host: expenseadmin.eurocard.com
URL: https://expenseadmin.eurocard.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.110.45.218 , Sweden, ASN49949 (S24, SE),
Reverse DNS
Software
/
Resource Hash
e95defcc65d0f5a74bf77d775854c28deae978269a0849f72320a521415ad57e
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' data: https://*.sentry.io *.inlinemanual.com https://api.amplitude.com https://*.cardlay.com; default-src 'none'; font-src 'self' https://app.inlinemanual.com https://fonts.gstatic.com data:; frame-src 'self' https://*.cardlay.com; img-src 'self' https://*.amazonaws.com https://*.inlinemanual.com https://ssl.google-analytics.com blob: data:; manifest-src 'self'; media-src 'self'; script-src 'self' https://ssl.google-analytics.com https://*.cardlay.com https://inlinemanual.com https://*.inlinemanual.com; style-src 'self' 'unsafe-inline' https://*.inlinemanual.com https://fonts.googleapis.com;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://expenseadmin.eurocard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 19 Apr 2023 14:53:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
base-uri 'none'; connect-src 'self' data: https://*.sentry.io *.inlinemanual.com https://api.amplitude.com https://*.cardlay.com; default-src 'none'; font-src 'self' https://app.inlinemanual.com https://fonts.gstatic.com data:; frame-src 'self' https://*.cardlay.com; img-src 'self' https://*.amazonaws.com https://*.inlinemanual.com https://ssl.google-analytics.com blob: data:; manifest-src 'self'; media-src 'self'; script-src 'self' https://ssl.google-analytics.com https://*.cardlay.com https://inlinemanual.com https://*.inlinemanual.com; style-src 'self' 'unsafe-inline' https://*.inlinemanual.com https://fonts.googleapis.com;
Last-Modified
Thu, 09 Mar 2023 08:22:11 GMT
Referrer-Policy
no-referrer-when-downgrade
Strict-Transport-Security
max-age=31536000
ETag
W/"64099733-a3c4"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Transfer-Encoding
chunked
Cache-Control
max-age=604800, public
X-XSS-Protection
1;mode=block
Expires
Wed, 26 Apr 2023 14:53:20 GMT
main.9cbdf41c.chunk.css
expenseadmin.eurocard.com/static/css/ 		246 KB
57 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://expenseadmin.eurocard.com/static/css/main.9cbdf41c.chunk.css
Requested by
Host: expenseadmin.eurocard.com
URL: https://expenseadmin.eurocard.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.110.45.218 , Sweden, ASN49949 (S24, SE),
Reverse DNS
Software
/
Resource Hash
e70e97cc8b53d676e6f4a7ddd79c2878201e7e3f5cb401ff63a6f6c0f84c6a16
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' data: https://*.sentry.io *.inlinemanual.com https://api.amplitude.com https://*.cardlay.com; default-src 'none'; font-src 'self' https://app.inlinemanual.com https://fonts.gstatic.com data:; frame-src 'self' https://*.cardlay.com; img-src 'self' https://*.amazonaws.com https://*.inlinemanual.com https://ssl.google-analytics.com blob: data:; manifest-src 'self'; media-src 'self'; script-src 'self' https://ssl.google-analytics.com https://*.cardlay.com https://inlinemanual.com https://*.inlinemanual.com; style-src 'self' 'unsafe-inline' https://*.inlinemanual.com https://fonts.googleapis.com;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://expenseadmin.eurocard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 19 Apr 2023 14:53:21 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
base-uri 'none'; connect-src 'self' data: https://*.sentry.io *.inlinemanual.com https://api.amplitude.com https://*.cardlay.com; default-src 'none'; font-src 'self' https://app.inlinemanual.com https://fonts.gstatic.com data:; frame-src 'self' https://*.cardlay.com; img-src 'self' https://*.amazonaws.com https://*.inlinemanual.com https://ssl.google-analytics.com blob: data:; manifest-src 'self'; media-src 'self'; script-src 'self' https://ssl.google-analytics.com https://*.cardlay.com https://inlinemanual.com https://*.inlinemanual.com; style-src 'self' 'unsafe-inline' https://*.inlinemanual.com https://fonts.googleapis.com;
Last-Modified
Thu, 09 Mar 2023 08:22:11 GMT
Referrer-Policy
no-referrer-when-downgrade
Strict-Transport-Security
max-age=31536000
ETag
W/"64099733-3d776"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Transfer-Encoding
chunked
Cache-Control
max-age=604800, public
X-XSS-Protection
1;mode=block
Expires
Wed, 26 Apr 2023 14:53:21 GMT
runtime-main.811118ff.js
expenseadmin.eurocard.com/static/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://expenseadmin.eurocard.com/static/js/runtime-main.811118ff.js
Requested by
Host: expenseadmin.eurocard.com
URL: https://expenseadmin.eurocard.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.110.45.218 , Sweden, ASN49949 (S24, SE),
Reverse DNS
Software
/
Resource Hash
8714847879dc76cc3004a7c43031b3f48ef8418ed4ba0f1e1adeb8ccb5cdf3e7
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' data: https://*.sentry.io *.inlinemanual.com https://api.amplitude.com https://*.cardlay.com; default-src 'none'; font-src 'self' https://app.inlinemanual.com https://fonts.gstatic.com data:; frame-src 'self' https://*.cardlay.com; img-src 'self' https://*.amazonaws.com https://*.inlinemanual.com https://ssl.google-analytics.com blob: data:; manifest-src 'self'; media-src 'self'; script-src 'self' https://ssl.google-analytics.com https://*.cardlay.com https://inlinemanual.com https://*.inlinemanual.com; style-src 'self' 'unsafe-inline' https://*.inlinemanual.com https://fonts.googleapis.com;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://expenseadmin.eurocard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 19 Apr 2023 14:53:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
base-uri 'none'; connect-src 'self' data: https://*.sentry.io *.inlinemanual.com https://api.amplitude.com https://*.cardlay.com; default-src 'none'; font-src 'self' https://app.inlinemanual.com https://fonts.gstatic.com data:; frame-src 'self' https://*.cardlay.com; img-src 'self' https://*.amazonaws.com https://*.inlinemanual.com https://ssl.google-analytics.com blob: data:; manifest-src 'self'; media-src 'self'; script-src 'self' https://ssl.google-analytics.com https://*.cardlay.com https://inlinemanual.com https://*.inlinemanual.com; style-src 'self' 'unsafe-inline' https://*.inlinemanual.com https://fonts.googleapis.com;
Last-Modified
Thu, 09 Mar 2023 08:22:11 GMT
Referrer-Policy
no-referrer-when-downgrade
Strict-Transport-Security
max-age=31536000
ETag
W/"64099733-60b"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Transfer-Encoding
chunked
Cache-Control
max-age=604800, public
X-XSS-Protection
1;mode=block
Expires
Wed, 26 Apr 2023 14:53:20 GMT
2.eb37f4a1.chunk.js
expenseadmin.eurocard.com/static/js/ 		3 MB
930 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://expenseadmin.eurocard.com/static/js/2.eb37f4a1.chunk.js
Requested by
Host: expenseadmin.eurocard.com
URL: https://expenseadmin.eurocard.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.110.45.218 , Sweden, ASN49949 (S24, SE),
Reverse DNS
Software
/
Resource Hash
555e8d9efcfa6b1f388a4c3126242e58a4a930c5a16345f02b7acaa5044f1a23
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' data: https://*.sentry.io *.inlinemanual.com https://api.amplitude.com https://*.cardlay.com; default-src 'none'; font-src 'self' https://app.inlinemanual.com https://fonts.gstatic.com data:; frame-src 'self' https://*.cardlay.com; img-src 'self' https://*.amazonaws.com https://*.inlinemanual.com https://ssl.google-analytics.com blob: data:; manifest-src 'self'; media-src 'self'; script-src 'self' https://ssl.google-analytics.com https://*.cardlay.com https://inlinemanual.com https://*.inlinemanual.com; style-src 'self' 'unsafe-inline' https://*.inlinemanual.com https://fonts.googleapis.com;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://expenseadmin.eurocard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 19 Apr 2023 14:53:21 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
base-uri 'none'; connect-src 'self' data: https://*.sentry.io *.inlinemanual.com https://api.amplitude.com https://*.cardlay.com; default-src 'none'; font-src 'self' https://app.inlinemanual.com https://fonts.gstatic.com data:; frame-src 'self' https://*.cardlay.com; img-src 'self' https://*.amazonaws.com https://*.inlinemanual.com https://ssl.google-analytics.com blob: data:; manifest-src 'self'; media-src 'self'; script-src 'self' https://ssl.google-analytics.com https://*.cardlay.com https://inlinemanual.com https://*.inlinemanual.com; style-src 'self' 'unsafe-inline' https://*.inlinemanual.com https://fonts.googleapis.com;
Last-Modified
Thu, 09 Mar 2023 08:22:11 GMT
Referrer-Policy
no-referrer-when-downgrade
Strict-Transport-Security
max-age=31536000
ETag
W/"64099733-2cd517"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Transfer-Encoding
chunked
Cache-Control
max-age=604800, public
X-XSS-Protection
1;mode=block
Expires
Wed, 26 Apr 2023 14:53:21 GMT
main.74ea50f2.chunk.js
expenseadmin.eurocard.com/static/js/ 		2 MB
447 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://expenseadmin.eurocard.com/static/js/main.74ea50f2.chunk.js
Requested by
Host: expenseadmin.eurocard.com
URL: https://expenseadmin.eurocard.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.110.45.218 , Sweden, ASN49949 (S24, SE),
Reverse DNS
Software
/
Resource Hash
fd3ac2e6b3cf205caeeb9502cc21bf3aa1fcc4c87a96ac32426a19495d95a569
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' data: https://*.sentry.io *.inlinemanual.com https://api.amplitude.com https://*.cardlay.com; default-src 'none'; font-src 'self' https://app.inlinemanual.com https://fonts.gstatic.com data:; frame-src 'self' https://*.cardlay.com; img-src 'self' https://*.amazonaws.com https://*.inlinemanual.com https://ssl.google-analytics.com blob: data:; manifest-src 'self'; media-src 'self'; script-src 'self' https://ssl.google-analytics.com https://*.cardlay.com https://inlinemanual.com https://*.inlinemanual.com; style-src 'self' 'unsafe-inline' https://*.inlinemanual.com https://fonts.googleapis.com;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://expenseadmin.eurocard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 19 Apr 2023 14:53:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
base-uri 'none'; connect-src 'self' data: https://*.sentry.io *.inlinemanual.com https://api.amplitude.com https://*.cardlay.com; default-src 'none'; font-src 'self' https://app.inlinemanual.com https://fonts.gstatic.com data:; frame-src 'self' https://*.cardlay.com; img-src 'self' https://*.amazonaws.com https://*.inlinemanual.com https://ssl.google-analytics.com blob: data:; manifest-src 'self'; media-src 'self'; script-src 'self' https://ssl.google-analytics.com https://*.cardlay.com https://inlinemanual.com https://*.inlinemanual.com; style-src 'self' 'unsafe-inline' https://*.inlinemanual.com https://fonts.googleapis.com;
Last-Modified
Thu, 09 Mar 2023 08:22:11 GMT
Referrer-Policy
no-referrer-when-downgrade
Strict-Transport-Security
max-age=31536000
ETag
W/"64099733-184d4f"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Transfer-Encoding
chunked
Cache-Control
max-age=604800, public
X-XSS-Protection
1;mode=block
Expires
Wed, 26 Apr 2023 14:53:20 GMT
config
expenseadmin.eurocard.com/ 		528 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://expenseadmin.eurocard.com/config
Requested by
Host: expenseadmin.eurocard.com
URL: https://expenseadmin.eurocard.com/static/js/main.74ea50f2.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.110.45.218 , Sweden, ASN49949 (S24, SE),
Reverse DNS
Software
/
Resource Hash
2877db10c2a0d62f0eeb3a7df97135369b34dd465dfd57566e2526254ca7a7d1
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' data: https://*.sentry.io *.inlinemanual.com https://api.amplitude.com https://*.cardlay.com; default-src 'none'; font-src 'self' https://app.inlinemanual.com https://fonts.gstatic.com data:; frame-src 'self' https://*.cardlay.com; img-src 'self' https://*.amazonaws.com https://*.inlinemanual.com https://ssl.google-analytics.com blob: data:; manifest-src 'self'; media-src 'self'; script-src 'self' https://ssl.google-analytics.com https://*.cardlay.com https://inlinemanual.com https://*.inlinemanual.com; style-src 'self' 'unsafe-inline' https://*.inlinemanual.com https://fonts.googleapis.com;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://expenseadmin.eurocard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 19 Apr 2023 14:53:22 GMT
Content-Security-Policy
base-uri 'none'; connect-src 'self' data: https://*.sentry.io *.inlinemanual.com https://api.amplitude.com https://*.cardlay.com; default-src 'none'; font-src 'self' https://app.inlinemanual.com https://fonts.gstatic.com data:; frame-src 'self' https://*.cardlay.com; img-src 'self' https://*.amazonaws.com https://*.inlinemanual.com https://ssl.google-analytics.com blob: data:; manifest-src 'self'; media-src 'self'; script-src 'self' https://ssl.google-analytics.com https://*.cardlay.com https://inlinemanual.com https://*.inlinemanual.com; style-src 'self' 'unsafe-inline' https://*.inlinemanual.com https://fonts.googleapis.com;
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000
Referrer-Policy
no-referrer-when-downgrade
X-Frame-Options
SAMEORIGIN
Content-Type
application/octet-stream, application/json
Content-Length
528
X-XSS-Protection
1;mode=block
/
o309727.ingest.sentry.io/api/5647093/envelope/ 		2 B
301 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o309727.ingest.sentry.io/api/5647093/envelope/?sentry_key=772894ffde0548b180dfda6c977ed296&sentry_version=7
Requested by
Host: expenseadmin.eurocard.com
URL: https://expenseadmin.eurocard.com/static/js/2.eb37f4a1.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://expenseadmin.eurocard.com/
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 19 Apr 2023 14:53:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
player.3df24bc7638938f7f6c56b66372422e4.bare.js
cdn.inlinemanual.com/embed/
Redirect Chain
  • https://inlinemanual.com/embed/player.3df24bc7638938f7f6c56b66372422e4.bare.js
  • https://cdn.inlinemanual.com/embed/player.3df24bc7638938f7f6c56b66372422e4.bare.js
1 MB
225 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.inlinemanual.com/embed/player.3df24bc7638938f7f6c56b66372422e4.bare.js
Protocol
H2
Server
156.146.33.18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
494557430.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash
2a11e7b4707487f46436cca740fbb4b8bb81dc238a97209f261cf3c777aa5e83

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://expenseadmin.eurocard.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Wed, 19 Apr 2023 14:53:23 GMT
content-encoding
gzip
x-cache
REVALIDATED
x-77-cache
HIT
x-age
4033
x-77-nzt
AZySIRC7oGTewQ8AAA
x-accel-expires
@1681916093
last-modified
Wed, 05 Apr 2023 14:38:47 GMT
server
CDN77-Turbo
etag
W/"642d87f7-10c8ae"
x-77-nzt-ray
f6587a1da83ba81363004064bd80f727
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=90

Redirect headers

location
https://cdn.inlinemanual.com/embed/player.3df24bc7638938f7f6c56b66372422e4.bare.js
date
Wed, 19 Apr 2023 14:53:23 GMT
via
1.1 google
server
nginx/1.18.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
169
content-type
text/html
logo.svg
expenseadmin.eurocard.com/theme/eurocard/ 		0
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://expenseadmin.eurocard.com/theme/eurocard/logo.svg
Requested by
Host: expenseadmin.eurocard.com
URL: https://expenseadmin.eurocard.com/static/js/2.eb37f4a1.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.110.45.218 , Sweden, ASN49949 (S24, SE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' data: https://*.sentry.io *.inlinemanual.com https://api.amplitude.com https://*.cardlay.com; default-src 'none'; font-src 'self' https://app.inlinemanual.com https://fonts.gstatic.com data:; frame-src 'self' https://*.cardlay.com; img-src 'self' https://*.amazonaws.com https://*.inlinemanual.com https://ssl.google-analytics.com blob: data:; manifest-src 'self'; media-src 'self'; script-src 'self' https://ssl.google-analytics.com https://*.cardlay.com https://inlinemanual.com https://*.inlinemanual.com; style-src 'self' 'unsafe-inline' https://*.inlinemanual.com https://fonts.googleapis.com;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Accept
*/*
Referer
https://expenseadmin.eurocard.com/login
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
ignore-www-authenticate
true
Content-Type
application/json

Response headers

Date
Wed, 19 Apr 2023 14:53:22 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
base-uri 'none'; connect-src 'self' data: https://*.sentry.io *.inlinemanual.com https://api.amplitude.com https://*.cardlay.com; default-src 'none'; font-src 'self' https://app.inlinemanual.com https://fonts.gstatic.com data:; frame-src 'self' https://*.cardlay.com; img-src 'self' https://*.amazonaws.com https://*.inlinemanual.com https://ssl.google-analytics.com blob: data:; manifest-src 'self'; media-src 'self'; script-src 'self' https://ssl.google-analytics.com https://*.cardlay.com https://inlinemanual.com https://*.inlinemanual.com; style-src 'self' 'unsafe-inline' https://*.inlinemanual.com https://fonts.googleapis.com;
Last-Modified
Thu, 09 Mar 2023 08:17:34 GMT
Referrer-Policy
no-referrer-when-downgrade
Strict-Transport-Security
max-age=31536000
ETag
W/"6409961e-1a41"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Transfer-Encoding
chunked
X-XSS-Protection
1;mode=block
truncated
/ 		281 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a828226cbda1bb01004c6d8301d7350974863f1d9e56efbddc32f643e0eddf47

Request headers

accept-language
se-SE,se;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
logo.svg
expenseadmin.eurocard.com/theme/eurocard/ 		0
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://expenseadmin.eurocard.com/theme/eurocard/logo.svg
Requested by
Host: expenseadmin.eurocard.com
URL: https://expenseadmin.eurocard.com/static/js/2.eb37f4a1.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.110.45.218 , Sweden, ASN49949 (S24, SE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' data: https://*.sentry.io *.inlinemanual.com https://api.amplitude.com https://*.cardlay.com; default-src 'none'; font-src 'self' https://app.inlinemanual.com https://fonts.gstatic.com data:; frame-src 'self' https://*.cardlay.com; img-src 'self' https://*.amazonaws.com https://*.inlinemanual.com https://ssl.google-analytics.com blob: data:; manifest-src 'self'; media-src 'self'; script-src 'self' https://ssl.google-analytics.com https://*.cardlay.com https://inlinemanual.com https://*.inlinemanual.com; style-src 'self' 'unsafe-inline' https://*.inlinemanual.com https://fonts.googleapis.com;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Accept
*/*
Referer
https://expenseadmin.eurocard.com/login
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
ignore-www-authenticate
true
Content-Type
application/json

Response headers

Date
Wed, 19 Apr 2023 14:53:22 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
base-uri 'none'; connect-src 'self' data: https://*.sentry.io *.inlinemanual.com https://api.amplitude.com https://*.cardlay.com; default-src 'none'; font-src 'self' https://app.inlinemanual.com https://fonts.gstatic.com data:; frame-src 'self' https://*.cardlay.com; img-src 'self' https://*.amazonaws.com https://*.inlinemanual.com https://ssl.google-analytics.com blob: data:; manifest-src 'self'; media-src 'self'; script-src 'self' https://ssl.google-analytics.com https://*.cardlay.com https://inlinemanual.com https://*.inlinemanual.com; style-src 'self' 'unsafe-inline' https://*.inlinemanual.com https://fonts.googleapis.com;
Last-Modified
Thu, 09 Mar 2023 08:17:34 GMT
Referrer-Policy
no-referrer-when-downgrade
Strict-Transport-Security
max-age=31536000
ETag
W/"6409961e-1a41"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Transfer-Encoding
chunked
X-XSS-Protection
1;mode=block
bg1.jpg
expenseadmin.eurocard.com/theme/eurocard/login/ 		181 KB
182 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://expenseadmin.eurocard.com/theme/eurocard/login/bg1.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.110.45.218 , Sweden, ASN49949 (S24, SE),
Reverse DNS
Software
/
Resource Hash
e74f29b51d8cbb3c3fd2f95f453a43e9d30d72bd78e1d3cd831a80d5c522fa9a
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' data: https://*.sentry.io *.inlinemanual.com https://api.amplitude.com https://*.cardlay.com; default-src 'none'; font-src 'self' https://app.inlinemanual.com https://fonts.gstatic.com data:; frame-src 'self' https://*.cardlay.com; img-src 'self' https://*.amazonaws.com https://*.inlinemanual.com https://ssl.google-analytics.com blob: data:; manifest-src 'self'; media-src 'self'; script-src 'self' https://ssl.google-analytics.com https://*.cardlay.com https://inlinemanual.com https://*.inlinemanual.com; style-src 'self' 'unsafe-inline' https://*.inlinemanual.com https://fonts.googleapis.com;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://expenseadmin.eurocard.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Wed, 19 Apr 2023 14:53:22 GMT
Content-Security-Policy
base-uri 'none'; connect-src 'self' data: https://*.sentry.io *.inlinemanual.com https://api.amplitude.com https://*.cardlay.com; default-src 'none'; font-src 'self' https://app.inlinemanual.com https://fonts.gstatic.com data:; frame-src 'self' https://*.cardlay.com; img-src 'self' https://*.amazonaws.com https://*.inlinemanual.com https://ssl.google-analytics.com blob: data:; manifest-src 'self'; media-src 'self'; script-src 'self' https://ssl.google-analytics.com https://*.cardlay.com https://inlinemanual.com https://*.inlinemanual.com; style-src 'self' 'unsafe-inline' https://*.inlinemanual.com https://fonts.googleapis.com;
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000
Last-Modified
Thu, 09 Mar 2023 08:17:34 GMT
Referrer-Policy
no-referrer-when-downgrade
ETag
"6409961e-2d474"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Length
185460
X-XSS-Protection
1;mode=block
Expires
Wed, 19 Apr 2023 14:53:21 GMT
c8ea9f33-11bc-4488-a1fd-f0aadba48997
https://expenseadmin.eurocard.com/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
blob:https://expenseadmin.eurocard.com/c8ea9f33-11bc-4488-a1fd-f0aadba48997
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d40e6c887406153a3d7fd099c13b08beac5783d48812466fa875dcf1ea8bff0f

Request headers

accept-language
se-SE,se;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length
6721
Content-Type
image/svg+xml

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| webpackJsonptem function| setImmediate function| clearImmediate object| regeneratorRuntime object| scCGSHMRCache function| _ object| __SENTRY__ number| 2f1acc6c3a606b082e5eef5e54414ffb function| config object| im object| inlineManualOptions function| InlineManualPlayer function| createInlineManualPlayer object| inlineManualPlayerData

3 Cookies

Domain/Path Name / Value
.eurocard.se/ Name: AMCV_445F3E105A00EFD60A495E5D%40AdobeOrg
Value: MCMID%7C04097571973465374713242591731706757119
.eurocard.se/ Name: nlid
Value: a588f47|120d03f9
.eurocard.se/ Name: nllastdelid
Value: 120d03f9

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy base-uri 'none'; connect-src 'self' data: https://*.sentry.io *.inlinemanual.com https://api.amplitude.com https://*.cardlay.com; default-src 'none'; font-src 'self' https://app.inlinemanual.com https://fonts.gstatic.com data:; frame-src 'self' https://*.cardlay.com; img-src 'self' https://*.amazonaws.com https://*.inlinemanual.com https://ssl.google-analytics.com blob: data:; manifest-src 'self'; media-src 'self'; script-src 'self' https://ssl.google-analytics.com https://*.cardlay.com https://inlinemanual.com https://*.inlinemanual.com; style-src 'self' 'unsafe-inline' https://*.inlinemanual.com https://fonts.googleapis.com;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block