yev-test.prompt.security Open in urlscan Pro
172.67.73.57 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://yev-test.prompt.security/
Submission Tags: @ecarlesi possiblethreat phishing Search All
Submission: On November 11 via api (November 11th 2024, 9:39:00 pm UTC) from IT — Scanned from IT

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 1 countries across 4 domains to perform 14 HTTP transactions. The main IP is 172.67.73.57, located in United States and belongs to CLOUDFLARENET, US. The main domain is yev-test.prompt.security.
TLS certificate: Issued by WE1 on September 14th 2024. Valid for: 3 months.

This is the only time yev-test.prompt.security was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	172.67.73.57 172.67.73.57	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	216.58.212.170 216.58.212.170	15169 (GOOGLE) (GOOGLE)
1	216.58.212.131 216.58.212.131	15169 (GOOGLE) (GOOGLE)
3	18.239.36.72 18.239.36.72	16509 (AMAZON-02) (AMAZON-02)
14	5

5 172.67.73.57 (United States)

ASN13335 (CLOUDFLARENET, US)

yev-test.prompt.security	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.131 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f131.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.239.36.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-36-72.ams58.r.cloudfront.net

auth.prompt.security	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	prompt.security yev-test.prompt.security auth.prompt.security	2 MB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	2 KB
1	gstatic.com fonts.gstatic.com	37 KB
0	frontegg.com Failed assets.frontegg.com Failed
14	4

	Domain	Requested by
5	yev-test.prompt.security	yev-test.prompt.security
3	auth.prompt.security	yev-test.prompt.security
2	fonts.googleapis.com	yev-test.prompt.security
1	fonts.gstatic.com	fonts.googleapis.com
0	assets.frontegg.com Failed	yev-test.prompt.security
14	5

This site contains no links.

Subject Issuer	Validity	Valid
prompt.security WE1	`2024-09-14` - `2024-12-13`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
auth.prompt.security Amazon RSA 2048 M02	`2024-09-18` - `2025-10-17`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://yev-test.prompt.security/
Frame ID: 3860A1CFDB64345C816CCFD06E968642
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Prompt Security

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

14
Requests

79 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

5
IPs

1
Countries

2598 kB
Transfer

10941 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
yev-test.prompt.security/ 1013 B
2 KB 882ms
290ms Document
text/html 172.67.73.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://yev-test.prompt.security/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.73.57 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b470633076844ee142ff12021fc1a405df7b8e8b0c9eb60d6d30d9a2b19af358

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://prompt.console.ves.volterra.io;
Strict-Transport-Security	max-age=31536000; includeSubDomains max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8e116e822cf083a0-MXP
content-encoding: br
content-security-policy: frame-ancestors 'self' https://prompt.console.ves.volterra.io;
content-security-policy-report-only: default-src 'self'; script-src 'self' https://cdn.pendo.io https://www.clarity.ms; font-src 'self' https://fonts.gstatic.com; style-src 'self' https://fonts.googleapis.com; frame-ancestors 'self' https://prompt.console.ves.volterra.io; block-all-mixed-content; object-src 'none';
content-type: text/html
date: Mon, 11 Nov 2024 21:38:52 GMT
expect-ct: max-age=86400, enforce
last-modified: Sun, 10 Nov 2024 13:47:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jtxLyBbts3rhpMSszAxUpkOSypbHYcieGyex1%2Bzb%2FsA89wn7%2B7rkwAUKUm8F6yiVB6Fio7J%2BhIwQmE8lxQ47rxd2OQc%2B5AyZLiQj9s%2BwLBNhuaKzLeRmi67l6FUIcMPZI4Z%2FeQroOg46ew%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=16588&sent=11&recv=11&lost=0&retrans=3&sent_bytes=7453&recv_bytes=2396&delivery_rate=72945&cwnd=251&unsent_bytes=0&cid=75d0762197ad3664&ts=422&x=0"
strict-transport-security: max-age=31536000; includeSubDomains max-age=63072000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 css2
fonts.googleapis.com/ 17 KB
1 KB 592ms
91ms Stylesheet
text/css 216.58.212.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=DM+Sans:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;0,1000;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900;1,1000&display=swap

Requested by

Host: yev-test.prompt.security
URL: https://yev-test.prompt.security/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f10.1e100.net

Software

ESF /

Resource Hash

d97b2cb7b5687a7c3a48c108647b0d7e68f5ca0ba4ee23e7392f1acc3b909192

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://yev-test.prompt.security/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 11 Nov 2024 21:38:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 11 Nov 2024 21:38:52 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Mon, 11 Nov 2024 21:38:52 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
630 B 608ms
108ms Stylesheet
text/css 216.58.212.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=DM+Mono:ital,wght@0,300;0,400;0,500;1,300;1,400;1,500&display=swap

Requested by

Host: yev-test.prompt.security
URL: https://yev-test.prompt.security/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f10.1e100.net

Software

ESF /

Resource Hash

f50dc598abcd1441903e452fffc47e5dd1d73f1870d88f2d23d6fb1d88a8797c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://yev-test.prompt.security/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 11 Nov 2024 21:38:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 11 Nov 2024 21:38:52 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Mon, 11 Nov 2024 20:59:50 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 main.e713c987.js Show response
yev-test.prompt.security/static/js/ 10 MB
2 MB 407ms
407ms Script
application/javascript 172.67.73.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://yev-test.prompt.security/static/js/main.e713c987.js

Requested by

Host: yev-test.prompt.security
URL: https://yev-test.prompt.security/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.73.57 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

504a9ecc763aa032b59615d018fb96e9ad6c35b3bd979ea6ed0c8f2ca1c453db

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://prompt.console.ves.volterra.io;
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://yev-test.prompt.security/

Response headers

content-encoding: br
cf-cache-status: MISS
etag: W/"6730b965-a4bb90"
expect-ct: max-age=86400, enforce
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ln6z46s8hhEolgM7OAawuCIqoemkwwNj%2BkrrHjIpPxQ1aVmpZcOJiz3w2n04ECveHSUKPwUKK7%2BxJpuUy1j1tpZKvQgniVU3Kl0I1IA3rdpnB0X9ScBjbRUNYTA0xTVN%2B%2F1mvx3qXjGgGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=21380&sent=17&recv=14&lost=0&retrans=3&sent_bytes=9592&recv_bytes=2612&delivery_rate=166828&cwnd=254&unsent_bytes=0&cid=75d0762197ad3664&ts=847&x=0"
date: Mon, 11 Nov 2024 21:38:52 GMT
content-type: application/javascript
last-modified: Sun, 10 Nov 2024 13:47:17 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains, max-age=63072000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://prompt.console.ves.volterra.io;
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only: default-src 'self'; script-src 'self' https://cdn.pendo.io https://www.clarity.ms; font-src 'self' https://fonts.gstatic.com; style-src 'self' https://fonts.googleapis.com; frame-ancestors 'self' https://prompt.console.ves.volterra.io; block-all-mixed-content; object-src 'none';
referrer-policy: no-referrer-when-downgrade
cf-ray: 8e116e841fbf83a0-MXP
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 main.fb305ec4.css
yev-test.prompt.security/static/css/ 311 KB
39 KB 396ms
392ms Stylesheet
text/css 172.67.73.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://yev-test.prompt.security/static/css/main.fb305ec4.css

Requested by

Host: yev-test.prompt.security
URL: https://yev-test.prompt.security/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.73.57 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fcd1adcd5cf6b79eb27d29a2db18f471301a464cbbcf2479b0467d381d40c7a5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://prompt.console.ves.volterra.io;
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://yev-test.prompt.security/

Response headers

content-encoding: br
cf-cache-status: MISS
etag: W/"6730b965-4dd97"
expect-ct: max-age=86400, enforce
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gUV7X24YIvLfj%2FPXIC3zfu4QjsgPYthAjPXzQ5Cuc65MEi64DQ3GWGXsKT4HKgGES5YrklPbceoYbi66Xor6jdM0HkCANt04si%2Bv4NbCWjhkcjFZY1aWdU5nmDMzFJ09TYnZjvjSsm2pxw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=21380&sent=16&recv=14&lost=0&retrans=3&sent_bytes=9114&recv_bytes=2612&delivery_rate=166828&cwnd=254&unsent_bytes=0&cid=75d0762197ad3664&ts=821&x=0"
date: Mon, 11 Nov 2024 21:38:52 GMT
content-type: text/css
last-modified: Sun, 10 Nov 2024 13:47:17 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains, max-age=63072000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://prompt.console.ves.volterra.io;
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only: default-src 'self'; script-src 'self' https://cdn.pendo.io https://www.clarity.ms; font-src 'self' https://fonts.gstatic.com; style-src 'self' https://fonts.googleapis.com; frame-ancestors 'self' https://prompt.console.ves.volterra.io; block-all-mixed-content; object-src 'none';
referrer-policy: no-referrer-when-downgrade
cf-ray: 8e116e840f9f83a0-MXP
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 get-config Show response
yev-test.prompt.security/api/frontegg/ 92 B
617 B 138ms
137ms Fetch
application/json 172.67.73.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://yev-test.prompt.security/api/frontegg/get-config

Requested by

Host: yev-test.prompt.security
URL: https://yev-test.prompt.security/static/js/main.e713c987.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.73.57 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccaf91c2ec5f406b326ccb47c0cab0bafc56a460f4532e5ea1421a952430623c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://prompt.console.ves.volterra.io;
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://yev-test.prompt.security/

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
expect-ct: max-age=86400, enforce
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xXkd3zFckUq22q0IbNaE1oPv1MHW0uWuCAJd1zL9aQHF538svZIfn0ZLrYhKuaIzco7Yxh%2FpF6r49GVKJnZlyEIdHE38wyd8%2BLo8PtfVYJhy2EncmQ7xFy87FCLtzjLNEYVmqUMvpUqDSg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=38918&sent=2097&recv=127&lost=0&retrans=3&sent_bytes=2604122&recv_bytes=2825&delivery_rate=615546&cwnd=574&unsent_bytes=0&cid=75d0762197ad3664&ts=4289&x=0"
date: Mon, 11 Nov 2024 21:38:55 GMT
content-type: application/json; charset=utf-8
vary: Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains, max-age=63072000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://prompt.console.ves.volterra.io;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ratelimit-reset: 60
content-security-policy-report-only: default-src 'self'; script-src 'self' https://cdn.pendo.io https://www.clarity.ms; font-src 'self' https://fonts.gstatic.com; style-src 'self' https://fonts.googleapis.com; frame-ancestors 'self' https://prompt.console.ves.volterra.io; block-all-mixed-content; object-src 'none';
referrer-policy: no-referrer-when-downgrade
x-ratelimit-remaining: 999
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
cf-ray: 8e116e9b5e9f83a0-MXP
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-ratelimit-limit: 1000
server: cloudflare

GET
H2 200 rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K4.woff2
fonts.gstatic.com/s/dmsans/v15/ 36 KB
37 KB 674ms
35ms Font
font/woff2 216.58.212.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dmsans/v15/rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=DM+Sans:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;0,1000;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900;1,1000&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f131.1e100.net

Software

sffe /

Resource Hash

258f9f1b553bb57419619f41d3b1445226c7bc63d2a3409efef4a68426709e94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://yev-test.prompt.security
Referer: https://fonts.googleapis.com/

Response headers

age: 454501
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 06 Nov 2025 15:23:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 15:23:55 GMT
last-modified: Thu, 21 Mar 2024 23:58:47 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 36848
x-xss-protection: 0
server: sffe

GET
H2 200 favicon.ico
yev-test.prompt.security/ 11 KB
12 KB 521ms
521ms Other
image/x-icon 172.67.73.57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://yev-test.prompt.security/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.73.57 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d47c9f5abcf77543128059720f5f37e9e1eab3912390c85e413f612fe16635c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://prompt.console.ves.volterra.io;
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://yev-test.prompt.security/

Response headers

content-encoding: br
cf-cache-status: MISS
etag: W/"6730b965-2db5"
expect-ct: max-age=86400, enforce
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ny37t0cQwQ82%2BW7SlUewEg80jBR3mj9NuNMt7YMNrYk0lhR5CvTP9Q3GmbvYmoOlyM%2BtKKzloIWpsvf%2BQ1PEJt8fgVLULgtvaK178TSlbrOYKWhz8%2FabuGxwa7FYRhu3u6%2Fj0v1%2FI6pX9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=31489&sent=2100&recv=130&lost=0&retrans=3&sent_bytes=2604805&recv_bytes=2825&delivery_rate=615546&cwnd=574&unsent_bytes=0&cid=75d0762197ad3664&ts=4507&x=0"
date: Mon, 11 Nov 2024 21:38:56 GMT
content-type: image/x-icon
last-modified: Sun, 10 Nov 2024 13:47:17 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains, max-age=63072000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://prompt.console.ves.volterra.io;
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only: default-src 'self'; script-src 'self' https://cdn.pendo.io https://www.clarity.ms; font-src 'self' https://fonts.gstatic.com; style-src 'self' https://fonts.googleapis.com; frame-ancestors 'self' https://prompt.console.ves.volterra.io; block-all-mixed-content; object-src 'none';
referrer-policy: no-referrer-when-downgrade
cf-ray: 8e116e9b6ec183a0-MXP
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 flags Show response
auth.prompt.security/frontegg/ 16 KB
17 KB 1862ms
1403ms Fetch
application/json 18.239.36.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.prompt.security/frontegg/flags

Requested by

Host: yev-test.prompt.security
URL: https://yev-test.prompt.security/static/js/main.e713c987.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.36.72 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-36-72.ams58.r.cloudfront.net

Software

cloudflare /

Resource Hash

3e702dbbffd09b6c2adb22da8092849d82c8e9be307bebe234e8878f931f562b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://yev-test.prompt.security/
x-frontegg-framework: react@18.3.1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
x-frontegg-sdk: @frontegg/react@7.0.3

Response headers

access-control-expose-headers: frontegg-trace-id
cf-cache-status: DYNAMIC
etag: W/"3fbc-39kB76tqNyDBRSqQK4OrqqHT2Ww"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE,OPTIONS
x-cache: Miss from cloudfront
x-amz-cf-id: cDRF9e3LSQlYfMKXEXdiDbkBLTd2Qt3q9xaEN9mSOwepy3ThZetuLA==
date: Mon, 11 Nov 2024 21:38:58 GMT
content-type: application/json; charset=utf-8
x-frame-options: SAMEORIGIN
access-control-allow-headers: frontegg-trace-id
strict-transport-security: max-age=15552000; includeSubDomains
frontegg-trace-id: dd8bdc099cd83867cc7ebdb0140bfaaa
content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
cache-control: max-age=1, must-revalidate, private, no-transform
x-dns-prefetch-control: off
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
access-control-allow-credentials: true
referrer-policy: no-referrer
x-download-options: noopen
cf-ray: 8e116ea4083f9ff9-AMS
cross-origin-embedder-policy: require-corp
via: 1.1 eefbd9216704235f6900c0fa85615204.cloudfront.net (CloudFront)
access-control-allow-origin: https://yev-test.prompt.security
content-length: 16316
x-xss-protection: 0
origin-agent-cluster: ?1
x-amz-cf-pop: AMS58-P2
server: cloudflare

OPTIONS
H2 204 flags
auth.prompt.security/frontegg/ 0
0 701ms
185ms Preflight 18.239.36.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.prompt.security/frontegg/flags

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.36.72 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-36-72.ams58.r.cloudfront.net

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-frontegg-framework,x-frontegg-sdk
Access-Control-Request-Method: GET
Origin: https://yev-test.prompt.security
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: frontegg-trace-id,content-type,x-frontegg-framework,x-frontegg-sdk
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE,OPTIONS
access-control-allow-origin: https://yev-test.prompt.security
access-control-expose-headers: frontegg-trace-id
access-control-max-age: 0
cache-control: no-transform
cf-cache-status: DYNAMIC
cf-ray: 8e116e9fd8e8d596-AMS
date: Mon, 11 Nov 2024 21:38:56 GMT
frontegg-trace-id: 97457ae9fdc2c0025440093cda2b5a84
origin-agent-cluster: ?1
referrer-policy: no-referrer
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 705c998367f4340ee8f7d23508c84626.cloudfront.net (CloudFront)
x-amz-cf-id: bpqXY2Ha9hmQsstrIkwLmVr0j-1-AlBYKGj4VBpHuMAbtCn4b7UNtw==
x-amz-cf-pop: AMS58-P2
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

GET metadata
auth.prompt.security/frontegg/ 0
0

OPTIONS
H2 204 metadata
auth.prompt.security/frontegg/ 0
0 108ms
93ms Preflight 18.239.36.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.prompt.security/frontegg/metadata?entityName=adminBox

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.36.72 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-36-72.ams58.r.cloudfront.net

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-frontegg-framework,x-frontegg-sdk
Access-Control-Request-Method: GET
Origin: https://yev-test.prompt.security
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: frontegg-trace-id,content-type,x-frontegg-framework,x-frontegg-sdk
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE,OPTIONS
access-control-allow-origin: https://yev-test.prompt.security
access-control-expose-headers: frontegg-trace-id
access-control-max-age: 0
cache-control: no-transform
cf-cache-status: DYNAMIC
cf-ray: 8e116eacfbb4d596-AMS
date: Mon, 11 Nov 2024 21:38:58 GMT
frontegg-trace-id: 47b7518a35f32e2becc8d6f6dc5f78ca
origin-agent-cluster: ?1
referrer-policy: no-referrer
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 705c998367f4340ee8f7d23508c84626.cloudfront.net (CloudFront)
x-amz-cf-id: -33sz48D4RXjwGv8aW2t2I2nWxoDtOWYhbvBdS8WK1KTMOM5IT5eWQ==
x-amz-cf-pop: AMS58-P2
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

GET index.js
assets.frontegg.com/admin-box/7.5.0/login-box/ 0
0

GET index.js
assets.frontegg.com/admin-box/7.5.0/admin-portal/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: auth.prompt.security
URL: https://auth.prompt.security/frontegg/metadata?entityName=adminBox

Domain: assets.frontegg.com
URL: https://assets.frontegg.com/admin-box/7.5.0/login-box/index.js

Domain: assets.frontegg.com
URL: https://assets.frontegg.com/admin-box/7.5.0/admin-portal/index.js

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://yev-test.prompt.security/ Message: [Report Only] Refused to load the font 'data:font/woff2;charset=utf-8;base64,d09GMgABAAAAABmsAAsAAAAANbQAABlcAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHIlWBmAAi34KxFS3OAE2AiQDgkALgSIABCAFhEYHhUIbrS1lhhRsHMDmjYY+2f9fJnBjSJQDf3Gmak2UmCoRplwn+JpsYTlytdwFD68gMxAuB6741XeLNiaMyYN/Iiaja7H1EUOGUhLUj/323jcjUYJlMU80EU94ogRKZmiBUH/jr7U+X0/3AC4BDOAS/7sQgIpQqZPxwEKiCutUygMLnSGasyZsKRo2YYIFiy8EPEDFongwrRhWQbxiSLopNaEOFUqTmm5qTrZHFe66WzFSMeAFzgogYN7fKmG3GmaqyKkJcuZTdX6S1pPWgQysvt4IsiLS+voh/7c/Nf9aap09LHbKmLfn5uSXXQaBSUDiCeFyEfB/OrPWEGLnEOaAq4q6TjMaaT1/vryWIS+yorfn9ZGikF...MJN/vwEm/Ksdodw4XbsmRUo0b/B+RdUQgjgmjEIBZxiEcCEpGEZKQgH/IHgqFwJBqLJ5KpdCabyxeKpXKlWqs3mq12p9vrD4aj8WSqarphWrbjerP5Yrlab7a7/eF4Ol+uLPxaieC9oAcNTMcgwlPZQjHHBshgPDLDInnbQTS/Pc/trgXt89kOAllUlBQIFO+z8pWYel4ajixtDidz5eQk1kTl3DCpgFG0O8N5OTLCpWxNGbem6s5iMUc41508bTMD96r2DBdsS4QybPfFYxdijSGOXJCiOy8hH3nhmndXk1p+dHocAzUc9iQy2ED+NMEcUjjgLiHVU0F5qg4x4QWxthAjTzCP8t1p3CJNR7c7st7Kvd8Pt31VZWrZuZuzRnQkwQ+6KzDieUkc1raWJzqwVuAF1Fvw9JuKKPRRVLhQQWxN5AJ5Hw6nUZ6dt+eMdFpJErEp5eZYy1Gh0nDaDdpqWqWFqh08M4UG+hLrkNNpacbD3/15a6d1vhy7BwA=' because it violates the following Content Security Policy directive: "font-src 'self' https://fonts.gstatic.com".
security	error	URL: https://yev-test.prompt.security/static/js/main.e713c987.js(Line 1) Message: [Report Only] Refused to apply inline style because it violates the following Content Security Policy directive: "style-src 'self' https://fonts.googleapis.com". Either the 'unsafe-inline' keyword, a hash ('sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: https://yev-test.prompt.security/static/js/main.e713c987.js(Line 1) Message: [Report Only] Refused to apply inline style because it violates the following Content Security Policy directive: "style-src 'self' https://fonts.googleapis.com". Either the 'unsafe-inline' keyword, a hash ('sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: https://yev-test.prompt.security/static/js/main.e713c987.js(Line 1) Message: [Report Only] Refused to apply inline style because it violates the following Content Security Policy directive: "style-src 'self' https://fonts.googleapis.com". Either the 'unsafe-inline' keyword, a hash ('sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: https://yev-test.prompt.security/static/js/main.e713c987.js(Line 1) Message: [Report Only] Refused to connect to 'https://auth.prompt.security/frontegg/flags' because it violates the following Content Security Policy directive: "default-src 'self'". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
security	error	URL: https://yev-test.prompt.security/static/js/main.e713c987.js(Line 1) Message: [Report Only] Refused to connect to 'https://auth.prompt.security/frontegg/flags' because it violates the following Content Security Policy directive: "default-src 'self'". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
security	error	URL: https://yev-test.prompt.security/static/js/main.e713c987.js(Line 1) Message: [Report Only] Refused to connect to 'https://auth.prompt.security/frontegg/metadata?entityName=adminBox' because it violates the following Content Security Policy directive: "default-src 'self'". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
security	error	URL: https://yev-test.prompt.security/static/js/main.e713c987.js(Line 1) Message: [Report Only] Refused to connect to 'https://auth.prompt.security/frontegg/metadata?entityName=adminBox' because it violates the following Content Security Policy directive: "default-src 'self'". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
security	error	URL: https://yev-test.prompt.security/static/js/main.e713c987.js(Line 1) Message: [Report Only] Refused to load the script 'https://assets.frontegg.com/admin-box/7.5.0/login-box/index.js' because it violates the following Content Security Policy directive: "script-src 'self' https://cdn.pendo.io https://www.clarity.ms". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://yev-test.prompt.security/static/js/main.e713c987.js(Line 1) Message: [Report Only] Refused to load the script 'https://assets.frontegg.com/admin-box/7.5.0/admin-portal/index.js' because it violates the following Content Security Policy directive: "script-src 'self' https://cdn.pendo.io https://www.clarity.ms". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' https://prompt.console.ves.volterra.io;
Strict-Transport-Security	max-age=31536000; includeSubDomains max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.frontegg.com
auth.prompt.security
fonts.googleapis.com
fonts.gstatic.com
yev-test.prompt.security
assets.frontegg.com
auth.prompt.security
172.67.73.57
18.239.36.72
216.58.212.131
216.58.212.170
258f9f1b553bb57419619f41d3b1445226c7bc63d2a3409efef4a68426709e94
3e702dbbffd09b6c2adb22da8092849d82c8e9be307bebe234e8878f931f562b
504a9ecc763aa032b59615d018fb96e9ad6c35b3bd979ea6ed0c8f2ca1c453db
6d47c9f5abcf77543128059720f5f37e9e1eab3912390c85e413f612fe16635c
b470633076844ee142ff12021fc1a405df7b8e8b0c9eb60d6d30d9a2b19af358
ccaf91c2ec5f406b326ccb47c0cab0bafc56a460f4532e5ea1421a952430623c
d97b2cb7b5687a7c3a48c108647b0d7e68f5ca0ba4ee23e7392f1acc3b909192
f50dc598abcd1441903e452fffc47e5dd1d73f1870d88f2d23d6fb1d88a8797c
fcd1adcd5cf6b79eb27d29a2db18f471301a464cbbcf2479b0467d381d40c7a5

yev-test.prompt.security Open in urlscan Pro 172.67.73.57 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

14 Requests

79 %HTTPS

0 %IPv6

4 Domains

5 Subdomains

5 IPs

1 Countries

2598 kBTransfer

10941 kBSize

0 Cookies

0 Outgoing links

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

0 Cookies

10 Console Messages

Security Headers

Indicators

yev-test.prompt.security Open in urlscan Pro
172.67.73.57 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

79 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

5
IPs

1
Countries

2598 kB
Transfer

10941 kB
Size

0
Cookies

14 HTTP transactions
0 data transactions