urlscan.io logo urlscan.io
SecurityTrails logo

auth02.ey.com Open in urlscan Pro
2606:4700::6811:eb58  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://t-mobile-qa.oth.ey.com/
Effective URL: https://auth02.ey.com/u/login/identifier?state=hKFo2SBmUjJoVnM1SFVXcHdsVXQ1c3ZqTmRFOXVTSHItT2lXZ6Fur3VuaXZlcnNhbC1sb2d...
Submission: On July 10 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 4 domains to perform 18 HTTP transactions. The main IP is 2606:4700::6811:eb58, located in United States and belongs to CLOUDFLARENET, US. The main domain is auth02.ey.com. The Cisco Umbrella rank of the primary domain is 664831.
TLS certificate: Issued by R3 on June 28th 2023. Valid for: 3 months.
This is the only time auth02.ey.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 20.69.70.174 8075 (MICROSOFT...)
1 2606:2800:133... 15133 (EDGECAST)
1 3 2606:4700::68... 13335 (CLOUDFLAR...)
1 13.69.106.216 8075 (MICROSOFT...)
1 2600:9000:217... 16509 (AMAZON-02)
1 104.102.53.189 16625 (AKAMAI-AS)
18 7
10    20.69.70.174 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
t-mobile-qa.oth.ey.com
1    2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)
az416426.vo.msecnd.net
3    2606:4700::6811:eb58 (United States)

ASN13335 (CLOUDFLARENET, US)
auth02.ey.com
1    13.69.106.216 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com
1    2600:9000:2171:f800:10:474e:104a:2961 (United States)

ASN16509 (AMAZON-02, US)
cdn.auth0.com
1    104.102.53.189 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-53-189.deploy.static.akamaitechnologies.com
cdn.ey.com
Apex Domain
Subdomains		 Transfer
14 ey.com
t-mobile-qa.oth.ey.com
auth02.ey.com — Cisco Umbrella Rank: 664831
cdn.ey.com — Cisco Umbrella Rank: 306942
2 MB
1 auth0.com
cdn.auth0.com — Cisco Umbrella Rank: 7670
61 KB
1 visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 683
1 msecnd.net
az416426.vo.msecnd.net — Cisco Umbrella Rank: 2394
22 KB
18 4
Domain Requested by
10 t-mobile-qa.oth.ey.com t-mobile-qa.oth.ey.com
3 auth02.ey.com 1 redirects t-mobile-qa.oth.ey.com
1 cdn.ey.com auth02.ey.com
1 cdn.auth0.com auth02.ey.com
1 dc.services.visualstudio.com t-mobile-qa.oth.ey.com
1 az416426.vo.msecnd.net t-mobile-qa.oth.ey.com
18 6

This site contains no links.

Subject Issuer Validity Valid
t-mobile-qa.oth.ey.com
Entrust Certification Authority - L1K		 2022-08-16 -
2023-08-16		 a year crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2023-05-05 -
2024-04-28		 a year crt.sh
auth02.ey.com
R3		 2023-06-28 -
2023-09-26		 3 months crt.sh
in.applicationinsights.azure.com
Microsoft Azure TLS Issuing CA 05		 2023-07-05 -
2024-06-27		 a year crt.sh
*.auth0.com
Amazon RSA 2048 M01		 2023-02-24 -
2024-03-24		 a year crt.sh
cdn.ey.com
Entrust Certification Authority - L1F		 2023-03-20 -
2024-04-11		 a year crt.sh

This page contains 2 frames:

Primary Page: https://auth02.ey.com/u/login/identifier?state=hKFo2SBmUjJoVnM1SFVXcHdsVXQ1c3ZqTmRFOXVTSHItT2lXZ6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIDNyX082TTNFZVdwX0hqSG14M1AxaU5TZVljcWotM2NZo2NpZNkgU3dBMHFIRGlvNHZJYlQxUFhYUEJ1UG1ySzlVMlozc2I
Frame ID: 6A6F6B5D8E98D1D6DA316098ADEBFBCC
Requests: 16 HTTP requests in this frame

Frame: https://auth02.ey.com/authorize?redirect_uri=https%3A%2F%2Ft-mobile-qa.oth.ey.com&client_id=SwA0qHDio4vIbT1PXXPBuPmrK9U2Z3sb&apiUri=https%3A%2F%2Ft-mobile-qa.oth.ey.com&appUri=https%3A%2F%2Ft-mobile-qa.oth.ey.com&audience=https%3A%2F%2Fothintegration-t-mobile-qa&detailedResponse=true&scope=openid%20profile%20email%20offline_access&response_type=code&response_mode=web_message&state=ZHQzYksuems3clZHVEFDSGNQWEw0VkpJSy1GeTczclhad0xQNmFKcE44TA%3D%3D&nonce=RX5FfkVYeUZ2aFdxQ0d2OTJ1YzA4Nk5Ea1JGRjhkclRlRGpIaWt5S2dKOQ%3D%3D&code_challenge=IKuPlIJmlMW0oxsM2Gr3gVQEKqBJ3gblaU1S4W4gjzA&code_challenge_method=S256&prompt=none&auth0Client=eyJuYW1lIjoiQGF1dGgwL2F1dGgwLWFuZ3VsYXIiLCJ2ZXJzaW9uIjoiMS43LjAifQ%3D%3D
Frame ID: 6EC00CC42861285A4DBE9E80AA4F2D8C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign in to your account

Page URL History Show full URLs

  1. https://t-mobile-qa.oth.ey.com/ Page URL
  2. https://auth02.ey.com/authorize?redirect_uri=https%3A%2F%2Ft-mobile-qa.oth.ey.com&client_id=SwA0qH... HTTP 302
    https://auth02.ey.com/u/login/identifier?state=hKFo2SBmUjJoVnM1SFVXcHdsVXQ1c3ZqTmRFOXVTSHItT2lXZ6F... Page URL

Page Statistics

18
Requests

89 %
HTTPS

50 %
IPv6

4
Domains

6
Subdomains

7
IPs

3
Countries

2049 kB
Transfer

6261 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t-mobile-qa.oth.ey.com/ Page URL
  2. https://auth02.ey.com/authorize?redirect_uri=https%3A%2F%2Ft-mobile-qa.oth.ey.com&client_id=SwA0qHDio4vIbT1PXXPBuPmrK9U2Z3sb&apiUri=https%3A%2F%2Ft-mobile-qa.oth.ey.com&appUri=https%3A%2F%2Ft-mobile-qa.oth.ey.com&audience=https%3A%2F%2Fothintegration-t-mobile-qa&scope=openid%20profile%20email%20offline_access&response_type=code&response_mode=query&state=LjF1cFRDNGp5YlgualIuMWJXaXBTdjY4RUk4Zm1EZzJKQzc5RlBmUDhkTg%3D%3D&nonce=Qm5LWURPUG0yWGJmdGZnT0Z3REdIUFUwV2pxeWpVcVUwOTNSTTNZanRsRg%3D%3D&code_challenge=OPNknexxdK2CQbWGCD2qyNCnApmIbsXk-xYbx_4JDwE&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiQGF1dGgwL2F1dGgwLWFuZ3VsYXIiLCJ2ZXJzaW9uIjoiMS43LjAifQ%3D%3D HTTP 302
    https://auth02.ey.com/u/login/identifier?state=hKFo2SBmUjJoVnM1SFVXcHdsVXQ1c3ZqTmRFOXVTSHItT2lXZ6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIDNyX082TTNFZVdwX0hqSG14M1AxaU5TZVljcWotM2NZo2NpZNkgU3dBMHFIRGlvNHZJYlQxUFhYUEJ1UG1ySzlVMlozc2I Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
t-mobile-qa.oth.ey.com/ 		1 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://t-mobile-qa.oth.ey.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.69.70.174 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
557fe63441df0441534b78e709cb535f22bd030d98fc958ea97f2c7660ff6729
Security Headers
Name Value
Content-Security-Policy default-src 'self'; worker-src blob:; child-src blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com; object-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; media-src 'none'; font-src 'self' data: https://*.ey.com https://fonts.gstatic.com; connect-src 'self' https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.visualstudio.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://*.orgchartnow.com https://fonts.gstatic.com; frame-src https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self'; worker-src blob:; child-src blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com; object-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; media-src 'none'; font-src 'self' data: https://*.ey.com https://fonts.gstatic.com; connect-src 'self' https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.visualstudio.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://*.orgchartnow.com https://fonts.gstatic.com; frame-src https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Length
827
Content-Security-Policy
default-src 'self'; worker-src blob:; child-src blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com; object-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; media-src 'none'; font-src 'self' data: https://*.ey.com https://fonts.gstatic.com; connect-src 'self' https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.visualstudio.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://*.orgchartnow.com https://fonts.gstatic.com; frame-src https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com
Content-Type
text/html
Date
Mon, 10 Jul 2023 13:17:49 GMT
ETag
"235e1f13e8ed91:0"
Expires
0
Last-Modified
Wed, 24 May 2023 07:05:08 GMT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Security-Policy
default-src 'self'; worker-src blob:; child-src blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com; object-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; media-src 'none'; font-src 'self' data: https://*.ey.com https://fonts.gstatic.com; connect-src 'self' https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.visualstudio.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://*.orgchartnow.com https://fonts.gstatic.com; frame-src https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-WebKit-CSP
default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com; object-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; media-src 'none'; font-src 'self' data: https://*.ey.com https://fonts.gstatic.com; connect-src 'self' https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.visualstudio.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://*.orgchartnow.com https://fonts.gstatic.com; frame-src https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com
X-XSS-Protection
1; mode=block
styles.846b8996725a983a1816.css
t-mobile-qa.oth.ey.com/ 		1018 KB
312 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://t-mobile-qa.oth.ey.com/styles.846b8996725a983a1816.css
Requested by
Host: t-mobile-qa.oth.ey.com
URL: https://t-mobile-qa.oth.ey.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.69.70.174 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
456303f63f5735507e17fac0a86503a5fcf97eb738fb4def457eaf7f92a9ba10
Security Headers
Name Value
Content-Security-Policy default-src 'self'; worker-src blob:; child-src blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com; object-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; media-src 'none'; font-src 'self' data: https://*.ey.com https://fonts.gstatic.com; connect-src 'self' https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.visualstudio.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://*.orgchartnow.com https://fonts.gstatic.com; frame-src https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self'; worker-src blob:; child-src blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com; object-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; media-src 'none'; font-src 'self' data: https://*.ey.com https://fonts.gstatic.com; connect-src 'self' https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.visualstudio.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://*.orgchartnow.com https://fonts.gstatic.com; frame-src https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://t-mobile-qa.oth.ey.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Expires
0
Date
Mon, 10 Jul 2023 13:17:49 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; worker-src blob:; child-src blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com; object-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; media-src 'none'; font-src 'self' data: https://*.ey.com https://fonts.gstatic.com; connect-src 'self' https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.visualstudio.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://*.orgchartnow.com https://fonts.gstatic.com; frame-src https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Last-Modified
Wed, 24 May 2023 07:05:27 GMT
ETag
"73f0ac1ee8ed91:0"
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
text/css
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Accept-Ranges
bytes
X-WebKit-CSP
default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com; object-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; media-src 'none'; font-src 'self' data: https://*.ey.com https://fonts.gstatic.com; connect-src 'self' https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.visualstudio.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://*.orgchartnow.com https://fonts.gstatic.com; frame-src https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com
X-Content-Security-Policy
default-src 'self'; worker-src blob:; child-src blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com; object-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; media-src 'none'; font-src 'self' data: https://*.ey.com https://fonts.gstatic.com; connect-src 'self' https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.visualstudio.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://*.orgchartnow.com https://fonts.gstatic.com; frame-src https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com
loader-gray.gif
t-mobile-qa.oth.ey.com/assets/images/ 		16 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-mobile-qa.oth.ey.com/assets/images/loader-gray.gif
Requested by
Host: t-mobile-qa.oth.ey.com
URL: https://t-mobile-qa.oth.ey.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.69.70.174 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d5f18096af1cd16c4b195b4c1d8d81f11088d085ec95e49807f847c7ab0968c8
Security Headers
Name Value
Content-Security-Policy default-src 'self'; worker-src blob:; child-src blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com; object-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; media-src 'none'; font-src 'self' data: https://*.ey.com https://fonts.gstatic.com; connect-src 'self' https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.visualstudio.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://*.orgchartnow.com https://fonts.gstatic.com; frame-src https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self'; worker-src blob:; child-src blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com; object-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; media-src 'none'; font-src 'self' data: https://*.ey.com https://fonts.gstatic.com; connect-src 'self' https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.visualstudio.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://*.orgchartnow.com https://fonts.gstatic.com; frame-src https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://t-mobile-qa.oth.ey.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

X-Content-Security-Policy
default-src 'self'; worker-src blob:; child-src blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com; object-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; media-src 'none'; font-src 'self' data: https://*.ey.com https://fonts.gstatic.com; connect-src 'self' https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.visualstudio.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://*.orgchartnow.com https://fonts.gstatic.com; frame-src https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com
Date
Mon, 10 Jul 2023 13:17:49 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self'; worker-src blob:; child-src blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com; object-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; media-src 'none'; font-src 'self' data: https://*.ey.com https://fonts.gstatic.com; connect-src 'self' https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.visualstudio.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://*.orgchartnow.com https://fonts.gstatic.com; frame-src https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com
Connection
keep-alive
Content-Length
16124
X-XSS-Protection
1; mode=block
Pragma
no-cache
Last-Modified
Wed, 24 May 2023 07:04:07 GMT
ETag
"1ee5a6eed8ed91:0"
X-Frame-Options
DENY
Content-Type
image/gif
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Accept-Ranges
bytes
X-WebKit-CSP
default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com; object-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; media-src 'none'; font-src 'self' data: https://*.ey.com https://fonts.gstatic.com; connect-src 'self' https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.visualstudio.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://*.orgchartnow.com https://fonts.gstatic.com; frame-src https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com
Expires
0
runtime-es2015.4686e8055553fbaf529b.js
t-mobile-qa.oth.ey.com/ 		3 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t-mobile-qa.oth.ey.com/runtime-es2015.4686e8055553fbaf529b.js
Requested by
Host: t-mobile-qa.oth.ey.com
URL: https://t-mobile-qa.oth.ey.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.69.70.174 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dfb4f9dc7f7b823dd974946c440a6d980de678f0945841bbf976dc7360e1619c
Security Headers
Name Value
Content-Security-Policy default-src 'self'; worker-src blob:; child-src blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com; object-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; media-src 'none'; font-src 'self' data: https://*.ey.com https://fonts.gstatic.com; connect-src 'self' https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.visualstudio.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://*.orgchartnow.com https://fonts.gstatic.com; frame-src https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self'; worker-src blob:; child-src blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com; object-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; media-src 'none'; font-src 'self' data: https://*.ey.com https://fonts.gstatic.com; connect-src 'self' https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.visualstudio.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://*.orgchartnow.com https://fonts.gstatic.com; frame-src https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://t-mobile-qa.oth.ey.com/
Origin
https://t-mobile-qa.oth.ey.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Expires
0
Date
Mon, 10 Jul 2023 13:17:49 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; worker-src blob:; child-src blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com; object-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; media-src 'none'; font-src 'self' data: https://*.ey.com https://fonts.gstatic.com; connect-src 'self' https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.visualstudio.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://*.orgchartnow.com https://fonts.gstatic.com; frame-src https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com
Connection
keep-alive
Content-Length
1944
X-XSS-Protection
1; mode=block
Pragma
no-cache
Last-Modified
Wed, 24 May 2023 07:05:25 GMT
ETag
"b92621de8ed91:0"
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
application/x-javascript
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Accept-Ranges
bytes
X-WebKit-CSP
default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com; object-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; media-src 'none'; font-src 'self' data: https://*.ey.com https://fonts.gstatic.com; connect-src 'self' https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.visualstudio.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://*.orgchartnow.com https://fonts.gstatic.com; frame-src https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com
X-Content-Security-Policy
default-src 'self'; worker-src blob:; child-src blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com; object-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; media-src 'none'; font-src 'self' data: https://*.ey.com https://fonts.gstatic.com; connect-src 'self' https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.visualstudio.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://*.orgchartnow.com https://fonts.gstatic.com; frame-src https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com
polyfills-es2015.a53d17c3ab9bf4d6c0eb.js
t-mobile-qa.oth.ey.com/ 		98 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t-mobile-qa.oth.ey.com/polyfills-es2015.a53d17c3ab9bf4d6c0eb.js
Requested by
Host: t-mobile-qa.oth.ey.com
URL: https://t-mobile-qa.oth.ey.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.69.70.174 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4dd003bfda73a6badd6ad63727fc06afd15fdb5c8399f3bdc922ab791294d24c
Security Headers
Name Value
Content-Security-Policy default-src 'self'; worker-src blob:; child-src blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com; object-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; media-src 'none'; font-src 'self' data: https://*.ey.com https://fonts.gstatic.com; connect-src 'self' https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.visualstudio.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://*.orgchartnow.com https://fonts.gstatic.com; frame-src https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self'; worker-src blob:; child-src blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com; object-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; media-src 'none'; font-src 'self' data: https://*.ey.com https://fonts.gstatic.com; connect-src 'self' https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.visualstudio.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://*.orgchartnow.com https://fonts.gstatic.com; frame-src https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://t-mobile-qa.oth.ey.com/
Origin
https://t-mobile-qa.oth.ey.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Expires
0
Date
Mon, 10 Jul 2023 13:17:49 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; worker-src blob:; child-src blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com; object-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; media-src 'none'; font-src 'self' data: https://*.ey.com https://fonts.gstatic.com; connect-src 'self' https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.visualstudio.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://*.orgchartnow.com https://fonts.gstatic.com; frame-src https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com
Connection
keep-alive
Content-Length
41404
X-XSS-Protection
1; mode=block
Pragma
no-cache
Last-Modified
Wed, 24 May 2023 07:05:14 GMT
ETag
"28416816e8ed91:0"
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
application/x-javascript
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Accept-Ranges
bytes
X-WebKit-CSP
default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com; object-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; media-src 'none'; font-src 'self' data: https://*.ey.com https://fonts.gstatic.com; connect-src 'self' https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.visualstudio.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://*.orgchartnow.com https://fonts.gstatic.com; frame-src https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com
X-Content-Security-Policy
default-src 'self'; worker-src blob:; child-src blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com; object-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; media-src 'none'; font-src 'self' data: https://*.ey.com https://fonts.gstatic.com; connect-src 'self' https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.visualstudio.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://*.orgchartnow.com https://fonts.gstatic.com; frame-src https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com
scripts.16eca7baea10c6adcb2d.js
t-mobile-qa.oth.ey.com/ 		344 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t-mobile-qa.oth.ey.com/scripts.16eca7baea10c6adcb2d.js
Requested by
Host: t-mobile-qa.oth.ey.com
URL: https://t-mobile-qa.oth.ey.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.69.70.174 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ba609287cf0a060b96fb5b37c78236c45cb77df3eed4688834316672e3a1c0e6
Security Headers
Name Value
Content-Security-Policy default-src 'self'; worker-src blob:; child-src blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com; object-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; media-src 'none'; font-src 'self' data: https://*.ey.com https://fonts.gstatic.com; connect-src 'self' https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.visualstudio.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://*.orgchartnow.com https://fonts.gstatic.com; frame-src https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self'; worker-src blob:; child-src blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com; object-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; media-src 'none'; font-src 'self' data: https://*.ey.com https://fonts.gstatic.com; connect-src 'self' https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.visualstudio.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://*.orgchartnow.com https://fonts.gstatic.com; frame-src https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://t-mobile-qa.oth.ey.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Expires
0
Date
Mon, 10 Jul 2023 13:17:49 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; worker-src blob:; child-src blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com; object-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; media-src 'none'; font-src 'self' data: https://*.ey.com https://fonts.gstatic.com; connect-src 'self' https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.visualstudio.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://*.orgchartnow.com https://fonts.gstatic.com; frame-src https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Last-Modified
Wed, 24 May 2023 07:05:26 GMT
ETag
"406ce91de8ed91:0"
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
application/x-javascript
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Accept-Ranges
bytes
X-WebKit-CSP
default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com; object-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; media-src 'none'; font-src 'self' data: https://*.ey.com https://fonts.gstatic.com; connect-src 'self' https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.visualstudio.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://*.orgchartnow.com https://fonts.gstatic.com; frame-src https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com
X-Content-Security-Policy
default-src 'self'; worker-src blob:; child-src blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com; object-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; media-src 'none'; font-src 'self' data: https://*.ey.com https://fonts.gstatic.com; connect-src 'self' https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.visualstudio.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://*.orgchartnow.com https://fonts.gstatic.com; frame-src https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com
main-es2015.af0f51bf0a0428ebbfc5.js
t-mobile-qa.oth.ey.com/ 		4 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://t-mobile-qa.oth.ey.com/main-es2015.af0f51bf0a0428ebbfc5.js
Requested by
Host: t-mobile-qa.oth.ey.com
URL: https://t-mobile-qa.oth.ey.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.69.70.174 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3983919fb7ffcfd124df51bb0fc2bcea6789bf783a161d482abd3e8f6bd5e8f
Security Headers
Name Value
Content-Security-Policy default-src 'self'; worker-src blob:; child-src blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com; object-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; media-src 'none'; font-src 'self' data: https://*.ey.com https://fonts.gstatic.com; connect-src 'self' https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.visualstudio.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://*.orgchartnow.com https://fonts.gstatic.com; frame-src https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self'; worker-src blob:; child-src blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com; object-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; media-src 'none'; font-src 'self' data: https://*.ey.com https://fonts.gstatic.com; connect-src 'self' https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.visualstudio.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://*.orgchartnow.com https://fonts.gstatic.com; frame-src https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://t-mobile-qa.oth.ey.com/
Origin
https://t-mobile-qa.oth.ey.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Expires
0
Date
Mon, 10 Jul 2023 13:17:49 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; worker-src blob:; child-src blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com; object-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; media-src 'none'; font-src 'self' data: https://*.ey.com https://fonts.gstatic.com; connect-src 'self' https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.visualstudio.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://*.orgchartnow.com https://fonts.gstatic.com; frame-src https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Last-Modified
Wed, 24 May 2023 07:05:10 GMT
ETag
"caaf014e8ed91:0"
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
application/x-javascript
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Accept-Ranges
bytes
X-WebKit-CSP
default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com; object-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; media-src 'none'; font-src 'self' data: https://*.ey.com https://fonts.gstatic.com; connect-src 'self' https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.visualstudio.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://*.orgchartnow.com https://fonts.gstatic.com; frame-src https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com
X-Content-Security-Policy
default-src 'self'; worker-src blob:; child-src blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com; object-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; media-src 'none'; font-src 'self' data: https://*.ey.com https://fonts.gstatic.com; connect-src 'self' https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.visualstudio.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://*.orgchartnow.com https://fonts.gstatic.com; frame-src https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com
EYInterstate-Regular.woff2
t-mobile-qa.oth.ey.com/assets/fonts/ 		30 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://t-mobile-qa.oth.ey.com/assets/fonts/EYInterstate-Regular.woff2
Requested by
Host: t-mobile-qa.oth.ey.com
URL: https://t-mobile-qa.oth.ey.com/styles.846b8996725a983a1816.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.69.70.174 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
46535325833b24809618caea6da97020ac9aa76daed6adaf26fbd083b37385a8
Security Headers
Name Value
Content-Security-Policy default-src 'self'; worker-src blob:; child-src blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com; object-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; media-src 'none'; font-src 'self' data: https://*.ey.com https://fonts.gstatic.com; connect-src 'self' https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.visualstudio.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://*.orgchartnow.com https://fonts.gstatic.com; frame-src https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self'; worker-src blob:; child-src blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com; object-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; media-src 'none'; font-src 'self' data: https://*.ey.com https://fonts.gstatic.com; connect-src 'self' https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.visualstudio.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://*.orgchartnow.com https://fonts.gstatic.com; frame-src https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://t-mobile-qa.oth.ey.com/styles.846b8996725a983a1816.css
Origin
https://t-mobile-qa.oth.ey.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

X-Content-Security-Policy
default-src 'self'; worker-src blob:; child-src blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com; object-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; media-src 'none'; font-src 'self' data: https://*.ey.com https://fonts.gstatic.com; connect-src 'self' https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.visualstudio.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://*.orgchartnow.com https://fonts.gstatic.com; frame-src https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com
Date
Mon, 10 Jul 2023 13:17:50 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self'; worker-src blob:; child-src blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com; object-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; media-src 'none'; font-src 'self' data: https://*.ey.com https://fonts.gstatic.com; connect-src 'self' https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.visualstudio.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://*.orgchartnow.com https://fonts.gstatic.com; frame-src https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com
Connection
keep-alive
Content-Length
30880
X-XSS-Protection
1; mode=block
Pragma
no-cache
Last-Modified
Wed, 24 May 2023 07:02:50 GMT
ETag
"b1bfbc0d8ed91:0"
X-Frame-Options
DENY
Content-Type
application/font-woff
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Accept-Ranges
bytes
X-WebKit-CSP
default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com; object-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; media-src 'none'; font-src 'self' data: https://*.ey.com https://fonts.gstatic.com; connect-src 'self' https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.visualstudio.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://*.orgchartnow.com https://fonts.gstatic.com; frame-src https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com
Expires
0
defaultAppConfig.json
t-mobile-qa.oth.ey.com/assets/ 		603 B
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://t-mobile-qa.oth.ey.com/assets/defaultAppConfig.json
Requested by
Host: t-mobile-qa.oth.ey.com
URL: https://t-mobile-qa.oth.ey.com/polyfills-es2015.a53d17c3ab9bf4d6c0eb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.69.70.174 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; worker-src blob:; child-src blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com; object-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; media-src 'none'; font-src 'self' data: https://*.ey.com https://fonts.gstatic.com; connect-src 'self' https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.visualstudio.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://*.orgchartnow.com https://fonts.gstatic.com; frame-src https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self'; worker-src blob:; child-src blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com; object-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; media-src 'none'; font-src 'self' data: https://*.ey.com https://fonts.gstatic.com; connect-src 'self' https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.visualstudio.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://*.orgchartnow.com https://fonts.gstatic.com; frame-src https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://t-mobile-qa.oth.ey.com/
accept-language
de-DE,de;q=0.9
Authorization
Bearer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Expires
0
Date
Mon, 10 Jul 2023 13:17:51 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; worker-src blob:; child-src blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com; object-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; media-src 'none'; font-src 'self' data: https://*.ey.com https://fonts.gstatic.com; connect-src 'self' https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.visualstudio.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://*.orgchartnow.com https://fonts.gstatic.com; frame-src https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com
Connection
keep-alive
Content-Length
472
X-XSS-Protection
1; mode=block
Pragma
no-cache
Last-Modified
Wed, 24 May 2023 07:02:41 GMT
ETag
"6cbe6cbbd8ed91:0"
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
application/json
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Accept-Ranges
bytes
X-WebKit-CSP
default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com; object-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; media-src 'none'; font-src 'self' data: https://*.ey.com https://fonts.gstatic.com; connect-src 'self' https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.visualstudio.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://*.orgchartnow.com https://fonts.gstatic.com; frame-src https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com
X-Content-Security-Policy
default-src 'self'; worker-src blob:; child-src blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com; object-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; media-src 'none'; font-src 'self' data: https://*.ey.com https://fonts.gstatic.com; connect-src 'self' https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.visualstudio.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://*.orgchartnow.com https://fonts.gstatic.com; frame-src https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com
16-es2015.e511bc1b181e4ee3f210.js
t-mobile-qa.oth.ey.com/ 		16 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t-mobile-qa.oth.ey.com/16-es2015.e511bc1b181e4ee3f210.js
Requested by
Host: t-mobile-qa.oth.ey.com
URL: https://t-mobile-qa.oth.ey.com/runtime-es2015.4686e8055553fbaf529b.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.69.70.174 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; worker-src blob:; child-src blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com; object-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; media-src 'none'; font-src 'self' data: https://*.ey.com https://fonts.gstatic.com; connect-src 'self' https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.visualstudio.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://*.orgchartnow.com https://fonts.gstatic.com; frame-src https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self'; worker-src blob:; child-src blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com; object-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; media-src 'none'; font-src 'self' data: https://*.ey.com https://fonts.gstatic.com; connect-src 'self' https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.visualstudio.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://*.orgchartnow.com https://fonts.gstatic.com; frame-src https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://t-mobile-qa.oth.ey.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Expires
0
Date
Mon, 10 Jul 2023 13:17:51 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; worker-src blob:; child-src blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com; object-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; media-src 'none'; font-src 'self' data: https://*.ey.com https://fonts.gstatic.com; connect-src 'self' https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.visualstudio.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://*.orgchartnow.com https://fonts.gstatic.com; frame-src https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com
Connection
keep-alive
Content-Length
4702
X-XSS-Protection
1; mode=block
Pragma
no-cache
Last-Modified
Wed, 24 May 2023 07:02:21 GMT
ETag
"768f9cafd8ed91:0"
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
application/x-javascript
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Accept-Ranges
bytes
X-WebKit-CSP
default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com; object-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; media-src 'none'; font-src 'self' data: https://*.ey.com https://fonts.gstatic.com; connect-src 'self' https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.visualstudio.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://*.orgchartnow.com https://fonts.gstatic.com; frame-src https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com
X-Content-Security-Policy
default-src 'self'; worker-src blob:; child-src blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com; object-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; media-src 'none'; font-src 'self' data: https://*.ey.com https://fonts.gstatic.com; connect-src 'self' https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.visualstudio.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://*.orgchartnow.com https://fonts.gstatic.com; frame-src https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com
ai.0.js
az416426.vo.msecnd.net/scripts/a/ 		94 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: t-mobile-qa.oth.ey.com
URL: https://t-mobile-qa.oth.ey.com/main-es2015.af0f51bf0a0428ebbfc5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CD6) /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://t-mobile-qa.oth.ey.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 10 Jul 2023 13:17:51 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-01 19:31:04
content-md5
HdY95yzx9wIyQkVEGES+Ew==
age
1477
x-cache
HIT
content-length
22495
x-ms-lease-status
unlocked
last-modified
Thu, 11 Mar 2021 07:46:59 GMT
server
ECAcc (frc/4CD6)
etag
0x8D8E461DA1A5889
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
e072b6ff-d01e-001b-1f2d-b30dbe000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
expires
Mon, 10 Jul 2023 13:47:51 GMT
c3f50060-05b9-4313-ac4a-1a598f9f70d3
https://t-mobile-qa.oth.ey.com/ 		4 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://t-mobile-qa.oth.ey.com/c3f50060-05b9-4313-ac4a-1a598f9f70d3
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length
4218
Content-Type
application/javascript
authorize
auth02.ey.com/ Frame 6EC0 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://auth02.ey.com/authorize?redirect_uri=https%3A%2F%2Ft-mobile-qa.oth.ey.com&client_id=SwA0qHDio4vIbT1PXXPBuPmrK9U2Z3sb&apiUri=https%3A%2F%2Ft-mobile-qa.oth.ey.com&appUri=https%3A%2F%2Ft-mobile-qa.oth.ey.com&audience=https%3A%2F%2Fothintegration-t-mobile-qa&detailedResponse=true&scope=openid%20profile%20email%20offline_access&response_type=code&response_mode=web_message&state=ZHQzYksuems3clZHVEFDSGNQWEw0VkpJSy1GeTczclhad0xQNmFKcE44TA%3D%3D&nonce=RX5FfkVYeUZ2aFdxQ0d2OTJ1YzA4Nk5Ea1JGRjhkclRlRGpIaWt5S2dKOQ%3D%3D&code_challenge=IKuPlIJmlMW0oxsM2Gr3gVQEKqBJ3gblaU1S4W4gjzA&code_challenge_method=S256&prompt=none&auth0Client=eyJuYW1lIjoiQGF1dGgwL2F1dGgwLWFuZ3VsYXIiLCJ2ZXJzaW9uIjoiMS43LjAifQ%3D%3D
Requested by
Host: t-mobile-qa.oth.ey.com
URL: https://t-mobile-qa.oth.ey.com/main-es2015.af0f51bf0a0428ebbfc5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:eb58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://t-mobile-qa.oth.ey.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
7e4916dcaca13a49-FRA
content-encoding
br
content-type
text/html;charset=UTF-8
date
Mon, 10 Jul 2023 13:17:51 GMT
ot-baggage-auth0-request-id
7e4916dcaca13a49
ot-tracer-sampled
true
ot-tracer-spanid
47bee2ee4ff00009
ot-tracer-traceid
3b71908d0bad4d83
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000
traceparent
00-00000000000000003b71908d0bad4d83-47bee2ee4ff00009-01
tracestate
auth0-request-id=7e4916dcaca13a49,auth0=true
vary
Accept-Encoding
x-auth0-requestid
849185278304f4e8dfb9
x-content-type-options
nosniff
x-ratelimit-limit
300
x-ratelimit-remaining
299
x-ratelimit-reset
1688995072
track
dc.services.visualstudio.com/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.106.216 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://t-mobile-qa.oth.ey.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
date
Mon, 10 Jul 2023 13:17:50 GMT
x-content-type-options
nosniff
track
dc.services.visualstudio.com/v2/ 		0
0
Primary Request identifier
auth02.ey.com/u/login/
Redirect Chain
  • https://auth02.ey.com/authorize?redirect_uri=https%3A%2F%2Ft-mobile-qa.oth.ey.com&client_id=SwA0qHDio4vIbT1PXXPBuPmrK9U2Z3sb&apiUri=https%3A%2F%2Ft-mobile-qa.oth.ey.com&appUri=https%3A%2F%2Ft-mobil...
  • https://auth02.ey.com/u/login/identifier?state=hKFo2SBmUjJoVnM1SFVXcHdsVXQ1c3ZqTmRFOXVTSHItT2lXZ6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIDNyX082TTNFZVdwX0hqSG14M1AxaU5TZVljcWotM2NZo2NpZNkgU3dBMHFIRGlvNHZJYl...
18 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://auth02.ey.com/u/login/identifier?state=hKFo2SBmUjJoVnM1SFVXcHdsVXQ1c3ZqTmRFOXVTSHItT2lXZ6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIDNyX082TTNFZVdwX0hqSG14M1AxaU5TZVljcWotM2NZo2NpZNkgU3dBMHFIRGlvNHZJYlQxUFhYUEJ1UG1ySzlVMlozc2I
Requested by
Host: t-mobile-qa.oth.ey.com
URL: https://t-mobile-qa.oth.ey.com/main-es2015.af0f51bf0a0428ebbfc5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:eb58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d19834d490ca24201809f3e8d2fbaaa79fd479a900bbae840544932151f630ed
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://t-mobile-qa.oth.ey.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, max-age=0, no-transform
cf-cache-status
DYNAMIC
cf-ray
7e4916ddee3f3a49-FRA
content-language
en
content-security-policy
frame-ancestors 'none'
content-type
text/html; charset=utf-8
date
Mon, 10 Jul 2023 13:17:51 GMT
etag
W/"49e6-Af1GnRzpphXv3T5hvLxUktoFiG8"
expires
Mon, 10 Jul 2023 13:17:51 GMT
ot-baggage-auth0-request-id
7e4916ddee3f3a49
ot-tracer-sampled
true
ot-tracer-spanid
03dd28317c3a65d3
ot-tracer-traceid
7262f7d269036ca5
pragma
no-cache
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=31536000
traceparent
00-00000000000000007262f7d269036ca5-03dd28317c3a65d3-01
tracestate
auth0-request-id=7e4916ddee3f3a49,auth0=true
vary
Accept-Encoding
x-auth0-requestid
89310f9c45e02abc6c21
x-content-type-options
nosniff
x-frame-options
deny
x-ratelimit-limit
20
x-ratelimit-remaining
19
x-ratelimit-reset
1688995078
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, max-age=0, no-transform
cf-cache-status
DYNAMIC
cf-ray
7e4916dd0cf93a49-FRA
content-length
446
content-type
text/html; charset=utf-8
date
Mon, 10 Jul 2023 13:17:51 GMT
location
/u/login/identifier?state=hKFo2SBmUjJoVnM1SFVXcHdsVXQ1c3ZqTmRFOXVTSHItT2lXZ6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIDNyX082TTNFZVdwX0hqSG14M1AxaU5TZVljcWotM2NZo2NpZNkgU3dBMHFIRGlvNHZJYlQxUFhYUEJ1UG1ySzlVMlozc2I
ot-baggage-auth0-request-id
7e4916dd0cf93a49
ot-tracer-sampled
true
ot-tracer-spanid
3e459ac7635bb996
ot-tracer-traceid
32322cd168782234
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000
traceparent
00-000000000000000032322cd168782234-3e459ac7635bb996-01
tracestate
auth0-request-id=7e4916dd0cf93a49,auth0=true
vary
Accept, Accept-Encoding
x-auth0-requestid
e64047272a5200e32f54
x-content-type-options
nosniff
x-ratelimit-limit
300
x-ratelimit-remaining
299
x-ratelimit-reset
1688995072
main.cdn.min.css
cdn.auth0.com/ulp/react-components/1.76.1/css/ 		248 KB
61 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.auth0.com/ulp/react-components/1.76.1/css/main.cdn.min.css
Requested by
Host: auth02.ey.com
URL: https://auth02.ey.com/u/login/identifier?state=hKFo2SBmUjJoVnM1SFVXcHdsVXQ1c3ZqTmRFOXVTSHItT2lXZ6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIDNyX082TTNFZVdwX0hqSG14M1AxaU5TZVljcWotM2NZo2NpZNkgU3dBMHFIRGlvNHZJYlQxUFhYUEJ1UG1ySzlVMlozc2I
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2171:f800:10:474e:104a:2961 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
093568eb247dcc6f462e1a077ae1a5ad22e0047fc31c6c449d22f604f00515bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
SgqONZQpyhk5yTYFVDvYFxa45oBZEGOW
content-encoding
gzip
via
1.1 3808ed40220bada3ae901e3a58b94244.cloudfront.net (CloudFront)
date
Sun, 09 Jul 2023 16:32:23 GMT
x-amz-cf-pop
CDG53-C1
age
74729
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
FAILED
last-modified
Thu, 29 Jun 2023 18:56:57 GMT
server
AmazonS3
etag
W/"af66a04cbe55c6bbfef3082656b7b222"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2628000,public
x-amz-cf-id
AFAWkmgiiO_9D2YKkhPBAjSw0kWJFWYNNyeF3dQQRMvOZ6t6YjtJ6A==
EYLogo.png
cdn.ey.com/MYEY/ip/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ey.com/MYEY/ip/EYLogo.png
Requested by
Host: auth02.ey.com
URL: https://auth02.ey.com/u/login/identifier?state=hKFo2SBmUjJoVnM1SFVXcHdsVXQ1c3ZqTmRFOXVTSHItT2lXZ6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIDNyX082TTNFZVdwX0hqSG14M1AxaU5TZVljcWotM2NZo2NpZNkgU3dBMHFIRGlvNHZJYlQxUFhYUEJ1UG1ySzlVMlozc2I
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.102.53.189 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-53-189.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
01c2d5f8d72c96b7eede80ea4bb16d346f50718edc9e9a7e7e0b61905d5fd437

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Mon, 10 Jul 2023 13:17:51 GMT
Last-Modified
Tue, 30 Mar 2021 12:22:57 GMT
Server
AkamaiNetStorage
ETag
"6a400b1e8035b97c43de687e8c45f735:1617106977.652443"
Content-Type
image/png
Access-Control-Allow-Origin
http://admin.brightcove.com
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Requested-With
Content-Length
1901

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
dc.services.visualstudio.com
URL
https://dc.services.visualstudio.com/v2/track

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend

7 Cookies

Domain/Path Name / Value
t-mobile-qa.oth.ey.com/ Name: ai_user
Value: yux5E|2023-07-10T13:17:51.380Z
t-mobile-qa.oth.ey.com/ Name: ai_session
Value: ckYSj|1688995071512.6|1688995071512.6
auth02.ey.com/ Name: did
Value: s%3Av0%3A2c2fd500-1f24-11ee-b55f-ebb6d757e23b.U9soQcU4tRYX6IAy%2FCpn7jXsG24UI1wnaK8qYKK9Tpk
auth02.ey.com/ Name: auth0
Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQGBhMZnbM6tU3n4BS7nkdo-eRVLCb9EQ6fNBLCi25e_60yHVdA-faTJcvk2zlBu15Cu9UEP5OybWAoO3fJz9hTOmY29va2llg6dleHBpcmVz1_-a-NoAZK_5f65vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.23qRr5g3Czlzml5g8CWnEZeRxr79v10DadkifwyrArg
auth02.ey.com/ Name: did_compat
Value: s%3Av0%3A2c2fd500-1f24-11ee-b55f-ebb6d757e23b.U9soQcU4tRYX6IAy%2FCpn7jXsG24UI1wnaK8qYKK9Tpk
auth02.ey.com/ Name: auth0_compat
Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQGBhMZnbM6tU3n4BS7nkdo-eRVLCb9EQ6fNBLCi25e_60yHVdA-faTJcvk2zlBu15Cu9UEP5OybWAoO3fJz9hTOmY29va2llg6dleHBpcmVz1_-a-NoAZK_5f65vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.23qRr5g3Czlzml5g8CWnEZeRxr79v10DadkifwyrArg
.auth02.ey.com/ Name: __cf_bm
Value: 0Qhw3cL5kNuxHyCEHFi4bAH51.OxO6.VWzur6Y6K2wU-1688995071-0-AUphbyDHld6hjy2PFGT0WJX96umY476/n840z9CRP7p6auX/pWhJFLPWk9W420Ci0rkjTc6KckHtrcnqcn8d4lw=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; worker-src blob:; child-src blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com; object-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; media-src 'none'; font-src 'self' data: https://*.ey.com https://fonts.gstatic.com; connect-src 'self' https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.visualstudio.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://*.orgchartnow.com https://fonts.gstatic.com; frame-src https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src 'self'; worker-src blob:; child-src blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://az416426.vo.msecnd.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com; object-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; media-src 'none'; font-src 'self' data: https://*.ey.com https://fonts.gstatic.com; connect-src 'self' https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.visualstudio.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://*.orgchartnow.com https://fonts.gstatic.com; frame-src https://*.edataanalytics.com https://*.oth.ey.com https://*.dop.ey.com https://*.eydigitalorg.com https://*.azurewebsites.net https://app.powerbi.com https://api.powerbi.com https://*.analysis.windows.net https://*.ey.com https://fonts.gstatic.com
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block