Submitted URL: https://u21049206.ct.sendgrid.net/ls/click?upn=GbH6mbKXlvk-2B4cBOs6of4xtnfnPeqZkxAFgIPB8Ghl2ab8zHuycBCWHBP5HvAI1rtcHF_aN1F-2BBb-2F...
Effective URL: https://auth02.ey.com/u/login/identifier?state=hKFo2SBTbXJETFVYa0VNX1FFVl82RWRPZkVzbXNtTHVoUm0xcKFur3VuaXZlcnNhbC1sb2d...
Submission Tags: falconsandbox
Submission: On May 10 via api from US — Scanned from DE

Summary

This website contacted 5 IPs in 3 countries across 3 domains to perform 11 HTTP transactions. The main IP is 2606:4700::6812:f458, located in United States and belongs to CLOUDFLARENET, US. The main domain is auth02.ey.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 18th 2022. Valid for: a year.
This is the only time auth02.ey.com was scanned on urlscan.io!

urlscan.io Verdict: No classification


Live information

Domain & IP information

IP Address AS Autonomous System
1 1 167.89.123.16 11377 (SENDGRID)
7 51.105.213.34 8075 (MICROSOFT...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 143.204.103.120 16509 (AMAZON-02)
1 23.75.247.25 16625 (AKAMAI-AS)
11 5
Apex Domain
Subdomains
Transfer
10 ey.com
eyvia-stg.ey.com
auth02.ey.com Failed
cdn.ey.com — Cisco Umbrella Rank: 949194
20 MB
1 auth0.com
cdn.auth0.com — Cisco Umbrella Rank: 14076
52 KB
1 sendgrid.net
u21049206.ct.sendgrid.net
227 B
11 3
Domain Requested by
7 eyvia-stg.ey.com eyvia-stg.ey.com
2 auth02.ey.com eyvia-stg.ey.com
1 cdn.ey.com auth02.ey.com
1 cdn.auth0.com auth02.ey.com
1 u21049206.ct.sendgrid.net 1 redirects
11 5

This site contains no links.

Subject Issuer Validity Valid
eyvia-stg.ey.com
Entrust Certification Authority - L1K
2022-02-02 -
2023-02-02
a year crt.sh
auth02.ey.com
Cloudflare Inc ECC CA-3
2022-01-18 -
2023-01-18
a year crt.sh
*.auth0.com
Amazon
2022-03-26 -
2023-04-24
a year crt.sh
cdn.ey.com
Entrust Certification Authority - L1K
2022-03-15 -
2023-04-12
a year crt.sh

This page contains 1 frames:

Primary Page: https://auth02.ey.com/u/login/identifier?state=hKFo2SBTbXJETFVYa0VNX1FFVl82RWRPZkVzbXNtTHVoUm0xcKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIGl5OUlFb2VseU04TWlmTlpJbGxNQ21oUzFsdWNRYWhZo2NpZNkgWE8xNHRrbUNucUduc2w3cnhKT1pNcVZoZTFxOGNOSDc
Frame ID: C1A7D73BB1AF3FBB7AB3FCE04DB022BC
Requests: 11 HTTP requests in this frame

Screenshot

Page Title

Sign in to your account

Page URL History Show full URLs

  1. https://u21049206.ct.sendgrid.net/ls/click?upn=GbH6mbKXlvk-2B4cBOs6of4xtnfnPeqZkxAFgIPB8Ghl2ab8zHuycBCWHBP5HvA... HTTP 302
    https://eyvia-stg.ey.com/ Page URL
  2. https://auth02.ey.com/authorize?client_id=XO14tkmCnqGnsl7rxJOZMqVhe1q8cNH7&redirect_uri=https%3A%2... HTTP 302
    https://auth02.ey.com/u/login/identifier?state=hKFo2SBTbXJETFVYa0VNX1FFVl82RWRPZkVzbXNtTHVoUm0xcKF... Page URL

Page Statistics

11
Requests

91 %
HTTPS

20 %
IPv6

3
Domains

5
Subdomains

5
IPs

3
Countries

20188 kB
Transfer

20329 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://u21049206.ct.sendgrid.net/ls/click?upn=GbH6mbKXlvk-2B4cBOs6of4xtnfnPeqZkxAFgIPB8Ghl2ab8zHuycBCWHBP5HvAI1rtcHF_aN1F-2BBb-2FqCmeZA1f82VRgk-2B5lFei4M5bAMYjm3BsPtDN5C7kQeTV8n0YFeX0X-2F7G5-2FT9493fkt4UfUIE42R101iRAPCWpBIY4wC5x4mZnNpeJ-2B9ML-2F-2FbYbexK1ptpAx69mTol1njQQif9ZIFEl0jQQshSR0k0MPG0623kCTZMTzmL4iZb6fgjCwFscpPSeIGcG9KQT7HFHZOrWHwdOOydnNPj7Jc9H-2BR-2BPVmMt-2FN2uezn1fTaQD6eg3gCsz-2F9UONNn3F4SEukuAr6iLrXn84QmPwwqwBf83GuT8ND-2B8XZNFgPxjzhFbWVT4-2BUtGYdbWLy-2FtWB95TqVhkIrYc0bfbBysf0xXdYUlu03s-2Fe5XfjD4-3D HTTP 302
    https://eyvia-stg.ey.com/ Page URL
  2. https://auth02.ey.com/authorize?client_id=XO14tkmCnqGnsl7rxJOZMqVhe1q8cNH7&redirect_uri=https%3A%2F%2Feyvia-stg.ey.com%2Flogin&scope=openid%20profile%20email&response_type=code&response_mode=query&state=a0RGeFFIMEpWM0NNVm1OSTdLSWdLQnl1X29MZFpleHRKNWJlQ2VwYng3NQ%3D%3D&nonce=Qlp1VE5wU1I0VlpiVnc5U0lsb2NMa2pCbktSRHAudDRKeVguYlIyVVVmTQ%3D%3D&code_challenge=_ujn6wvvQRuYNTgS9HXYYLpLOjs-HVZKBgDgVtw8dtM&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMS41LjAifQ%3D%3D HTTP 302
    https://auth02.ey.com/u/login/identifier?state=hKFo2SBTbXJETFVYa0VNX1FFVl82RWRPZkVzbXNtTHVoUm0xcKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIGl5OUlFb2VseU04TWlmTlpJbGxNQ21oUzFsdWNRYWhZo2NpZNkgWE8xNHRrbUNucUduc2w3cnhKT1pNcVZoZTFxOGNOSDc Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://u21049206.ct.sendgrid.net/ls/click?upn=GbH6mbKXlvk-2B4cBOs6of4xtnfnPeqZkxAFgIPB8Ghl2ab8zHuycBCWHBP5HvAI1rtcHF_aN1F-2BBb-2FqCmeZA1f82VRgk-2B5lFei4M5bAMYjm3BsPtDN5C7kQeTV8n0YFeX0X-2F7G5-2FT9493fkt4UfUIE42R101iRAPCWpBIY4wC5x4mZnNpeJ-2B9ML-2F-2FbYbexK1ptpAx69mTol1njQQif9ZIFEl0jQQshSR0k0MPG0623kCTZMTzmL4iZb6fgjCwFscpPSeIGcG9KQT7HFHZOrWHwdOOydnNPj7Jc9H-2BR-2BPVmMt-2FN2uezn1fTaQD6eg3gCsz-2F9UONNn3F4SEukuAr6iLrXn84QmPwwqwBf83GuT8ND-2B8XZNFgPxjzhFbWVT4-2BUtGYdbWLy-2FtWB95TqVhkIrYc0bfbBysf0xXdYUlu03s-2Fe5XfjD4-3D HTTP 302
  • https://eyvia-stg.ey.com/

11 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
eyvia-stg.ey.com/
Redirect Chain
  • https://u21049206.ct.sendgrid.net/ls/click?upn=GbH6mbKXlvk-2B4cBOs6of4xtnfnPeqZkxAFgIPB8Ghl2ab8zHuycBCWHBP5HvAI1rtcHF_aN1F-2BBb-2FqCmeZA1f82VRgk-2B5lFei4M5bAMYjm3BsPtDN5C7kQeTV8n0YFeX0X-2F7G5-2FT94...
  • https://eyvia-stg.ey.com/
3 KB
4 KB
Document
General
Full URL
https://eyvia-stg.ey.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.105.213.34 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
'' /
Resource Hash
1cf961b94e221102bf28b11fd640d8a119d1785c5efa8888992845ca646449ac
Security Headers
Name Value
Content-Security-Policy base-uri 'self';connect-src https://auth02.ey.com https://auth-qa02.ey.com 'self' localhost:* 'self' localhost:* *.blob.core.windows.net dc.services.visualstudio.com assets.adobedtm.com https://dpm.demdex.net https://eycom.d3.sc.omtrdc.net; font-src 'self' data: localhost:* ;frame-src 'self' blob: localhost:* app.powerbi.com https://auth02.ey.com https://auth-qa02.ey.com https://view.officeapps.live.com *.blob.core.windows.net; img-src * data: https://auth02.ey.com https://auth-qa02.ey.com; script-src 'self' localhost: 'unsafe-inline' 'unsafe-eval' https://assets.adobedtm.com https://dpm.demdex.net https://eycom.d3.sc.omtrdc.net https://auth02.ey.com https://auth-qa02.ey.com; object-src 'none';style-src 'self' localhost: 'unsafe-inline' ;worker-src 'self' blob:;media-src 'self' blob: *.blob.core.windows.net
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache
content-length
3194
content-security-policy
base-uri 'self';connect-src https://auth02.ey.com https://auth-qa02.ey.com 'self' localhost:* 'self' localhost:* *.blob.core.windows.net dc.services.visualstudio.com assets.adobedtm.com https://dpm.demdex.net https://eycom.d3.sc.omtrdc.net; font-src 'self' data: localhost:* ;frame-src 'self' blob: localhost:* app.powerbi.com https://auth02.ey.com https://auth-qa02.ey.com https://view.officeapps.live.com *.blob.core.windows.net; img-src * data: https://auth02.ey.com https://auth-qa02.ey.com; script-src 'self' localhost: 'unsafe-inline' 'unsafe-eval' https://assets.adobedtm.com https://dpm.demdex.net https://eycom.d3.sc.omtrdc.net https://auth02.ey.com https://auth-qa02.ey.com; object-src 'none';style-src 'self' localhost: 'unsafe-inline' ;worker-src 'self' blob:;media-src 'self' blob: *.blob.core.windows.net
content-type
text/html
date
Tue, 10 May 2022 13:15:44 GMT
etag
"62383bd3-c7a"
last-modified
Mon, 21 Mar 2022 08:48:19 GMT
server
''
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
deny
x-xss-protection
1; mode=block

Redirect headers

Connection
keep-alive
Content-Length
47
Content-Type
text/html; charset=utf-8
Date
Tue, 10 May 2022 13:15:44 GMT
Location
https://eyvia-stg.ey.com
Server
nginx
X-Robots-Tag
noindex, nofollow
5.bc8019c2.chunk.css
eyvia-stg.ey.com/static/css/
108 KB
109 KB
Stylesheet
General
Full URL
https://eyvia-stg.ey.com/static/css/5.bc8019c2.chunk.css
Requested by
Host: eyvia-stg.ey.com
URL: https://eyvia-stg.ey.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.105.213.34 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
'' /
Resource Hash
16968f754f413b351ef6308ad838c3dcebd0ade97b5ad42dfc72dd071932bc9d
Security Headers
Name Value
Content-Security-Policy base-uri 'self';connect-src https://auth02.ey.com https://auth-qa02.ey.com 'self' localhost:* 'self' localhost:* *.blob.core.windows.net dc.services.visualstudio.com assets.adobedtm.com https://dpm.demdex.net https://eycom.d3.sc.omtrdc.net; font-src 'self' data: localhost:* ;frame-src 'self' blob: localhost:* app.powerbi.com https://auth02.ey.com https://auth-qa02.ey.com https://view.officeapps.live.com *.blob.core.windows.net; img-src * data: https://auth02.ey.com https://auth-qa02.ey.com; script-src 'self' localhost: 'unsafe-inline' 'unsafe-eval' https://assets.adobedtm.com https://dpm.demdex.net https://eycom.d3.sc.omtrdc.net https://auth02.ey.com https://auth-qa02.ey.com; object-src 'none';style-src 'self' localhost: 'unsafe-inline' ;worker-src 'self' blob:;media-src 'self' blob: *.blob.core.windows.net
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eyvia-stg.ey.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 10 May 2022 13:15:44 GMT
x-content-type-options
nosniff
last-modified
Mon, 21 Mar 2022 08:48:19 GMT
server
''
etag
"62383bd3-1af71"
x-frame-options
deny
content-type
text/css
cache-control
no-cache
content-security-policy
base-uri 'self';connect-src https://auth02.ey.com https://auth-qa02.ey.com 'self' localhost:* 'self' localhost:* *.blob.core.windows.net dc.services.visualstudio.com assets.adobedtm.com https://dpm.demdex.net https://eycom.d3.sc.omtrdc.net; font-src 'self' data: localhost:* ;frame-src 'self' blob: localhost:* app.powerbi.com https://auth02.ey.com https://auth-qa02.ey.com https://view.officeapps.live.com *.blob.core.windows.net; img-src * data: https://auth02.ey.com https://auth-qa02.ey.com; script-src 'self' localhost: 'unsafe-inline' 'unsafe-eval' https://assets.adobedtm.com https://dpm.demdex.net https://eycom.d3.sc.omtrdc.net https://auth02.ey.com https://auth-qa02.ey.com; object-src 'none';style-src 'self' localhost: 'unsafe-inline' ;worker-src 'self' blob:;media-src 'self' blob: *.blob.core.windows.net
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
110449
x-xss-protection
1; mode=block
main.b281bf03.chunk.css
eyvia-stg.ey.com/static/css/
20 KB
20 KB
Stylesheet
General
Full URL
https://eyvia-stg.ey.com/static/css/main.b281bf03.chunk.css
Requested by
Host: eyvia-stg.ey.com
URL: https://eyvia-stg.ey.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.105.213.34 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
'' /
Resource Hash
d61b54717fd4788cd71d798b185941be5ef94132d3db743c3b80ba9262bd7662
Security Headers
Name Value
Content-Security-Policy base-uri 'self';connect-src https://auth02.ey.com https://auth-qa02.ey.com 'self' localhost:* 'self' localhost:* *.blob.core.windows.net dc.services.visualstudio.com assets.adobedtm.com https://dpm.demdex.net https://eycom.d3.sc.omtrdc.net; font-src 'self' data: localhost:* ;frame-src 'self' blob: localhost:* app.powerbi.com https://auth02.ey.com https://auth-qa02.ey.com https://view.officeapps.live.com *.blob.core.windows.net; img-src * data: https://auth02.ey.com https://auth-qa02.ey.com; script-src 'self' localhost: 'unsafe-inline' 'unsafe-eval' https://assets.adobedtm.com https://dpm.demdex.net https://eycom.d3.sc.omtrdc.net https://auth02.ey.com https://auth-qa02.ey.com; object-src 'none';style-src 'self' localhost: 'unsafe-inline' ;worker-src 'self' blob:;media-src 'self' blob: *.blob.core.windows.net
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eyvia-stg.ey.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 10 May 2022 13:15:44 GMT
x-content-type-options
nosniff
last-modified
Mon, 21 Mar 2022 08:48:19 GMT
server
''
etag
"62383bd3-4e5b"
x-frame-options
deny
content-type
text/css
cache-control
no-cache
content-security-policy
base-uri 'self';connect-src https://auth02.ey.com https://auth-qa02.ey.com 'self' localhost:* 'self' localhost:* *.blob.core.windows.net dc.services.visualstudio.com assets.adobedtm.com https://dpm.demdex.net https://eycom.d3.sc.omtrdc.net; font-src 'self' data: localhost:* ;frame-src 'self' blob: localhost:* app.powerbi.com https://auth02.ey.com https://auth-qa02.ey.com https://view.officeapps.live.com *.blob.core.windows.net; img-src * data: https://auth02.ey.com https://auth-qa02.ey.com; script-src 'self' localhost: 'unsafe-inline' 'unsafe-eval' https://assets.adobedtm.com https://dpm.demdex.net https://eycom.d3.sc.omtrdc.net https://auth02.ey.com https://auth-qa02.ey.com; object-src 'none';style-src 'self' localhost: 'unsafe-inline' ;worker-src 'self' blob:;media-src 'self' blob: *.blob.core.windows.net
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
20059
x-xss-protection
1; mode=block
5.2fd5455d.chunk.js
eyvia-stg.ey.com/static/js/
4 MB
5 MB
Script
General
Full URL
https://eyvia-stg.ey.com/static/js/5.2fd5455d.chunk.js
Requested by
Host: eyvia-stg.ey.com
URL: https://eyvia-stg.ey.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.105.213.34 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
'' /
Resource Hash
fb3106927b002c448a6ad789022385c3cee7debd62f84c45fec5a45263312cec
Security Headers
Name Value
Content-Security-Policy base-uri 'self';connect-src https://auth02.ey.com https://auth-qa02.ey.com 'self' localhost:* 'self' localhost:* *.blob.core.windows.net dc.services.visualstudio.com assets.adobedtm.com https://dpm.demdex.net https://eycom.d3.sc.omtrdc.net; font-src 'self' data: localhost:* ;frame-src 'self' blob: localhost:* app.powerbi.com https://auth02.ey.com https://auth-qa02.ey.com https://view.officeapps.live.com *.blob.core.windows.net; img-src * data: https://auth02.ey.com https://auth-qa02.ey.com; script-src 'self' localhost: 'unsafe-inline' 'unsafe-eval' https://assets.adobedtm.com https://dpm.demdex.net https://eycom.d3.sc.omtrdc.net https://auth02.ey.com https://auth-qa02.ey.com; object-src 'none';style-src 'self' localhost: 'unsafe-inline' ;worker-src 'self' blob:;media-src 'self' blob: *.blob.core.windows.net
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eyvia-stg.ey.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 10 May 2022 13:15:44 GMT
x-content-type-options
nosniff
last-modified
Mon, 21 Mar 2022 08:48:19 GMT
server
''
etag
"62383bd3-47ea7d"
x-frame-options
deny
content-type
application/javascript
cache-control
no-cache
content-security-policy
base-uri 'self';connect-src https://auth02.ey.com https://auth-qa02.ey.com 'self' localhost:* 'self' localhost:* *.blob.core.windows.net dc.services.visualstudio.com assets.adobedtm.com https://dpm.demdex.net https://eycom.d3.sc.omtrdc.net; font-src 'self' data: localhost:* ;frame-src 'self' blob: localhost:* app.powerbi.com https://auth02.ey.com https://auth-qa02.ey.com https://view.officeapps.live.com *.blob.core.windows.net; img-src * data: https://auth02.ey.com https://auth-qa02.ey.com; script-src 'self' localhost: 'unsafe-inline' 'unsafe-eval' https://assets.adobedtm.com https://dpm.demdex.net https://eycom.d3.sc.omtrdc.net https://auth02.ey.com https://auth-qa02.ey.com; object-src 'none';style-src 'self' localhost: 'unsafe-inline' ;worker-src 'self' blob:;media-src 'self' blob: *.blob.core.windows.net
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
4713085
x-xss-protection
1; mode=block
main.1d3ce779.chunk.js
eyvia-stg.ey.com/static/js/
15 MB
15 MB
Script
General
Full URL
https://eyvia-stg.ey.com/static/js/main.1d3ce779.chunk.js
Requested by
Host: eyvia-stg.ey.com
URL: https://eyvia-stg.ey.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.105.213.34 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
'' /
Resource Hash
1957ef4a6588d8c0f811c5eba906f55122b90eac8d09118e06d1400eefd66d92
Security Headers
Name Value
Content-Security-Policy base-uri 'self';connect-src https://auth02.ey.com https://auth-qa02.ey.com 'self' localhost:* 'self' localhost:* *.blob.core.windows.net dc.services.visualstudio.com assets.adobedtm.com https://dpm.demdex.net https://eycom.d3.sc.omtrdc.net; font-src 'self' data: localhost:* ;frame-src 'self' blob: localhost:* app.powerbi.com https://auth02.ey.com https://auth-qa02.ey.com https://view.officeapps.live.com *.blob.core.windows.net; img-src * data: https://auth02.ey.com https://auth-qa02.ey.com; script-src 'self' localhost: 'unsafe-inline' 'unsafe-eval' https://assets.adobedtm.com https://dpm.demdex.net https://eycom.d3.sc.omtrdc.net https://auth02.ey.com https://auth-qa02.ey.com; object-src 'none';style-src 'self' localhost: 'unsafe-inline' ;worker-src 'self' blob:;media-src 'self' blob: *.blob.core.windows.net
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eyvia-stg.ey.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 10 May 2022 13:15:44 GMT
x-content-type-options
nosniff
last-modified
Mon, 21 Mar 2022 08:48:19 GMT
server
''
etag
"62383bd3-efbad2"
x-frame-options
deny
content-type
application/javascript
cache-control
no-cache
content-security-policy
base-uri 'self';connect-src https://auth02.ey.com https://auth-qa02.ey.com 'self' localhost:* 'self' localhost:* *.blob.core.windows.net dc.services.visualstudio.com assets.adobedtm.com https://dpm.demdex.net https://eycom.d3.sc.omtrdc.net; font-src 'self' data: localhost:* ;frame-src 'self' blob: localhost:* app.powerbi.com https://auth02.ey.com https://auth-qa02.ey.com https://view.officeapps.live.com *.blob.core.windows.net; img-src * data: https://auth02.ey.com https://auth-qa02.ey.com; script-src 'self' localhost: 'unsafe-inline' 'unsafe-eval' https://assets.adobedtm.com https://dpm.demdex.net https://eycom.d3.sc.omtrdc.net https://auth02.ey.com https://auth-qa02.ey.com; object-src 'none';style-src 'self' localhost: 'unsafe-inline' ;worker-src 'self' blob:;media-src 'self' blob: *.blob.core.windows.net
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
15710930
x-xss-protection
1; mode=block
insights.json
eyvia-stg.ey.com/
7 KB
8 KB
Fetch
General
Full URL
https://eyvia-stg.ey.com/insights.json
Requested by
Host: eyvia-stg.ey.com
URL: https://eyvia-stg.ey.com/static/js/main.1d3ce779.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.105.213.34 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
'' /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'self';connect-src https://auth02.ey.com https://auth-qa02.ey.com 'self' localhost:* 'self' localhost:* *.blob.core.windows.net dc.services.visualstudio.com assets.adobedtm.com https://dpm.demdex.net https://eycom.d3.sc.omtrdc.net; font-src 'self' data: localhost:* ;frame-src 'self' blob: localhost:* app.powerbi.com https://auth02.ey.com https://auth-qa02.ey.com https://view.officeapps.live.com *.blob.core.windows.net; img-src * data: https://auth02.ey.com https://auth-qa02.ey.com; script-src 'self' localhost: 'unsafe-inline' 'unsafe-eval' https://assets.adobedtm.com https://dpm.demdex.net https://eycom.d3.sc.omtrdc.net https://auth02.ey.com https://auth-qa02.ey.com; object-src 'none';style-src 'self' localhost: 'unsafe-inline' ;worker-src 'self' blob:;media-src 'self' blob: *.blob.core.windows.net
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eyvia-stg.ey.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 10 May 2022 13:15:45 GMT
x-content-type-options
nosniff
last-modified
Mon, 21 Mar 2022 08:42:08 GMT
server
''
etag
"62383a60-1b85"
x-frame-options
deny
content-type
application/json
cache-control
no-cache
content-security-policy
base-uri 'self';connect-src https://auth02.ey.com https://auth-qa02.ey.com 'self' localhost:* 'self' localhost:* *.blob.core.windows.net dc.services.visualstudio.com assets.adobedtm.com https://dpm.demdex.net https://eycom.d3.sc.omtrdc.net; font-src 'self' data: localhost:* ;frame-src 'self' blob: localhost:* app.powerbi.com https://auth02.ey.com https://auth-qa02.ey.com https://view.officeapps.live.com *.blob.core.windows.net; img-src * data: https://auth02.ey.com https://auth-qa02.ey.com; script-src 'self' localhost: 'unsafe-inline' 'unsafe-eval' https://assets.adobedtm.com https://dpm.demdex.net https://eycom.d3.sc.omtrdc.net https://auth02.ey.com https://auth-qa02.ey.com; object-src 'none';style-src 'self' localhost: 'unsafe-inline' ;worker-src 'self' blob:;media-src 'self' blob: *.blob.core.windows.net
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
7045
x-xss-protection
1; mode=block
insights.json
eyvia-stg.ey.com/
7 KB
8 KB
Fetch
General
Full URL
https://eyvia-stg.ey.com/insights.json
Requested by
Host: eyvia-stg.ey.com
URL: https://eyvia-stg.ey.com/static/js/main.1d3ce779.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.105.213.34 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
'' /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'self';connect-src https://auth02.ey.com https://auth-qa02.ey.com 'self' localhost:* 'self' localhost:* *.blob.core.windows.net dc.services.visualstudio.com assets.adobedtm.com https://dpm.demdex.net https://eycom.d3.sc.omtrdc.net; font-src 'self' data: localhost:* ;frame-src 'self' blob: localhost:* app.powerbi.com https://auth02.ey.com https://auth-qa02.ey.com https://view.officeapps.live.com *.blob.core.windows.net; img-src * data: https://auth02.ey.com https://auth-qa02.ey.com; script-src 'self' localhost: 'unsafe-inline' 'unsafe-eval' https://assets.adobedtm.com https://dpm.demdex.net https://eycom.d3.sc.omtrdc.net https://auth02.ey.com https://auth-qa02.ey.com; object-src 'none';style-src 'self' localhost: 'unsafe-inline' ;worker-src 'self' blob:;media-src 'self' blob: *.blob.core.windows.net
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eyvia-stg.ey.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 10 May 2022 13:15:45 GMT
x-content-type-options
nosniff
last-modified
Mon, 21 Mar 2022 08:42:08 GMT
server
''
etag
"62383a60-1b85"
x-frame-options
deny
content-type
application/json
cache-control
no-cache
content-security-policy
base-uri 'self';connect-src https://auth02.ey.com https://auth-qa02.ey.com 'self' localhost:* 'self' localhost:* *.blob.core.windows.net dc.services.visualstudio.com assets.adobedtm.com https://dpm.demdex.net https://eycom.d3.sc.omtrdc.net; font-src 'self' data: localhost:* ;frame-src 'self' blob: localhost:* app.powerbi.com https://auth02.ey.com https://auth-qa02.ey.com https://view.officeapps.live.com *.blob.core.windows.net; img-src * data: https://auth02.ey.com https://auth-qa02.ey.com; script-src 'self' localhost: 'unsafe-inline' 'unsafe-eval' https://assets.adobedtm.com https://dpm.demdex.net https://eycom.d3.sc.omtrdc.net https://auth02.ey.com https://auth-qa02.ey.com; object-src 'none';style-src 'self' localhost: 'unsafe-inline' ;worker-src 'self' blob:;media-src 'self' blob: *.blob.core.windows.net
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
7045
x-xss-protection
1; mode=block
authorize
auth02.ey.com/
0
0

Primary Request identifier
auth02.ey.com/u/login/
Redirect Chain
  • https://auth02.ey.com/authorize?client_id=XO14tkmCnqGnsl7rxJOZMqVhe1q8cNH7&redirect_uri=https%3A%2F%2Feyvia-stg.ey.com%2Flogin&scope=openid%20profile%20email&response_type=code&response_mode=query&...
  • https://auth02.ey.com/u/login/identifier?state=hKFo2SBTbXJETFVYa0VNX1FFVl82RWRPZkVzbXNtTHVoUm0xcKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIGl5OUlFb2VseU04TWlmTlpJbGxNQ21oUzFsdWNRYWhZo2NpZNkgWE8xNHRrbUNucUduc2...
15 KB
16 KB
Document
General
Full URL
https://auth02.ey.com/u/login/identifier?state=hKFo2SBTbXJETFVYa0VNX1FFVl82RWRPZkVzbXNtTHVoUm0xcKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIGl5OUlFb2VseU04TWlmTlpJbGxNQ21oUzFsdWNRYWhZo2NpZNkgWE8xNHRrbUNucUduc2w3cnhKT1pNcVZoZTFxOGNOSDc
Requested by
Host: eyvia-stg.ey.com
URL: https://eyvia-stg.ey.com/static/js/5.2fd5455d.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f458 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
647aaec1a5d978b75f0491b9ec81e6b261fb4eaeb7d11229695c61550bba9890
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eyvia-stg.ey.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, max-age=0, no-transform
cf-cache-status
DYNAMIC
cf-ray
7092f212fa6b909d-FRA
content-language
en
content-security-policy
frame-ancestors 'none'
content-type
text/html; charset=utf-8
date
Tue, 10 May 2022 13:15:47 GMT
etag
W/"3c4e-SUmTxmTNJVmLssWAyoP5n79wenY"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Tue, 10 May 2022 13:15:47 GMT
ot-baggage-auth0-request-id
7092f212fa6b909d
ot-tracer-sampled
true
ot-tracer-spanid
27c81c3d027bad9e
ot-tracer-traceid
2c38a00d15558807
pragma
no-cache
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=31536000
traceparent
00-27c81c3d027bad9e-00000000000000002c38a00d15558807-01
tracestate
auth0-request-id=7092f212fa6b909d
vary
Accept-Encoding
x-auth0-requestid
1550557613674d5ad0cd
x-content-type-options
nosniff
x-frame-options
deny
x-ratelimit-limit
20
x-ratelimit-remaining
19
x-ratelimit-reset
1652188554
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, max-age=0, no-transform
cf-cache-status
DYNAMIC
cf-ray
7092f20cf8c4909d-FRA
content-length
446
content-type
text/html; charset=utf-8
date
Tue, 10 May 2022 13:15:46 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
/u/login/identifier?state=hKFo2SBTbXJETFVYa0VNX1FFVl82RWRPZkVzbXNtTHVoUm0xcKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIGl5OUlFb2VseU04TWlmTlpJbGxNQ21oUzFsdWNRYWhZo2NpZNkgWE8xNHRrbUNucUduc2w3cnhKT1pNcVZoZTFxOGNOSDc
ot-baggage-auth0-request-id
7092f20cf8c4909d
ot-tracer-sampled
true
ot-tracer-spanid
6e39352c22631f5f
ot-tracer-traceid
071fe33103b5ee65
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000
traceparent
00-6e39352c22631f5f-0000000000000000071fe33103b5ee65-01
tracestate
auth0-request-id=7092f20cf8c4909d
vary
Accept, Accept-Encoding
x-auth0-requestid
7ff122f1136ffaf5684e
x-content-type-options
nosniff
x-ratelimit-limit
300
x-ratelimit-remaining
298
x-ratelimit-reset
1652188547
main.cdn.min.css
cdn.auth0.com/ulp/react-components/1.59.13/css/
223 KB
52 KB
Stylesheet
General
Full URL
https://cdn.auth0.com/ulp/react-components/1.59.13/css/main.cdn.min.css
Requested by
Host: auth02.ey.com
URL: https://auth02.ey.com/u/login/identifier?state=hKFo2SBTbXJETFVYa0VNX1FFVl82RWRPZkVzbXNtTHVoUm0xcKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIGl5OUlFb2VseU04TWlmTlpJbGxNQ21oUzFsdWNRYWhZo2NpZNkgWE8xNHRrbUNucUduc2w3cnhKT1pNcVZoZTFxOGNOSDc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.103.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-103-120.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dffa8f5e6feecce144815e56274a96e81f51d8bacb935d52e26fe5031350bb73

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
byALWK9O1EKfvH2f.4_oWZmBy0RN0G1u
content-encoding
gzip
last-modified
Tue, 12 Apr 2022 18:16:37 GMT
server
AmazonS3
age
78103
etag
W/"6f0b89bb9872e5e9d923b452ea733088"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 b44e2902bb3501d47514e51618f1bda4.cloudfront.net (CloudFront)
cache-control
max-age=2628000,public
date
Mon, 09 May 2022 15:34:05 GMT
x-amz-replication-status
FAILED
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
_ZVfQolC2IjM2AIup7p6HkU23u4eyOs32NjoqRTwCFmep-Qf-T2mVw==
EYLogo.png
cdn.ey.com/MYEY/ip/
2 KB
2 KB
Image
General
Full URL
https://cdn.ey.com/MYEY/ip/EYLogo.png
Requested by
Host: auth02.ey.com
URL: https://auth02.ey.com/u/login/identifier?state=hKFo2SBTbXJETFVYa0VNX1FFVl82RWRPZkVzbXNtTHVoUm0xcKFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIGl5OUlFb2VseU04TWlmTlpJbGxNQ21oUzFsdWNRYWhZo2NpZNkgWE8xNHRrbUNucUduc2w3cnhKT1pNcVZoZTFxOGNOSDc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.247.25 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-247-25.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
01c2d5f8d72c96b7eede80ea4bb16d346f50718edc9e9a7e7e0b61905d5fd437

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Tue, 10 May 2022 13:15:47 GMT
Last-Modified
Tue, 30 Mar 2021 12:22:57 GMT
Server
AkamaiNetStorage
ETag
"6a400b1e8035b97c43de687e8c45f735:1617106977.652443"
Content-Type
image/png
Access-Control-Allow-Origin
http://admin.brightcove.com
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Requested-With
Content-Length
1901

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
auth02.ey.com
URL
https://auth02.ey.com/authorize?client_id=XO14tkmCnqGnsl7rxJOZMqVhe1q8cNH7&redirect_uri=https%3A%2F%2Feyvia-stg.ey.com%2Flogin&scope=openid%20profile%20email&response_type=code&response_mode=query&state=a0duY0ZMLXNCbG9obU9sR3NHUWVrN2dRbEVpcHdyR1BqMlRvRzZwLnlIaQ%3D%3D&nonce=Rmh2ZkhCREhoNmFHUG56MWxVYlRWYmVLLS5XM1FMZHFyLnhSRnFtRG52cQ%3D%3D&code_challenge=C4rodoZeSfJ26Fa9MABp9lLEfrorOcRvswUR4kzLbXY&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMS41LjAifQ%3D%3D

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails

6 Cookies

Domain/Path Name / Value
eyvia-stg.ey.com/ Name: ai_user
Value: llMoMIy0w54KVItofJHnHI|2022-05-10T13:15:45.868Z
auth02.ey.com/ Name: did
Value: s%3Av0%3A4dcb94d0-d063-11ec-b0fa-693e9a47930e.VbCafNEATldpUYq9SF8N3EChuxAD43w%2FNv1H8sIPwRI
auth02.ey.com/ Name: auth0
Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQEyR6KwOK2vfZ9P0JD07VcuUL3qrwhMbM4xc5JU-XWi11YjAU2ijTp4YNrsx5qcja3Y-KcrmwYtnjHZwhngWH3mmY29va2llg6dleHBpcmVz1__ngSMAYn5aAq5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.EaTvz0t%2BC05a1zzcAJlfVpLISX3havNv6pNHj4tA%2B88
auth02.ey.com/ Name: did_compat
Value: s%3Av0%3A4dcb94d0-d063-11ec-b0fa-693e9a47930e.VbCafNEATldpUYq9SF8N3EChuxAD43w%2FNv1H8sIPwRI
auth02.ey.com/ Name: auth0_compat
Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQEyR6KwOK2vfZ9P0JD07VcuUL3qrwhMbM4xc5JU-XWi11YjAU2ijTp4YNrsx5qcja3Y-KcrmwYtnjHZwhngWH3mmY29va2llg6dleHBpcmVz1__ngSMAYn5aAq5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.EaTvz0t%2BC05a1zzcAJlfVpLISX3havNv6pNHj4tA%2B88
.auth02.ey.com/ Name: __cf_bm
Value: 94Cglyli6J1xUsxXbjbwNUsAXjYZNxl4I0uva_TyFvQ-1652188546-0-AfYO5yQbmb72PDsBC7682/+OkV9f/ofQ8EgJFH5ai4A/LLfXaTURVKYNagR288ShJrUCLrbLv+yylwY7i9evVJw=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy base-uri 'self';connect-src https://auth02.ey.com https://auth-qa02.ey.com 'self' localhost:* 'self' localhost:* *.blob.core.windows.net dc.services.visualstudio.com assets.adobedtm.com https://dpm.demdex.net https://eycom.d3.sc.omtrdc.net; font-src 'self' data: localhost:* ;frame-src 'self' blob: localhost:* app.powerbi.com https://auth02.ey.com https://auth-qa02.ey.com https://view.officeapps.live.com *.blob.core.windows.net; img-src * data: https://auth02.ey.com https://auth-qa02.ey.com; script-src 'self' localhost: 'unsafe-inline' 'unsafe-eval' https://assets.adobedtm.com https://dpm.demdex.net https://eycom.d3.sc.omtrdc.net https://auth02.ey.com https://auth-qa02.ey.com; object-src 'none';style-src 'self' localhost: 'unsafe-inline' ;worker-src 'self' blob:;media-src 'self' blob: *.blob.core.windows.net
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block