urlscan.io logo urlscan.io
SecurityTrails logo

app.eu-west-1.sbc-production.com Open in urlscan Pro
2600:9000:223c:a400:13:de96:eb80:93a1  Public Scan

Go To Rescan Add Verdict Report
URL: https://app.eu-west-1.sbc-production.com/
Submission Tags: @phishunt_io
Submission: On July 17 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 1 countries across 5 domains to perform 18 HTTP transactions. The main IP is 2600:9000:223c:a400:13:de96:eb80:93a1, located in United States and belongs to AMAZON-02, US. The main domain is app.eu-west-1.sbc-production.com.
TLS certificate: Issued by Amazon on July 17th 2022. Valid for: a year.
This is the only time app.eu-west-1.sbc-production.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 2600:9000:223... 16509 (AMAZON-02)
4 2606:4700:440... 13335 (CLOUDFLAR...)
1 2600:9000:205... 16509 (AMAZON-02)
1 151.101.66.137 54113 (FASTLY)
3 162.247.241.14 23467 (NEWRELIC-...)
18 6
7    2600:9000:223c:a400:13:de96:eb80:93a1 (United States)

ASN16509 (AMAZON-02, US)
app.eu-west-1.sbc-production.com
4    2606:4700:4400::ac40:93e7 (United States)

ASN13335 (CLOUDFLARENET, US)
assets.sbc.sage.com
1    2600:9000:2057:ce00:1f:aa31:7740:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.pendo.io
1    151.101.66.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
3    162.247.241.14 (Portland, United States)

ASN23467 (NEWRELIC-AS-1, US)
bam.nr-data.net
Apex Domain
Subdomains		 Transfer
7 sbc-production.com
app.eu-west-1.sbc-production.com
221 KB
4 sage.com
assets.sbc.sage.com
8 KB
3 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 305
2 KB
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 477
17 KB
1 pendo.io
cdn.pendo.io — Cisco Umbrella Rank: 1172
144 KB
18 5
Domain Requested by
7 app.eu-west-1.sbc-production.com app.eu-west-1.sbc-production.com
assets.sbc.sage.com
4 assets.sbc.sage.com app.eu-west-1.sbc-production.com
3 bam.nr-data.net app.eu-west-1.sbc-production.com
1 js-agent.newrelic.com app.eu-west-1.sbc-production.com
1 cdn.pendo.io app.eu-west-1.sbc-production.com
18 5

This site contains no links.

Subject Issuer Validity Valid
app.eu-west-1.sbc-production.com
Amazon		 2022-07-17 -
2023-08-15		 a year crt.sh
sbc.sage.com
Cloudflare Inc ECC CA-3		 2021-10-13 -
2022-10-12		 a year crt.sh
cdn.pendo.io
Amazon		 2021-08-29 -
2022-09-27		 a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-07-10 -
2023-08-11		 a year crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-10 -
2023-02-10		 a year crt.sh

This page contains 1 frames:

Primary Page: https://app.eu-west-1.sbc-production.com/
Frame ID: CA5149141FF6E0C52359DADE4DA0F0ED
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sage Business Cloud

Page Statistics

18
Requests

89 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

6
IPs

1
Countries

392 kB
Transfer

733 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
app.eu-west-1.sbc-production.com/ 		39 KB
41 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.eu-west-1.sbc-production.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:a400:13:de96:eb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4ed04b5e6ccf181ee0fb14bb3c75e68c944155bc5ef194a9b5f9ac8076fe3070
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' *.sbc.sage.com app.eu.pendo.io app.pendo.io cdn.eu.pendo.io cdn.pendo.io data.eu.pendo.io data.pendo.io pendo-eu-static-6540045853392896.storage.googleapis.com pendo-static-6540045853392896.storage.googleapis.com; script-src 'self' *.sbc.sage.com id.sage.com js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net app.eu.pendo.io app.pendo.io cdn.eu.pendo.io cdn.pendo.io data.eu.pendo.io data.pendo.io pendo-eu-static-6540045853392896.storage.googleapis.com pendo-eu-static.storage.googleapis.com pendo-io-static.storage.googleapis.com pendo-static-6540045853392896.storage.googleapis.com 'unsafe-inline'; style-src 'self' app.eu.pendo.io app.pendo.io cdn.eu.pendo.io cdn.pendo.io pendo-eu-static-6540045853392896.storage.googleapis.com pendo-static-6540045853392896.storage.googleapis.com 'unsafe-inline'; font-src 'self'; connect-src 'self' *.sbc.sage.com id.sage.com js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net sbc-global-import-fileupload-production-eu-central-1.s3.eu-central-1.amazonaws.com sbc-global-import-fileupload-production-eu-west-1.s3.eu-west-1.amazonaws.com app.eu.pendo.io app.pendo.io data.eu.pendo.io data.pendo.io pendo-eu-static-6540045853392896.storage.googleapis.com pendo-static-6540045853392896.storage.googleapis.com wss://notificationconnect.sbc.sage.com; frame-src 'self' *.sbc.sage.com id.sage.com players.brightcove.net api.zuora.com; frame-ancestors 'self' app.eu.pendo.io app.pendo.io; worker-src 'self' blob:; child-src 'self' blob:; object-src 'none';
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
65272
cache-control
max-age=900,must-revalidate
content-length
40413
content-security-policy
default-src 'self'; img-src 'self' *.sbc.sage.com app.eu.pendo.io app.pendo.io cdn.eu.pendo.io cdn.pendo.io data.eu.pendo.io data.pendo.io pendo-eu-static-6540045853392896.storage.googleapis.com pendo-static-6540045853392896.storage.googleapis.com; script-src 'self' *.sbc.sage.com id.sage.com js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net app.eu.pendo.io app.pendo.io cdn.eu.pendo.io cdn.pendo.io data.eu.pendo.io data.pendo.io pendo-eu-static-6540045853392896.storage.googleapis.com pendo-eu-static.storage.googleapis.com pendo-io-static.storage.googleapis.com pendo-static-6540045853392896.storage.googleapis.com 'unsafe-inline'; style-src 'self' app.eu.pendo.io app.pendo.io cdn.eu.pendo.io cdn.pendo.io pendo-eu-static-6540045853392896.storage.googleapis.com pendo-static-6540045853392896.storage.googleapis.com 'unsafe-inline'; font-src 'self'; connect-src 'self' *.sbc.sage.com id.sage.com js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net sbc-global-import-fileupload-production-eu-central-1.s3.eu-central-1.amazonaws.com sbc-global-import-fileupload-production-eu-west-1.s3.eu-west-1.amazonaws.com app.eu.pendo.io app.pendo.io data.eu.pendo.io data.pendo.io pendo-eu-static-6540045853392896.storage.googleapis.com pendo-static-6540045853392896.storage.googleapis.com wss://notificationconnect.sbc.sage.com; frame-src 'self' *.sbc.sage.com id.sage.com players.brightcove.net api.zuora.com; frame-ancestors 'self' app.eu.pendo.io app.pendo.io; worker-src 'self' blob:; child-src 'self' blob:; object-src 'none';
content-type
text/html
date
Sat, 16 Jul 2022 17:28:24 GMT
etag
"3fff8521e24cd6c3d6f7322013ccd866"
last-modified
Fri, 15 Jul 2022 15:45:56 GMT
permissions-policy
referrer-policy
strict-origin-when-cross-origin
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubdomains; preload
via
1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
x-amz-cf-id
qv9vbyrKPH79EGiNnEReMBav-l-ooqbaZZob8_qnkKeCL58Q7kqffg==
x-amz-cf-pop
FRA56-P2
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block
index.js
app.eu-west-1.sbc-production.com/ 		59 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.eu-west-1.sbc-production.com/index.js
Requested by
Host: app.eu-west-1.sbc-production.com
URL: https://app.eu-west-1.sbc-production.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:a400:13:de96:eb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
beba177ff438d27bb4b3e44e46faf2572401f4b77d660bdd4ddfe498bc1a2970
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' *.sbc.sage.com app.eu.pendo.io app.pendo.io cdn.eu.pendo.io cdn.pendo.io data.eu.pendo.io data.pendo.io pendo-eu-static-6540045853392896.storage.googleapis.com pendo-static-6540045853392896.storage.googleapis.com; script-src 'self' *.sbc.sage.com id.sage.com js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net app.eu.pendo.io app.pendo.io cdn.eu.pendo.io cdn.pendo.io data.eu.pendo.io data.pendo.io pendo-eu-static-6540045853392896.storage.googleapis.com pendo-eu-static.storage.googleapis.com pendo-io-static.storage.googleapis.com pendo-static-6540045853392896.storage.googleapis.com 'unsafe-inline'; style-src 'self' app.eu.pendo.io app.pendo.io cdn.eu.pendo.io cdn.pendo.io pendo-eu-static-6540045853392896.storage.googleapis.com pendo-static-6540045853392896.storage.googleapis.com 'unsafe-inline'; font-src 'self'; connect-src 'self' *.sbc.sage.com id.sage.com js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net sbc-global-import-fileupload-production-eu-central-1.s3.eu-central-1.amazonaws.com sbc-global-import-fileupload-production-eu-west-1.s3.eu-west-1.amazonaws.com app.eu.pendo.io app.pendo.io data.eu.pendo.io data.pendo.io pendo-eu-static-6540045853392896.storage.googleapis.com pendo-static-6540045853392896.storage.googleapis.com wss://notificationconnect.sbc.sage.com; frame-src 'self' *.sbc.sage.com id.sage.com players.brightcove.net api.zuora.com; frame-ancestors 'self' app.eu.pendo.io app.pendo.io; worker-src 'self' blob:; child-src 'self' blob:; object-src 'none';
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.eu-west-1.sbc-production.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 11:36:16 GMT
via
1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
content-length
60534
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 15 Jul 2022 15:45:56 GMT
server
AmazonS3
x-frame-options
DENY
etag
"350944e464388a19a536cf49bae34d6c"
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
application/javascript
cache-control
max-age=900,must-revalidate
permissions-policy
content-security-policy
default-src 'self'; img-src 'self' *.sbc.sage.com app.eu.pendo.io app.pendo.io cdn.eu.pendo.io cdn.pendo.io data.eu.pendo.io data.pendo.io pendo-eu-static-6540045853392896.storage.googleapis.com pendo-static-6540045853392896.storage.googleapis.com; script-src 'self' *.sbc.sage.com id.sage.com js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net app.eu.pendo.io app.pendo.io cdn.eu.pendo.io cdn.pendo.io data.eu.pendo.io data.pendo.io pendo-eu-static-6540045853392896.storage.googleapis.com pendo-eu-static.storage.googleapis.com pendo-io-static.storage.googleapis.com pendo-static-6540045853392896.storage.googleapis.com 'unsafe-inline'; style-src 'self' app.eu.pendo.io app.pendo.io cdn.eu.pendo.io cdn.pendo.io pendo-eu-static-6540045853392896.storage.googleapis.com pendo-static-6540045853392896.storage.googleapis.com 'unsafe-inline'; font-src 'self'; connect-src 'self' *.sbc.sage.com id.sage.com js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net sbc-global-import-fileupload-production-eu-central-1.s3.eu-central-1.amazonaws.com sbc-global-import-fileupload-production-eu-west-1.s3.eu-west-1.amazonaws.com app.eu.pendo.io app.pendo.io data.eu.pendo.io data.pendo.io pendo-eu-static-6540045853392896.storage.googleapis.com pendo-static-6540045853392896.storage.googleapis.com wss://notificationconnect.sbc.sage.com; frame-src 'self' *.sbc.sage.com id.sage.com players.brightcove.net api.zuora.com; frame-ancestors 'self' app.eu.pendo.io app.pendo.io; worker-src 'self' blob:; child-src 'self' blob:; object-src 'none';
accept-ranges
bytes
x-amz-cf-id
d5XMLdUJTg5QIDs0Jz-OtAhWDnTTrYJWHTQny3CpHsG2YdXjhiy9HQ==
carbon-icons-webfont-77_2_0.woff
app.eu-west-1.sbc-production.com/fonts/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app.eu-west-1.sbc-production.com/fonts/carbon-icons-webfont-77_2_0.woff
Requested by
Host: app.eu-west-1.sbc-production.com
URL: https://app.eu-west-1.sbc-production.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:a400:13:de96:eb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
acb63808c9359a136ad4f973db83a6ce71763acc813c23ffeb67ad5211a3b4db
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' *.sbc.sage.com app.eu.pendo.io app.pendo.io cdn.eu.pendo.io cdn.pendo.io data.eu.pendo.io data.pendo.io pendo-eu-static-6540045853392896.storage.googleapis.com pendo-static-6540045853392896.storage.googleapis.com; script-src 'self' *.sbc.sage.com id.sage.com js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net app.eu.pendo.io app.pendo.io cdn.eu.pendo.io cdn.pendo.io data.eu.pendo.io data.pendo.io pendo-eu-static-6540045853392896.storage.googleapis.com pendo-eu-static.storage.googleapis.com pendo-io-static.storage.googleapis.com pendo-static-6540045853392896.storage.googleapis.com 'unsafe-inline'; style-src 'self' app.eu.pendo.io app.pendo.io cdn.eu.pendo.io cdn.pendo.io pendo-eu-static-6540045853392896.storage.googleapis.com pendo-static-6540045853392896.storage.googleapis.com 'unsafe-inline'; font-src 'self'; connect-src 'self' *.sbc.sage.com id.sage.com js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net sbc-global-import-fileupload-production-eu-central-1.s3.eu-central-1.amazonaws.com sbc-global-import-fileupload-production-eu-west-1.s3.eu-west-1.amazonaws.com app.eu.pendo.io app.pendo.io data.eu.pendo.io data.pendo.io pendo-eu-static-6540045853392896.storage.googleapis.com pendo-static-6540045853392896.storage.googleapis.com wss://notificationconnect.sbc.sage.com; frame-src 'self' *.sbc.sage.com id.sage.com players.brightcove.net api.zuora.com; frame-ancestors 'self' app.eu.pendo.io app.pendo.io; worker-src 'self' blob:; child-src 'self' blob:; object-src 'none';
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.eu-west-1.sbc-production.com/
Origin
https://app.eu-west-1.sbc-production.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 11:36:16 GMT
via
1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
content-length
23360
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 15 Jul 2022 15:45:56 GMT
server
AmazonS3
x-frame-options
DENY
etag
"15ea76e2447f98b5110ee978a864855a"
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
application/font-woff
cache-control
max-age=900,must-revalidate
permissions-policy
content-security-policy
default-src 'self'; img-src 'self' *.sbc.sage.com app.eu.pendo.io app.pendo.io cdn.eu.pendo.io cdn.pendo.io data.eu.pendo.io data.pendo.io pendo-eu-static-6540045853392896.storage.googleapis.com pendo-static-6540045853392896.storage.googleapis.com; script-src 'self' *.sbc.sage.com id.sage.com js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net app.eu.pendo.io app.pendo.io cdn.eu.pendo.io cdn.pendo.io data.eu.pendo.io data.pendo.io pendo-eu-static-6540045853392896.storage.googleapis.com pendo-eu-static.storage.googleapis.com pendo-io-static.storage.googleapis.com pendo-static-6540045853392896.storage.googleapis.com 'unsafe-inline'; style-src 'self' app.eu.pendo.io app.pendo.io cdn.eu.pendo.io cdn.pendo.io pendo-eu-static-6540045853392896.storage.googleapis.com pendo-static-6540045853392896.storage.googleapis.com 'unsafe-inline'; font-src 'self'; connect-src 'self' *.sbc.sage.com id.sage.com js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net sbc-global-import-fileupload-production-eu-central-1.s3.eu-central-1.amazonaws.com sbc-global-import-fileupload-production-eu-west-1.s3.eu-west-1.amazonaws.com app.eu.pendo.io app.pendo.io data.eu.pendo.io data.pendo.io pendo-eu-static-6540045853392896.storage.googleapis.com pendo-static-6540045853392896.storage.googleapis.com wss://notificationconnect.sbc.sage.com; frame-src 'self' *.sbc.sage.com id.sage.com players.brightcove.net api.zuora.com; frame-ancestors 'self' app.eu.pendo.io app.pendo.io; worker-src 'self' blob:; child-src 'self' blob:; object-src 'none';
accept-ranges
bytes
x-amz-cf-id
2JsNyPybK1WjrWENWhQ8P7-yeHn-_O4Fju8yS3rsLSPkSVF2Ihn5Ow==
sageui-regular.woff2
app.eu-west-1.sbc-production.com/fonts/ 		28 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app.eu-west-1.sbc-production.com/fonts/sageui-regular.woff2
Requested by
Host: app.eu-west-1.sbc-production.com
URL: https://app.eu-west-1.sbc-production.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:a400:13:de96:eb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c4244c21724d64a3b83849374545936d89c8e24e6389c3877b5908c7a56a62c1
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' *.sbc.sage.com app.eu.pendo.io app.pendo.io cdn.eu.pendo.io cdn.pendo.io data.eu.pendo.io data.pendo.io pendo-eu-static-6540045853392896.storage.googleapis.com pendo-static-6540045853392896.storage.googleapis.com; script-src 'self' *.sbc.sage.com id.sage.com js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net app.eu.pendo.io app.pendo.io cdn.eu.pendo.io cdn.pendo.io data.eu.pendo.io data.pendo.io pendo-eu-static-6540045853392896.storage.googleapis.com pendo-eu-static.storage.googleapis.com pendo-io-static.storage.googleapis.com pendo-static-6540045853392896.storage.googleapis.com 'unsafe-inline'; style-src 'self' app.eu.pendo.io app.pendo.io cdn.eu.pendo.io cdn.pendo.io pendo-eu-static-6540045853392896.storage.googleapis.com pendo-static-6540045853392896.storage.googleapis.com 'unsafe-inline'; font-src 'self'; connect-src 'self' *.sbc.sage.com id.sage.com js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net sbc-global-import-fileupload-production-eu-central-1.s3.eu-central-1.amazonaws.com sbc-global-import-fileupload-production-eu-west-1.s3.eu-west-1.amazonaws.com app.eu.pendo.io app.pendo.io data.eu.pendo.io data.pendo.io pendo-eu-static-6540045853392896.storage.googleapis.com pendo-static-6540045853392896.storage.googleapis.com wss://notificationconnect.sbc.sage.com; frame-src 'self' *.sbc.sage.com id.sage.com players.brightcove.net api.zuora.com; frame-ancestors 'self' app.eu.pendo.io app.pendo.io; worker-src 'self' blob:; child-src 'self' blob:; object-src 'none';
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.eu-west-1.sbc-production.com/
Origin
https://app.eu-west-1.sbc-production.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 11:36:16 GMT
via
1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
content-length
29116
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 15 Jul 2022 15:45:56 GMT
server
AmazonS3
x-frame-options
DENY
etag
"cbc9fa64fc8d13e414a229ca32b4126a"
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
binary/octet-stream
cache-control
max-age=900,must-revalidate
permissions-policy
content-security-policy
default-src 'self'; img-src 'self' *.sbc.sage.com app.eu.pendo.io app.pendo.io cdn.eu.pendo.io cdn.pendo.io data.eu.pendo.io data.pendo.io pendo-eu-static-6540045853392896.storage.googleapis.com pendo-static-6540045853392896.storage.googleapis.com; script-src 'self' *.sbc.sage.com id.sage.com js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net app.eu.pendo.io app.pendo.io cdn.eu.pendo.io cdn.pendo.io data.eu.pendo.io data.pendo.io pendo-eu-static-6540045853392896.storage.googleapis.com pendo-eu-static.storage.googleapis.com pendo-io-static.storage.googleapis.com pendo-static-6540045853392896.storage.googleapis.com 'unsafe-inline'; style-src 'self' app.eu.pendo.io app.pendo.io cdn.eu.pendo.io cdn.pendo.io pendo-eu-static-6540045853392896.storage.googleapis.com pendo-static-6540045853392896.storage.googleapis.com 'unsafe-inline'; font-src 'self'; connect-src 'self' *.sbc.sage.com id.sage.com js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net sbc-global-import-fileupload-production-eu-central-1.s3.eu-central-1.amazonaws.com sbc-global-import-fileupload-production-eu-west-1.s3.eu-west-1.amazonaws.com app.eu.pendo.io app.pendo.io data.eu.pendo.io data.pendo.io pendo-eu-static-6540045853392896.storage.googleapis.com pendo-static-6540045853392896.storage.googleapis.com wss://notificationconnect.sbc.sage.com; frame-src 'self' *.sbc.sage.com id.sage.com players.brightcove.net api.zuora.com; frame-ancestors 'self' app.eu.pendo.io app.pendo.io; worker-src 'self' blob:; child-src 'self' blob:; object-src 'none';
accept-ranges
bytes
x-amz-cf-id
15pfNAXJnaBb4OXtBbaEGPJ3Ggb-6lgl7Jr3mXxS0SKR5yDBnwn87w==
sageui-medium.woff2
app.eu-west-1.sbc-production.com/fonts/ 		29 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app.eu-west-1.sbc-production.com/fonts/sageui-medium.woff2
Requested by
Host: app.eu-west-1.sbc-production.com
URL: https://app.eu-west-1.sbc-production.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:a400:13:de96:eb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9acb2f4eb60d6eb057d41a7d7446fa0e0d9cb3cff61956165eeef809f1b5a836
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' *.sbc.sage.com app.eu.pendo.io app.pendo.io cdn.eu.pendo.io cdn.pendo.io data.eu.pendo.io data.pendo.io pendo-eu-static-6540045853392896.storage.googleapis.com pendo-static-6540045853392896.storage.googleapis.com; script-src 'self' *.sbc.sage.com id.sage.com js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net app.eu.pendo.io app.pendo.io cdn.eu.pendo.io cdn.pendo.io data.eu.pendo.io data.pendo.io pendo-eu-static-6540045853392896.storage.googleapis.com pendo-eu-static.storage.googleapis.com pendo-io-static.storage.googleapis.com pendo-static-6540045853392896.storage.googleapis.com 'unsafe-inline'; style-src 'self' app.eu.pendo.io app.pendo.io cdn.eu.pendo.io cdn.pendo.io pendo-eu-static-6540045853392896.storage.googleapis.com pendo-static-6540045853392896.storage.googleapis.com 'unsafe-inline'; font-src 'self'; connect-src 'self' *.sbc.sage.com id.sage.com js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net sbc-global-import-fileupload-production-eu-central-1.s3.eu-central-1.amazonaws.com sbc-global-import-fileupload-production-eu-west-1.s3.eu-west-1.amazonaws.com app.eu.pendo.io app.pendo.io data.eu.pendo.io data.pendo.io pendo-eu-static-6540045853392896.storage.googleapis.com pendo-static-6540045853392896.storage.googleapis.com wss://notificationconnect.sbc.sage.com; frame-src 'self' *.sbc.sage.com id.sage.com players.brightcove.net api.zuora.com; frame-ancestors 'self' app.eu.pendo.io app.pendo.io; worker-src 'self' blob:; child-src 'self' blob:; object-src 'none';
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.eu-west-1.sbc-production.com/
Origin
https://app.eu-west-1.sbc-production.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 11:36:16 GMT
via
1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
content-length
29852
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 15 Jul 2022 15:45:56 GMT
server
AmazonS3
x-frame-options
DENY
etag
"8ad88e395f6f4105e3b90efa877f54c8"
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
binary/octet-stream
cache-control
max-age=900,must-revalidate
permissions-policy
content-security-policy
default-src 'self'; img-src 'self' *.sbc.sage.com app.eu.pendo.io app.pendo.io cdn.eu.pendo.io cdn.pendo.io data.eu.pendo.io data.pendo.io pendo-eu-static-6540045853392896.storage.googleapis.com pendo-static-6540045853392896.storage.googleapis.com; script-src 'self' *.sbc.sage.com id.sage.com js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net app.eu.pendo.io app.pendo.io cdn.eu.pendo.io cdn.pendo.io data.eu.pendo.io data.pendo.io pendo-eu-static-6540045853392896.storage.googleapis.com pendo-eu-static.storage.googleapis.com pendo-io-static.storage.googleapis.com pendo-static-6540045853392896.storage.googleapis.com 'unsafe-inline'; style-src 'self' app.eu.pendo.io app.pendo.io cdn.eu.pendo.io cdn.pendo.io pendo-eu-static-6540045853392896.storage.googleapis.com pendo-static-6540045853392896.storage.googleapis.com 'unsafe-inline'; font-src 'self'; connect-src 'self' *.sbc.sage.com id.sage.com js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net sbc-global-import-fileupload-production-eu-central-1.s3.eu-central-1.amazonaws.com sbc-global-import-fileupload-production-eu-west-1.s3.eu-west-1.amazonaws.com app.eu.pendo.io app.pendo.io data.eu.pendo.io data.pendo.io pendo-eu-static-6540045853392896.storage.googleapis.com pendo-static-6540045853392896.storage.googleapis.com wss://notificationconnect.sbc.sage.com; frame-src 'self' *.sbc.sage.com id.sage.com players.brightcove.net api.zuora.com; frame-ancestors 'self' app.eu.pendo.io app.pendo.io; worker-src 'self' blob:; child-src 'self' blob:; object-src 'none';
accept-ranges
bytes
x-amz-cf-id
XDay-5AU75Ilse5xlKgwN_zULsFoVzcytpmr16g5yEi7hgEzwnMl1w==
sageui-bold.woff2
app.eu-west-1.sbc-production.com/fonts/ 		29 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app.eu-west-1.sbc-production.com/fonts/sageui-bold.woff2
Requested by
Host: app.eu-west-1.sbc-production.com
URL: https://app.eu-west-1.sbc-production.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:a400:13:de96:eb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d59aef7979d473209b8aef81dc0c2ea9537a8dce0d55fd712377a1a1950ebee6
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' *.sbc.sage.com app.eu.pendo.io app.pendo.io cdn.eu.pendo.io cdn.pendo.io data.eu.pendo.io data.pendo.io pendo-eu-static-6540045853392896.storage.googleapis.com pendo-static-6540045853392896.storage.googleapis.com; script-src 'self' *.sbc.sage.com id.sage.com js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net app.eu.pendo.io app.pendo.io cdn.eu.pendo.io cdn.pendo.io data.eu.pendo.io data.pendo.io pendo-eu-static-6540045853392896.storage.googleapis.com pendo-eu-static.storage.googleapis.com pendo-io-static.storage.googleapis.com pendo-static-6540045853392896.storage.googleapis.com 'unsafe-inline'; style-src 'self' app.eu.pendo.io app.pendo.io cdn.eu.pendo.io cdn.pendo.io pendo-eu-static-6540045853392896.storage.googleapis.com pendo-static-6540045853392896.storage.googleapis.com 'unsafe-inline'; font-src 'self'; connect-src 'self' *.sbc.sage.com id.sage.com js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net sbc-global-import-fileupload-production-eu-central-1.s3.eu-central-1.amazonaws.com sbc-global-import-fileupload-production-eu-west-1.s3.eu-west-1.amazonaws.com app.eu.pendo.io app.pendo.io data.eu.pendo.io data.pendo.io pendo-eu-static-6540045853392896.storage.googleapis.com pendo-static-6540045853392896.storage.googleapis.com wss://notificationconnect.sbc.sage.com; frame-src 'self' *.sbc.sage.com id.sage.com players.brightcove.net api.zuora.com; frame-ancestors 'self' app.eu.pendo.io app.pendo.io; worker-src 'self' blob:; child-src 'self' blob:; object-src 'none';
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.eu-west-1.sbc-production.com/
Origin
https://app.eu-west-1.sbc-production.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 11:36:16 GMT
via
1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
content-length
29588
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 15 Jul 2022 15:45:56 GMT
server
AmazonS3
x-frame-options
DENY
etag
"eed70645e8b31ca34134486c0aee4f31"
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
binary/octet-stream
cache-control
max-age=900,must-revalidate
permissions-policy
content-security-policy
default-src 'self'; img-src 'self' *.sbc.sage.com app.eu.pendo.io app.pendo.io cdn.eu.pendo.io cdn.pendo.io data.eu.pendo.io data.pendo.io pendo-eu-static-6540045853392896.storage.googleapis.com pendo-static-6540045853392896.storage.googleapis.com; script-src 'self' *.sbc.sage.com id.sage.com js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net app.eu.pendo.io app.pendo.io cdn.eu.pendo.io cdn.pendo.io data.eu.pendo.io data.pendo.io pendo-eu-static-6540045853392896.storage.googleapis.com pendo-eu-static.storage.googleapis.com pendo-io-static.storage.googleapis.com pendo-static-6540045853392896.storage.googleapis.com 'unsafe-inline'; style-src 'self' app.eu.pendo.io app.pendo.io cdn.eu.pendo.io cdn.pendo.io pendo-eu-static-6540045853392896.storage.googleapis.com pendo-static-6540045853392896.storage.googleapis.com 'unsafe-inline'; font-src 'self'; connect-src 'self' *.sbc.sage.com id.sage.com js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net sbc-global-import-fileupload-production-eu-central-1.s3.eu-central-1.amazonaws.com sbc-global-import-fileupload-production-eu-west-1.s3.eu-west-1.amazonaws.com app.eu.pendo.io app.pendo.io data.eu.pendo.io data.pendo.io pendo-eu-static-6540045853392896.storage.googleapis.com pendo-static-6540045853392896.storage.googleapis.com wss://notificationconnect.sbc.sage.com; frame-src 'self' *.sbc.sage.com id.sage.com players.brightcove.net api.zuora.com; frame-ancestors 'self' app.eu.pendo.io app.pendo.io; worker-src 'self' blob:; child-src 'self' blob:; object-src 'none';
accept-ranges
bytes
x-amz-cf-id
wT33iI8LYloxMyoypMIUkxO1d-LAUH0qogCFh-SY4q4bE6aQVQbyOw==
system.min.js
assets.sbc.sage.com/npm/systemjs@6.8.3/dist/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.sbc.sage.com/npm/systemjs@6.8.3/dist/system.min.js
Requested by
Host: app.eu-west-1.sbc-production.com
URL: https://app.eu-west-1.sbc-production.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
faf458dcada028341e6c98a52f71067328fb710a51d0f3acb69df9dbe93619af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.eu-west-1.sbc-production.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 11:36:15 GMT
via
1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
age
14954027
x-jsd-version
6.8.3
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-served-by
cache-fra19182-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"2d8f-vNLePrR3zcdZpnqBy/hzJsUTIac"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
x-amz-cf-pop
FRA60-P3
cf-ray
72c2adc81bba6964-FRA
x-amz-cf-id
AtcAyAQ9cusw-dTa2nSVPmeZHYNIZAROwHv6ZbbejXk2MHq5NHmYcA==
amd.min.js
assets.sbc.sage.com/npm/systemjs@6.8.3/dist/extras/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.sbc.sage.com/npm/systemjs@6.8.3/dist/extras/amd.min.js
Requested by
Host: app.eu-west-1.sbc-production.com
URL: https://app.eu-west-1.sbc-production.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d4fb1b44c663281b646f71734a9655cb49ae083857eb7cc704c5fadfd2b47a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.eu-west-1.sbc-production.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 11:36:15 GMT
via
1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
age
14960430
x-jsd-version
6.8.3
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-served-by
cache-fra19143-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"665-BQHyV2OT0XsgsHcuM1F7Bi7HRVI"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
x-amz-cf-pop
FRA60-P3
cf-ray
72c2adc81bbc6964-FRA
x-amz-cf-id
-TGE9AHdhdq15jE9FLlO8iD6ml1HFq5Fd4xOjr1X7bPCuZh8G1-SIw==
named-exports.min.js
assets.sbc.sage.com/npm/systemjs@6.8.3/dist/extras/ 		662 B
820 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.sbc.sage.com/npm/systemjs@6.8.3/dist/extras/named-exports.min.js
Requested by
Host: app.eu-west-1.sbc-production.com
URL: https://app.eu-west-1.sbc-production.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b7814b98c55e89e1a4141087f0d037b542f4a57ad00ad128f8de38852e74104
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.eu-west-1.sbc-production.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 11:36:15 GMT
via
1.1 f06c87fa57d0c9fd7439d7fdbd148c62.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
age
14936518
x-jsd-version
6.8.3
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-served-by
cache-fra19132-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"296-tyago8sK8kum8+GjusQQJlD7Mvo"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
x-amz-cf-pop
FRA60-P3
cf-ray
72c2adc81bbe6964-FRA
x-amz-cf-id
NImsFypw0qx7ZB0vSh3Zjp1G58a8Y_x5S1eASCRRiryOz7bFlM1wzA==
use-default.min.js
assets.sbc.sage.com/npm/systemjs@6.8.3/dist/extras/ 		251 B
919 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.sbc.sage.com/npm/systemjs@6.8.3/dist/extras/use-default.min.js
Requested by
Host: app.eu-west-1.sbc-production.com
URL: https://app.eu-west-1.sbc-production.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b950d42d6c00fec207c673b7d5d2bc4e102e2b8e8cacf9ab567f895e53177390
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.eu-west-1.sbc-production.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 11:36:15 GMT
via
1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3902989
x-jsd-version
6.8.3
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-served-by
cache-fra19153-FRA, cache-iad-kiad7000157-IAD
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"fb-3R2r5IObJpsR7qV1P0mIda4ywDw"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1fXXSbuRy7gEpP3yIsfbffej%2B3UuhXTqJkyAkDv3Kmdo7Osb23zIwoqPsE24EzqxqN4UloUCpNRLlcRGOELpb0C%2B%2BHqBPnPBBmco%2Bx5sd%2FER1W13iDiBvYmDnWlllUAS8iE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
x-amz-cf-pop
FRA60-P3
cf-ray
72c2adc81bbf6964-FRA
x-amz-cf-id
qHUlr--j59LGhYtq1nB7Q0-vj2tTGSez9uXpAcxhC9gcohQ0GO_5mg==
import-map.json
app.eu-west-1.sbc-production.com/ 		2 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://app.eu-west-1.sbc-production.com/import-map.json
Requested by
Host: assets.sbc.sage.com
URL: https://assets.sbc.sage.com/npm/systemjs@6.8.3/dist/system.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:a400:13:de96:eb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7cb2a71e41510e242ead831ce950cc6885a56653cba9b3ebc21305b2d8c638f2
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' *.sbc.sage.com app.eu.pendo.io app.pendo.io cdn.eu.pendo.io cdn.pendo.io data.eu.pendo.io data.pendo.io pendo-eu-static-6540045853392896.storage.googleapis.com pendo-static-6540045853392896.storage.googleapis.com; script-src 'self' *.sbc.sage.com id.sage.com js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net app.eu.pendo.io app.pendo.io cdn.eu.pendo.io cdn.pendo.io data.eu.pendo.io data.pendo.io pendo-eu-static-6540045853392896.storage.googleapis.com pendo-eu-static.storage.googleapis.com pendo-io-static.storage.googleapis.com pendo-static-6540045853392896.storage.googleapis.com 'unsafe-inline'; style-src 'self' app.eu.pendo.io app.pendo.io cdn.eu.pendo.io cdn.pendo.io pendo-eu-static-6540045853392896.storage.googleapis.com pendo-static-6540045853392896.storage.googleapis.com 'unsafe-inline'; font-src 'self'; connect-src 'self' *.sbc.sage.com id.sage.com js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net sbc-global-import-fileupload-production-eu-central-1.s3.eu-central-1.amazonaws.com sbc-global-import-fileupload-production-eu-west-1.s3.eu-west-1.amazonaws.com app.eu.pendo.io app.pendo.io data.eu.pendo.io data.pendo.io pendo-eu-static-6540045853392896.storage.googleapis.com pendo-static-6540045853392896.storage.googleapis.com wss://notificationconnect.sbc.sage.com; frame-src 'self' *.sbc.sage.com id.sage.com players.brightcove.net api.zuora.com; frame-ancestors 'self' app.eu.pendo.io app.pendo.io; worker-src 'self' blob:; child-src 'self' blob:; object-src 'none';
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.eu-west-1.sbc-production.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 11:36:16 GMT
via
1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
content-length
1919
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 15 Jul 2022 15:45:56 GMT
server
AmazonS3
x-frame-options
DENY
etag
"5596da0afa54c6449b2c7133e6bc61ae"
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
application/json
cache-control
max-age=900,must-revalidate
permissions-policy
content-security-policy
default-src 'self'; img-src 'self' *.sbc.sage.com app.eu.pendo.io app.pendo.io cdn.eu.pendo.io cdn.pendo.io data.eu.pendo.io data.pendo.io pendo-eu-static-6540045853392896.storage.googleapis.com pendo-static-6540045853392896.storage.googleapis.com; script-src 'self' *.sbc.sage.com id.sage.com js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net app.eu.pendo.io app.pendo.io cdn.eu.pendo.io cdn.pendo.io data.eu.pendo.io data.pendo.io pendo-eu-static-6540045853392896.storage.googleapis.com pendo-eu-static.storage.googleapis.com pendo-io-static.storage.googleapis.com pendo-static-6540045853392896.storage.googleapis.com 'unsafe-inline'; style-src 'self' app.eu.pendo.io app.pendo.io cdn.eu.pendo.io cdn.pendo.io pendo-eu-static-6540045853392896.storage.googleapis.com pendo-static-6540045853392896.storage.googleapis.com 'unsafe-inline'; font-src 'self'; connect-src 'self' *.sbc.sage.com id.sage.com js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net sbc-global-import-fileupload-production-eu-central-1.s3.eu-central-1.amazonaws.com sbc-global-import-fileupload-production-eu-west-1.s3.eu-west-1.amazonaws.com app.eu.pendo.io app.pendo.io data.eu.pendo.io data.pendo.io pendo-eu-static-6540045853392896.storage.googleapis.com pendo-static-6540045853392896.storage.googleapis.com wss://notificationconnect.sbc.sage.com; frame-src 'self' *.sbc.sage.com id.sage.com players.brightcove.net api.zuora.com; frame-ancestors 'self' app.eu.pendo.io app.pendo.io; worker-src 'self' blob:; child-src 'self' blob:; object-src 'none';
accept-ranges
bytes
x-amz-cf-id
YJesbCdmcY2zrRMcytVeF8XFozggYV1O_tNDPl5CB6ryUGSsvM_VTA==
pendo.js
cdn.pendo.io/agent/static/d9fd84b8-298a-4953-694c-9b6541df2884/ 		465 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pendo.io/agent/static/d9fd84b8-298a-4953-694c-9b6541df2884/pendo.js
Requested by
Host: app.eu-west-1.sbc-production.com
URL: https://app.eu-west-1.sbc-production.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:ce00:1f:aa31:7740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
UploadServer /
Resource Hash
43e1f29fe3d51f35e604927e034494015aba2c48b2f42119749a13f2d024c2ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.eu-west-1.sbc-production.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 17 Jul 2022 11:34:04 GMT
Content-Encoding
gzip
Age
131
X-GUploader-UploadID
ADPycds8IeDIZaDKs1Y5YGa3zBcasNYie8ssIqTqeT8JCKPfTWyvHVPcSeg06IGqFMQDzX76h09HrgVHrvrsI0X2w8p12BzxEHOO
X-Cache
Hit from cloudfront
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
Connection
keep-alive
Content-Length
146497
Access-Control-Allow-Origin
*
Last-Modified
Thu, 14 Jul 2022 18:15:07 GMT
Server
UploadServer
ETag
"695ec26db6306ab4a26b6b2281be37c2"
Vary
Accept-Encoding
x-goog-hash
crc32c=TEkKHQ==, md5=aV7CbbYwarSia2sigb43wg==
x-goog-generation
1657822507489663
Via
1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
Access-Control-Expose-Headers
*
Cache-Control
max-age=450
x-goog-stored-content-length
146497
X-Amz-Cf-Pop
FRA6-C1
Accept-Ranges
bytes
Content-Type
application/javascript
X-Amz-Cf-Id
H4f9Q_ECAwk5kjVmsCuB03wwcOlHsItCwvVX63Bqx-esA6KWKJgoTA==
Expires
Sun, 17 Jul 2022 11:41:34 GMT
index.js
assets.sbc.sage.com/sbc.core.authentication.ui/2.1.15/ 		0
0
index.js
assets.sbc.sage.com/sbc.core.scene.ui/1.6.1/umd/ 		0
0
nr-spa-1212.min.js
js-agent.newrelic.com/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-spa-1212.min.js
Requested by
Host: app.eu-west-1.sbc-production.com
URL: https://app.eu-west-1.sbc-production.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ebfe453394ff1be6ef75d380ab7c5535aea0b51832d045f0d5d0ef7e6535969c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.eu-west-1.sbc-production.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
wY72Ah.NJX5KzzqRFK3uhSo3Jh07tDe4
content-encoding
gzip
etag
"8bd93bf0ecb2f4e971a2055a41402bb6"
x-amz-request-id
78NFQ7CS7N7P6HKY
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
16636
x-amz-id-2
NP12T6xW5b2hKoE+gok1hBlU7wo6l7Oqrg3Jov/jKyhOMK66IGjXJpWUcj2czQYmoKj5HhYQAW4=
x-served-by
cache-hhn4069-HHN
last-modified
Thu, 04 Nov 2021 21:16:16 GMT
server
AmazonS3
x-timer
S1658057777.846321,VS0,VE0
date
Sun, 17 Jul 2022 11:36:16 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
417
NRJS-3d18c6eb1cc8897bdc1
bam.nr-data.net/1/ 		49 B
721 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/NRJS-3d18c6eb1cc8897bdc1?a=536226031&sa=1&v=1212.e95d35c&t=Unnamed%20Transaction&rst=1774&ck=1&ref=https://app.eu-west-1.sbc-production.com/&be=343&fe=1711&dc=359&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1658057775101,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:178,%22c%22:178,%22s%22:185,%22ce%22:205,%22rq%22:205,%22rp%22:214,%22rpe%22:222,%22dl%22:225,%22di%22:359,%22ds%22:359,%22de%22:359,%22dc%22:1710,%22l%22:1710,%22le%22:1713%7D,%22navigation%22:%7B%7D%7D&fp=366&jsonp=NREUM.setToken
Requested by
Host: app.eu-west-1.sbc-production.com
URL: https://app.eu-west-1.sbc-production.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a83848cf5c3d96caefe490c19e41659609b3691dd4c531cf925016c084d8e1b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.eu-west-1.sbc-production.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 17 Jul 2022 11:36:17 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
access-control-allow-credentials
true
CF-Ray
72c2add1dffc914a-FRA
NRJS-3d18c6eb1cc8897bdc1
bam.nr-data.net/resources/1/ 		36 B
533 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/resources/1/NRJS-3d18c6eb1cc8897bdc1?a=536226031&sa=1&v=1212.e95d35c&t=Unnamed%20Transaction&rst=2087&ck=1&ref=https://app.eu-west-1.sbc-production.com/&st=1658057775101
Requested by
Host: app.eu-west-1.sbc-production.com
URL: https://app.eu-west-1.sbc-production.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88c2adbb598944a823b5dde49619a958c37e7faefbf16fb1f70d390b30e264f8

Request headers

Referer
https://app.eu-west-1.sbc-production.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type
text/plain

Response headers

Date
Sun, 17 Jul 2022 11:36:17 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
https://app.eu-west-1.sbc-production.com
access-control-allow-credentials
true
Connection
keep-alive
CF-Ray
72c2add37b2a914a-FRA
Content-Length
36
NRJS-3d18c6eb1cc8897bdc1
bam.nr-data.net/events/1/ 		24 B
520 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/events/1/NRJS-3d18c6eb1cc8897bdc1?a=536226031&sa=1&v=1212.e95d35c&t=Unnamed%20Transaction&rst=2110&ck=1&ref=https://app.eu-west-1.sbc-production.com/
Requested by
Host: app.eu-west-1.sbc-production.com
URL: https://app.eu-west-1.sbc-production.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://app.eu-west-1.sbc-production.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type
text/plain

Response headers

Date
Sun, 17 Jul 2022 11:36:17 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://app.eu-west-1.sbc-production.com
access-control-allow-credentials
true
Connection
keep-alive
CF-Ray
72c2add3cdfbbb43-FRA
Content-Length
24

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
assets.sbc.sage.com
URL
https://assets.sbc.sage.com/sbc.core.authentication.ui/2.1.15/index.js
Domain
assets.sbc.sage.com
URL
https://assets.sbc.sage.com/sbc.core.scene.ui/1.6.1/umd/index.js

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| System function| define object| NREUM object| newrelic function| __nr_require object| pendo object| __sbc_config

2 Cookies

Domain/Path Name / Value
.sbc.sage.com/ Name: __cf_bm
Value: rZKfKrQ3tiDX.yAeH8byptSad2TP5rmjna0uxJ6I.UY-1658057775-0-AepP8u+MjMqOnnz4XNLfhmyDLFivO989cuEibbC43NEZzujRcwwow5Zbh7NfnoaBQZlXAx7N8fwirUAc19ehz8U=
.nr-data.net/ Name: JSESSIONID
Value: c1bf949728f8ad59

4 Console Messages

Source Level URL
Text
javascript error URL: https://app.eu-west-1.sbc-production.com/
Message:
Access to script at 'https://assets.sbc.sage.com/sbc.core.authentication.ui/2.1.15/index.js' from origin 'https://app.eu-west-1.sbc-production.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://assets.sbc.sage.com/sbc.core.authentication.ui/2.1.15/index.js
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://app.eu-west-1.sbc-production.com/
Message:
Access to script at 'https://assets.sbc.sage.com/sbc.core.scene.ui/1.6.1/umd/index.js' from origin 'https://app.eu-west-1.sbc-production.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://assets.sbc.sage.com/sbc.core.scene.ui/1.6.1/umd/index.js
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; img-src 'self' *.sbc.sage.com app.eu.pendo.io app.pendo.io cdn.eu.pendo.io cdn.pendo.io data.eu.pendo.io data.pendo.io pendo-eu-static-6540045853392896.storage.googleapis.com pendo-static-6540045853392896.storage.googleapis.com; script-src 'self' *.sbc.sage.com id.sage.com js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net app.eu.pendo.io app.pendo.io cdn.eu.pendo.io cdn.pendo.io data.eu.pendo.io data.pendo.io pendo-eu-static-6540045853392896.storage.googleapis.com pendo-eu-static.storage.googleapis.com pendo-io-static.storage.googleapis.com pendo-static-6540045853392896.storage.googleapis.com 'unsafe-inline'; style-src 'self' app.eu.pendo.io app.pendo.io cdn.eu.pendo.io cdn.pendo.io pendo-eu-static-6540045853392896.storage.googleapis.com pendo-static-6540045853392896.storage.googleapis.com 'unsafe-inline'; font-src 'self'; connect-src 'self' *.sbc.sage.com id.sage.com js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net sbc-global-import-fileupload-production-eu-central-1.s3.eu-central-1.amazonaws.com sbc-global-import-fileupload-production-eu-west-1.s3.eu-west-1.amazonaws.com app.eu.pendo.io app.pendo.io data.eu.pendo.io data.pendo.io pendo-eu-static-6540045853392896.storage.googleapis.com pendo-static-6540045853392896.storage.googleapis.com wss://notificationconnect.sbc.sage.com; frame-src 'self' *.sbc.sage.com id.sage.com players.brightcove.net api.zuora.com; frame-ancestors 'self' app.eu.pendo.io app.pendo.io; worker-src 'self' blob:; child-src 'self' blob:; object-src 'none';
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block