urlscan.io logo urlscan.io
SecurityTrails logo

eurautoeuwweb.azurewebsites.net Open in urlscan Pro
20.105.232.25  Public Scan

Go To Rescan Add Verdict Report
URL: https://eurautoeuwweb.azurewebsites.net/
Submission: On March 24 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 8 HTTP transactions. The main IP is 20.105.232.25, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is eurautoeuwweb.azurewebsites.net.
TLS certificate: Issued by Microsoft Azure TLS Issuing CA 02 on October 31st 2023. Valid for: 8 months.
This is the only time eurautoeuwweb.azurewebsites.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 20.105.232.25 8075 (MICROSOFT...)
2 2606:4700:440... 13335 (CLOUDFLAR...)
1 34.36.213.229 396982 (GOOGLE-CL...)
8 4
Apex Domain
Subdomains		 Transfer
4 azurewebsites.net
eurautoeuwweb.azurewebsites.net
10 KB
2 sage.com
assets.sbc.sage.com
6 KB
1 pendo.io
cdn.pendo.io — Cisco Umbrella Rank: 2560
159 KB
0 cloudflareaccess.com Failed
sagedev.cloudflareaccess.com Failed
8 4
Domain Requested by
4 eurautoeuwweb.azurewebsites.net eurautoeuwweb.azurewebsites.net
assets.sbc.sage.com
2 assets.sbc.sage.com eurautoeuwweb.azurewebsites.net
1 cdn.pendo.io eurautoeuwweb.azurewebsites.net
0 sagedev.cloudflareaccess.com Failed eurautoeuwweb.azurewebsites.net
8 4

This site contains no links.

Subject Issuer Validity Valid
*.azurewebsites.net
Microsoft Azure TLS Issuing CA 02		 2023-10-31 -
2024-06-27		 8 months crt.sh
sbc.sage.com
E1		 2024-02-26 -
2024-05-26		 3 months crt.sh
cdn.pendo.io
GTS CA 1D4		 2024-02-01 -
2024-05-01		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://eurautoeuwweb.azurewebsites.net/
Frame ID: BC54B4EF409F61929B9DB6DA6C69E25E
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sage Active

Page Statistics

8
Requests

88 %
HTTPS

33 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

176 kB
Transfer

512 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://www.auto.sageeurekadev.com/react-mf-root-config.js HTTP 0
  • https://sagedev.cloudflareaccess.com/cdn-cgi/access/login/www.auto.sageeurekadev.com?kid=dc30383dc78456e09fa5c41b142e8f34be661c6d594e29beb00cf342f354f382&redirect_url=%2Freact-mf-root-config.js&meta=eyJraWQiOiJlOTQwYmMxYTlmODI3YTU1YWZmOWQ3Njc4YzhkOGQ2MzFlNmQ4M2ViYWJhNjY0ODRlMTYwMjA0MmE4ZWIyMWIzIiwiYWxnIjoiUlMyNTYiLCJ0eXAiOiJKV1QifQ.eyJzZXJ2aWNlX3Rva2VuX3N0YXR1cyI6ZmFsc2UsImlhdCI6MTcxMTI5NTk1Niwic2VydmljZV90b2tlbl9pZCI6IiIsImF1ZCI6ImRjMzAzODNkYzc4NDU2ZTA5ZmE1YzQxYjE0MmU4ZjM0YmU2NjFjNmQ1OTRlMjliZWIwMGNmMzQyZjM1NGYzODIiLCJob3N0bmFtZSI6Ind3dy5hdXRvLnNhZ2VldXJla2FkZXYuY29tIiwiYXBwX3Nlc3Npb25faGFzaCI6IjQzZWZkNzE4NmYwYzY3Njc1ZDIzZTczNGE0YzMyZWQ3YjIwZDk2MzIyNjdhMGI3ZGFmYTdkYTI5NDE5N2MyNGUiLCJuYmYiOjE3MTEyOTU5NTYsImlzX3dhcnAiOmZhbHNlLCJpc19nYXRld2F5IjpmYWxzZSwidHlwZSI6Im1ldGEiLCJyZWRpcmVjdF91cmwiOiJcL3JlYWN0LW1mLXJvb3QtY29uZmlnLmpzIiwibXRsc19hdXRoIjp7ImNlcnRfaXNzdWVyX3NraSI6IiIsImNlcnRfcHJlc2VudGVkIjpmYWxzZSwiY2VydF9zZXJpYWwiOiIiLCJjZXJ0X2lzc3Vlcl9kbiI6IiIsImF1dGhfc3RhdHVzIjoiTk9ORSJ9LCJhdXRoX3N0YXR1cyI6Ik5PTkUifQ.f_On3Fjt8cpqggDC6h2b8rbJAL8N6f98D8Rv_38kKftCGWOALYkdPAVcvM7lctuZJ0Y5UV7OLE6k5Brk_oJUGodr-FIUlvt_S5KKmj6lK2buuzQtmJcTdpeiKN2DmcWrFdMUe-j9NoN1J2DZrm0tSop-MVWyAOXRMv18jkRDFOmKvamsjC4FgnhW-Ha3D9WWzxOGiB6-2wicI3k7h_OH2JbNI8t-oMa3xdEYfq2mNtWRThDmAn8FI-3YyjMOarau5Y0NeL3zIyPRP1bEpAl9Z8EyEb16R2_ipOAGDfinzFBm5sZOU9cFLRbyEorovbPtFm9TRD3h3lZBHyd_iAXvzg

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
eurautoeuwweb.azurewebsites.net/ 		7 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eurautoeuwweb.azurewebsites.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.105.232.25 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
bf07f379b9b19fb734a3f00d2d5d024c65f947609d457f31ff63c5f0e1424cd9
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; object-src 'none'; default-src 'self'; worker-src 'self' blob:; child-src 'self' blob:; manifest-src 'self' sagedev.cloudflareaccess.com ; connect-src 'self' id-shadow.sage.com *.sbc.sage.com *.sageeurekadev.com api.uk0.flatfile.com wss://api.uk0.flatfile.com *.pendo.io *.storage.googleapis.com *.1trust.app *.onetrust.com *.qualtrics.com o1087310.ingest.sentry.io wss://websocket.sandbox.sbc.sage.com wss://directline.botframework.com/ https://directline.botframework.com/ api.service.hmrc.gov.uk prod-edocs-einvoicing-filemetadata.s3.eu-west-1.amazonaws.com wss://streaming.mypurecloud.ie https://api.mypurecloud.ie https://apps.mypurecloud.ie https://mcm.entfabric-sage.com ; font-src 'self' *.sageeurekadev.com fonts.sage.com fonts.gstatic.com data: *.storage.googleapis.com ; style-src 'self' *.sageeurekadev.com *.pendo.io *.storage.googleapis.com *.googleapis.com fonts.sage.com 'unsafe-inline' *.1trust.app *.onetrust.com *.qualtrics.com ; script-src 'self' *.sageeurekadev.com id-shadow.sage.com *.sbc.sage.com 'unsafe-eval' *.sage.com *.pendo.io *.storage.googleapis.com https://apps.mypurecloud.ie *.qualtrics.com 'sha256-4TrkWPubZ28sdpRBAkcRauB0O0kw+C2e1lq61DxlwgU=' 'sha256-Q1IdEooY+5756dhwlhTIWAro7Iw0k2bVnic7yiW9ZN8=' 'sha256-aCz7zaDF28bHk7DisOkEOIYQC51YaWmxHRIRleH3bDo=' ; frame-src 'self' id-shadow.sage.com *.sbc.sage.com dev-sbd.sagedatacloud.com dev-sbcauth-developerportal.sagedatacloud.com dev-sbcauth.sagedatacloud.com sandbox-money.sage.com qa-money.sage.com *.pendo.io players.brightcove.net app.uk0.flatfile.com www.zuora.com *.1trust.app *.onetrust.com sageactive.online-help.sage.com *.qualtrics.com ; img-src 'self' *.sageeurekadev.com *.sbc.sage.com data: *.pendo.io *.storage.googleapis.com https://webchathub.sage.com https://s3-eu-west-1.amazonaws.com https://s3.eu-west-1.amazonaws.com ; frame-ancestors 'self' app.eu.pendo.io app.pendo.io ;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache
content-length
6893
content-security-policy
base-uri 'self'; object-src 'none'; default-src 'self'; worker-src 'self' blob:; child-src 'self' blob:; manifest-src 'self' sagedev.cloudflareaccess.com ; connect-src 'self' id-shadow.sage.com *.sbc.sage.com *.sageeurekadev.com api.uk0.flatfile.com wss://api.uk0.flatfile.com *.pendo.io *.storage.googleapis.com *.1trust.app *.onetrust.com *.qualtrics.com o1087310.ingest.sentry.io wss://websocket.sandbox.sbc.sage.com wss://directline.botframework.com/ https://directline.botframework.com/ api.service.hmrc.gov.uk prod-edocs-einvoicing-filemetadata.s3.eu-west-1.amazonaws.com wss://streaming.mypurecloud.ie https://api.mypurecloud.ie https://apps.mypurecloud.ie https://mcm.entfabric-sage.com ; font-src 'self' *.sageeurekadev.com fonts.sage.com fonts.gstatic.com data: *.storage.googleapis.com ; style-src 'self' *.sageeurekadev.com *.pendo.io *.storage.googleapis.com *.googleapis.com fonts.sage.com 'unsafe-inline' *.1trust.app *.onetrust.com *.qualtrics.com ; script-src 'self' *.sageeurekadev.com id-shadow.sage.com *.sbc.sage.com 'unsafe-eval' *.sage.com *.pendo.io *.storage.googleapis.com https://apps.mypurecloud.ie *.qualtrics.com 'sha256-4TrkWPubZ28sdpRBAkcRauB0O0kw+C2e1lq61DxlwgU=' 'sha256-Q1IdEooY+5756dhwlhTIWAro7Iw0k2bVnic7yiW9ZN8=' 'sha256-aCz7zaDF28bHk7DisOkEOIYQC51YaWmxHRIRleH3bDo=' ; frame-src 'self' id-shadow.sage.com *.sbc.sage.com dev-sbd.sagedatacloud.com dev-sbcauth-developerportal.sagedatacloud.com dev-sbcauth.sagedatacloud.com sandbox-money.sage.com qa-money.sage.com *.pendo.io players.brightcove.net app.uk0.flatfile.com www.zuora.com *.1trust.app *.onetrust.com sageactive.online-help.sage.com *.qualtrics.com ; img-src 'self' *.sageeurekadev.com *.sbc.sage.com data: *.pendo.io *.storage.googleapis.com https://webchathub.sage.com https://s3-eu-west-1.amazonaws.com https://s3.eu-west-1.amazonaws.com ; frame-ancestors 'self' app.eu.pendo.io app.pendo.io ;
content-type
text/html
date
Sun, 24 Mar 2024 15:59:15 GMT
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
referrer-policy
no-referrer
server
Kestrel
trace-id
ec355f16b5e180cb67e02ca0e5fc2bf9
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
system.min.js
assets.sbc.sage.com/npm/systemjs@6.8.3/dist/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.sbc.sage.com/npm/systemjs@6.8.3/dist/system.min.js
Requested by
Host: eurautoeuwweb.azurewebsites.net
URL: https://eurautoeuwweb.azurewebsites.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:98de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
faf458dcada028341e6c98a52f71067328fb710a51d0f3acb69df9dbe93619af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:59:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
via
1.1 fe5c0b9f43ae01762b72e245c0496ac6.cloudfront.net (CloudFront)
x-amz-cf-pop
YTO50-P3
age
2734187
x-jsd-version
6.8.3
content-encoding
gzip
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-served-by
cache-fra-eddf8230042-FRA, cache-chi-kigq8000151-CHI
x-jsd-version-type
version
server
cloudflare
etag
W/"2d8f-vNLePrR3zcdZpnqBy/hzJsUTIac"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
8697de0badc46aee-BUF
x-amz-cf-id
XKRsy_etJyz0LD0HHLME2YOKhpZNuZSJpA_jTMEGnTYDECyiyK7jVA==
amd.min.js
assets.sbc.sage.com/npm/systemjs@6.8.3/dist/extras/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.sbc.sage.com/npm/systemjs@6.8.3/dist/extras/amd.min.js
Requested by
Host: eurautoeuwweb.azurewebsites.net
URL: https://eurautoeuwweb.azurewebsites.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:98de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d4fb1b44c663281b646f71734a9655cb49ae083857eb7cc704c5fadfd2b47a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:59:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
via
1.1 fe5c0b9f43ae01762b72e245c0496ac6.cloudfront.net (CloudFront)
x-amz-cf-pop
YTO50-P3
age
2639164
x-jsd-version
6.8.3
content-encoding
gzip
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-served-by
cache-fra-etou8220059-FRA, cache-chi-kigq8000078-CHI
x-jsd-version-type
version
server
cloudflare
etag
W/"665-BQHyV2OT0XsgsHcuM1F7Bi7HRVI"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
8697de0badc26aee-BUF
x-amz-cf-id
OEW1pVPNHSx_qhzglYL05ggIqGBOlujXnoAF66PBvg0VviWte4A8Gg==
pendo.js
eurautoeuwweb.azurewebsites.net/ 		487 B
545 B 		Script
General
Check archive.org
Download Go to
Full URL
https://eurautoeuwweb.azurewebsites.net/pendo.js
Requested by
Host: eurautoeuwweb.azurewebsites.net
URL: https://eurautoeuwweb.azurewebsites.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.105.232.25 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
905b0e5d0f49ba01b83e589bbaf50046161d7fc60e03dcfac834ce58396f96e1

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:59:15 GMT
content-encoding
br
last-modified
Mon, 18 Mar 2024 15:19:06 GMT
server
Kestrel
etag
"1da79479dec50e7"
vary
Accept-Encoding
content-type
text/javascript
accept-ranges
bytes
trace-id
5ec524c73b1235ed48a7eb528cec0cfc
importconfig.js
eurautoeuwweb.azurewebsites.net/ 		39 B
162 B 		Script
General
Check archive.org
Download Go to
Full URL
https://eurautoeuwweb.azurewebsites.net/importconfig.js
Requested by
Host: eurautoeuwweb.azurewebsites.net
URL: https://eurautoeuwweb.azurewebsites.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.105.232.25 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
37dafd7ab072f9f0b02d276b43a6d22f6e992c57debf8ebdb5f5828e31091fd5

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:59:14 GMT
content-encoding
br
last-modified
Mon, 18 Mar 2024 15:19:06 GMT
server
Kestrel
etag
"1da79479dec5127"
vary
Accept-Encoding
content-type
text/javascript
accept-ranges
bytes
trace-id
7b41ce34e70bccdfff3b2cc4b09b6fc3
pendo.js
cdn.pendo.io/agent/static/21e45db0-d68d-4987-6852-534488a6fdf3/ 		490 KB
159 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pendo.io/agent/static/21e45db0-d68d-4987-6852-534488a6fdf3/pendo.js
Requested by
Host: eurautoeuwweb.azurewebsites.net
URL: https://eurautoeuwweb.azurewebsites.net/pendo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.213.229 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
229.213.36.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
9d4e7ccfcc0c1f7f8a9c21414d8b1e74506d61fe4df25d9813c7e62844c5bc6c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 13:32:15 GMT
content-encoding
gzip
strict-transport-security
max-age=63072000; includeSubDomains
age
8820
x-guploader-uploadid
ABPtcPoY7qCgIQu1Ea61nl3bsY0gk0Khq4kDd5Und4pD84jp5F25lusdaEWLOEfRyk2H6OXh258
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
162248
last-modified
Thu, 21 Mar 2024 18:09:04 GMT
server
UploadServer
etag
"68d4c2eb22fdc4b4da05ad1ea6d7ba71"
vary
Accept-Encoding
x-goog-generation
1711044544011986
x-goog-hash
crc32c=pJgcuA==, md5=aNTC6yL9xLTaBa0epte6cQ==
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public,max-age=450
x-goog-stored-content-length
162248
accept-ranges
bytes
content-type
application/json
import-map.json
eurautoeuwweb.azurewebsites.net/ 		2 KB
553 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://eurautoeuwweb.azurewebsites.net/import-map.json
Requested by
Host: assets.sbc.sage.com
URL: https://assets.sbc.sage.com/npm/systemjs@6.8.3/dist/system.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.105.232.25 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
9ddecc400107b83540ca7beb33581c8ee6ff7a9158168e959c9ff4438fa4b6e8

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:59:15 GMT
content-encoding
br
last-modified
Mon, 18 Mar 2024 15:19:06 GMT
server
Kestrel
etag
"1da79479dec5790"
vary
Accept-Encoding
content-type
application/json
accept-ranges
bytes
trace-id
5b8dee62d7835d1e347f226ef49a2e31
www.auto.sageeurekadev.com
sagedev.cloudflareaccess.com/cdn-cgi/access/login/
Redirect Chain
  • https://www.auto.sageeurekadev.com/react-mf-root-config.js
  • https://sagedev.cloudflareaccess.com/cdn-cgi/access/login/www.auto.sageeurekadev.com?kid=dc30383dc78456e09fa5c41b142e8f34be661c6d594e29beb00cf342f354f382&redirect_url=%2Freact-mf-root-config.js&met...
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sagedev.cloudflareaccess.com
URL
https://sagedev.cloudflareaccess.com/cdn-cgi/access/login/www.auto.sageeurekadev.com?kid=dc30383dc78456e09fa5c41b142e8f34be661c6d594e29beb00cf342f354f382&redirect_url=%2Freact-mf-root-config.js&meta=eyJraWQiOiJlOTQwYmMxYTlmODI3YTU1YWZmOWQ3Njc4YzhkOGQ2MzFlNmQ4M2ViYWJhNjY0ODRlMTYwMjA0MmE4ZWIyMWIzIiwiYWxnIjoiUlMyNTYiLCJ0eXAiOiJKV1QifQ.eyJzZXJ2aWNlX3Rva2VuX3N0YXR1cyI6ZmFsc2UsImlhdCI6MTcxMTI5NTk1Niwic2VydmljZV90b2tlbl9pZCI6IiIsImF1ZCI6ImRjMzAzODNkYzc4NDU2ZTA5ZmE1YzQxYjE0MmU4ZjM0YmU2NjFjNmQ1OTRlMjliZWIwMGNmMzQyZjM1NGYzODIiLCJob3N0bmFtZSI6Ind3dy5hdXRvLnNhZ2VldXJla2FkZXYuY29tIiwiYXBwX3Nlc3Npb25faGFzaCI6IjQzZWZkNzE4NmYwYzY3Njc1ZDIzZTczNGE0YzMyZWQ3YjIwZDk2MzIyNjdhMGI3ZGFmYTdkYTI5NDE5N2MyNGUiLCJuYmYiOjE3MTEyOTU5NTYsImlzX3dhcnAiOmZhbHNlLCJpc19nYXRld2F5IjpmYWxzZSwidHlwZSI6Im1ldGEiLCJyZWRpcmVjdF91cmwiOiJcL3JlYWN0LW1mLXJvb3QtY29uZmlnLmpzIiwibXRsc19hdXRoIjp7ImNlcnRfaXNzdWVyX3NraSI6IiIsImNlcnRfcHJlc2VudGVkIjpmYWxzZSwiY2VydF9zZXJpYWwiOiIiLCJjZXJ0X2lzc3Vlcl9kbiI6IiIsImF1dGhfc3RhdHVzIjoiTk9ORSJ9LCJhdXRoX3N0YXR1cyI6Ik5PTkUifQ.f_On3Fjt8cpqggDC6h2b8rbJAL8N6f98D8Rv_38kKftCGWOALYkdPAVcvM7lctuZJ0Y5UV7OLE6k5Brk_oJUGodr-FIUlvt_S5KKmj6lK2buuzQtmJcTdpeiKN2DmcWrFdMUe-j9NoN1J2DZrm0tSop-MVWyAOXRMv18jkRDFOmKvamsjC4FgnhW-Ha3D9WWzxOGiB6-2wicI3k7h_OH2JbNI8t-oMa3xdEYfq2mNtWRThDmAn8FI-3YyjMOarau5Y0NeL3zIyPRP1bEpAl9Z8EyEb16R2_ipOAGDfinzFBm5sZOU9cFLRbyEorovbPtFm9TRD3h3lZBHyd_iAXvzg

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| pendo object| __sbc_config object| __sageactive_config object| System function| define

1 Cookies

Domain/Path Name / Value
.sbc.sage.com/ Name: __cf_bm
Value: quNj6FcMvsUzgMrh0T1SHX4lhG8JqZxfIg4z.DXNUf4-1711295955-1.0.1.1-BD7kciQUkXh553VNTvyXj8xq5uC6_8.Jbld8ua9xmV0XOGbPiuPIbfpEFNlbTFqQFZs2J.Mlj6zqZVfic7SqgA

3 Console Messages

Source Level URL
Text
other warning URL: https://eurautoeuwweb.azurewebsites.net/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://eurautoeuwweb.azurewebsites.net/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
security error URL: https://eurautoeuwweb.azurewebsites.net/
Message:
Refused to load the script 'https://sagedev.cloudflareaccess.com/cdn-cgi/access/login/www.auto.sageeurekadev.com?kid=dc30383dc78456e09fa5c41b142e8f34be661c6d594e29beb00cf342f354f382&redirect_url=%2Freact-mf-root-config.js&meta=eyJraWQiOiJlOTQwYmMxYTlmODI3YTU1YWZmOWQ3Njc4YzhkOGQ2MzFlNmQ4M2ViYWJhNjY0ODRlMTYwMjA0MmE4ZWIyMWIzIiwiYWxnIjoiUlMyNTYiLCJ0eXAiOiJKV1QifQ.eyJzZXJ2aWNlX3Rva2VuX3N0YXR1cyI6ZmFsc2UsImlhdCI6MTcxMTI5NTk1Niwic2VydmljZV90b2tlbl9pZCI6IiIsImF1ZCI6ImRjMzAzODNkYzc4NDU2ZTA5ZmE1YzQxYjE0MmU4ZjM0YmU2NjFjNmQ1OTRlMjliZWIwMGNmMzQyZ...7ImNlcnRfaXNzdWVyX3NraSI6IiIsImNlcnRfcHJlc2VudGVkIjpmYWxzZSwiY2VydF9zZXJpYWwiOiIiLCJjZXJ0X2lzc3Vlcl9kbiI6IiIsImF1dGhfc3RhdHVzIjoiTk9ORSJ9LCJhdXRoX3N0YXR1cyI6Ik5PTkUifQ.f_On3Fjt8cpqggDC6h2b8rbJAL8N6f98D8Rv_38kKftCGWOALYkdPAVcvM7lctuZJ0Y5UV7OLE6k5Brk_oJUGodr-FIUlvt_S5KKmj6lK2buuzQtmJcTdpeiKN2DmcWrFdMUe-j9NoN1J2DZrm0tSop-MVWyAOXRMv18jkRDFOmKvamsjC4FgnhW-Ha3D9WWzxOGiB6-2wicI3k7h_OH2JbNI8t-oMa3xdEYfq2mNtWRThDmAn8FI-3YyjMOarau5Y0NeL3zIyPRP1bEpAl9Z8EyEb16R2_ipOAGDfinzFBm5sZOU9cFLRbyEorovbPtFm9TRD3h3lZBHyd_iAXvzg' because it violates the following Content Security Policy directive: "script-src 'self' *.sageeurekadev.com id-shadow.sage.com *.sbc.sage.com 'unsafe-eval' *.sage.com *.pendo.io *.storage.googleapis.com https://apps.mypurecloud.ie *.qualtrics.com 'sha256-4TrkWPubZ28sdpRBAkcRauB0O0kw+C2e1lq61DxlwgU=' 'sha256-Q1IdEooY+5756dhwlhTIWAro7Iw0k2bVnic7yiW9ZN8=' 'sha256-aCz7zaDF28bHk7DisOkEOIYQC51YaWmxHRIRleH3bDo='". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy base-uri 'self'; object-src 'none'; default-src 'self'; worker-src 'self' blob:; child-src 'self' blob:; manifest-src 'self' sagedev.cloudflareaccess.com ; connect-src 'self' id-shadow.sage.com *.sbc.sage.com *.sageeurekadev.com api.uk0.flatfile.com wss://api.uk0.flatfile.com *.pendo.io *.storage.googleapis.com *.1trust.app *.onetrust.com *.qualtrics.com o1087310.ingest.sentry.io wss://websocket.sandbox.sbc.sage.com wss://directline.botframework.com/ https://directline.botframework.com/ api.service.hmrc.gov.uk prod-edocs-einvoicing-filemetadata.s3.eu-west-1.amazonaws.com wss://streaming.mypurecloud.ie https://api.mypurecloud.ie https://apps.mypurecloud.ie https://mcm.entfabric-sage.com ; font-src 'self' *.sageeurekadev.com fonts.sage.com fonts.gstatic.com data: *.storage.googleapis.com ; style-src 'self' *.sageeurekadev.com *.pendo.io *.storage.googleapis.com *.googleapis.com fonts.sage.com 'unsafe-inline' *.1trust.app *.onetrust.com *.qualtrics.com ; script-src 'self' *.sageeurekadev.com id-shadow.sage.com *.sbc.sage.com 'unsafe-eval' *.sage.com *.pendo.io *.storage.googleapis.com https://apps.mypurecloud.ie *.qualtrics.com 'sha256-4TrkWPubZ28sdpRBAkcRauB0O0kw+C2e1lq61DxlwgU=' 'sha256-Q1IdEooY+5756dhwlhTIWAro7Iw0k2bVnic7yiW9ZN8=' 'sha256-aCz7zaDF28bHk7DisOkEOIYQC51YaWmxHRIRleH3bDo=' ; frame-src 'self' id-shadow.sage.com *.sbc.sage.com dev-sbd.sagedatacloud.com dev-sbcauth-developerportal.sagedatacloud.com dev-sbcauth.sagedatacloud.com sandbox-money.sage.com qa-money.sage.com *.pendo.io players.brightcove.net app.uk0.flatfile.com www.zuora.com *.1trust.app *.onetrust.com sageactive.online-help.sage.com *.qualtrics.com ; img-src 'self' *.sageeurekadev.com *.sbc.sage.com data: *.pendo.io *.storage.googleapis.com https://webchathub.sage.com https://s3-eu-west-1.amazonaws.com https://s3.eu-west-1.amazonaws.com ; frame-ancestors 'self' app.eu.pendo.io app.pendo.io ;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN