app.response.deloitte.com Open in urlscan Pro
209.167.231.27 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://app.response.deloitte.com/e/es.aspx?s=958345745&e=463907&elqTrackId=24dfeaa861f44ce38510d28e5d3cb444&elq=4eca127771824c4ca...
Submission: On April 11 via api (April 11th 2022, 5:35:48 pm UTC) from SE — Scanned from DE

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 13 HTTP transactions. The main IP is 209.167.231.27, located in United States and belongs to NETDYNAMICS, US. The main domain is app.response.deloitte.com. The Cisco Umbrella rank of the primary domain is 159889.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on April 5th 2022. Valid for: a year.

This is the only time app.response.deloitte.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4 5	209.167.231.27 209.167.231.27	7160 (NETDYNAMICS) (NETDYNAMICS)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
8	2.16.186.234 2.16.186.234	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 4	209.167.231.17 209.167.231.17	7160 (NETDYNAMICS) (NETDYNAMICS)
13	4

5 209.167.231.27 (United States) 4 redirects

ASN7160 (NETDYNAMICS, US)
PTR: e027.en25.com

app.response.deloitte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2.16.186.234 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-234.deploy.static.akamaitechnologies.com

images.response.deloitte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 209.167.231.17 (United States) 1 redirects

ASN7160 (NETDYNAMICS, US)
PTR: e017.en25.com

s958345745.t.eloqua.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	deloitte.com 4 redirects app.response.deloitte.com — Cisco Umbrella Rank: 159889 images.response.deloitte.com — Cisco Umbrella Rank: 231483	86 KB
4	eloqua.com 1 redirects s958345745.t.eloqua.com — Cisco Umbrella Rank: 151203	2 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 282	30 KB
13	3

	Domain	Requested by
8	images.response.deloitte.com	app.response.deloitte.com
5	app.response.deloitte.com	4 redirects
4	s958345745.t.eloqua.com	1 redirects app.response.deloitte.com
1	ajax.googleapis.com	app.response.deloitte.com
13	4

This site contains no links.

Subject Issuer	Validity	Valid
*.response.deloitte.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-05` - `2023-04-05`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
images.response.deloitte.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-21` - `2022-09-21`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://app.response.deloitte.com/e/es.aspx?s=958345745&e=463907&elqTrackId=24dfeaa861f44ce38510d28e5d3cb444&elq=4eca127771824c4ca03aed7ca60f22ca&elqaid=95485&elqat=1
Frame ID: 403AE7F66261F28A579D99290BEC4C33
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Deloitte and Variety leaders weigh in on media consumption trendsDeloitte Insights

Detected technologies

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

\.aspx?(?:$|\?)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

13
Requests

77 %
HTTPS

25 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

115 kB
Transfer

201 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://app.response.deloitte.com/e/spacer.gif HTTP 302
https://app.response.deloitte.com/error HTTP 302
https://s958345745.t.eloqua.com/error

Request Chain 10

https://app.response.deloitte.com/e/FooterImages/FooterImage1?elq=4eca127771824c4ca03aed7ca60f22ca&siteid=958345745 HTTP 302
https://s958345745.t.eloqua.com/e/FooterImages/FooterImage1?elq=4eca127771824c4ca03aed7ca60f22ca&siteid=958345745 HTTP 302
https://s958345745.t.eloqua.com/e/FooterImages/FooterImage1.aspx?elq=4eca127771824c4ca03aed7ca60f22ca&siteid=958345745&elqCookie=1

Request Chain 11

https://app.response.deloitte.com/e/footerimages/fi9?es=463907&s=958345745&u=aHR0cHM6Ly9hcHAucmVzcG9uc2UuZGVsb2l0dGUuY29tL2UvZXMuYXNweD9zPTk1ODM0NTc0NSZlPTQ2MzkwNyZlbHFUcmFja0lkPTI0ZGZlYWE4NjFmNDRjZTM4NTEwZDI4ZTVkM2NiNDQ0JmVscT00ZWNhMTI3NzcxODI0YzRjYTAzYWVkN2NhNjBmMjJjYSZlbHFhaWQ9OTU0ODUmZWxxYXQ9MQ%3D%3D HTTP 302
https://s958345745.t.eloqua.com/e/footerimages/fi9?es=463907&s=958345745&u=aHR0cHM6Ly9hcHAucmVzcG9uc2UuZGVsb2l0dGUuY29tL2UvZXMuYXNweD9zPTk1ODM0NTc0NSZlPTQ2MzkwNyZlbHFUcmFja0lkPTI0ZGZlYWE4NjFmNDRjZTM4NTEwZDI4ZTVkM2NiNDQ0JmVscT00ZWNhMTI3NzcxODI0YzRjYTAzYWVkN2NhNjBmMjJjYSZlbHFhaWQ9OTU0ODUmZWxxYXQ9MQ==

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request es.aspx Show response
app.response.deloitte.com/e/ 44 KB
9 KB 1772ms
1458ms Document
text/html 209.167.231.27
NETDYNAMICS

General

Check archive.org

Show headers Download Go to

Full URL

https://app.response.deloitte.com/e/es.aspx?s=958345745&e=463907&elqTrackId=24dfeaa861f44ce38510d28e5d3cb444&elq=4eca127771824c4ca03aed7ca60f22ca&elqaid=95485&elqat=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.167.231.27 , United States, ASN7160 (NETDYNAMICS, US),

Reverse DNS

e027.en25.com

Software

Resource Hash

9e081f0fbedea83cdabe09e91e5b8f0b2678f5a58e9b33fb9f883400c4d27014

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store
Content-Encoding: gzip
Content-Length: 8415
Content-Type: text/html; charset=utf-8
Date: Mon, 11 Apr 2022 17:35:42 GMT
Expires: -1
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Pragma: no-cache
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-Xss-Protection: 1; mode=block

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 85 KB
30 KB 126ms
39ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: app.response.deloitte.com
URL: https://app.response.deloitte.com/e/es.aspx?s=958345745&e=463907&elqTrackId=24dfeaa861f44ce38510d28e5d3cb444&elq=4eca127771824c4ca03aed7ca60f22ca&elqaid=95485&elqat=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.response.deloitte.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 10:12:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26576
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30399
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Apr 2023 10:12:46 GMT

GET
H/1.1 200
OK %7B1264e705-c2e4-48b8-9aba-62ce5a4e40dc%7D_DEl_Insights_White_135pxwide.png
images.response.deloitte.com/EloquaImages/clients/DeloitteToucheLLP/ 3 KB
3 KB 1015ms
143ms Image
image/png 2.16.186.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.response.deloitte.com/EloquaImages/clients/DeloitteToucheLLP/%7B1264e705-c2e4-48b8-9aba-62ce5a4e40dc%7D_DEl_Insights_White_135pxwide.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.234 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-234.deploy.static.akamaitechnologies.com

Software

Resource Hash

1b81f8fa8d84357862f8b344aba1ce937662a64ab466075bb0068f8ae7935e44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.response.deloitte.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 11 Apr 2022 17:35:43 GMT
X-Content-Type-Options: nosniff
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Content-Type: image/png
Cache-Control: no-store
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 3138
X-Xss-Protection: 1; mode=block
Expires: Mon, 11 Apr 2022 17:35:43 GMT

GET
H/1.1 200
OK %7B6d65021e-efac-4266-abf8-ef496e4b25b9%7D_US175214_640x213.jpg
images.response.deloitte.com/EloquaImages/clients/DeloitteToucheLLP/ 60 KB
60 KB 854ms
150ms Image
image/jpeg 2.16.186.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.response.deloitte.com/EloquaImages/clients/DeloitteToucheLLP/%7B6d65021e-efac-4266-abf8-ef496e4b25b9%7D_US175214_640x213.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.234 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-234.deploy.static.akamaitechnologies.com

Software

Resource Hash

ba50994fb6ba510c51596af8540976da95a709c185341a5a48eab43eb5e5c497

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.response.deloitte.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 11 Apr 2022 17:35:43 GMT
X-Content-Type-Options: nosniff
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Content-Type: image/jpeg
Cache-Control: no-store
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 60960
X-Xss-Protection: 1; mode=block
Expires: Mon, 11 Apr 2022 17:35:43 GMT

GET
H/1.1 200
OK %7B7405e46e-0366-4db2-a7d5-57ee55a4f0c9%7D_EMAIL_ICON_JULY16_subscribe_white.png
images.response.deloitte.com/EloquaImages/clients/DeloitteToucheLLP/ 1 KB
2 KB 840ms
150ms Image
image/png 2.16.186.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.response.deloitte.com/EloquaImages/clients/DeloitteToucheLLP/%7B7405e46e-0366-4db2-a7d5-57ee55a4f0c9%7D_EMAIL_ICON_JULY16_subscribe_white.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.234 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-234.deploy.static.akamaitechnologies.com

Software

Resource Hash

8981a0df2673c01e713b50c6bb013425d4f293026fcf6335c48ee42f171e9bb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.response.deloitte.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 11 Apr 2022 17:35:43 GMT
X-Content-Type-Options: nosniff
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Content-Type: image/png
Cache-Control: no-store
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1172
X-Xss-Protection: 1; mode=block
Expires: Mon, 11 Apr 2022 17:35:43 GMT

GET
H/1.1

200
OK

error
s958345745.t.eloqua.com/
Redirect Chain

https://app.response.deloitte.com/e/spacer.gif
https://app.response.deloitte.com/error
https://s958345745.t.eloqua.com/error

0
0

424ms
112ms

Image
text/html

209.167.231.17
NETDYNAMICS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s958345745.t.eloqua.com/error
Requested by: Host: app.response.deloitte.com
URL: https://app.response.deloitte.com/e/es.aspx?s=958345745&e=463907&elqTrackId=24dfeaa861f44ce38510d28e5d3cb444&elq=4eca127771824c4ca03aed7ca60f22ca&elqaid=95485&elqat=1
Protocol: HTTP/1.1
Server: 209.167.231.17 , United States, ASN7160 (NETDYNAMICS, US),
Reverse DNS: e017.en25.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.response.deloitte.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Mon, 11 Apr 2022 17:35:42 GMT
X-Content-Type-Options: nosniff
Content-Type: text/html; charset=utf-8
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Location: https://s958345745.t.eloqua.com/error
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 154
X-Xss-Protection: 1; mode=block
Expires: -1

GET
H/1.1 200
OK %7b09d54155-32a6-463a-8319-f2803b3aa81a%7d_footer-social-facebook.png
images.response.deloitte.com/EloquaImages/clients/DeloitteToucheLLP/ 2 KB
2 KB 834ms
145ms Image
image/png 2.16.186.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.response.deloitte.com/EloquaImages/clients/DeloitteToucheLLP/%7b09d54155-32a6-463a-8319-f2803b3aa81a%7d_footer-social-facebook.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.234 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-234.deploy.static.akamaitechnologies.com

Software

Resource Hash

c1c8fa6bf9885e814fa10dbe4a04845f5af57d34b1f694a7f251bda025b3829d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.response.deloitte.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 11 Apr 2022 17:35:43 GMT
X-Content-Type-Options: nosniff
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Content-Type: image/png
Cache-Control: no-store
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2009
X-Xss-Protection: 1; mode=block
Expires: Mon, 11 Apr 2022 17:35:43 GMT

GET
H/1.1 200
OK %7b46a807e1-dac1-4ef0-ae32-0a0dfdf6ea47%7d_footer-social-twitter.png
images.response.deloitte.com/EloquaImages/clients/DeloitteToucheLLP/ 2 KB
2 KB 848ms
159ms Image
image/png 2.16.186.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.response.deloitte.com/EloquaImages/clients/DeloitteToucheLLP/%7b46a807e1-dac1-4ef0-ae32-0a0dfdf6ea47%7d_footer-social-twitter.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.234 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-234.deploy.static.akamaitechnologies.com

Software

Resource Hash

58a9893643f3a1827a1abee8679c70d9620b5d337eb6fdffc940961cc1c1d89f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.response.deloitte.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 11 Apr 2022 17:35:43 GMT
X-Content-Type-Options: nosniff
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Content-Type: image/png
Cache-Control: no-store
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2154
X-Xss-Protection: 1; mode=block
Expires: Mon, 11 Apr 2022 17:35:43 GMT

GET
H/1.1 200
OK %7ba35175a0-afa8-4f6a-8054-37c288dd91c3%7d_footer-social-linkedin.png
images.response.deloitte.com/EloquaImages/clients/DeloitteToucheLLP/ 2 KB
2 KB 829ms
140ms Image
image/png 2.16.186.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.response.deloitte.com/EloquaImages/clients/DeloitteToucheLLP/%7ba35175a0-afa8-4f6a-8054-37c288dd91c3%7d_footer-social-linkedin.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.234 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-234.deploy.static.akamaitechnologies.com

Software

Resource Hash

2f44dbcde2f9a55f85a0e49f367e2903565fb8768a0aafa53ec977dae8b8c960

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.response.deloitte.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 11 Apr 2022 17:35:43 GMT
X-Content-Type-Options: nosniff
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Content-Type: image/png
Cache-Control: no-store
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2153
X-Xss-Protection: 1; mode=block
Expires: Mon, 11 Apr 2022 17:35:43 GMT

GET
H/1.1 200
OK %7bb5381f26-1bc8-4d90-9259-a028a0078101%7d_footer-social-email.png
images.response.deloitte.com/EloquaImages/clients/DeloitteToucheLLP/ 2 KB
2 KB 17ms
17ms Image
image/png 2.16.186.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.response.deloitte.com/EloquaImages/clients/DeloitteToucheLLP/%7bb5381f26-1bc8-4d90-9259-a028a0078101%7d_footer-social-email.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.234 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-234.deploy.static.akamaitechnologies.com

Software

Resource Hash

33e96740a35102627d62c8617663ac0a79a1473abc871eff2a439fd8483da1b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.response.deloitte.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 11 Apr 2022 17:35:43 GMT
X-Content-Type-Options: nosniff
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Content-Type: image/png
Cache-Control: no-store
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2046
X-Xss-Protection: 1; mode=block
Expires: Mon, 11 Apr 2022 17:35:43 GMT

GET
H/1.1 200
OK %7bf9bb32f9-e886-412e-b3bc-86aa372518f1%7d_FY16spacer.png
images.response.deloitte.com/EloquaImages/clients/DeloitteToucheLLP/ 180 B
558 B 17ms
16ms Image
image/png 2.16.186.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.response.deloitte.com/EloquaImages/clients/DeloitteToucheLLP/%7bf9bb32f9-e886-412e-b3bc-86aa372518f1%7d_FY16spacer.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.234 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-234.deploy.static.akamaitechnologies.com

Software

Resource Hash

7b22703513e73f0db40ac9a1a97a3cc60ea89d61ccccf6e3a503541b94844b27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.response.deloitte.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 11 Apr 2022 17:35:43 GMT
X-Content-Type-Options: nosniff
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Content-Type: image/png
Cache-Control: no-store
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 180
X-Xss-Protection: 1; mode=block
Expires: Mon, 11 Apr 2022 17:35:43 GMT

GET
H/1.1

200
OK

FooterImage1.aspx
s958345745.t.eloqua.com/e/FooterImages/
Redirect Chain

https://app.response.deloitte.com/e/FooterImages/FooterImage1?elq=4eca127771824c4ca03aed7ca60f22ca&siteid=958345745
https://s958345745.t.eloqua.com/e/FooterImages/FooterImage1?elq=4eca127771824c4ca03aed7ca60f22ca&siteid=958345745
https://s958345745.t.eloqua.com/e/FooterImages/FooterImage1.aspx?elq=4eca127771824c4ca03aed7ca60f22ca&siteid=958345745&elqCookie=1

49 B
448 B

258ms
258ms

Image
image/gif

209.167.231.17
NETDYNAMICS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s958345745.t.eloqua.com/e/FooterImages/FooterImage1.aspx?elq=4eca127771824c4ca03aed7ca60f22ca&siteid=958345745&elqCookie=1

Requested by

Protocol

HTTP/1.1

Server

209.167.231.17 , United States, ASN7160 (NETDYNAMICS, US),

Reverse DNS

e017.en25.com

Software

Resource Hash

f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.response.deloitte.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Type: image/gif
Date: Mon, 11 Apr 2022 17:35:42 GMT
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 49
X-Xss-Protection: 1; mode=block
Expires: -1

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Date: Mon, 11 Apr 2022 17:35:42 GMT
X-Robots-Tag: noindex, nofollow
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Location: https://s958345745.t.eloqua.com/e/FooterImages/FooterImage1.aspx?elq=4eca127771824c4ca03aed7ca60f22ca&siteid=958345745&elqCookie=1
Cache-Control: no-store
Content-Type: text/html; charset=utf-8
Content-Length: 255
X-Xss-Protection: 1; mode=block
Expires: -1

GET
H/1.1

200
OK

fi9
s958345745.t.eloqua.com/e/footerimages/
Redirect Chain

https://app.response.deloitte.com/e/footerimages/fi9?es=463907&s=958345745&u=aHR0cHM6Ly9hcHAucmVzcG9uc2UuZGVsb2l0dGUuY29tL2UvZXMuYXNweD9zPTk1ODM0NTc0NSZlPTQ2MzkwNyZlbHFUcmFja0lkPTI0ZGZlYWE4NjFmNDRj...
https://s958345745.t.eloqua.com/e/footerimages/fi9?es=463907&s=958345745&u=aHR0cHM6Ly9hcHAucmVzcG9uc2UuZGVsb2l0dGUuY29tL2UvZXMuYXNweD9zPTk1ODM0NTc0NSZlPTQ2MzkwNyZlbHFUcmFja0lkPTI0ZGZlYWE4NjFmNDRjZT...

49 B
448 B

434ms
123ms

Image
image/gif

209.167.231.17
NETDYNAMICS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s958345745.t.eloqua.com/e/footerimages/fi9?es=463907&s=958345745&u=aHR0cHM6Ly9hcHAucmVzcG9uc2UuZGVsb2l0dGUuY29tL2UvZXMuYXNweD9zPTk1ODM0NTc0NSZlPTQ2MzkwNyZlbHFUcmFja0lkPTI0ZGZlYWE4NjFmNDRjZTM4NTEwZDI4ZTVkM2NiNDQ0JmVscT00ZWNhMTI3NzcxODI0YzRjYTAzYWVkN2NhNjBmMjJjYSZlbHFhaWQ9OTU0ODUmZWxxYXQ9MQ==

Requested by

Protocol

HTTP/1.1

Server

209.167.231.17 , United States, ASN7160 (NETDYNAMICS, US),

Reverse DNS

e017.en25.com

Software

Resource Hash

f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.response.deloitte.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Type: image/gif
Date: Mon, 11 Apr 2022 17:35:42 GMT
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 49
X-Xss-Protection: 1; mode=block
Expires: -1

Redirect headers

Pragma: no-cache
Date: Mon, 11 Apr 2022 17:35:42 GMT
X-Content-Type-Options: nosniff
Content-Type: text/html; charset=utf-8
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Location: https://s958345745.t.eloqua.com/e/footerimages/fi9?es=463907&s=958345745&u=aHR0cHM6Ly9hcHAucmVzcG9uc2UuZGVsb2l0dGUuY29tL2UvZXMuYXNweD9zPTk1ODM0NTc0NSZlPTQ2MzkwNyZlbHFUcmFja0lkPTI0ZGZlYWE4NjFmNDRjZTM4NTEwZDI4ZTVkM2NiNDQ0JmVscT00ZWNhMTI3NzcxODI0YzRjYTAzYWVkN2NhNjBmMjJjYSZlbHFhaWQ9OTU0ODUmZWxxYXQ9MQ==
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 424
X-Xss-Protection: 1; mode=block
Expires: -1

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.deloitte.com/	1970-01-20 11:43:46	Name: ELOQUA Value: GUID=9E4A225D933B42DFB69103359A3EEA42
.deloitte.com/	1970-01-20 11:43:46	Name: ELQSTATUS Value: OK
.eloqua.com/	1970-01-20 11:43:46	Name: ELOQUA Value: GUID=9FDE9C18A8F74CF5BD489881AD428A71
.eloqua.com/	1970-01-20 11:43:46	Name: ELQSTATUS Value: OK
.s958345745.t.eloqua.com/	1969-12-31 23:59:59	Name: culture Value: de-DE

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
app.response.deloitte.com
images.response.deloitte.com
s958345745.t.eloqua.com
2.16.186.234
209.167.231.17
209.167.231.27
2a00:1450:4001:810::200a
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1b81f8fa8d84357862f8b344aba1ce937662a64ab466075bb0068f8ae7935e44
2f44dbcde2f9a55f85a0e49f367e2903565fb8768a0aafa53ec977dae8b8c960
33e96740a35102627d62c8617663ac0a79a1473abc871eff2a439fd8483da1b5
58a9893643f3a1827a1abee8679c70d9620b5d337eb6fdffc940961cc1c1d89f
7b22703513e73f0db40ac9a1a97a3cc60ea89d61ccccf6e3a503541b94844b27
8981a0df2673c01e713b50c6bb013425d4f293026fcf6335c48ee42f171e9bb7
9e081f0fbedea83cdabe09e91e5b8f0b2678f5a58e9b33fb9f883400c4d27014
ba50994fb6ba510c51596af8540976da95a709c185341a5a48eab43eb5e5c497
c1c8fa6bf9885e814fa10dbe4a04845f5af57d34b1f694a7f251bda025b3829d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab

app.response.deloitte.com Open in urlscan Pro 209.167.231.27 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

13 Requests

77 %HTTPS

25 %IPv6

3 Domains

4 Subdomains

4 IPs

2 Countries

115 kBTransfer

201 kBSize

5 Cookies

0 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

5 Cookies

Security Headers

Indicators

app.response.deloitte.com Open in urlscan Pro
209.167.231.27 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

77 %
HTTPS

25 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

115 kB
Transfer

201 kB
Size

5
Cookies

13 HTTP transactions
0 data transactions