urlscan.io logo urlscan.io
SecurityTrails logo

sce-qa.ey.com Open in urlscan Pro
51.124.56.67  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://clientportal-stg.ey.com/
Effective URL: https://sce-qa.ey.com/
Submission: On September 12 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 4 domains to perform 18 HTTP transactions. The main IP is 51.124.56.67, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is sce-qa.ey.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on April 20th 2021. Valid for: a year.
This is the only time sce-qa.ey.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 199.49.17.143 3571 (EY-AS)
6 51.124.56.67 8075 (MICROSOFT...)
3 2.19.47.121 16625 (AKAMAI-AS)
1 13.107.246.45 8068 (MICROSOFT...)
7 64.233.184.94 15169 (GOOGLE)
1 13.227.158.111 16509 (AMAZON-02)
18 6
1    199.49.17.143 (United States)

ASN3571 (EY-AS, US)
clientportal-stg.ey.com
6    51.124.56.67 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sce-qa.ey.com
3    2.19.47.121 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-47-121.deploy.static.akamaitechnologies.com
cdn.ey.com
1    13.107.246.45 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
alcdn.msauth.net
7    64.233.184.94 (United States)

ASN15169 (GOOGLE, US)
PTR: wa-in-f94.1e100.net
www.recaptcha.net
www.gstatic.com
fonts.gstatic.com
1    13.227.158.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-158-111.muc51.r.cloudfront.net
assets.ey.com
Domain Requested by
6 sce-qa.ey.com sce-qa.ey.com
cdn.ey.com
4 www.gstatic.com www.recaptcha.net
www.gstatic.com
3 cdn.ey.com sce-qa.ey.com
2 www.recaptcha.net sce-qa.ey.com
www.gstatic.com
1 assets.ey.com
1 fonts.gstatic.com www.recaptcha.net
1 alcdn.msauth.net sce-qa.ey.com
1 clientportal-stg.ey.com 1 redirects
18 8

This site contains links to these domains. Also see Links.

Domain
www.ey.com
www.facebook.com
www.linkedin.com
twitter.com
www.youtube.com
Subject Issuer Validity Valid
sce-qa.ey.com
Entrust Certification Authority - L1K		 2021-04-20 -
2022-04-20		 a year crt.sh
cdn.ey.com
Entrust Certification Authority - L1K		 2020-04-13 -
2022-04-13		 2 years crt.sh
identitycdn.msauth.net
Microsoft Azure TLS Issuing CA 02		 2021-08-29 -
2022-08-24		 a year crt.sh
misc.google.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
assets.ey.com
Entrust Certification Authority - L1K		 2021-06-09 -
2022-02-01		 8 months crt.sh

This page contains 2 frames:

Primary Page: https://sce-qa.ey.com/
Frame ID: 1E60280F008615BFD604818E2CFBF5F9
Requests: 22 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcQqfcUAAAAAHLyIGMS-8XyuzAyb3tW2gJe8wzW&co=aHR0cHM6Ly9zY2UtcWEuZXkuY29tOjQ0Mw..&hl=de&v=wxAi4AKLXL2kBAvXqI4XLSWS&size=invisible&cb=5xmdy4xmf4g8
Frame ID: 4144671225A686516E5066C3B147AE48
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

EY login – My EY

Page URL History Show full URLs

  1. https://clientportal-stg.ey.com/ HTTP 302
    https://sce-qa.ey.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

18
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

8
Subdomains

6
IPs

3
Countries

3387 kB
Transfer

8994 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://clientportal-stg.ey.com/ HTTP 302
    https://sce-qa.ey.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
sce-qa.ey.com/
Redirect Chain
  • https://clientportal-stg.ey.com/
  • https://sce-qa.ey.com/
5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sce-qa.ey.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.124.56.67 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dea1d2a71ec08f0cf2efda758a423dac686f7b1fefdda1b8b3960d2e07fec2b2
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net *.qualtrics.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' secure.aadcdn.microsoftonline-p.com *.msecnd.net cdn.ey.com *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net *.google.com *.recaptcha.net www.gstatic.com amp.azure.net *.auth0.com www.gstatic.cn alcdn.msauth.net *.qualtrics.com; style-src 'self' 'unsafe-inline' *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net amp.azure.net; img-src 'self' assets.ey.com data: *.blob.core.windows.net eycom.d3.sc.omtrdc.net *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net amp.azure.net *.qualtrics.com; font-src 'self' data: *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net amp.azure.net; frame-src 'self' mailto: *.microsoftonline.com *.aadcdn.microsoftonline-p.com *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net *.google.com *.recaptcha.net www.gstatic.com *.media.azure.net *.auth0.com www.gstatic.cn *.powerbi.com *.qualtrics.com; connect-src 'self' *.visualstudio.com assets.adobedtm.com eycom.tt.omtrdc.net dpm.demdex.net *.omtrdc.net smetrics.ey.com metrics.ey.com target.ey.com eycom.d3.sc.omtrdc.net *.media.azure.net *.blob.core.windows.net *.auth0.com *.ey.com login.microsoftonline.com api.powerbi.com *.qualtrics.com; frame-ancestors 'self' *.cognifidecloud.net *.microsoftonline.com *.ey.net *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net; worker-src 'self' blob:; media-src 'self' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
sce-qa.ey.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Sun, 12 Sep 2021 04:03:13 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Pragma
no-cache
Content-Encoding
gzip
Expires
0
ETag
W/"1594-1yoUX+N67M2xH7q1s1ga5aKcOKw"
Vary
Accept-Encoding
request-context
appId=cid-v1:dc8ef892-6044-4299-a079-325fd172e97b
X-DNS-Prefetch-Control
off
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Download-Options
noopen
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Surrogate-Control
no-store
Referrer-Policy
origin
Content-Security-Policy
default-src 'self' *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net *.qualtrics.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' secure.aadcdn.microsoftonline-p.com *.msecnd.net cdn.ey.com *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net *.google.com *.recaptcha.net www.gstatic.com amp.azure.net *.auth0.com www.gstatic.cn alcdn.msauth.net *.qualtrics.com; style-src 'self' 'unsafe-inline' *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net amp.azure.net; img-src 'self' assets.ey.com data: *.blob.core.windows.net eycom.d3.sc.omtrdc.net *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net amp.azure.net *.qualtrics.com; font-src 'self' data: *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net amp.azure.net; frame-src 'self' mailto: *.microsoftonline.com *.aadcdn.microsoftonline-p.com *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net *.google.com *.recaptcha.net www.gstatic.com *.media.azure.net *.auth0.com www.gstatic.cn *.powerbi.com *.qualtrics.com; connect-src 'self' *.visualstudio.com assets.adobedtm.com eycom.tt.omtrdc.net dpm.demdex.net *.omtrdc.net smetrics.ey.com metrics.ey.com target.ey.com eycom.d3.sc.omtrdc.net *.media.azure.net *.blob.core.windows.net *.auth0.com *.ey.com login.microsoftonline.com api.powerbi.com *.qualtrics.com; frame-ancestors 'self' *.cognifidecloud.net *.microsoftonline.com *.ey.net *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net; worker-src 'self' blob:; media-src 'self' blob:
Expect-CT
enforce, max-age=43200
Set-Cookie
ARRAffinity=55567a1f508333a606c99c297d622c7ce1d919bb6b6e9ae2cc419c45036d5424;Path=/;HttpOnly;Secure;Domain=EUWQPATSCEWAP01.azurewebsites.net:443 ARRAffinitySameSite=55567a1f508333a606c99c297d622c7ce1d919bb6b6e9ae2cc419c45036d5424;Path=/;HttpOnly;SameSite=None;Secure;Domain=EUWQPATSCEWAP01.azurewebsites.net:443

Redirect headers

Location
https://sce-qa.ey.com/
Content-Type
text/html
Cache-Control
private
Connection
close
polyfill.js
cdn.ey.com/MYEY/EUWQPATSCEWAP01/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ey.com/MYEY/EUWQPATSCEWAP01/polyfill.js?update=e9c4b386158c8216a8a1
Requested by
Host: sce-qa.ey.com
URL: https://sce-qa.ey.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.47.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-47-121.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2e3fcb0fc8db5b8910e2e46ee19bae88d4e1565617211c19bc174d2acd928dfb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sce-qa.ey.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 12 Sep 2021 04:03:13 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 Sep 2021 14:45:02 GMT
Server
AkamaiNetStorage
ETag
"010b373d08f041d7358f7e79f2b1a8e9:1631025973.836372"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
http://admin.brightcove.com
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Requested-With
Content-Length
5718
Cookie set promises.polyfill.min.js
sce-qa.ey.com/static/sce/azure/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sce-qa.ey.com/static/sce/azure/promises.polyfill.min.js
Requested by
Host: sce-qa.ey.com
URL: https://sce-qa.ey.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.124.56.67 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e17ae17f90ae983832f3709e67de0f7902fe1014568410534615235a158d7af0
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net *.qualtrics.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' secure.aadcdn.microsoftonline-p.com *.msecnd.net cdn.ey.com *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net *.google.com *.recaptcha.net www.gstatic.com amp.azure.net *.auth0.com www.gstatic.cn alcdn.msauth.net *.qualtrics.com; style-src 'self' 'unsafe-inline' *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net amp.azure.net; img-src 'self' assets.ey.com data: *.blob.core.windows.net eycom.d3.sc.omtrdc.net *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net amp.azure.net *.qualtrics.com; font-src 'self' data: *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net amp.azure.net; frame-src 'self' mailto: *.microsoftonline.com *.aadcdn.microsoftonline-p.com *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net *.google.com *.recaptcha.net www.gstatic.com *.media.azure.net *.auth0.com www.gstatic.cn *.powerbi.com *.qualtrics.com; connect-src 'self' *.visualstudio.com assets.adobedtm.com eycom.tt.omtrdc.net dpm.demdex.net *.omtrdc.net smetrics.ey.com metrics.ey.com target.ey.com eycom.d3.sc.omtrdc.net *.media.azure.net *.blob.core.windows.net *.auth0.com *.ey.com login.microsoftonline.com api.powerbi.com *.qualtrics.com; frame-ancestors 'self' *.cognifidecloud.net *.microsoftonline.com *.ey.net *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net; worker-src 'self' blob:; media-src 'self' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://sce-qa.ey.com/
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
sce-qa.ey.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://sce-qa.ey.com/
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://sce-qa.ey.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 12 Sep 2021 04:03:13 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Surrogate-Control
no-store
Transfer-Encoding
chunked
Expect-CT
enforce, max-age=43200
Connection
keep-alive
X-DNS-Prefetch-Control
off
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
request-context
appId=cid-v1:dc8ef892-6044-4299-a079-325fd172e97b
Pragma
no-cache
Referrer-Policy
origin
Last-Modified
Fri, 03 Sep 2021 15:21:50 GMT
X-Frame-Options
ALLOW-FROM https://sce-qa.ey.com/
ETag
W/"f21-17bac4072b0"
X-Download-Options
noopen
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Content-Security-Policy
default-src 'self' *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net *.qualtrics.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' secure.aadcdn.microsoftonline-p.com *.msecnd.net cdn.ey.com *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net *.google.com *.recaptcha.net www.gstatic.com amp.azure.net *.auth0.com www.gstatic.cn alcdn.msauth.net *.qualtrics.com; style-src 'self' 'unsafe-inline' *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net amp.azure.net; img-src 'self' assets.ey.com data: *.blob.core.windows.net eycom.d3.sc.omtrdc.net *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net amp.azure.net *.qualtrics.com; font-src 'self' data: *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net amp.azure.net; frame-src 'self' mailto: *.microsoftonline.com *.aadcdn.microsoftonline-p.com *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net *.google.com *.recaptcha.net www.gstatic.com *.media.azure.net *.auth0.com www.gstatic.cn *.powerbi.com *.qualtrics.com; connect-src 'self' *.visualstudio.com assets.adobedtm.com eycom.tt.omtrdc.net dpm.demdex.net *.omtrdc.net smetrics.ey.com metrics.ey.com target.ey.com eycom.d3.sc.omtrdc.net *.media.azure.net *.blob.core.windows.net *.auth0.com *.ey.com login.microsoftonline.com api.powerbi.com *.qualtrics.com; frame-ancestors 'self' *.cognifidecloud.net *.microsoftonline.com *.ey.net *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net; worker-src 'self' blob:; media-src 'self' blob:
Set-Cookie
ARRAffinity=11e8252cbd85372cfcad3f97ed321f875ce9ab2b87c03e3c837356e8e1404671;Path=/;HttpOnly;Secure;Domain=EUWQPATSCEWAP01.azurewebsites.net:443 ARRAffinitySameSite=11e8252cbd85372cfcad3f97ed321f875ce9ab2b87c03e3c837356e8e1404671;Path=/;HttpOnly;SameSite=None;Secure;Domain=EUWQPATSCEWAP01.azurewebsites.net:443
Accept-Ranges
bytes
Expires
0
msal.min.js
alcdn.msauth.net/lib/1.4.12/js/ 		127 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://alcdn.msauth.net/lib/1.4.12/js/msal.min.js
Requested by
Host: sce-qa.ey.com
URL: https://sce-qa.ey.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.246.45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
4f8ccea9755ebbcd7b539c7b45d9816c29883da4234bc11078e8bfd3b2568ea8

Request headers

Referer
https://sce-qa.ey.com/
Origin
https://sce-qa.ey.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 12 Sep 2021 04:03:13 GMT
content-encoding
br
x-azure-ref-originshield
0Qo48YQAAAAC8lNrRsAUoSotfYqfuaF0qTE9OMjFFREdFMTUxOABkYjY2MmZlMy1mNDM4LTQzYzItYTI5Zi1lNjU5MGM0ZjVlNTE=
content-md5
uk62Eeah4R60kWs9Qj1FTw==
x-cache
TCP_HIT
x-ms-lease-status
unlocked
last-modified
Fri, 23 Jul 2021 21:44:12 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D94E2302995195
x-azure-ref
0AXw9YQAAAABttRrO/pX0Sr1AI8pVno11UFJHMDFFREdFMDkxMABkYjY2MmZlMy1mNDM4LTQzYzItYTI5Zi1lNjU5MGM0ZjVlNTE=
content-type
text/javascript
access-control-allow-origin
*
x-ms-request-id
20333020-601e-0005-486f-a6b079000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Cookie set qualtrics.js
sce-qa.ey.com/static/sce/ 		1 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sce-qa.ey.com/static/sce/qualtrics.js
Requested by
Host: sce-qa.ey.com
URL: https://sce-qa.ey.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.124.56.67 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b868eea530ac6ede6037201479e9094491009fe4024e7252579bef8f8043f72b
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net *.qualtrics.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' secure.aadcdn.microsoftonline-p.com *.msecnd.net cdn.ey.com *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net *.google.com *.recaptcha.net www.gstatic.com amp.azure.net *.auth0.com www.gstatic.cn alcdn.msauth.net *.qualtrics.com; style-src 'self' 'unsafe-inline' *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net amp.azure.net; img-src 'self' assets.ey.com data: *.blob.core.windows.net eycom.d3.sc.omtrdc.net *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net amp.azure.net *.qualtrics.com; font-src 'self' data: *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net amp.azure.net; frame-src 'self' mailto: *.microsoftonline.com *.aadcdn.microsoftonline-p.com *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net *.google.com *.recaptcha.net www.gstatic.com *.media.azure.net *.auth0.com www.gstatic.cn *.powerbi.com *.qualtrics.com; connect-src 'self' *.visualstudio.com assets.adobedtm.com eycom.tt.omtrdc.net dpm.demdex.net *.omtrdc.net smetrics.ey.com metrics.ey.com target.ey.com eycom.d3.sc.omtrdc.net *.media.azure.net *.blob.core.windows.net *.auth0.com *.ey.com login.microsoftonline.com api.powerbi.com *.qualtrics.com; frame-ancestors 'self' *.cognifidecloud.net *.microsoftonline.com *.ey.net *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net; worker-src 'self' blob:; media-src 'self' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://sce-qa.ey.com/
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
sce-qa.ey.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://sce-qa.ey.com/
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://sce-qa.ey.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 12 Sep 2021 04:03:13 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Surrogate-Control
no-store
Transfer-Encoding
chunked
Expect-CT
enforce, max-age=43200
Connection
keep-alive
X-DNS-Prefetch-Control
off
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
request-context
appId=cid-v1:dc8ef892-6044-4299-a079-325fd172e97b
Pragma
no-cache
Referrer-Policy
origin
Last-Modified
Fri, 03 Sep 2021 15:21:50 GMT
X-Frame-Options
ALLOW-FROM https://sce-qa.ey.com/
ETag
W/"454-17bac4072b0"
X-Download-Options
noopen
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Content-Security-Policy
default-src 'self' *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net *.qualtrics.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' secure.aadcdn.microsoftonline-p.com *.msecnd.net cdn.ey.com *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net *.google.com *.recaptcha.net www.gstatic.com amp.azure.net *.auth0.com www.gstatic.cn alcdn.msauth.net *.qualtrics.com; style-src 'self' 'unsafe-inline' *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net amp.azure.net; img-src 'self' assets.ey.com data: *.blob.core.windows.net eycom.d3.sc.omtrdc.net *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net amp.azure.net *.qualtrics.com; font-src 'self' data: *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net amp.azure.net; frame-src 'self' mailto: *.microsoftonline.com *.aadcdn.microsoftonline-p.com *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net *.google.com *.recaptcha.net www.gstatic.com *.media.azure.net *.auth0.com www.gstatic.cn *.powerbi.com *.qualtrics.com; connect-src 'self' *.visualstudio.com assets.adobedtm.com eycom.tt.omtrdc.net dpm.demdex.net *.omtrdc.net smetrics.ey.com metrics.ey.com target.ey.com eycom.d3.sc.omtrdc.net *.media.azure.net *.blob.core.windows.net *.auth0.com *.ey.com login.microsoftonline.com api.powerbi.com *.qualtrics.com; frame-ancestors 'self' *.cognifidecloud.net *.microsoftonline.com *.ey.net *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net; worker-src 'self' blob:; media-src 'self' blob:
Set-Cookie
ARRAffinity=df365dd4a0b555f88629e2f0bfe4ec531b45f6bb2e3c70028a78f438a548590e;Path=/;HttpOnly;Secure;Domain=EUWQPATSCEWAP01.azurewebsites.net:443 ARRAffinitySameSite=df365dd4a0b555f88629e2f0bfe4ec531b45f6bb2e3c70028a78f438a548590e;Path=/;HttpOnly;SameSite=None;Secure;Domain=EUWQPATSCEWAP01.azurewebsites.net:443
Accept-Ranges
bytes
Expires
0
Cookie set azure-ad.js
sce-qa.ey.com/static/sce/azure/ 		1 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sce-qa.ey.com/static/sce/azure/azure-ad.js
Requested by
Host: sce-qa.ey.com
URL: https://sce-qa.ey.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.124.56.67 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c0b80db151d2f6021e7f39b810cf01a0ed886eb1f4d386108d35c43bd87f473b
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net *.qualtrics.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' secure.aadcdn.microsoftonline-p.com *.msecnd.net cdn.ey.com *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net *.google.com *.recaptcha.net www.gstatic.com amp.azure.net *.auth0.com www.gstatic.cn alcdn.msauth.net *.qualtrics.com; style-src 'self' 'unsafe-inline' *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net amp.azure.net; img-src 'self' assets.ey.com data: *.blob.core.windows.net eycom.d3.sc.omtrdc.net *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net amp.azure.net *.qualtrics.com; font-src 'self' data: *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net amp.azure.net; frame-src 'self' mailto: *.microsoftonline.com *.aadcdn.microsoftonline-p.com *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net *.google.com *.recaptcha.net www.gstatic.com *.media.azure.net *.auth0.com www.gstatic.cn *.powerbi.com *.qualtrics.com; connect-src 'self' *.visualstudio.com assets.adobedtm.com eycom.tt.omtrdc.net dpm.demdex.net *.omtrdc.net smetrics.ey.com metrics.ey.com target.ey.com eycom.d3.sc.omtrdc.net *.media.azure.net *.blob.core.windows.net *.auth0.com *.ey.com login.microsoftonline.com api.powerbi.com *.qualtrics.com; frame-ancestors 'self' *.cognifidecloud.net *.microsoftonline.com *.ey.net *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net; worker-src 'self' blob:; media-src 'self' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://sce-qa.ey.com/
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
sce-qa.ey.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://sce-qa.ey.com/
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://sce-qa.ey.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 12 Sep 2021 04:03:13 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Surrogate-Control
no-store
Transfer-Encoding
chunked
Expect-CT
enforce, max-age=43200
Connection
keep-alive
X-DNS-Prefetch-Control
off
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
request-context
appId=cid-v1:dc8ef892-6044-4299-a079-325fd172e97b
Pragma
no-cache
Referrer-Policy
origin
Last-Modified
Fri, 03 Sep 2021 15:21:50 GMT
X-Frame-Options
ALLOW-FROM https://sce-qa.ey.com/
ETag
W/"5c9-17bac4072b0"
X-Download-Options
noopen
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Content-Security-Policy
default-src 'self' *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net *.qualtrics.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' secure.aadcdn.microsoftonline-p.com *.msecnd.net cdn.ey.com *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net *.google.com *.recaptcha.net www.gstatic.com amp.azure.net *.auth0.com www.gstatic.cn alcdn.msauth.net *.qualtrics.com; style-src 'self' 'unsafe-inline' *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net amp.azure.net; img-src 'self' assets.ey.com data: *.blob.core.windows.net eycom.d3.sc.omtrdc.net *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net amp.azure.net *.qualtrics.com; font-src 'self' data: *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net amp.azure.net; frame-src 'self' mailto: *.microsoftonline.com *.aadcdn.microsoftonline-p.com *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net *.google.com *.recaptcha.net www.gstatic.com *.media.azure.net *.auth0.com www.gstatic.cn *.powerbi.com *.qualtrics.com; connect-src 'self' *.visualstudio.com assets.adobedtm.com eycom.tt.omtrdc.net dpm.demdex.net *.omtrdc.net smetrics.ey.com metrics.ey.com target.ey.com eycom.d3.sc.omtrdc.net *.media.azure.net *.blob.core.windows.net *.auth0.com *.ey.com login.microsoftonline.com api.powerbi.com *.qualtrics.com; frame-ancestors 'self' *.cognifidecloud.net *.microsoftonline.com *.ey.net *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net; worker-src 'self' blob:; media-src 'self' blob:
Set-Cookie
ARRAffinity=55567a1f508333a606c99c297d622c7ce1d919bb6b6e9ae2cc419c45036d5424;Path=/;HttpOnly;Secure;Domain=EUWQPATSCEWAP01.azurewebsites.net:443 ARRAffinitySameSite=55567a1f508333a606c99c297d622c7ce1d919bb6b6e9ae2cc419c45036d5424;Path=/;HttpOnly;SameSite=None;Secure;Domain=EUWQPATSCEWAP01.azurewebsites.net:443
Accept-Ranges
bytes
Expires
0
vendor.js
cdn.ey.com/MYEY/EUWQPATSCEWAP01/ 		5 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ey.com/MYEY/EUWQPATSCEWAP01/vendor.js?update=e9c4b386158c8216a8a1
Requested by
Host: sce-qa.ey.com
URL: https://sce-qa.ey.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.47.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-47-121.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
0a5588d3a9ed4d5e13e7391050efc6aff896f580f27dc301630f5efaa0db111f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sce-qa.ey.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 12 Sep 2021 04:03:13 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 Sep 2021 14:45:02 GMT
Server
AkamaiNetStorage
ETag
"63de479cdc228da1506c8b475e10efc4:1631025974.231555"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
http://admin.brightcove.com
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Requested-With
app.js
cdn.ey.com/MYEY/EUWQPATSCEWAP01/ 		2 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ey.com/MYEY/EUWQPATSCEWAP01/app.js?update=e9c4b386158c8216a8a1
Requested by
Host: sce-qa.ey.com
URL: https://sce-qa.ey.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.47.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-47-121.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
974725d671109cc2f96ff7f1ae09d9c293368882b675412a42f4b0697748f701

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sce-qa.ey.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 12 Sep 2021 04:03:13 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 Sep 2021 14:45:01 GMT
Server
AkamaiNetStorage
ETag
"a1a2bc36a8e8c21c79739d5abc5c3671:1631025972.44437"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
http://admin.brightcove.com
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Requested-With
api.js
www.recaptcha.net/recaptcha/ 		887 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/api.js?render=6LcQqfcUAAAAAHLyIGMS-8XyuzAyb3tW2gJe8wzW
Requested by
Host: sce-qa.ey.com
URL: https://sce-qa.ey.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.184.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wa-in-f94.1e100.net
Software
GSE /
Resource Hash
054ad1b623aedce0d7b6dc2b64ecb8c6198c8b081e802da9a1e3104854390192
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sce-qa.ey.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 04:03:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
590
x-xss-protection
1; mode=block
expires
Sun, 12 Sep 2021 04:03:13 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/wxAi4AKLXL2kBAvXqI4XLSWS/ 		343 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/wxAi4AKLXL2kBAvXqI4XLSWS/recaptcha__de.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?render=6LcQqfcUAAAAAHLyIGMS-8XyuzAyb3tW2gJe8wzW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.184.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wa-in-f94.1e100.net
Software
sffe /
Resource Hash
3d37b170affddaaa2a6489a82bab8df4e72c56a65b069991ea9084643d477d58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sce-qa.ey.com/
Origin
https://sce-qa.ey.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 09:01:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
414125
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
137529
x-xss-protection
0
last-modified
Mon, 30 Aug 2021 17:56:35 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Sep 2022 09:01:09 GMT
anchor
www.recaptcha.net/recaptcha/api2/ Frame 4144 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcQqfcUAAAAAHLyIGMS-8XyuzAyb3tW2gJe8wzW&co=aHR0cHM6Ly9zY2UtcWEuZXkuY29tOjQ0Mw..&hl=de&v=wxAi4AKLXL2kBAvXqI4XLSWS&size=invisible&cb=5xmdy4xmf4g8
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/wxAi4AKLXL2kBAvXqI4XLSWS/recaptcha__de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.184.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wa-in-f94.1e100.net
Software
GSE /
Resource Hash
851e221b7c2e8394e96d40511fe8f8f99fbe4f16b49e9a189208cefa23987057
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-3NAnfnwRS0+19IR/MzkZUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.recaptcha.net
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6LcQqfcUAAAAAHLyIGMS-8XyuzAyb3tW2gJe8wzW&co=aHR0cHM6Ly9zY2UtcWEuZXkuY29tOjQ0Mw..&hl=de&v=wxAi4AKLXL2kBAvXqI4XLSWS&size=invisible&cb=5xmdy4xmf4g8
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sce-qa.ey.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sce-qa.ey.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-security-policy
script-src 'report-sample' 'nonce-3NAnfnwRS0+19IR/MzkZUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
content-encoding
gzip
date
Sun, 12 Sep 2021 04:03:14 GMT
expires
Sun, 12 Sep 2021 04:03:14 GMT
cache-control
private, max-age=0
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1042
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
styles__ltr.css
www.gstatic.com/recaptcha/releases/wxAi4AKLXL2kBAvXqI4XLSWS/ Frame 4144 		52 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/wxAi4AKLXL2kBAvXqI4XLSWS/styles__ltr.css
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcQqfcUAAAAAHLyIGMS-8XyuzAyb3tW2gJe8wzW&co=aHR0cHM6Ly9zY2UtcWEuZXkuY29tOjQ0Mw..&hl=de&v=wxAi4AKLXL2kBAvXqI4XLSWS&size=invisible&cb=5xmdy4xmf4g8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.184.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wa-in-f94.1e100.net
Software
sffe /
Resource Hash
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 04:26:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
430625
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25732
x-xss-protection
0
last-modified
Mon, 30 Aug 2021 17:56:35 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Sep 2022 04:26:09 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/wxAi4AKLXL2kBAvXqI4XLSWS/ Frame 4144 		343 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/wxAi4AKLXL2kBAvXqI4XLSWS/recaptcha__de.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcQqfcUAAAAAHLyIGMS-8XyuzAyb3tW2gJe8wzW&co=aHR0cHM6Ly9zY2UtcWEuZXkuY29tOjQ0Mw..&hl=de&v=wxAi4AKLXL2kBAvXqI4XLSWS&size=invisible&cb=5xmdy4xmf4g8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.184.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wa-in-f94.1e100.net
Software
sffe /
Resource Hash
3d37b170affddaaa2a6489a82bab8df4e72c56a65b069991ea9084643d477d58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 09:01:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
414125
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
137529
x-xss-protection
0
last-modified
Mon, 30 Aug 2021 17:56:35 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Sep 2022 09:01:09 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 4144 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/wxAi4AKLXL2kBAvXqI4XLSWS/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.184.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wa-in-f94.1e100.net
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/wxAi4AKLXL2kBAvXqI4XLSWS/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 01:50:25 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
age
94369
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
expires
Sat, 18 Sep 2021 01:50:25 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4144 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcQqfcUAAAAAHLyIGMS-8XyuzAyb3tW2gJe8wzW&co=aHR0cHM6Ly9zY2UtcWEuZXkuY29tOjQ0Mw..&hl=de&v=wxAi4AKLXL2kBAvXqI4XLSWS&size=invisible&cb=5xmdy4xmf4g8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.184.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wa-in-f94.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.recaptcha.net/
Origin
https://www.recaptcha.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 08 Sep 2021 11:32:50 GMT
x-content-type-options
nosniff
age
318624
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Sep 2022 11:32:50 GMT
truncated
/ 		210 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b97cca8701d773e1c32d1721accd189cb1082df00c97af32fd7d61a59099e6a5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
84af59ae0fa68908f2919fb16c3c97fa9b220499546f23a520d95e3c7e9fed24

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c42e7c9e548b803579f8030459e13a975e97c76af17712fa5ab751cdd6f2221e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c62f12d91d5590c82b53edc8f75e094144063a18622f4e6737918bcc90ad37eb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ab5804a0fb67498793f85531f432348e569b628ff50c42becbc80ed08362065c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		98 KB
98 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b75f6908d60341497c8a43182cf49817565ad502b3a51b9fdef1c065a39eb76f

Request headers

Referer
Origin
https://sce-qa.ey.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
font/woff
truncated
/ 		101 KB
101 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60c07468898bf75d3300c50c621aa0efd162f6695a99320165f69b57e0f01d56

Request headers

Referer
Origin
https://sce-qa.ey.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
font/woff
truncated
/ 		95 KB
95 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e677afd3b9d652b61c7a2fb8fc3bb27545b386955444be646894e33fc7fd8d66

Request headers

Referer
Origin
https://sce-qa.ey.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
font/woff
20170526-EY-Digital-Brand.svg
assets.ey.com/content/dam/ey-sites/ey-com/en_gl/generic/logos/ 		16 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ey.com/content/dam/ey-sites/ey-com/en_gl/generic/logos/20170526-EY-Digital-Brand.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.158.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-158-111.muc51.r.cloudfront.net
Software
CloudFront /
Resource Hash
d1b3f87b38075568cfc73738ab609582a5cdad297ade11e12ceebe5f10bad9ca
Security Headers
Name Value
Content-Security-Policy default-src http: https: data: blob:; media-src http: https: data: blob:; img-src http: https: data: blob:; script-src http: https: data: 'unsafe-inline' 'unsafe-eval'; style-src http: https: data: 'unsafe-inline' 'unsafe-eval'; connect-src http: https: data:; worker-src http: https: data: blob:; font-src http: https: data:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sce-qa.ey.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src http: https: data: blob:; media-src http: https: data: blob:; img-src http: https: data: blob:; script-src http: https: data: 'unsafe-inline' 'unsafe-eval'; style-src http: https: data: 'unsafe-inline' 'unsafe-eval'; connect-src http: https: data:; worker-src http: https: data: blob:; font-src http: https: data:;
content-encoding
gzip
x-content-type-options
nosniff
age
4160628
x-cache
Hit from cloudfront
vary
Origin,Accept-Encoding
content-length
5963
x-xss-protection
1; mode=block
x-request-id
YP3-jjs4E5UZ0WSqC6@geQAAAxM
last-modified
Sat, 30 Nov 2019 14:49:05 GMT
server
CloudFront
x-frame-options
SAMEORIGIN
date
Mon, 26 Jul 2021 00:19:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/svg+xml
via
1.1 139113252a51f85c84cb641b4d964ba5.cloudfront.net (CloudFront)
cache-control
max-age=0, s-maxage=31536000
x-amz-cf-pop
MUC51-C1
accept-ranges
bytes
x-amz-cf-id
y5Cb_lFoAxH1qTtdKB-IuFcbiXWdBPr291v904L6pTjVwxDTgl788w==
Cookie set getOutageNotifications
sce-qa.ey.com/api/sce_client/ 		43 B
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sce-qa.ey.com/api/sce_client/getOutageNotifications
Requested by
Host: cdn.ey.com
URL: https://cdn.ey.com/MYEY/EUWQPATSCEWAP01/vendor.js?update=e9c4b386158c8216a8a1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.124.56.67 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a4436b74faab5077645d721741ad539c7f177dc936c259c4b24af479a03dd906
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net *.qualtrics.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' secure.aadcdn.microsoftonline-p.com *.msecnd.net cdn.ey.com *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net *.google.com *.recaptcha.net www.gstatic.com amp.azure.net *.auth0.com www.gstatic.cn alcdn.msauth.net *.qualtrics.com; style-src 'self' 'unsafe-inline' *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net amp.azure.net; img-src 'self' assets.ey.com data: *.blob.core.windows.net eycom.d3.sc.omtrdc.net *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net amp.azure.net *.qualtrics.com; font-src 'self' data: *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net amp.azure.net; frame-src 'self' mailto: *.microsoftonline.com *.aadcdn.microsoftonline-p.com *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net *.google.com *.recaptcha.net www.gstatic.com *.media.azure.net *.auth0.com www.gstatic.cn *.powerbi.com *.qualtrics.com; connect-src 'self' *.visualstudio.com assets.adobedtm.com eycom.tt.omtrdc.net dpm.demdex.net *.omtrdc.net smetrics.ey.com metrics.ey.com target.ey.com eycom.d3.sc.omtrdc.net *.media.azure.net *.blob.core.windows.net *.auth0.com *.ey.com login.microsoftonline.com api.powerbi.com *.qualtrics.com; frame-ancestors 'self' *.cognifidecloud.net *.microsoftonline.com *.ey.net *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net; worker-src 'self' blob:; media-src 'self' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://sce-qa.ey.com/
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
sce-qa.ey.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors
Accept
application/json, text/plain, */*
Cache-Control
no-cache
Sec-Fetch-Dest
empty
Referer
https://sce-qa.ey.com/
Connection
keep-alive
Accept
application/json, text/plain, */*
Referer
https://sce-qa.ey.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 12 Sep 2021 04:03:14 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Surrogate-Control
no-store
X-DNS-Prefetch-Control
off
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
request-context
appId=cid-v1:dc8ef892-6044-4299-a079-325fd172e97b
Pragma
no-cache
Referrer-Policy
origin
X-Frame-Options
ALLOW-FROM https://sce-qa.ey.com/
ETag
W/"2b-O0Z/2ybNDf445pv3NxgRYz/wlwk"
X-Download-Options
noopen
Vary
Accept-Encoding
Expect-CT
enforce, max-age=43200
Content-Type
application/json; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Content-Security-Policy
default-src 'self' *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net *.qualtrics.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' secure.aadcdn.microsoftonline-p.com *.msecnd.net cdn.ey.com *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net *.google.com *.recaptcha.net www.gstatic.com amp.azure.net *.auth0.com www.gstatic.cn alcdn.msauth.net *.qualtrics.com; style-src 'self' 'unsafe-inline' *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net amp.azure.net; img-src 'self' assets.ey.com data: *.blob.core.windows.net eycom.d3.sc.omtrdc.net *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net amp.azure.net *.qualtrics.com; font-src 'self' data: *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net amp.azure.net; frame-src 'self' mailto: *.microsoftonline.com *.aadcdn.microsoftonline-p.com *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net *.google.com *.recaptcha.net www.gstatic.com *.media.azure.net *.auth0.com www.gstatic.cn *.powerbi.com *.qualtrics.com; connect-src 'self' *.visualstudio.com assets.adobedtm.com eycom.tt.omtrdc.net dpm.demdex.net *.omtrdc.net smetrics.ey.com metrics.ey.com target.ey.com eycom.d3.sc.omtrdc.net *.media.azure.net *.blob.core.windows.net *.auth0.com *.ey.com login.microsoftonline.com api.powerbi.com *.qualtrics.com; frame-ancestors 'self' *.cognifidecloud.net *.microsoftonline.com *.ey.net *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net; worker-src 'self' blob:; media-src 'self' blob:
Set-Cookie
ARRAffinity=df365dd4a0b555f88629e2f0bfe4ec531b45f6bb2e3c70028a78f438a548590e;Path=/;HttpOnly;Secure;Domain=EUWQPATSCEWAP01.azurewebsites.net:443 ARRAffinitySameSite=df365dd4a0b555f88629e2f0bfe4ec531b45f6bb2e3c70028a78f438a548590e;Path=/;HttpOnly;SameSite=None;Secure;Domain=EUWQPATSCEWAP01.azurewebsites.net:443
Expires
0
Cookie set getEligibility
sce-qa.ey.com/api/sce_client/ 		70 B
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sce-qa.ey.com/api/sce_client/getEligibility
Requested by
Host: cdn.ey.com
URL: https://cdn.ey.com/MYEY/EUWQPATSCEWAP01/vendor.js?update=e9c4b386158c8216a8a1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.124.56.67 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
272e572a5a99b392b42ba9733435e721f55af29b2db2e2ed0f0d783be4b3e74d
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net *.qualtrics.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' secure.aadcdn.microsoftonline-p.com *.msecnd.net cdn.ey.com *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net *.google.com *.recaptcha.net www.gstatic.com amp.azure.net *.auth0.com www.gstatic.cn alcdn.msauth.net *.qualtrics.com; style-src 'self' 'unsafe-inline' *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net amp.azure.net; img-src 'self' assets.ey.com data: *.blob.core.windows.net eycom.d3.sc.omtrdc.net *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net amp.azure.net *.qualtrics.com; font-src 'self' data: *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net amp.azure.net; frame-src 'self' mailto: *.microsoftonline.com *.aadcdn.microsoftonline-p.com *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net *.google.com *.recaptcha.net www.gstatic.com *.media.azure.net *.auth0.com www.gstatic.cn *.powerbi.com *.qualtrics.com; connect-src 'self' *.visualstudio.com assets.adobedtm.com eycom.tt.omtrdc.net dpm.demdex.net *.omtrdc.net smetrics.ey.com metrics.ey.com target.ey.com eycom.d3.sc.omtrdc.net *.media.azure.net *.blob.core.windows.net *.auth0.com *.ey.com login.microsoftonline.com api.powerbi.com *.qualtrics.com; frame-ancestors 'self' *.cognifidecloud.net *.microsoftonline.com *.ey.net *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net; worker-src 'self' blob:; media-src 'self' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://sce-qa.ey.com/
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://sce-qa.ey.com
Accept-Encoding
gzip, deflate, br
Host
sce-qa.ey.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors
Content-Type
application/json;charset=UTF-8
Accept
application/json, text/plain, */*
Cache-Control
no-cache
Sec-Fetch-Dest
empty
Referer
https://sce-qa.ey.com/
Connection
keep-alive
Content-Length
31
Accept
application/json, text/plain, */*
Referer
https://sce-qa.ey.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Date
Sun, 12 Sep 2021 04:03:14 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Surrogate-Control
no-store
X-DNS-Prefetch-Control
off
Connection
keep-alive
Content-Length
70
X-XSS-Protection
1; mode=block
request-context
appId=cid-v1:dc8ef892-6044-4299-a079-325fd172e97b
Pragma
no-cache
Referrer-Policy
origin
X-Frame-Options
ALLOW-FROM https://sce-qa.ey.com/
ETag
W/"46-ey8td3YDurO4rXQUjsTTVUcogg0"
X-Download-Options
noopen
Vary
Origin, Accept-Encoding
Expect-CT
enforce, max-age=43200
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://sce-qa.ey.com
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate
Content-Security-Policy
default-src 'self' *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net *.qualtrics.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' secure.aadcdn.microsoftonline-p.com *.msecnd.net cdn.ey.com *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net *.google.com *.recaptcha.net www.gstatic.com amp.azure.net *.auth0.com www.gstatic.cn alcdn.msauth.net *.qualtrics.com; style-src 'self' 'unsafe-inline' *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net amp.azure.net; img-src 'self' assets.ey.com data: *.blob.core.windows.net eycom.d3.sc.omtrdc.net *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net amp.azure.net *.qualtrics.com; font-src 'self' data: *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net amp.azure.net; frame-src 'self' mailto: *.microsoftonline.com *.aadcdn.microsoftonline-p.com *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net *.google.com *.recaptcha.net www.gstatic.com *.media.azure.net *.auth0.com www.gstatic.cn *.powerbi.com *.qualtrics.com; connect-src 'self' *.visualstudio.com assets.adobedtm.com eycom.tt.omtrdc.net dpm.demdex.net *.omtrdc.net smetrics.ey.com metrics.ey.com target.ey.com eycom.d3.sc.omtrdc.net *.media.azure.net *.blob.core.windows.net *.auth0.com *.ey.com login.microsoftonline.com api.powerbi.com *.qualtrics.com; frame-ancestors 'self' *.cognifidecloud.net *.microsoftonline.com *.ey.net *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net; worker-src 'self' blob:; media-src 'self' blob:
Set-Cookie
ARRAffinity=11e8252cbd85372cfcad3f97ed321f875ce9ab2b87c03e3c837356e8e1404671;Path=/;HttpOnly;Secure;Domain=EUWQPATSCEWAP01.azurewebsites.net:443 ARRAffinitySameSite=11e8252cbd85372cfcad3f97ed321f875ce9ab2b87c03e3c837356e8e1404671;Path=/;HttpOnly;SameSite=None;Secure;Domain=EUWQPATSCEWAP01.azurewebsites.net:443
Expires
0
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2875c9f6369ea3c3b7d169376f46e393523b7366f8ac9ffa25d633593f98e8eb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect boolean| originAgentCluster object| digitaldata object| Msal function| qualtrics string| tenantReferenceId string| appName string| unplannedError string| appDisplayName string| tenantId string| clientId string| eyChecksum string| instrumentationKey string| loginHint string| cdnUrl string| eyUrl string| adobeLaunchScript string| adobeLaunchScriptFlag string| appInsightsScriptFlag string| blobUrl string| unAuthenticatedChatBotURL string| contentSharing boolean| isAuth0Enabled string| auth0Domain string| auth0ClientId boolean| isPowerBiEnabled string| powerBiTenantId string| powerBiClientId string| powerBiScope string| qualtricsSurvey string| qualtricsSurveyId string| qualtricsSurveyUrl object| auth0 object| loginRequest object| msalConfig object| msalInstance undefined| powerBiAccessToken undefined| powerBiEmbedUrl undefined| powerBiError function| authenticate function| successCallback function| failCallBack object| activeRenewals object| renewStates object| callbackMappedToRenewStates object| promiseMappedToRenewStates object| msal object| webpackJsonp object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_537350 boolean| eyload boolean| sabort

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net *.qualtrics.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' secure.aadcdn.microsoftonline-p.com *.msecnd.net cdn.ey.com *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net *.google.com *.recaptcha.net www.gstatic.com amp.azure.net *.auth0.com www.gstatic.cn alcdn.msauth.net *.qualtrics.com; style-src 'self' 'unsafe-inline' *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net amp.azure.net; img-src 'self' assets.ey.com data: *.blob.core.windows.net eycom.d3.sc.omtrdc.net *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net amp.azure.net *.qualtrics.com; font-src 'self' data: *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net amp.azure.net; frame-src 'self' mailto: *.microsoftonline.com *.aadcdn.microsoftonline-p.com *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net *.google.com *.recaptcha.net www.gstatic.com *.media.azure.net *.auth0.com www.gstatic.cn *.powerbi.com *.qualtrics.com; connect-src 'self' *.visualstudio.com assets.adobedtm.com eycom.tt.omtrdc.net dpm.demdex.net *.omtrdc.net smetrics.ey.com metrics.ey.com target.ey.com eycom.d3.sc.omtrdc.net *.media.azure.net *.blob.core.windows.net *.auth0.com *.ey.com login.microsoftonline.com api.powerbi.com *.qualtrics.com; frame-ancestors 'self' *.cognifidecloud.net *.microsoftonline.com *.ey.net *.ey.com *.omtrdc.net assets.adobedtm.com dpm.demdex.net eycom.tt.omtrdc.net eycom.d3.sc.omtrdc.net; worker-src 'self' blob:; media-src 'self' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alcdn.msauth.net
assets.ey.com
cdn.ey.com
clientportal-stg.ey.com
fonts.gstatic.com
sce-qa.ey.com
www.gstatic.com
www.recaptcha.net
13.107.246.45
13.227.158.111
199.49.17.143
2.19.47.121
51.124.56.67
64.233.184.94
054ad1b623aedce0d7b6dc2b64ecb8c6198c8b081e802da9a1e3104854390192
0a5588d3a9ed4d5e13e7391050efc6aff896f580f27dc301630f5efaa0db111f
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
272e572a5a99b392b42ba9733435e721f55af29b2db2e2ed0f0d783be4b3e74d
2875c9f6369ea3c3b7d169376f46e393523b7366f8ac9ffa25d633593f98e8eb
2e3fcb0fc8db5b8910e2e46ee19bae88d4e1565617211c19bc174d2acd928dfb
3d37b170affddaaa2a6489a82bab8df4e72c56a65b069991ea9084643d477d58
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4f8ccea9755ebbcd7b539c7b45d9816c29883da4234bc11078e8bfd3b2568ea8
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
60c07468898bf75d3300c50c621aa0efd162f6695a99320165f69b57e0f01d56
84af59ae0fa68908f2919fb16c3c97fa9b220499546f23a520d95e3c7e9fed24
851e221b7c2e8394e96d40511fe8f8f99fbe4f16b49e9a189208cefa23987057
974725d671109cc2f96ff7f1ae09d9c293368882b675412a42f4b0697748f701
a4436b74faab5077645d721741ad539c7f177dc936c259c4b24af479a03dd906
ab5804a0fb67498793f85531f432348e569b628ff50c42becbc80ed08362065c
b75f6908d60341497c8a43182cf49817565ad502b3a51b9fdef1c065a39eb76f
b868eea530ac6ede6037201479e9094491009fe4024e7252579bef8f8043f72b
b97cca8701d773e1c32d1721accd189cb1082df00c97af32fd7d61a59099e6a5
c0b80db151d2f6021e7f39b810cf01a0ed886eb1f4d386108d35c43bd87f473b
c42e7c9e548b803579f8030459e13a975e97c76af17712fa5ab751cdd6f2221e
c62f12d91d5590c82b53edc8f75e094144063a18622f4e6737918bcc90ad37eb
d1b3f87b38075568cfc73738ab609582a5cdad297ade11e12ceebe5f10bad9ca
dea1d2a71ec08f0cf2efda758a423dac686f7b1fefdda1b8b3960d2e07fec2b2
e17ae17f90ae983832f3709e67de0f7902fe1014568410534615235a158d7af0
e677afd3b9d652b61c7a2fb8fc3bb27545b386955444be646894e33fc7fd8d66