Submitted URL: https://click.comms.engie.co.uk/?qs=816679b9454f0cab763784039395a8e7754bbae4c2dd5995f12cd2baa832d45385bf8705503a9118ff9126c7cfaa...
Effective URL: https://myaccount-business.engie.co.uk/s/login/?ec=302&startURL=%2Fs%2F&j=349803&sfmc_sub=128698032&l=221_HTML&u=7301157&mid=100011818&...
Submission: On March 31 via manual from GB

Summary

This website contacted 1 IPs in 2 countries across 1 domains to perform 8 HTTP transactions. The main IP is 161.71.31.250, located in London, United Kingdom and belongs to SALESFORCE, US. The main domain is myaccount-business.engie.co.uk.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on June 12th 2019. Valid for: a year.
This is the only time myaccount-business.engie.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 13.111.154.144 22606 (EXACT-7)
8 161.71.31.250 14340 (SALESFORCE)
8 1
Apex Domain
Subdomains
Transfer
9 engie.co.uk
click.comms.engie.co.uk
myaccount-business.engie.co.uk
1015 KB
8 1
Domain Requested by
8 myaccount-business.engie.co.uk myaccount-business.engie.co.uk
1 click.comms.engie.co.uk 1 redirects
8 2

This site contains no links.

Subject Issuer Validity Valid
*.engie.co.uk
DigiCert SHA2 Secure Server CA
2019-06-12 -
2020-06-16
a year crt.sh

This page contains 1 frames:

Primary Page: https://myaccount-business.engie.co.uk/s/login/?ec=302&startURL=%2Fs%2F&j=349803&sfmc_sub=128698032&l=221_HTML&u=7301157&mid=100011818&jb=27
Frame ID: 3E841A88D3B9D8EEA7FBC29A39B8E135
Requests: 8 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://click.comms.engie.co.uk/?qs=816679b9454f0cab763784039395a8e7754bbae4c2dd5995f12cd2baa832d45385bf8705... HTTP 302
    https://myaccount-business.engie.co.uk/s/login/?ec=302&startURL=%2Fs%2F&j=349803&sfmc_sub=128698032&l=221_HTML&u=73... Page URL

Page Statistics

8
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

1
IPs

2
Countries

1015 kB
Transfer

3821 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://click.comms.engie.co.uk/?qs=816679b9454f0cab763784039395a8e7754bbae4c2dd5995f12cd2baa832d45385bf8705503a9118ff9126c7cfaa164452d296f8bc8f362eb6811ac63668eab7 HTTP 302
    https://myaccount-business.engie.co.uk/s/login/?ec=302&startURL=%2Fs%2F&j=349803&sfmc_sub=128698032&l=221_HTML&u=7301157&mid=100011818&jb=27 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set /
myaccount-business.engie.co.uk/s/login/
Redirect Chain
  • https://click.comms.engie.co.uk/?qs=816679b9454f0cab763784039395a8e7754bbae4c2dd5995f12cd2baa832d45385bf8705503a9118ff9126c7cfaa164452d296f8bc8f362eb6811ac63668eab7
  • https://myaccount-business.engie.co.uk/s/login/?ec=302&startURL=%2Fs%2F&j=349803&sfmc_sub=128698032&l=221_HTML&u=7301157&mid=100011818&jb=27
31 KB
13 KB
Document
General
Full URL
https://myaccount-business.engie.co.uk/s/login/?ec=302&startURL=%2Fs%2F&j=349803&sfmc_sub=128698032&l=221_HTML&u=7301157&mid=100011818&jb=27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.31.250 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
lo2.4.0p10n000001cdt7sao.00d0n000001okuquao.gslb.siteforce.com
Software
/
Resource Hash
b071bf9a33effb7123064175746810b7282de21f96df3717db78cf6a2b7e4919
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://service.force.com/embeddedservice/ https://cdn.worldpay.com/v1/worldpay.js https://www.google-analytics.com https://stats.g.doubleclick.net; object-src 'self' www.google.com; style-src 'self' 'unsafe-inline' https://api.worldpay.com https://www.google-analytics.com https://cs105.salesforce.com https://stats.g.doubleclick.net https://test.salesforce.com; img-src 'self' data: blob: https://um2.salesforce.com http://c.um2.content.force.com https://img.youtube.com https://i.ytimg.com https://i.vimeocdn.com https://login.salesforce.com/icons/ https://um2.salesforce.com/icons/ https://api.worldpay.com https://www.google-analytics.com https://cs105.salesforce.com https://stats.g.doubleclick.net https://test.salesforce.com; media-src 'self' blob: https://api.worldpay.com https://www.google-analytics.com https://cs105.salesforce.com https://stats.g.doubleclick.net https://test.salesforce.com; frame-ancestors 'self'; frame-src 'self' https://service.force.com/embeddedservice/ https://um2.salesforce.com https://sfdc-link-preview-staging.sfdc.sh https://sfdc-link-preview.hk.salesforce.com https://cdn.embedly.com https://www.youtube.com https://player.vimeo.com https://play.vidyard.com https://*.a.forceusercontent.com/lightningmaps/ https://api.worldpay.com https://www.google-analytics.com https://cs105.salesforce.com https://stats.g.doubleclick.net https://test.salesforce.com; font-src 'self' data: https://api.worldpay.com https://www.google-analytics.com https://cs105.salesforce.com https://stats.g.doubleclick.net https://test.salesforce.com; connect-src 'self' https://api.worldpay.com https://www.google-analytics.com https://cs105.salesforce.com https://stats.g.doubleclick.net https://test.salesforce.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
myaccount-business.engie.co.uk
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

Date
Tue, 31 Mar 2020 10:46:23 GMT
Cache-Control
no-cache,must-revalidate,max-age=0,no-store,private
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Content-Security-Policy
upgrade-insecure-requests default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://service.force.com/embeddedservice/ https://cdn.worldpay.com/v1/worldpay.js https://www.google-analytics.com https://stats.g.doubleclick.net; object-src 'self' www.google.com; style-src 'self' 'unsafe-inline' https://api.worldpay.com https://www.google-analytics.com https://cs105.salesforce.com https://stats.g.doubleclick.net https://test.salesforce.com; img-src 'self' data: blob: https://um2.salesforce.com http://c.um2.content.force.com https://img.youtube.com https://i.ytimg.com https://i.vimeocdn.com https://login.salesforce.com/icons/ https://um2.salesforce.com/icons/ https://api.worldpay.com https://www.google-analytics.com https://cs105.salesforce.com https://stats.g.doubleclick.net https://test.salesforce.com; media-src 'self' blob: https://api.worldpay.com https://www.google-analytics.com https://cs105.salesforce.com https://stats.g.doubleclick.net https://test.salesforce.com; frame-ancestors 'self'; frame-src 'self' https://service.force.com/embeddedservice/ https://um2.salesforce.com https://sfdc-link-preview-staging.sfdc.sh https://sfdc-link-preview.hk.salesforce.com https://cdn.embedly.com https://www.youtube.com https://player.vimeo.com https://play.vidyard.com https://*.a.forceusercontent.com/lightningmaps/ https://api.worldpay.com https://www.google-analytics.com https://cs105.salesforce.com https://stats.g.doubleclick.net https://test.salesforce.com; font-src 'self' data: https://api.worldpay.com https://www.google-analytics.com https://cs105.salesforce.com https://stats.g.doubleclick.net https://test.salesforce.com; connect-src 'self' https://api.worldpay.com https://www.google-analytics.com https://cs105.salesforce.com https://stats.g.doubleclick.net https://test.salesforce.com
Referrer-Policy
origin-when-cross-origin
Set-Cookie
renderCtx=%7B%22pageId%22%3A%22e6f4f197-0b41-402c-9cc2-28944e7da369%22%2C%22schema%22%3A%22Published%22%2C%22viewType%22%3A%22Published%22%2C%22brandingSetId%22%3A%2244e8ba1f-d089-4751-ae45-59466f8034db%22%2C%22audienceIds%22%3A%22%22%7D; domain=myaccount-business.engie.co.uk; path=/s; secure
X-FRAME-OPTIONS
SAMEORIGIN
Expires
Sat, 15 Feb 2020 10:46:23 GMT
Content-Type
text/html;charset=UTF-8
Last-Modified
Sat, 15 Feb 2020 10:46:23 GMT
Link
</s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AloginApp2%22%3A%22stQicdSqkVr_oPfIF6AW-w%22%7D%2C%22styleContext%22%3A%7B%22c%22%3A%22webkit%22%2C%22x%22%3A%5B%22isDesktop%22%5D%2C%22tokens%22%3A%5B%22markup%3A%2F%2Fforce%3AsldsTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AnapiliAuraTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AneutralTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AserializedTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AcommunityTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AauraDynamicTokens%22%5D%2C%22tuid%22%3A%22V6a-DVH-GQlbFJmVdxi06w%22%2C%22cuid%22%3A1517325223%7D%2C%22pathPrefix%22%3A%22%22%7D/app.css>;rel=preload;as=style;nopush,</s/sfsites/auraFW/javascript/kHqYrsGCjDhXliyGcYtIfA/aura_prod.js>;rel=preload;as=script;nopush,</s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22serializationVersion%22%3A%221-1.1.13-224.8-b%22%2C%22split%22%3A%22f%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AloginApp2%22%3A%22stQicdSqkVr_oPfIF6AW-w%22%7D%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%7D/app.js>;rel=preload;as=script;nopush
Vary
Accept-Encoding
Content-Encoding
gzip
Transfer-Encoding
chunked

Redirect headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Location
https://myaccount-business.engie.co.uk/s/login/?ec=302&startURL=%2Fs%2F&j=349803&sfmc_sub=128698032&l=221_HTML&u=7301157&mid=100011818&jb=27
Date
Tue, 31 Mar 2020 10:46:22 GMT
Connection
close
Content-Length
285
app.css
myaccount-business.engie.co.uk/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AloginApp2%22%3A%22stQ...
623 KB
87 KB
Stylesheet
General
Full URL
https://myaccount-business.engie.co.uk/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AloginApp2%22%3A%22stQicdSqkVr_oPfIF6AW-w%22%7D%2C%22styleContext%22%3A%7B%22c%22%3A%22webkit%22%2C%22x%22%3A%5B%22isDesktop%22%5D%2C%22tokens%22%3A%5B%22markup%3A%2F%2Fforce%3AsldsTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AnapiliAuraTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AneutralTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AserializedTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AcommunityTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AauraDynamicTokens%22%5D%2C%22tuid%22%3A%22V6a-DVH-GQlbFJmVdxi06w%22%2C%22cuid%22%3A1517325223%7D%2C%22pathPrefix%22%3A%22%22%7D/app.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.31.250 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
lo2.4.0p10n000001cdt7sao.00d0n000001okuquao.gslb.siteforce.com
Software
/
Resource Hash
93767141dac7748c7f96262b284f1fa084b772ae40afc7faf310b893ea71e175
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://myaccount-business.engie.co.uk/s/login/?ec=302&startURL=%2Fs%2F&j=349803&sfmc_sub=128698032&l=221_HTML&u=7301157&mid=100011818&jb=27
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Tue, 31 Mar 2020 09:27:38 GMT
Content-Encoding
gzip
Referrer-Policy
origin-when-cross-origin
Last-Modified
Mon, 30 Mar 2020 09:27:38 GMT
Age
4725
Vary
Accept-Encoding
Content-Type
text/css;charset=UTF-8
Cache-Control
max-age=3888000,public,immutable
X-Content-Type-Options
nosniff
Content-Length
88966
X-XSS-Protection
1; mode=block
Expires
Fri, 15 May 2020 09:27:38 GMT
aura_prod.js
myaccount-business.engie.co.uk/s/sfsites/auraFW/javascript/kHqYrsGCjDhXliyGcYtIfA/
651 KB
206 KB
Script
General
Full URL
https://myaccount-business.engie.co.uk/s/sfsites/auraFW/javascript/kHqYrsGCjDhXliyGcYtIfA/aura_prod.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.31.250 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
lo2.4.0p10n000001cdt7sao.00d0n000001okuquao.gslb.siteforce.com
Software
/
Resource Hash
ae912ccd1d8a11a83b73140198a813f15bb956e59e53934f5fb6faf7ba28e3b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://myaccount-business.engie.co.uk/s/login/?ec=302&startURL=%2Fs%2F&j=349803&sfmc_sub=128698032&l=221_HTML&u=7301157&mid=100011818&jb=27
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Tue, 31 Mar 2020 08:07:01 GMT
Content-Encoding
gzip
Referrer-Policy
origin-when-cross-origin
Last-Modified
Mon, 30 Mar 2020 08:07:01 GMT
Age
9562
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Cache-Control
max-age=3888000,public,immutable
X-Content-Type-Options
nosniff
Content-Length
210682
X-XSS-Protection
1; mode=block
Expires
Fri, 15 May 2020 08:07:01 GMT
app.js
myaccount-business.engie.co.uk/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22serializationVersion%22%3A%221-1.1.13-224.8-b%22%2C%22split%22%3A%22f%22%2C%22lo...
1 MB
331 KB
Script
General
Full URL
https://myaccount-business.engie.co.uk/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22serializationVersion%22%3A%221-1.1.13-224.8-b%22%2C%22split%22%3A%22f%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AloginApp2%22%3A%22stQicdSqkVr_oPfIF6AW-w%22%7D%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%7D/app.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.31.250 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
lo2.4.0p10n000001cdt7sao.00d0n000001okuquao.gslb.siteforce.com
Software
/
Resource Hash
94f9ef08b15fb857a1a09c19d0a3fd30eccbd5d592b0ac08996326697dd9db4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://myaccount-business.engie.co.uk/s/login/?ec=302&startURL=%2Fs%2F&j=349803&sfmc_sub=128698032&l=221_HTML&u=7301157&mid=100011818&jb=27
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Tue, 31 Mar 2020 09:16:36 GMT
Content-Encoding
gzip
Referrer-Policy
origin-when-cross-origin
Last-Modified
Mon, 30 Mar 2020 09:16:36 GMT
Age
5387
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Cache-Control
max-age=3888000,public,immutable
X-Content-Type-Options
nosniff
Content-Length
338445
X-XSS-Protection
1; mode=block
Expires
Fri, 15 May 2020 09:16:36 GMT
fonts.css
myaccount-business.engie.co.uk/s/sfsites/runtimedownload/
336 KB
242 KB
Stylesheet
General
Full URL
https://myaccount-business.engie.co.uk/s/sfsites/runtimedownload/fonts.css?lastMod=1551196371000&brandSet=44e8ba1f-d089-4751-ae45-59466f8034db
Requested by
Host: myaccount-business.engie.co.uk
URL: https://myaccount-business.engie.co.uk/s/login/?ec=302&startURL=%2Fs%2F&j=349803&sfmc_sub=128698032&l=221_HTML&u=7301157&mid=100011818&jb=27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.31.250 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
lo2.4.0p10n000001cdt7sao.00d0n000001okuquao.gslb.siteforce.com
Software
/
Resource Hash
f2ba5595aa6bc3a3345bef1892e000dc66c7754883bb4dff60781a9f316d7d96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://myaccount-business.engie.co.uk/s/login/?ec=302&startURL=%2Fs%2F&j=349803&sfmc_sub=128698032&l=221_HTML&u=7301157&mid=100011818&jb=27
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Tue, 31 Mar 2020 10:46:23 GMT
Content-Encoding
gzip
Referrer-Policy
origin-when-cross-origin
Last-Modified
Tue, 26 Feb 2019 15:52:51 GMT
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
Cache-Control
public,max-age=31536000
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Expires
Wed, 31 Mar 2021 10:46:23 GMT
resources.js
myaccount-business.engie.co.uk/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22fwuid%22%3A%22kHqYrsGCjDhXliyGcYtIfA%22%2C%22loaded%22%3A%7B%22APPLICATION%40mar...
4 KB
2 KB
Script
General
Full URL
https://myaccount-business.engie.co.uk/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22fwuid%22%3A%22kHqYrsGCjDhXliyGcYtIfA%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AloginApp2%22%3A%22stQicdSqkVr_oPfIF6AW-w%22%7D%2C%22apce%22%3A1%2C%22apck%22%3A%22BQj_fg02Z0bLNAuCG2jZ_Q%22%2C%22mlr%22%3A1%2C%22pathPrefix%22%3A%22%22%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%7D/resources.js?pv=1585275451000&rv=1582984865000
Requested by
Host: myaccount-business.engie.co.uk
URL: https://myaccount-business.engie.co.uk/s/login/?ec=302&startURL=%2Fs%2F&j=349803&sfmc_sub=128698032&l=221_HTML&u=7301157&mid=100011818&jb=27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.31.250 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
lo2.4.0p10n000001cdt7sao.00d0n000001okuquao.gslb.siteforce.com
Software
/
Resource Hash
94fcba144dd5a675b31665bb45156f4757b27b3b054a7790ebd83b86010055b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://myaccount-business.engie.co.uk/s/login/?ec=302&startURL=%2Fs%2F&j=349803&sfmc_sub=128698032&l=221_HTML&u=7301157&mid=100011818&jb=27
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Tue, 31 Mar 2020 10:46:23 GMT
Content-Encoding
gzip
Referrer-Policy
origin-when-cross-origin
Last-Modified
Mon, 30 Mar 2020 10:46:23 GMT
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Cache-Control
max-age=3888000,private,immutable
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Expires
Fri, 15 May 2020 10:46:23 GMT
bootstrap.js
myaccount-business.engie.co.uk/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22fwuid%22%3A%22kHqYrsGCjDhXliyGcYtIfA%22%2C%22loaded%22%3A%7B%22APPLICATION%40mar...
616 KB
119 KB
Script
General
Full URL
https://myaccount-business.engie.co.uk/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22fwuid%22%3A%22kHqYrsGCjDhXliyGcYtIfA%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AloginApp2%22%3A%22stQicdSqkVr_oPfIF6AW-w%22%7D%2C%22apce%22%3A1%2C%22apck%22%3A%22BQj_fg02Z0bLNAuCG2jZ_Q%22%2C%22mlr%22%3A1%2C%22pathPrefix%22%3A%22%22%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%7D/bootstrap.js?aura.attributes=%7B%22schema%22%3A%22Published%22%2C%22brandingSetId%22%3A%2244e8ba1f-d089-4751-ae45-59466f8034db%22%2C%22authenticated%22%3A%22false%22%2C%22ac%22%3A%22%22%2C%22formFactor%22%3A%22LARGE%22%2C%22publishedChangelistNum%22%3A%22111%22%2C%22viewType%22%3A%22Published%22%2C%22themeLayoutType%22%3A%220FpxgLrfB5joj8yZ10PobJM2Dc3CNN%22%2C%22language%22%3A%22en_US%22%2C%22isHybrid%22%3A%22false%22%2C%22pageId%22%3A%22e6f4f197-0b41-402c-9cc2-28944e7da369%22%7D
Requested by
Host: myaccount-business.engie.co.uk
URL: https://myaccount-business.engie.co.uk/s/login/?ec=302&startURL=%2Fs%2F&j=349803&sfmc_sub=128698032&l=221_HTML&u=7301157&mid=100011818&jb=27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.31.250 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
lo2.4.0p10n000001cdt7sao.00d0n000001okuquao.gslb.siteforce.com
Software
/
Resource Hash
383abcb44fb4046fdb79b3a40654261e67a2a7af91e3ab884cba8260439009e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://myaccount-business.engie.co.uk/s/login/?ec=302&startURL=%2Fs%2F&j=349803&sfmc_sub=128698032&l=221_HTML&u=7301157&mid=100011818&jb=27
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Tue, 31 Mar 2020 10:46:23 GMT
Content-Encoding
gzip
Referrer-Policy
origin-when-cross-origin
Last-Modified
Sat, 15 Feb 2020 10:46:23 GMT
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache,must-revalidate,max-age=0,no-store,private
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Expires
Sat, 15 Feb 2020 10:46:23 GMT
aura
myaccount-business.engie.co.uk/s/sfsites/
91 KB
14 KB
XHR
General
Full URL
https://myaccount-business.engie.co.uk/s/sfsites/aura?message=%7B%22actions%22%3A%5B%7B%22descriptor%22%3A%22serviceComponent%3A%2F%2Fui.comm.runtime.components.aura.components.siteforce.controller.PubliclyCacheableComponentLoaderController%2FACTION%24getPageComponent%22%2C%22callingDescriptor%22%3A%22UNKNOWN%22%2C%22params%22%3A%7B%22attributes%22%3A%7B%22viewId%22%3A%223887f19b-d41c-4630-bef8-548c34869c0d%22%2C%22routeType%22%3A%22login-home%22%2C%22themeLayoutType%22%3A%220FpxgLrfB5joj8yZ10PobJM2Dc3CNN%22%2C%22params%22%3A%7B%22ec%22%3A%22%22%2C%22startURL%22%3A%22%22%2C%22j%22%3A%22%22%2C%22sfmc_sub%22%3A%22%22%2C%22l%22%3A%22%22%2C%22u%22%3A%22%22%2C%22mid%22%3A%22%22%2C%22jb%22%3A%22%22%2C%22viewid%22%3A%2223e24799-6b1e-4987-bd6c-ca89f54de246%22%2C%22view_uddid%22%3A%22%22%2C%22entity_name%22%3A%22%22%2C%22audience_name%22%3A%22%22%2C%22picasso_id%22%3A%22%22%2C%22routeId%22%3A%22%22%7D%2C%22pageLoadType%22%3A%22STANDARD_PAGE_CONTENT%22%2C%22includeLayout%22%3Atrue%7D%2C%22publishedChangelistNum%22%3A111%2C%22brandingSetId%22%3A%2244e8ba1f-d089-4751-ae45-59466f8034db%22%7D%7D%5D%7D&aura.context=%7B%22mode%22%3A%22PROD%22%2C%22fwuid%22%3A%22kHqYrsGCjDhXliyGcYtIfA%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AloginApp2%22%3A%22stQicdSqkVr_oPfIF6AW-w%22%7D%2C%22apck%22%3A%22BQj_fg02Z0bLNAuCG2jZ_Q%22%2C%22uad%22%3Afalse%7D&aura.isAction=true
Requested by
Host: myaccount-business.engie.co.uk
URL: https://myaccount-business.engie.co.uk/s/sfsites/auraFW/javascript/kHqYrsGCjDhXliyGcYtIfA/aura_prod.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.31.250 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
lo2.4.0p10n000001cdt7sao.00d0n000001okuquao.gslb.siteforce.com
Software
/
Resource Hash
9257d5c56b08c4f26ac6b10f1b109bd77d2b3a94399d27970647984469327289
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://myaccount-business.engie.co.uk/s/login/?ec=302&startURL=%2Fs%2F&j=349803&sfmc_sub=128698032&l=221_HTML&u=7301157&mid=100011818&jb=27
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
empty

Response headers

Date
Tue, 31 Mar 2020 10:46:23 GMT
Content-Encoding
gzip
Referrer-Policy
origin-when-cross-origin
Last-Modified
Mon, 30 Mar 2020 10:46:23 GMT
Vary
Accept-Encoding
Content-Type
application/json;charset=UTF-8
Cache-Control
max-age=1800,public
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Expires
Tue, 31 Mar 2020 11:16:23 GMT

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| picassoSPA number| pageStartTime object| Aura object| AuraLocker object| AuraLockerDisabled object| $A object| aura function| DOMPurify function| Router

2 Cookies

Domain/Path Name / Value
myaccount-business.engie.co.uk/ Name: sfdc-stream
Value: !wbuw4+suSqIGtpfdfQIW+xKs14Bs6ID8nxv2MWEbxJobHKG/S2bYmzb8Yoe9TTuaeEyqARFzQNK+AsM=
.myaccount-business.engie.co.uk/s Name: renderCtx
Value: %7B%22pageId%22%3A%22e6f4f197-0b41-402c-9cc2-28944e7da369%22%2C%22schema%22%3A%22Published%22%2C%22viewType%22%3A%22Published%22%2C%22brandingSetId%22%3A%2244e8ba1f-d089-4751-ae45-59466f8034db%22%2C%22audienceIds%22%3A%22%22%7D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://service.force.com/embeddedservice/ https://cdn.worldpay.com/v1/worldpay.js https://www.google-analytics.com https://stats.g.doubleclick.net; object-src 'self' www.google.com; style-src 'self' 'unsafe-inline' https://api.worldpay.com https://www.google-analytics.com https://cs105.salesforce.com https://stats.g.doubleclick.net https://test.salesforce.com; img-src 'self' data: blob: https://um2.salesforce.com http://c.um2.content.force.com https://img.youtube.com https://i.ytimg.com https://i.vimeocdn.com https://login.salesforce.com/icons/ https://um2.salesforce.com/icons/ https://api.worldpay.com https://www.google-analytics.com https://cs105.salesforce.com https://stats.g.doubleclick.net https://test.salesforce.com; media-src 'self' blob: https://api.worldpay.com https://www.google-analytics.com https://cs105.salesforce.com https://stats.g.doubleclick.net https://test.salesforce.com; frame-ancestors 'self'; frame-src 'self' https://service.force.com/embeddedservice/ https://um2.salesforce.com https://sfdc-link-preview-staging.sfdc.sh https://sfdc-link-preview.hk.salesforce.com https://cdn.embedly.com https://www.youtube.com https://player.vimeo.com https://play.vidyard.com https://*.a.forceusercontent.com/lightningmaps/ https://api.worldpay.com https://www.google-analytics.com https://cs105.salesforce.com https://stats.g.doubleclick.net https://test.salesforce.com; font-src 'self' data: https://api.worldpay.com https://www.google-analytics.com https://cs105.salesforce.com https://stats.g.doubleclick.net https://test.salesforce.com; connect-src 'self' https://api.worldpay.com https://www.google-analytics.com https://cs105.salesforce.com https://stats.g.doubleclick.net https://test.salesforce.com
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block