Submitted URL: https://vhq-connect.vfims.com/
Effective URL: https://vhq-connect.vfims.com/VHQ.Authentication.Federation/Account/Email?wa=wsignin1.0&wtrealm=https%3a%2f%2fvhq-connect.vfim...
Submission: On February 15 via manual from QA

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 24 HTTP transactions. The main IP is 178.21.211.64, located in France and belongs to VERIFONE-EMEA, FR. The main domain is vhq-connect.vfims.com.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on June 20th 2019. Valid for: 2 years.
This is the only time vhq-connect.vfims.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 23 178.21.211.64 50845 (VERIFONE-...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
24 3
Apex Domain
Subdomains
Transfer
23 vfims.com
vhq-connect.vfims.com
356 KB
2 gstatic.com
fonts.gstatic.com
18 KB
1 googleapis.com
fonts.googleapis.com
837 B
24 3
Domain Requested by
23 vhq-connect.vfims.com 2 redirects vhq-connect.vfims.com
2 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com vhq-connect.vfims.com
24 3

This site contains links to these domains. Also see Links.

Domain
www.verifone.com
Subject Issuer Validity Valid
*.vfims.com
Sectigo RSA Organization Validation Secure Server CA
2019-06-20 -
2021-06-19
2 years crt.sh
upload.video.google.com
GTS CA 1O1
2021-01-26 -
2021-04-20
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2021-01-26 -
2021-04-20
3 months crt.sh

This page contains 1 frames:

Primary Page: https://vhq-connect.vfims.com/VHQ.Authentication.Federation/Account/Email?wa=wsignin1.0&wtrealm=https%3a%2f%2fvhq-connect.vfims.com%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%252f&wct=2021-02-15T10%3a12%3a27Z
Frame ID: D3F777DD567E6714A300D4EFD3757C01
Requests: 24 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://vhq-connect.vfims.com/ HTTP 302
    https://vhq-connect.vfims.com/VHQ.Authentication.Federation/Federation/Issue?wa=wsignin1.0&wtrealm=https%3... HTTP 302
    https://vhq-connect.vfims.com/VHQ.Authentication.Federation/Account/Email?wa=wsignin1.0&wtrealm=https%3a%2... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Overall confidence: 100%
Detected patterns
  • html /<link [^>]+(?:\/([\d.]+)\/)?animate\.(?:min\.)?css/i

Overall confidence: 100%
Detected patterns
  • script /require.*\.js/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

24
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

372 kB
Transfer

617 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://vhq-connect.vfims.com/ HTTP 302
    https://vhq-connect.vfims.com/VHQ.Authentication.Federation/Federation/Issue?wa=wsignin1.0&wtrealm=https%3a%2f%2fvhq-connect.vfims.com%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%252f&wct=2021-02-15T10%3a12%3a27Z HTTP 302
    https://vhq-connect.vfims.com/VHQ.Authentication.Federation/Account/Email?wa=wsignin1.0&wtrealm=https%3a%2f%2fvhq-connect.vfims.com%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%252f&wct=2021-02-15T10%3a12%3a27Z Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Email
vhq-connect.vfims.com/VHQ.Authentication.Federation/Account/
Redirect Chain
  • https://vhq-connect.vfims.com/
  • https://vhq-connect.vfims.com/VHQ.Authentication.Federation/Federation/Issue?wa=wsignin1.0&wtrealm=https%3a%2f%2fvhq-connect.vfims.com%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%252f&wct=2021-02-15T10%3...
  • https://vhq-connect.vfims.com/VHQ.Authentication.Federation/Account/Email?wa=wsignin1.0&wtrealm=https%3a%2f%2fvhq-connect.vfims.com%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%252f&wct=2021-02-15T10%3a12...
4 KB
3 KB
Document
General
Full URL
https://vhq-connect.vfims.com/VHQ.Authentication.Federation/Account/Email?wa=wsignin1.0&wtrealm=https%3a%2f%2fvhq-connect.vfims.com%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%252f&wct=2021-02-15T10%3a12%3a27Z
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.21.211.64 , France, ASN50845 (VERIFONE-EMEA, FR),
Reverse DNS
Software
/
Resource Hash
b16010328977db01e6558e1f8287f82a908692ff2501283a99459e0746070ab1
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://seal.verisign.com https://google-analytics.com https://maps.googleapis.com https://maps.gstatic.com; img-src 'self' https://www.jqwidgets.com/ https://www.google-analytics.com/ data: maps.gstatic.com *.googleapis.com *.ggpht; style-src 'self' https://fonts.googleapis.com/ https://www.jqwidgets.com/ 'unsafe-inline'; media-src 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://*; object-src 'self'; frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
vhq-connect.vfims.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control
no-cache, no-store
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Expires
-1
Vary
Accept-Encoding
Server
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-AspNetMvc-Version
5.2
X-Powered-By
Content-Security-Policy
default-src * 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://seal.verisign.com https://google-analytics.com https://maps.googleapis.com https://maps.gstatic.com; img-src 'self' https://www.jqwidgets.com/ https://www.google-analytics.com/ data: maps.gstatic.com *.googleapis.com *.ggpht; style-src 'self' https://fonts.googleapis.com/ https://www.jqwidgets.com/ 'unsafe-inline'; media-src 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://*; object-src 'self'; frame-ancestors 'self'
Referrer-Policy
same-origin
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
Date
Mon, 15 Feb 2021 10:12:27 GMT
Content-Length
1546

Redirect headers

Cache-Control
no-cache, no-store
Pragma
no-cache
Expires
-1
Location
../Account/Email?wa=wsignin1.0&wtrealm=https%3a%2f%2fvhq-connect.vfims.com%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%252f&wct=2021-02-15T10%3a12%3a27Z
Server
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-AspNetMvc-Version
5.2
Set-Cookie
.AspNet.ApplicationCookie=; expires=Sat, 13-Feb-2021 10:12:27 GMT; path=/; secure; HttpOnly
X-Powered-By
Content-Security-Policy
default-src * 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://seal.verisign.com https://google-analytics.com https://maps.googleapis.com https://maps.gstatic.com; img-src 'self' https://www.jqwidgets.com/ https://www.google-analytics.com/ data: maps.gstatic.com *.googleapis.com *.ggpht; style-src 'self' https://fonts.googleapis.com/ https://www.jqwidgets.com/ 'unsafe-inline'; media-src 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://*; object-src 'self'; frame-ancestors 'self'
Referrer-Policy
same-origin
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
Date
Mon, 15 Feb 2021 10:12:27 GMT
Content-Length
0
ltr.css
vhq-connect.vfims.com/VHQ.Authentication.Federation/Content/VHQ/
4 KB
2 KB
Stylesheet
General
Full URL
https://vhq-connect.vfims.com/VHQ.Authentication.Federation/Content/VHQ/ltr.css
Requested by
Host: vhq-connect.vfims.com
URL: https://vhq-connect.vfims.com/VHQ.Authentication.Federation/Account/Email?wa=wsignin1.0&wtrealm=https%3a%2f%2fvhq-connect.vfims.com%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%252f&wct=2021-02-15T10%3a12%3a27Z
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.21.211.64 , France, ASN50845 (VERIFONE-EMEA, FR),
Reverse DNS
Software
/
Resource Hash
2f99baeb6703d63f6e97e2920146916a6ce52af3b4f86107ecfe33d9b310f980
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://seal.verisign.com https://google-analytics.com https://maps.googleapis.com https://maps.gstatic.com; img-src 'self' https://www.jqwidgets.com/ https://www.google-analytics.com/ data: maps.gstatic.com *.googleapis.com *.ggpht; style-src 'self' https://fonts.googleapis.com/ https://www.jqwidgets.com/ 'unsafe-inline'; media-src 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://*; object-src 'self'; frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vhq-connect.vfims.com/VHQ.Authentication.Federation/Account/Email?wa=wsignin1.0&wtrealm=https%3a%2f%2fvhq-connect.vfims.com%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%252f&wct=2021-02-15T10%3a12%3a27Z
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy
default-src * 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://seal.verisign.com https://google-analytics.com https://maps.googleapis.com https://maps.gstatic.com; img-src 'self' https://www.jqwidgets.com/ https://www.google-analytics.com/ data: maps.gstatic.com *.googleapis.com *.ggpht; style-src 'self' https://fonts.googleapis.com/ https://www.jqwidgets.com/ 'unsafe-inline'; media-src 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://*; object-src 'self'; frame-ancestors 'self'
Content-Encoding
gzip
Referrer-Policy
same-origin
Last-Modified
Wed, 02 Dec 2020 13:22:06 GMT
Server
X-Powered-By
ETag
"3e20b621aec8d61:0"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Date
Mon, 15 Feb 2021 10:12:27 GMT
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
1419
X-XSS-Protection
1; mode=block
bootstrap.css
vhq-connect.vfims.com/VHQ.Authentication.Federation/Content/VHQ/
194 KB
41 KB
Stylesheet
General
Full URL
https://vhq-connect.vfims.com/VHQ.Authentication.Federation/Content/VHQ/bootstrap.css
Requested by
Host: vhq-connect.vfims.com
URL: https://vhq-connect.vfims.com/VHQ.Authentication.Federation/Account/Email?wa=wsignin1.0&wtrealm=https%3a%2f%2fvhq-connect.vfims.com%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%252f&wct=2021-02-15T10%3a12%3a27Z
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.21.211.64 , France, ASN50845 (VERIFONE-EMEA, FR),
Reverse DNS
Software
/
Resource Hash
d619bbc4f158e072ff18f7d6cf9f7991c34b566b8c0b8de73da8284215936f9f
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://seal.verisign.com https://google-analytics.com https://maps.googleapis.com https://maps.gstatic.com; img-src 'self' https://www.jqwidgets.com/ https://www.google-analytics.com/ data: maps.gstatic.com *.googleapis.com *.ggpht; style-src 'self' https://fonts.googleapis.com/ https://www.jqwidgets.com/ 'unsafe-inline'; media-src 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://*; object-src 'self'; frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vhq-connect.vfims.com/VHQ.Authentication.Federation/Account/Email?wa=wsignin1.0&wtrealm=https%3a%2f%2fvhq-connect.vfims.com%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%252f&wct=2021-02-15T10%3a12%3a27Z
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy
default-src * 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://seal.verisign.com https://google-analytics.com https://maps.googleapis.com https://maps.gstatic.com; img-src 'self' https://www.jqwidgets.com/ https://www.google-analytics.com/ data: maps.gstatic.com *.googleapis.com *.ggpht; style-src 'self' https://fonts.googleapis.com/ https://www.jqwidgets.com/ 'unsafe-inline'; media-src 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://*; object-src 'self'; frame-ancestors 'self'
Content-Encoding
gzip
Referrer-Policy
same-origin
Last-Modified
Wed, 02 Dec 2020 13:22:06 GMT
Server
X-Powered-By
ETag
"afe77c21aec8d61:0"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Date
Mon, 15 Feb 2021 10:12:27 GMT
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
40650
X-XSS-Protection
1; mode=block
login.css
vhq-connect.vfims.com/VHQ.Authentication.Federation/Content/VHQ/
5 KB
6 KB
Stylesheet
General
Full URL
https://vhq-connect.vfims.com/VHQ.Authentication.Federation/Content/VHQ/login.css
Requested by
Host: vhq-connect.vfims.com
URL: https://vhq-connect.vfims.com/VHQ.Authentication.Federation/Account/Email?wa=wsignin1.0&wtrealm=https%3a%2f%2fvhq-connect.vfims.com%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%252f&wct=2021-02-15T10%3a12%3a27Z
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.21.211.64 , France, ASN50845 (VERIFONE-EMEA, FR),
Reverse DNS
Software
/
Resource Hash
611008e1a2997e3777e915fd53a7dd2ac216293d980db81f870f8c90c9edac8c
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://seal.verisign.com https://google-analytics.com https://maps.googleapis.com https://maps.gstatic.com; img-src 'self' https://www.jqwidgets.com/ https://www.google-analytics.com/ data: maps.gstatic.com *.googleapis.com *.ggpht; style-src 'self' https://fonts.googleapis.com/ https://www.jqwidgets.com/ 'unsafe-inline'; media-src 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://*; object-src 'self'; frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vhq-connect.vfims.com/VHQ.Authentication.Federation/Account/Email?wa=wsignin1.0&wtrealm=https%3a%2f%2fvhq-connect.vfims.com%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%252f&wct=2021-02-15T10%3a12%3a27Z
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy
default-src * 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://seal.verisign.com https://google-analytics.com https://maps.googleapis.com https://maps.gstatic.com; img-src 'self' https://www.jqwidgets.com/ https://www.google-analytics.com/ data: maps.gstatic.com *.googleapis.com *.ggpht; style-src 'self' https://fonts.googleapis.com/ https://www.jqwidgets.com/ 'unsafe-inline'; media-src 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://*; object-src 'self'; frame-ancestors 'self'
Referrer-Policy
same-origin
Last-Modified
Wed, 02 Dec 2020 13:22:06 GMT
Server
ETag
"f696ac21aec8d61:0"
X-Powered-By
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Date
Mon, 15 Feb 2021 10:12:27 GMT
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Content-Length
5347
X-XSS-Protection
1; mode=block
style.css
vhq-connect.vfims.com/VHQ.Authentication.Federation/Content/VHQ/
26 KB
27 KB
Stylesheet
General
Full URL
https://vhq-connect.vfims.com/VHQ.Authentication.Federation/Content/VHQ/style.css
Requested by
Host: vhq-connect.vfims.com
URL: https://vhq-connect.vfims.com/VHQ.Authentication.Federation/Account/Email?wa=wsignin1.0&wtrealm=https%3a%2f%2fvhq-connect.vfims.com%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%252f&wct=2021-02-15T10%3a12%3a27Z
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.21.211.64 , France, ASN50845 (VERIFONE-EMEA, FR),
Reverse DNS
Software
/
Resource Hash
3debfdc6370f64d6485f2cefa00eb30b138352c73b62c98d4bd1c90aaed9f53a
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://seal.verisign.com https://google-analytics.com https://maps.googleapis.com https://maps.gstatic.com; img-src 'self' https://www.jqwidgets.com/ https://www.google-analytics.com/ data: maps.gstatic.com *.googleapis.com *.ggpht; style-src 'self' https://fonts.googleapis.com/ https://www.jqwidgets.com/ 'unsafe-inline'; media-src 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://*; object-src 'self'; frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vhq-connect.vfims.com/VHQ.Authentication.Federation/Account/Email?wa=wsignin1.0&wtrealm=https%3a%2f%2fvhq-connect.vfims.com%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%252f&wct=2021-02-15T10%3a12%3a27Z
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy
default-src * 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://seal.verisign.com https://google-analytics.com https://maps.googleapis.com https://maps.gstatic.com; img-src 'self' https://www.jqwidgets.com/ https://www.google-analytics.com/ data: maps.gstatic.com *.googleapis.com *.ggpht; style-src 'self' https://fonts.googleapis.com/ https://www.jqwidgets.com/ 'unsafe-inline'; media-src 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://*; object-src 'self'; frame-ancestors 'self'
Referrer-Policy
same-origin
Last-Modified
Wed, 02 Dec 2020 13:22:07 GMT
Server
ETag
"e2a9bf21aec8d61:0"
X-Powered-By
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Date
Mon, 15 Feb 2021 10:12:27 GMT
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Content-Length
26970
X-XSS-Protection
1; mode=block
animate.min.css
vhq-connect.vfims.com/VHQ.Authentication.Federation/Content/VHQ/
46 KB
8 KB
Stylesheet
General
Full URL
https://vhq-connect.vfims.com/VHQ.Authentication.Federation/Content/VHQ/animate.min.css
Requested by
Host: vhq-connect.vfims.com
URL: https://vhq-connect.vfims.com/VHQ.Authentication.Federation/Account/Email?wa=wsignin1.0&wtrealm=https%3a%2f%2fvhq-connect.vfims.com%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%252f&wct=2021-02-15T10%3a12%3a27Z
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.21.211.64 , France, ASN50845 (VERIFONE-EMEA, FR),
Reverse DNS
Software
/
Resource Hash
0d3e5c7aded50cd8c5932bbb785ad5471ced3f45b868b6fed763e49e2d0e9507
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://seal.verisign.com https://google-analytics.com https://maps.googleapis.com https://maps.gstatic.com; img-src 'self' https://www.jqwidgets.com/ https://www.google-analytics.com/ data: maps.gstatic.com *.googleapis.com *.ggpht; style-src 'self' https://fonts.googleapis.com/ https://www.jqwidgets.com/ 'unsafe-inline'; media-src 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://*; object-src 'self'; frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vhq-connect.vfims.com/VHQ.Authentication.Federation/Account/Email?wa=wsignin1.0&wtrealm=https%3a%2f%2fvhq-connect.vfims.com%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%252f&wct=2021-02-15T10%3a12%3a27Z
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy
default-src * 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://seal.verisign.com https://google-analytics.com https://maps.googleapis.com https://maps.gstatic.com; img-src 'self' https://www.jqwidgets.com/ https://www.google-analytics.com/ data: maps.gstatic.com *.googleapis.com *.ggpht; style-src 'self' https://fonts.googleapis.com/ https://www.jqwidgets.com/ 'unsafe-inline'; media-src 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://*; object-src 'self'; frame-ancestors 'self'
Content-Encoding
gzip
Referrer-Policy
same-origin
Last-Modified
Wed, 02 Dec 2020 13:22:06 GMT
Server
X-Powered-By
ETag
"6ea5d21aec8d61:0"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Date
Mon, 15 Feb 2021 10:12:27 GMT
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
7149
X-XSS-Protection
1; mode=block
font.css
vhq-connect.vfims.com/VHQ.Authentication.Federation/Content/VHQ/
10 KB
3 KB
Stylesheet
General
Full URL
https://vhq-connect.vfims.com/VHQ.Authentication.Federation/Content/VHQ/font.css
Requested by
Host: vhq-connect.vfims.com
URL: https://vhq-connect.vfims.com/VHQ.Authentication.Federation/Account/Email?wa=wsignin1.0&wtrealm=https%3a%2f%2fvhq-connect.vfims.com%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%252f&wct=2021-02-15T10%3a12%3a27Z
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.21.211.64 , France, ASN50845 (VERIFONE-EMEA, FR),
Reverse DNS
Software
/
Resource Hash
905635655fb7ad5344545ee2aa224645767d1a0a03800869aad398a5dc6dffe2
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://seal.verisign.com https://google-analytics.com https://maps.googleapis.com https://maps.gstatic.com; img-src 'self' https://www.jqwidgets.com/ https://www.google-analytics.com/ data: maps.gstatic.com *.googleapis.com *.ggpht; style-src 'self' https://fonts.googleapis.com/ https://www.jqwidgets.com/ 'unsafe-inline'; media-src 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://*; object-src 'self'; frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vhq-connect.vfims.com/VHQ.Authentication.Federation/Account/Email?wa=wsignin1.0&wtrealm=https%3a%2f%2fvhq-connect.vfims.com%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%252f&wct=2021-02-15T10%3a12%3a27Z
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy
default-src * 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://seal.verisign.com https://google-analytics.com https://maps.googleapis.com https://maps.gstatic.com; img-src 'self' https://www.jqwidgets.com/ https://www.google-analytics.com/ data: maps.gstatic.com *.googleapis.com *.ggpht; style-src 'self' https://fonts.googleapis.com/ https://www.jqwidgets.com/ 'unsafe-inline'; media-src 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://*; object-src 'self'; frame-ancestors 'self'
Content-Encoding
gzip
Referrer-Policy
same-origin
Last-Modified
Wed, 02 Dec 2020 13:22:06 GMT
Server
X-Powered-By
ETag
"71da321aec8d61:0"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Date
Mon, 15 Feb 2021 10:12:27 GMT
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
2425
X-XSS-Protection
1; mode=block
css
fonts.googleapis.com/
8 KB
837 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
Requested by
Host: vhq-connect.vfims.com
URL: https://vhq-connect.vfims.com/VHQ.Authentication.Federation/Account/Email?wa=wsignin1.0&wtrealm=https%3a%2f%2fvhq-connect.vfims.com%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%252f&wct=2021-02-15T10%3a12%3a27Z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c79f45aa72da8267dd5abcffe78bfd8fbc9add544bbccf6db01d5b6f54e1c7d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 15 Feb 2021 08:26:51 GMT
server
ESF
date
Mon, 15 Feb 2021 10:12:27 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 15 Feb 2021 10:12:27 GMT
vhq-logo-i.png
vhq-connect.vfims.com/VHQ.Authentication.Federation/Content/images/
23 KB
24 KB
Image
General
Full URL
https://vhq-connect.vfims.com/VHQ.Authentication.Federation/Content/images/vhq-logo-i.png
Requested by
Host: vhq-connect.vfims.com
URL: https://vhq-connect.vfims.com/VHQ.Authentication.Federation/Account/Email?wa=wsignin1.0&wtrealm=https%3a%2f%2fvhq-connect.vfims.com%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%252f&wct=2021-02-15T10%3a12%3a27Z
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.21.211.64 , France, ASN50845 (VERIFONE-EMEA, FR),
Reverse DNS
Software
/
Resource Hash
99c394b640af8ed09bbde7d737fe88ea5beb8757c4964f8c490e09a612573994
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://seal.verisign.com https://google-analytics.com https://maps.googleapis.com https://maps.gstatic.com; img-src 'self' https://www.jqwidgets.com/ https://www.google-analytics.com/ data: maps.gstatic.com *.googleapis.com *.ggpht; style-src 'self' https://fonts.googleapis.com/ https://www.jqwidgets.com/ 'unsafe-inline'; media-src 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://*; object-src 'self'; frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vhq-connect.vfims.com/VHQ.Authentication.Federation/Account/Email?wa=wsignin1.0&wtrealm=https%3a%2f%2fvhq-connect.vfims.com%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%252f&wct=2021-02-15T10%3a12%3a27Z
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy
default-src * 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://seal.verisign.com https://google-analytics.com https://maps.googleapis.com https://maps.gstatic.com; img-src 'self' https://www.jqwidgets.com/ https://www.google-analytics.com/ data: maps.gstatic.com *.googleapis.com *.ggpht; style-src 'self' https://fonts.googleapis.com/ https://www.jqwidgets.com/ 'unsafe-inline'; media-src 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://*; object-src 'self'; frame-ancestors 'self'
Referrer-Policy
same-origin
Last-Modified
Wed, 02 Dec 2020 13:22:06 GMT
Server
ETag
"39af4321aec8d61:0"
X-Powered-By
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Date
Mon, 15 Feb 2021 10:12:27 GMT
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Content-Length
23564
X-XSS-Protection
1; mode=block
verifone-b.png
vhq-connect.vfims.com/VHQ.Authentication.Federation/Content/images/
4 KB
5 KB
Image
General
Full URL
https://vhq-connect.vfims.com/VHQ.Authentication.Federation/Content/images/verifone-b.png
Requested by
Host: vhq-connect.vfims.com
URL: https://vhq-connect.vfims.com/VHQ.Authentication.Federation/Account/Email?wa=wsignin1.0&wtrealm=https%3a%2f%2fvhq-connect.vfims.com%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%252f&wct=2021-02-15T10%3a12%3a27Z
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.21.211.64 , France, ASN50845 (VERIFONE-EMEA, FR),
Reverse DNS
Software
/
Resource Hash
121fc6310dda935e3ee3c2087651ac1e1922da72a2532fa5170498dea8ba1265
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://seal.verisign.com https://google-analytics.com https://maps.googleapis.com https://maps.gstatic.com; img-src 'self' https://www.jqwidgets.com/ https://www.google-analytics.com/ data: maps.gstatic.com *.googleapis.com *.ggpht; style-src 'self' https://fonts.googleapis.com/ https://www.jqwidgets.com/ 'unsafe-inline'; media-src 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://*; object-src 'self'; frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vhq-connect.vfims.com/VHQ.Authentication.Federation/Account/Email?wa=wsignin1.0&wtrealm=https%3a%2f%2fvhq-connect.vfims.com%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%252f&wct=2021-02-15T10%3a12%3a27Z
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy
default-src * 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://seal.verisign.com https://google-analytics.com https://maps.googleapis.com https://maps.gstatic.com; img-src 'self' https://www.jqwidgets.com/ https://www.google-analytics.com/ data: maps.gstatic.com *.googleapis.com *.ggpht; style-src 'self' https://fonts.googleapis.com/ https://www.jqwidgets.com/ 'unsafe-inline'; media-src 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://*; object-src 'self'; frame-ancestors 'self'
Referrer-Policy
same-origin
Last-Modified
Wed, 02 Dec 2020 13:22:06 GMT
Server
ETag
"9f883c21aec8d61:0"
X-Powered-By
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Date
Mon, 15 Feb 2021 10:12:27 GMT
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Content-Length
3960
X-XSS-Protection
1; mode=block
jquery-3.5.1.min.js
vhq-connect.vfims.com/VHQ.Authentication.Federation/Scripts/VHQ/plugin/
87 KB
88 KB
Script
General
Full URL
https://vhq-connect.vfims.com/VHQ.Authentication.Federation/Scripts/VHQ/plugin/jquery-3.5.1.min.js
Requested by
Host: vhq-connect.vfims.com
URL: https://vhq-connect.vfims.com/VHQ.Authentication.Federation/Account/Email?wa=wsignin1.0&wtrealm=https%3a%2f%2fvhq-connect.vfims.com%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%252f&wct=2021-02-15T10%3a12%3a27Z
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.21.211.64 , France, ASN50845 (VERIFONE-EMEA, FR),
Reverse DNS
Software
/
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://seal.verisign.com https://google-analytics.com https://maps.googleapis.com https://maps.gstatic.com; img-src 'self' https://www.jqwidgets.com/ https://www.google-analytics.com/ data: maps.gstatic.com *.googleapis.com *.ggpht; style-src 'self' https://fonts.googleapis.com/ https://www.jqwidgets.com/ 'unsafe-inline'; media-src 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://*; object-src 'self'; frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vhq-connect.vfims.com/VHQ.Authentication.Federation/Account/Email?wa=wsignin1.0&wtrealm=https%3a%2f%2fvhq-connect.vfims.com%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%252f&wct=2021-02-15T10%3a12%3a27Z
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy
default-src * 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://seal.verisign.com https://google-analytics.com https://maps.googleapis.com https://maps.gstatic.com; img-src 'self' https://www.jqwidgets.com/ https://www.google-analytics.com/ data: maps.gstatic.com *.googleapis.com *.ggpht; style-src 'self' https://fonts.googleapis.com/ https://www.jqwidgets.com/ 'unsafe-inline'; media-src 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://*; object-src 'self'; frame-ancestors 'self'
Referrer-Policy
same-origin
Last-Modified
Wed, 02 Dec 2020 13:22:29 GMT
Server
ETag
"64ac2faec8d61:0"
X-Powered-By
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Date
Mon, 15 Feb 2021 10:12:27 GMT
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Content-Length
89476
X-XSS-Protection
1; mode=block
require.min.js
vhq-connect.vfims.com/VHQ.Authentication.Federation/Scripts/VHQ/plugin/
17 KB
9 KB
Script
General
Full URL
https://vhq-connect.vfims.com/VHQ.Authentication.Federation/Scripts/VHQ/plugin/require.min.js
Requested by
Host: vhq-connect.vfims.com
URL: https://vhq-connect.vfims.com/VHQ.Authentication.Federation/Account/Email?wa=wsignin1.0&wtrealm=https%3a%2f%2fvhq-connect.vfims.com%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%252f&wct=2021-02-15T10%3a12%3a27Z
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.21.211.64 , France, ASN50845 (VERIFONE-EMEA, FR),
Reverse DNS
Software
/
Resource Hash
4948c3fe4b57cd92118ec7b89deb99ff0eb2586a02c5f454df21c1ecfc144c81
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://seal.verisign.com https://google-analytics.com https://maps.googleapis.com https://maps.gstatic.com; img-src 'self' https://www.jqwidgets.com/ https://www.google-analytics.com/ data: maps.gstatic.com *.googleapis.com *.ggpht; style-src 'self' https://fonts.googleapis.com/ https://www.jqwidgets.com/ 'unsafe-inline'; media-src 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://*; object-src 'self'; frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vhq-connect.vfims.com/VHQ.Authentication.Federation/Account/Email?wa=wsignin1.0&wtrealm=https%3a%2f%2fvhq-connect.vfims.com%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%252f&wct=2021-02-15T10%3a12%3a27Z
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy
default-src * 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://seal.verisign.com https://google-analytics.com https://maps.googleapis.com https://maps.gstatic.com; img-src 'self' https://www.jqwidgets.com/ https://www.google-analytics.com/ data: maps.gstatic.com *.googleapis.com *.ggpht; style-src 'self' https://fonts.googleapis.com/ https://www.jqwidgets.com/ 'unsafe-inline'; media-src 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://*; object-src 'self'; frame-ancestors 'self'
Content-Encoding
gzip
Referrer-Policy
same-origin
Last-Modified
Wed, 02 Dec 2020 13:22:29 GMT
Server
X-Powered-By
ETag
"9a5a3e2faec8d61:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Date
Mon, 15 Feb 2021 10:12:27 GMT
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
8128
X-XSS-Protection
1; mode=block
i18next-1.6.3.min.js
vhq-connect.vfims.com/VHQ.Authentication.Federation/Scripts/VHQ/plugin/
36 KB
13 KB
Script
General
Full URL
https://vhq-connect.vfims.com/VHQ.Authentication.Federation/Scripts/VHQ/plugin/i18next-1.6.3.min.js
Requested by
Host: vhq-connect.vfims.com
URL: https://vhq-connect.vfims.com/VHQ.Authentication.Federation/Account/Email?wa=wsignin1.0&wtrealm=https%3a%2f%2fvhq-connect.vfims.com%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%252f&wct=2021-02-15T10%3a12%3a27Z
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.21.211.64 , France, ASN50845 (VERIFONE-EMEA, FR),
Reverse DNS
Software
/
Resource Hash
52ef3cd68d3924c637b3b314904d6255d0bf802fa2684dba14b44a071ec54eeb
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://seal.verisign.com https://google-analytics.com https://maps.googleapis.com https://maps.gstatic.com; img-src 'self' https://www.jqwidgets.com/ https://www.google-analytics.com/ data: maps.gstatic.com *.googleapis.com *.ggpht; style-src 'self' https://fonts.googleapis.com/ https://www.jqwidgets.com/ 'unsafe-inline'; media-src 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://*; object-src 'self'; frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vhq-connect.vfims.com/VHQ.Authentication.Federation/Account/Email?wa=wsignin1.0&wtrealm=https%3a%2f%2fvhq-connect.vfims.com%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%252f&wct=2021-02-15T10%3a12%3a27Z
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy
default-src * 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://seal.verisign.com https://google-analytics.com https://maps.googleapis.com https://maps.gstatic.com; img-src 'self' https://www.jqwidgets.com/ https://www.google-analytics.com/ data: maps.gstatic.com *.googleapis.com *.ggpht; style-src 'self' https://fonts.googleapis.com/ https://www.jqwidgets.com/ 'unsafe-inline'; media-src 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://*; object-src 'self'; frame-ancestors 'self'
Content-Encoding
gzip
Referrer-Policy
same-origin
Last-Modified
Wed, 02 Dec 2020 13:22:29 GMT
Server
X-Powered-By
ETag
"905e02faec8d61:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Date
Mon, 15 Feb 2021 10:12:27 GMT
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
11907
X-XSS-Protection
1; mode=block
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://vhq-connect.vfims.com
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 10 Feb 2021 22:00:39 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:28 GMT
server
sffe
age
389508
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9132
x-xss-protection
0
expires
Thu, 10 Feb 2022 22:00:39 GMT
icomoon.woff
vhq-connect.vfims.com/VHQ.Authentication.Federation/fonts/
34 KB
35 KB
Font
General
Full URL
https://vhq-connect.vfims.com/VHQ.Authentication.Federation/fonts/icomoon.woff?h15x7y
Requested by
Host: vhq-connect.vfims.com
URL: https://vhq-connect.vfims.com/VHQ.Authentication.Federation/Content/VHQ/font.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.21.211.64 , France, ASN50845 (VERIFONE-EMEA, FR),
Reverse DNS
Software
/
Resource Hash
9fcabc4db72980b9607b0077e1a8522c1ac37f6bc83cb980cc1caf62cf1937f2
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://seal.verisign.com https://google-analytics.com https://maps.googleapis.com https://maps.gstatic.com; img-src 'self' https://www.jqwidgets.com/ https://www.google-analytics.com/ data: maps.gstatic.com *.googleapis.com *.ggpht; style-src 'self' https://fonts.googleapis.com/ https://www.jqwidgets.com/ 'unsafe-inline'; media-src 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://*; object-src 'self'; frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Origin
https://vhq-connect.vfims.com
Referer
https://vhq-connect.vfims.com/VHQ.Authentication.Federation/Content/VHQ/font.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy
default-src * 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://seal.verisign.com https://google-analytics.com https://maps.googleapis.com https://maps.gstatic.com; img-src 'self' https://www.jqwidgets.com/ https://www.google-analytics.com/ data: maps.gstatic.com *.googleapis.com *.ggpht; style-src 'self' https://fonts.googleapis.com/ https://www.jqwidgets.com/ 'unsafe-inline'; media-src 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://*; object-src 'self'; frame-ancestors 'self'
Referrer-Policy
same-origin
Last-Modified
Wed, 02 Dec 2020 13:22:10 GMT
Server
ETag
"76f2ef23aec8d61:0"
X-Powered-By
X-Frame-Options
SAMEORIGIN
Content-Type
font/x-woff
Date
Mon, 15 Feb 2021 10:12:27 GMT
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Content-Length
34956
X-XSS-Protection
1; mode=block
emailMain.js
vhq-connect.vfims.com/VHQ.Authentication.Federation/Scripts/VHQ/
412 B
1 KB
Script
General
Full URL
https://vhq-connect.vfims.com/VHQ.Authentication.Federation/Scripts/VHQ/emailMain.js
Requested by
Host: vhq-connect.vfims.com
URL: https://vhq-connect.vfims.com/VHQ.Authentication.Federation/Scripts/VHQ/plugin/require.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.21.211.64 , France, ASN50845 (VERIFONE-EMEA, FR),
Reverse DNS
Software
/
Resource Hash
c4ca2295636fb13235e79f91bb13b6c20e9dc4c8fa55d52614b1d95fda9743cf
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://seal.verisign.com https://google-analytics.com https://maps.googleapis.com https://maps.gstatic.com; img-src 'self' https://www.jqwidgets.com/ https://www.google-analytics.com/ data: maps.gstatic.com *.googleapis.com *.ggpht; style-src 'self' https://fonts.googleapis.com/ https://www.jqwidgets.com/ 'unsafe-inline'; media-src 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://*; object-src 'self'; frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vhq-connect.vfims.com/VHQ.Authentication.Federation/Account/Email?wa=wsignin1.0&wtrealm=https%3a%2f%2fvhq-connect.vfims.com%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%252f&wct=2021-02-15T10%3a12%3a27Z
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy
default-src * 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://seal.verisign.com https://google-analytics.com https://maps.googleapis.com https://maps.gstatic.com; img-src 'self' https://www.jqwidgets.com/ https://www.google-analytics.com/ data: maps.gstatic.com *.googleapis.com *.ggpht; style-src 'self' https://fonts.googleapis.com/ https://www.jqwidgets.com/ 'unsafe-inline'; media-src 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://*; object-src 'self'; frame-ancestors 'self'
Content-Encoding
gzip
Referrer-Policy
same-origin
Last-Modified
Wed, 02 Dec 2020 13:22:28 GMT
Server
X-Powered-By
ETag
"c33c7d2eaec8d61:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Date
Mon, 15 Feb 2021 10:12:27 GMT
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
358
X-XSS-Protection
1; mode=block
email.js
vhq-connect.vfims.com/VHQ.Authentication.Federation/Scripts/VHQ/controller/
9 KB
4 KB
Script
General
Full URL
https://vhq-connect.vfims.com/VHQ.Authentication.Federation/Scripts/VHQ/controller/email.js
Requested by
Host: vhq-connect.vfims.com
URL: https://vhq-connect.vfims.com/VHQ.Authentication.Federation/Scripts/VHQ/plugin/require.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.21.211.64 , France, ASN50845 (VERIFONE-EMEA, FR),
Reverse DNS
Software
/
Resource Hash
338e66c68e7ba6b4d8ff3ef90d8230b7b166c106490ac2396107d44c1dc1e11b
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://seal.verisign.com https://google-analytics.com https://maps.googleapis.com https://maps.gstatic.com; img-src 'self' https://www.jqwidgets.com/ https://www.google-analytics.com/ data: maps.gstatic.com *.googleapis.com *.ggpht; style-src 'self' https://fonts.googleapis.com/ https://www.jqwidgets.com/ 'unsafe-inline'; media-src 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://*; object-src 'self'; frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vhq-connect.vfims.com/VHQ.Authentication.Federation/Account/Email?wa=wsignin1.0&wtrealm=https%3a%2f%2fvhq-connect.vfims.com%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%252f&wct=2021-02-15T10%3a12%3a27Z
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy
default-src * 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://seal.verisign.com https://google-analytics.com https://maps.googleapis.com https://maps.gstatic.com; img-src 'self' https://www.jqwidgets.com/ https://www.google-analytics.com/ data: maps.gstatic.com *.googleapis.com *.ggpht; style-src 'self' https://fonts.googleapis.com/ https://www.jqwidgets.com/ 'unsafe-inline'; media-src 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://*; object-src 'self'; frame-ancestors 'self'
Content-Encoding
gzip
Referrer-Policy
same-origin
Last-Modified
Wed, 02 Dec 2020 13:22:28 GMT
Server
X-Powered-By
ETag
"d214952eaec8d61:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Date
Mon, 15 Feb 2021 10:12:27 GMT
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
2942
X-XSS-Protection
1; mode=block
knockout-3.5.1.min.js
vhq-connect.vfims.com/VHQ.Authentication.Federation/Scripts/VHQ/plugin/
67 KB
68 KB
Script
General
Full URL
https://vhq-connect.vfims.com/VHQ.Authentication.Federation/Scripts/VHQ/plugin/knockout-3.5.1.min.js
Requested by
Host: vhq-connect.vfims.com
URL: https://vhq-connect.vfims.com/VHQ.Authentication.Federation/Scripts/VHQ/plugin/require.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.21.211.64 , France, ASN50845 (VERIFONE-EMEA, FR),
Reverse DNS
Software
/
Resource Hash
e8957bb182a5047b07bea0a49fd22b11614b1ab9ac5b8286fcb2259f48658e73
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://seal.verisign.com https://google-analytics.com https://maps.googleapis.com https://maps.gstatic.com; img-src 'self' https://www.jqwidgets.com/ https://www.google-analytics.com/ data: maps.gstatic.com *.googleapis.com *.ggpht; style-src 'self' https://fonts.googleapis.com/ https://www.jqwidgets.com/ 'unsafe-inline'; media-src 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://*; object-src 'self'; frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vhq-connect.vfims.com/VHQ.Authentication.Federation/Account/Email?wa=wsignin1.0&wtrealm=https%3a%2f%2fvhq-connect.vfims.com%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%252f&wct=2021-02-15T10%3a12%3a27Z
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy
default-src * 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://seal.verisign.com https://google-analytics.com https://maps.googleapis.com https://maps.gstatic.com; img-src 'self' https://www.jqwidgets.com/ https://www.google-analytics.com/ data: maps.gstatic.com *.googleapis.com *.ggpht; style-src 'self' https://fonts.googleapis.com/ https://www.jqwidgets.com/ 'unsafe-inline'; media-src 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://*; object-src 'self'; frame-ancestors 'self'
Referrer-Policy
same-origin
Last-Modified
Wed, 02 Dec 2020 13:22:29 GMT
Server
ETag
"c3be212faec8d61:0"
X-Powered-By
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Date
Mon, 15 Feb 2021 10:12:27 GMT
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Content-Length
68249
X-XSS-Protection
1; mode=block
knockout.validation.js
vhq-connect.vfims.com/VHQ.Authentication.Federation/Scripts/VHQ/plugin/
17 KB
8 KB
Script
General
Full URL
https://vhq-connect.vfims.com/VHQ.Authentication.Federation/Scripts/VHQ/plugin/knockout.validation.js
Requested by
Host: vhq-connect.vfims.com
URL: https://vhq-connect.vfims.com/VHQ.Authentication.Federation/Scripts/VHQ/plugin/require.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.21.211.64 , France, ASN50845 (VERIFONE-EMEA, FR),
Reverse DNS
Software
/
Resource Hash
8340f3999c5929285a9beda14a906e9f20dbfc06547f6b41276c8b5c712dc9fe
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://seal.verisign.com https://google-analytics.com https://maps.googleapis.com https://maps.gstatic.com; img-src 'self' https://www.jqwidgets.com/ https://www.google-analytics.com/ data: maps.gstatic.com *.googleapis.com *.ggpht; style-src 'self' https://fonts.googleapis.com/ https://www.jqwidgets.com/ 'unsafe-inline'; media-src 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://*; object-src 'self'; frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vhq-connect.vfims.com/VHQ.Authentication.Federation/Account/Email?wa=wsignin1.0&wtrealm=https%3a%2f%2fvhq-connect.vfims.com%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%252f&wct=2021-02-15T10%3a12%3a27Z
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy
default-src * 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://seal.verisign.com https://google-analytics.com https://maps.googleapis.com https://maps.gstatic.com; img-src 'self' https://www.jqwidgets.com/ https://www.google-analytics.com/ data: maps.gstatic.com *.googleapis.com *.ggpht; style-src 'self' https://fonts.googleapis.com/ https://www.jqwidgets.com/ 'unsafe-inline'; media-src 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://*; object-src 'self'; frame-ancestors 'self'
Content-Encoding
gzip
Referrer-Policy
same-origin
Last-Modified
Wed, 02 Dec 2020 13:22:29 GMT
Server
X-Powered-By
ETag
"a983262faec8d61:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Date
Mon, 15 Feb 2021 10:12:27 GMT
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
6984
X-XSS-Protection
1; mode=block
jQuery.base64.js
vhq-connect.vfims.com/VHQ.Authentication.Federation/Scripts/VHQ/plugin/
5 KB
6 KB
Script
General
Full URL
https://vhq-connect.vfims.com/VHQ.Authentication.Federation/Scripts/VHQ/plugin/jQuery.base64.js
Requested by
Host: vhq-connect.vfims.com
URL: https://vhq-connect.vfims.com/VHQ.Authentication.Federation/Scripts/VHQ/plugin/require.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.21.211.64 , France, ASN50845 (VERIFONE-EMEA, FR),
Reverse DNS
Software
/
Resource Hash
7bbe17e1774d80b89a00802974fac1536ea35b1eb886da3d02b9db9a9720df31
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://seal.verisign.com https://google-analytics.com https://maps.googleapis.com https://maps.gstatic.com; img-src 'self' https://www.jqwidgets.com/ https://www.google-analytics.com/ data: maps.gstatic.com *.googleapis.com *.ggpht; style-src 'self' https://fonts.googleapis.com/ https://www.jqwidgets.com/ 'unsafe-inline'; media-src 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://*; object-src 'self'; frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vhq-connect.vfims.com/VHQ.Authentication.Federation/Account/Email?wa=wsignin1.0&wtrealm=https%3a%2f%2fvhq-connect.vfims.com%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%252f&wct=2021-02-15T10%3a12%3a27Z
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy
default-src * 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://seal.verisign.com https://google-analytics.com https://maps.googleapis.com https://maps.gstatic.com; img-src 'self' https://www.jqwidgets.com/ https://www.google-analytics.com/ data: maps.gstatic.com *.googleapis.com *.ggpht; style-src 'self' https://fonts.googleapis.com/ https://www.jqwidgets.com/ 'unsafe-inline'; media-src 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://*; object-src 'self'; frame-ancestors 'self'
Referrer-Policy
same-origin
Last-Modified
Wed, 02 Dec 2020 13:22:29 GMT
Server
ETag
"ec70132faec8d61:0"
X-Powered-By
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Date
Mon, 15 Feb 2021 10:12:27 GMT
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Content-Length
5298
X-XSS-Protection
1; mode=block
resource-en.json
vhq-connect.vfims.com/VHQ.Authentication.Federation/Scripts/VHQ/locale/i18n/
336 B
1 KB
XHR
General
Full URL
https://vhq-connect.vfims.com/VHQ.Authentication.Federation/Scripts/VHQ/locale/i18n/resource-en.json
Requested by
Host: vhq-connect.vfims.com
URL: https://vhq-connect.vfims.com/VHQ.Authentication.Federation/Scripts/VHQ/plugin/jquery-3.5.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.21.211.64 , France, ASN50845 (VERIFONE-EMEA, FR),
Reverse DNS
Software
/
Resource Hash
79e695bf29092c4f55c60745932ee586cec43080cd8880e7c77f4247c0c74c21
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://seal.verisign.com https://google-analytics.com https://maps.googleapis.com https://maps.gstatic.com; img-src 'self' https://www.jqwidgets.com/ https://www.google-analytics.com/ data: maps.gstatic.com *.googleapis.com *.ggpht; style-src 'self' https://fonts.googleapis.com/ https://www.jqwidgets.com/ 'unsafe-inline'; media-src 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://*; object-src 'self'; frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://vhq-connect.vfims.com/VHQ.Authentication.Federation/Account/Email?wa=wsignin1.0&wtrealm=https%3a%2f%2fvhq-connect.vfims.com%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%252f&wct=2021-02-15T10%3a12%3a27Z
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy
default-src * 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://seal.verisign.com https://google-analytics.com https://maps.googleapis.com https://maps.gstatic.com; img-src 'self' https://www.jqwidgets.com/ https://www.google-analytics.com/ data: maps.gstatic.com *.googleapis.com *.ggpht; style-src 'self' https://fonts.googleapis.com/ https://www.jqwidgets.com/ 'unsafe-inline'; media-src 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://*; object-src 'self'; frame-ancestors 'self'
Referrer-Policy
same-origin
Last-Modified
Wed, 02 Dec 2020 13:22:28 GMT
Server
ETag
"4388c92eaec8d61:0"
X-Powered-By
X-Frame-Options
SAMEORIGIN
Content-Type
application/json
Date
Mon, 15 Feb 2021 10:12:27 GMT
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Content-Length
336
X-XSS-Protection
1; mode=block
resource-dev.json
vhq-connect.vfims.com/VHQ.Authentication.Federation/Scripts/VHQ/locale/i18n/
4 B
918 B
XHR
General
Full URL
https://vhq-connect.vfims.com/VHQ.Authentication.Federation/Scripts/VHQ/locale/i18n/resource-dev.json
Requested by
Host: vhq-connect.vfims.com
URL: https://vhq-connect.vfims.com/VHQ.Authentication.Federation/Scripts/VHQ/plugin/jquery-3.5.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.21.211.64 , France, ASN50845 (VERIFONE-EMEA, FR),
Reverse DNS
Software
/
Resource Hash
d914176fd50bd7f565700006a31aa97b79d3ad17cee20c8e5ff2061d5cb74817
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://seal.verisign.com https://google-analytics.com https://maps.googleapis.com https://maps.gstatic.com; img-src 'self' https://www.jqwidgets.com/ https://www.google-analytics.com/ data: maps.gstatic.com *.googleapis.com *.ggpht; style-src 'self' https://fonts.googleapis.com/ https://www.jqwidgets.com/ 'unsafe-inline'; media-src 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://*; object-src 'self'; frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://vhq-connect.vfims.com/VHQ.Authentication.Federation/Account/Email?wa=wsignin1.0&wtrealm=https%3a%2f%2fvhq-connect.vfims.com%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%252f&wct=2021-02-15T10%3a12%3a27Z
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy
default-src * 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://seal.verisign.com https://google-analytics.com https://maps.googleapis.com https://maps.gstatic.com; img-src 'self' https://www.jqwidgets.com/ https://www.google-analytics.com/ data: maps.gstatic.com *.googleapis.com *.ggpht; style-src 'self' https://fonts.googleapis.com/ https://www.jqwidgets.com/ 'unsafe-inline'; media-src 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://*; object-src 'self'; frame-ancestors 'self'
Referrer-Policy
same-origin
Last-Modified
Wed, 02 Dec 2020 13:22:28 GMT
Server
ETag
"dd9bbd2eaec8d61:0"
X-Powered-By
X-Frame-Options
SAMEORIGIN
Content-Type
application/json
Date
Mon, 15 Feb 2021 10:12:27 GMT
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Content-Length
4
X-XSS-Protection
1; mode=block
GetWSO2Url
vhq-connect.vfims.com/VHQ.Authentication.Federation/Account/
378 B
1 KB
XHR
General
Full URL
https://vhq-connect.vfims.com/VHQ.Authentication.Federation/Account/GetWSO2Url?_=1613383947914
Requested by
Host: vhq-connect.vfims.com
URL: https://vhq-connect.vfims.com/VHQ.Authentication.Federation/Scripts/VHQ/plugin/jquery-3.5.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.21.211.64 , France, ASN50845 (VERIFONE-EMEA, FR),
Reverse DNS
Software
/
Resource Hash
52bf0cfde2b800c0f0a35ade2c8d37d2f84882cbcf263ede7b5f8fa724ceba95
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://seal.verisign.com https://google-analytics.com https://maps.googleapis.com https://maps.gstatic.com; img-src 'self' https://www.jqwidgets.com/ https://www.google-analytics.com/ data: maps.gstatic.com *.googleapis.com *.ggpht; style-src 'self' https://fonts.googleapis.com/ https://www.jqwidgets.com/ 'unsafe-inline'; media-src 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://*; object-src 'self'; frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://vhq-connect.vfims.com/VHQ.Authentication.Federation/Account/Email?wa=wsignin1.0&wtrealm=https%3a%2f%2fvhq-connect.vfims.com%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%252f&wct=2021-02-15T10%3a12%3a27Z
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Powered-By
ADRUM_1
n:verifone-prod_a52fa1da-765d-4689-a919-31fab4aee7e5
ADRUM_2
i:705142
Cache-Control
no-cache, no-store
Content-Length
378
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
same-origin
X-AspNetMvc-Version
5.2
Server
ADRUM_0
g:73a892ec-38d5-48ac-ab82-e9974866fc05
Date
Mon, 15 Feb 2021 10:12:27 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/json; charset=utf-8
ADRUM_3
e:0
Content-Security-Policy
default-src * 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://seal.verisign.com https://google-analytics.com https://maps.googleapis.com https://maps.gstatic.com; img-src 'self' https://www.jqwidgets.com/ https://www.google-analytics.com/ data: maps.gstatic.com *.googleapis.com *.ggpht; style-src 'self' https://fonts.googleapis.com/ https://www.jqwidgets.com/ 'unsafe-inline'; media-src 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://*; object-src 'self'; frame-ancestors 'self'
Expires
-1
mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://vhq-connect.vfims.com
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Feb 2021 12:56:45 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:49 GMT
server
sffe
age
335743
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9180
x-xss-protection
0
expires
Fri, 11 Feb 2022 12:56:45 GMT

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| requirejs function| require function| define object| i18n function| loadJS function| getSysLang function| CheckCustomerNameIsValid function| InputValidation function| validateEmail function| GetDomainIdPConfiguration string| language

0 Cookies

3 Console Messages

Source Level URL
Text
console-api log URL: https://vhq-connect.vfims.com/VHQ.Authentication.Federation/Scripts/VHQ/plugin/i18next-1.6.3.min.js(Line 5)
Message:
currentLng set to: en
console-api log URL: https://vhq-connect.vfims.com/VHQ.Authentication.Federation/Scripts/VHQ/plugin/i18next-1.6.3.min.js(Line 5)
Message:
loaded: ~/../../Scripts/VHQ/locale/i18n/resource-en.json
console-api log URL: https://vhq-connect.vfims.com/VHQ.Authentication.Federation/Scripts/VHQ/plugin/i18next-1.6.3.min.js(Line 5)
Message:
loaded: ~/../../Scripts/VHQ/locale/i18n/resource-dev.json

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://seal.verisign.com https://google-analytics.com https://maps.googleapis.com https://maps.gstatic.com; img-src 'self' https://www.jqwidgets.com/ https://www.google-analytics.com/ data: maps.gstatic.com *.googleapis.com *.ggpht; style-src 'self' https://fonts.googleapis.com/ https://www.jqwidgets.com/ 'unsafe-inline'; media-src 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://*; object-src 'self'; frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
vhq-connect.vfims.com
178.21.211.64
2a00:1450:4001:80e::200a
2a00:1450:4001:811::2003
0d3e5c7aded50cd8c5932bbb785ad5471ced3f45b868b6fed763e49e2d0e9507
121fc6310dda935e3ee3c2087651ac1e1922da72a2532fa5170498dea8ba1265
2f99baeb6703d63f6e97e2920146916a6ce52af3b4f86107ecfe33d9b310f980
338e66c68e7ba6b4d8ff3ef90d8230b7b166c106490ac2396107d44c1dc1e11b
3debfdc6370f64d6485f2cefa00eb30b138352c73b62c98d4bd1c90aaed9f53a
4948c3fe4b57cd92118ec7b89deb99ff0eb2586a02c5f454df21c1ecfc144c81
52bf0cfde2b800c0f0a35ade2c8d37d2f84882cbcf263ede7b5f8fa724ceba95
52ef3cd68d3924c637b3b314904d6255d0bf802fa2684dba14b44a071ec54eeb
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
611008e1a2997e3777e915fd53a7dd2ac216293d980db81f870f8c90c9edac8c
79e695bf29092c4f55c60745932ee586cec43080cd8880e7c77f4247c0c74c21
7bbe17e1774d80b89a00802974fac1536ea35b1eb886da3d02b9db9a9720df31
8340f3999c5929285a9beda14a906e9f20dbfc06547f6b41276c8b5c712dc9fe
905635655fb7ad5344545ee2aa224645767d1a0a03800869aad398a5dc6dffe2
99c394b640af8ed09bbde7d737fe88ea5beb8757c4964f8c490e09a612573994
9fcabc4db72980b9607b0077e1a8522c1ac37f6bc83cb980cc1caf62cf1937f2
b16010328977db01e6558e1f8287f82a908692ff2501283a99459e0746070ab1
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
c4ca2295636fb13235e79f91bb13b6c20e9dc4c8fa55d52614b1d95fda9743cf
c79f45aa72da8267dd5abcffe78bfd8fbc9add544bbccf6db01d5b6f54e1c7d8
d619bbc4f158e072ff18f7d6cf9f7991c34b566b8c0b8de73da8284215936f9f
d914176fd50bd7f565700006a31aa97b79d3ad17cee20c8e5ff2061d5cb74817
e8957bb182a5047b07bea0a49fd22b11614b1ab9ac5b8286fcb2259f48658e73
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d