Submitted URL: https://842204.app.netsuite.com/
Effective URL: https://842204.app.netsuite.com/pages/customerlogin.jsp?c=842204&whence=
Submission: On May 14 via api from US — Scanned from DE

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 16 HTTP transactions. The main IP is 23.192.152.152, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is 842204.app.netsuite.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on March 10th 2024. Valid for: a year.
This is the only time 842204.app.netsuite.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 18 23.192.152.152 16625 (AKAMAI-AS)
16 1
Apex Domain
Subdomains
Transfer
18 netsuite.com
842204.app.netsuite.com
389 KB
16 1
Domain Requested by
18 842204.app.netsuite.com 2 redirects 842204.app.netsuite.com
16 1

This site contains links to these domains. Also see Links.

Domain
www.netsuite.com
www.oracle.com
www.suiteapp.com
status.netsuite.com
Subject Issuer Validity Valid
*.app.netsuite.com
DigiCert TLS RSA SHA256 2020 CA1
2024-03-10 -
2025-03-12
a year crt.sh

This page contains 1 frames:

Primary Page: https://842204.app.netsuite.com/pages/customerlogin.jsp?c=842204&whence=
Frame ID: DF6DEE93B541EAC7C1DED96351DD9BE1
Requests: 16 HTTP requests in this frame

Screenshot

Page Title

NetSuite - Customer Login

Page URL History Show full URLs

  1. https://842204.app.netsuite.com/ HTTP 301
    https://842204.app.netsuite.com/app/login/secure/loginrouter.nl?firstlogin=T HTTP 302
    https://842204.app.netsuite.com/pages/customerlogin.jsp?c=842204&whence= Page URL

Detected technologies

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

16
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

387 kB
Transfer

618 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://842204.app.netsuite.com/ HTTP 301
    https://842204.app.netsuite.com/app/login/secure/loginrouter.nl?firstlogin=T HTTP 302
    https://842204.app.netsuite.com/pages/customerlogin.jsp?c=842204&whence= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request customerlogin.jsp
842204.app.netsuite.com/pages/
Redirect Chain
  • https://842204.app.netsuite.com/
  • https://842204.app.netsuite.com/app/login/secure/loginrouter.nl?firstlogin=T
  • https://842204.app.netsuite.com/pages/customerlogin.jsp?c=842204&whence=
8 KB
4 KB
Document
General
Full URL
https://842204.app.netsuite.com/pages/customerlogin.jsp?c=842204&whence=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.192.152.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-152-152.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
028f8db001bda8edf2a3976fd485b0bd5d083d468b83fc2c1722bdf4fdaa801f
Security Headers
Name Value
Content-Security-Policy default-src https://842204.app.netsuite.com/zTKEEkAl9HDonrL0zt7cRnNh/O17QbXJ41LYEaN/M01OIG1RMA/XiE2UkV/VGSw 'nonce-c309553217d4cb22bc393e401cc160fe' 'none'; base-uri 'none'; font-src 'self' data:; frame-ancestors 'self'; img-src 'self'; manifest-src 'self'; script-src 'nonce-c309553217d4cb22bc393e401cc160fe' 'self' 'report-sample'; style-src 'self'; worker-src 'self' suitephone:; upgrade-insecure-requests; report-uri /app/security/csp/cspaudit.nl;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

akamai-grn
0.76011002.1715659027.376fa094
cache-control
No-Cache,no-store
content-encoding
gzip
content-length
2471
content-security-policy
default-src https://842204.app.netsuite.com/zTKEEkAl9HDonrL0zt7cRnNh/O17QbXJ41LYEaN/M01OIG1RMA/XiE2UkV/VGSw 'nonce-c309553217d4cb22bc393e401cc160fe' 'none'; base-uri 'none'; font-src 'self' data:; frame-ancestors 'self'; img-src 'self'; manifest-src 'self'; script-src 'nonce-c309553217d4cb22bc393e401cc160fe' 'self' 'report-sample'; style-src 'self'; worker-src 'self' suitephone:; upgrade-insecure-requests; report-uri /app/security/csp/cspaudit.nl;
content-security-policy-report-only
frame-ancestors 'self'; report-uri /app/security/csp/cspaudit.nl
content-type
text/html;charset=utf-8
date
Tue, 14 May 2024 03:57:07 GMT
expires
0
ns_rtimer_composite
2088321525:616363743132362E70726F642D7068782D6E6131392E636F72652E6E732E696E7465726E616C:80
pragma
No-Cache
strict-transport-security
max-age=31536000
vary
User-Agent Accept-Encoding
x-akamai-transformed
9 2379 0 pmb=mTOE,1
x-cache
TCP_MISS from a2-16-1-118.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-n-operationid
9cd7d43c-77f5-4467-9847-07ef8ad6f89f
x-request-id
2395a1de9e728644bbd4ada4aea1f262
x-xss-protection
1; mode=block

Redirect headers

akamai-grn
0.76011002.1715659027.376f9f95
content-length
280
content-security-policy-report-only
frame-ancestors 'self'; report-uri /app/security/csp/cspaudit.nl
content-type
text/html;charset=utf-8
date
Tue, 14 May 2024 03:57:07 GMT
location
/pages/customerlogin.jsp?c=842204&whence=
ns_rtimer_composite
1437994880:616363743132362E70726F642D7068782D6E6131392E636F72652E6E732E696E7465726E616C:80
strict-transport-security
max-age=31536000
vary
User-Agent
x-cache
TCP_MISS from a2-16-1-118.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
x-n-operationid
96f6898c-7592-4e15-8307-4e53b0ff2d6b
x-request-id
9c78218c2f99216c3d820eeab5b67dd3
2748716420.css
842204.app.netsuite.com/assets/loginpage_commonlook/
40 KB
5 KB
Stylesheet
General
Full URL
https://842204.app.netsuite.com/assets/loginpage_commonlook/2748716420.css?NS_VER=2024.1&minver=14
Requested by
Host: 842204.app.netsuite.com
URL: https://842204.app.netsuite.com/pages/customerlogin.jsp?c=842204&whence=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.192.152.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-152-152.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
028be20a22b91e716c6c483da71c84af7b1cda50a443ecb87d7dc69f2ebca035
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://842204.app.netsuite.com/pages/customerlogin.jsp?c=842204&whence=
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
date
Tue, 14 May 2024 03:57:07 GMT
last-modified
Mon, 13 May 2024 17:35:20 GMT
server
Akamai Resource Optimizer
akamai-grn
0.5d657468.1715621719.116f6f2e, 0.76011002.1715659027.376fa12f
content-security-policy-report-only
frame-ancestors 'self'; report-uri /app/security/csp/cspaudit.nl
x-cache
TCP_MISS from a2-16-1-118.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
content-type
text/css
ns_rtimer_composite
1532403688:616363743134352E70726F642D7068782D6E6131392E636F72652E6E732E696E7465726E616C:80
cache-control
max-age=2592000
accept-ranges
bytes
content-length
4328
x-n-operationid
a3a1df32-e9e5-43be-8e18-def858986f01
x-request-id
d30c69b8b71d1028abeffe74fd9dfc46
jquery-3.5.1.min.js
842204.app.netsuite.com/ui/jquery/
87 KB
31 KB
Script
General
Full URL
https://842204.app.netsuite.com/ui/jquery/jquery-3.5.1.min.js?NS_VER=2024.1&minver=14
Requested by
Host: 842204.app.netsuite.com
URL: https://842204.app.netsuite.com/pages/customerlogin.jsp?c=842204&whence=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.192.152.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-152-152.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://842204.app.netsuite.com/pages/customerlogin.jsp?c=842204&whence=
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
date
Tue, 14 May 2024 03:57:08 GMT
last-modified
Mon, 13 May 2024 20:50:07 GMT
akamai-grn
0.a066cd17.1715659027.13209d22, 0.76011002.1715659027.376fa130
content-security-policy-report-only
frame-ancestors 'self'; report-uri /app/security/csp/cspaudit.nl
vary
User-Agent, Accept-Encoding
content-type
text/javascript
x-cache
TCP_MISS from a2-16-1-118.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
ns_rtimer_composite
681652010:616363743132362E70726F642D7068782D6E6131392E636F72652E6E732E696E7465726E616C:80
cache-control
max-age=86400
accept-ranges
bytes
content-length
30946
x-n-operationid
618eb2a8-63ce-43cf-94b0-69f16c1e660b
x-request-id
4ec4c5e2b1454d2d7b7b1ba1b441524f
jquery_isolation.js
842204.app.netsuite.com/ui/jquery/
69 B
579 B
Script
General
Full URL
https://842204.app.netsuite.com/ui/jquery/jquery_isolation.js?NS_VER=2024.1&minver=14
Requested by
Host: 842204.app.netsuite.com
URL: https://842204.app.netsuite.com/pages/customerlogin.jsp?c=842204&whence=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.192.152.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-152-152.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
79668dc7e33a2dde801e79e4cdcb42cc0ffa0fef18286093853d2780907b5874
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://842204.app.netsuite.com/pages/customerlogin.jsp?c=842204&whence=
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 14 May 2024 03:57:08 GMT
last-modified
Mon, 13 May 2024 20:50:07 GMT
akamai-grn
0.a066cd17.1715659027.13209d49, 0.76011002.1715659027.376fa131
content-security-policy-report-only
frame-ancestors 'self'; report-uri /app/security/csp/cspaudit.nl
vary
User-Agent
content-type
text/javascript
x-cache
TCP_MISS from a2-16-1-118.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
ns_rtimer_composite
1278217563:616363743132362E70726F642D7068782D6E6131392E636F72652E6E732E696E7465726E616C:80
cache-control
max-age=86400
accept-ranges
bytes
content-length
69
x-n-operationid
e28e4303-d68b-47df-978a-872be343b246
x-request-id
b2fd7fe789a285e53c7257ee93115be6
2338580573.js
842204.app.netsuite.com/assets/loginpage_customerloginv2/
2 KB
1 KB
Script
General
Full URL
https://842204.app.netsuite.com/assets/loginpage_customerloginv2/2338580573.js?NS_VER=2024.1&minver=14
Requested by
Host: 842204.app.netsuite.com
URL: https://842204.app.netsuite.com/pages/customerlogin.jsp?c=842204&whence=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.192.152.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-152-152.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
b172d3aee7829623e9fc268ab70683317fda0e07ef8d782945113ff7e6d0d199
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://842204.app.netsuite.com/pages/customerlogin.jsp?c=842204&whence=
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
date
Tue, 14 May 2024 03:57:07 GMT
last-modified
Mon, 13 May 2024 17:55:23 GMT
server
Akamai Resource Optimizer
akamai-grn
0.a9622c17.1715622922.18997fe, 0.76011002.1715659027.376fa132
content-security-policy-report-only
frame-ancestors 'self'; report-uri /app/security/csp/cspaudit.nl
x-cache
TCP_MISS from a2-16-1-118.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
content-type
text/javascript
ns_rtimer_composite
863611982:616363743133342E70726F642D7068782D6E6131392E636F72652E6E732E696E7465726E616C:80
cache-control
max-age=2592000
accept-ranges
bytes
content-length
616
x-n-operationid
3cb0392d-51ef-406f-8135-8fbc5e30d6b1
x-request-id
1982b72b674d2c4c16e9933e175aea31
NLPortal.jsp
842204.app.netsuite.com/javascript/
5 KB
2 KB
Script
General
Full URL
https://842204.app.netsuite.com/javascript/NLPortal.jsp?JSP_VER=1&NS_VER=2024.1&minver=14&buildver=30645
Requested by
Host: 842204.app.netsuite.com
URL: https://842204.app.netsuite.com/pages/customerlogin.jsp?c=842204&whence=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.192.152.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-152-152.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c7be652c23e825f83ca10f3952e24a59f421408fcc4e5f1e44ca0d893b45d847
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://842204.app.netsuite.com/pages/customerlogin.jsp?c=842204&whence=
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Tue, 14 May 2024 06:15:07 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Tue, 14 May 2024 03:57:07 GMT
last-modified
Mon, 13 May 2024 20:50:07 GMT
akamai-grn
0.76011002.1715659027.376fa133
vary
User-Agent, Accept-Encoding
content-security-policy-report-only
frame-ancestors 'self'; report-uri /app/security/csp/cspaudit.nl
content-type
text/javascript;charset=utf-8
x-cache
TCP_MISS from a2-16-1-118.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
ns_rtimer_composite
1798843113:616363743132362E70726F642D7068782D6E6131392E636F72652E6E732E696E7465726E616C:80
content-length
1749
x-request-id
e938299e7cf5a6688429aefb7dfa86d6
x-n-operationid
d0b0c945-bad4-4ec6-bb4c-84a40da16e14
orale-netsuite-white-logo.svg
842204.app.netsuite.com/authentication/ui/loginpage/assets/images/
6 KB
3 KB
Image
General
Full URL
https://842204.app.netsuite.com/authentication/ui/loginpage/assets/images/orale-netsuite-white-logo.svg
Requested by
Host: 842204.app.netsuite.com
URL: https://842204.app.netsuite.com/pages/customerlogin.jsp?c=842204&whence=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.192.152.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-152-152.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
73d93561c25ea002677b9bf02ac9645595f17faab8caf7d50d2714baa12438d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://842204.app.netsuite.com/pages/customerlogin.jsp?c=842204&whence=
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
date
Tue, 14 May 2024 03:57:08 GMT
last-modified
Mon, 13 May 2024 20:50:07 GMT
akamai-grn
0.a066cd17.1715659027.13209d25, 0.76011002.1715659027.376fa134
content-security-policy-report-only
frame-ancestors 'self'; report-uri /app/security/csp/cspaudit.nl
vary
User-Agent, Accept-Encoding
content-type
image/svg+xml
x-cache
TCP_MISS from a2-16-1-118.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
ns_rtimer_composite
2088321527:616363743132362E70726F642D7068782D6E6131392E636F72652E6E732E696E7465726E616C:80
cache-control
max-age=86400
accept-ranges
bytes
content-length
2779
x-n-operationid
bbe64480-1f06-4ea8-b95b-7568879c09c8
x-request-id
fd6832772a34b8b37222a5819dd099d2
VGSw
842204.app.netsuite.com/zTKEEkAl9HDonrL0zt7cRnNh/O17QbXJ41LYEaN/M01OIG1RMA/XiE2UkV/
213 KB
79 KB
Script
General
Full URL
https://842204.app.netsuite.com/zTKEEkAl9HDonrL0zt7cRnNh/O17QbXJ41LYEaN/M01OIG1RMA/XiE2UkV/VGSw
Requested by
Host: 842204.app.netsuite.com
URL: https://842204.app.netsuite.com/pages/customerlogin.jsp?c=842204&whence=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.192.152.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-152-152.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6d4ebb61f9612a50a3d72c11d3a44db7f9b924321694945e2e0d787ef00c64e3

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://842204.app.netsuite.com/pages/customerlogin.jsp?c=842204&whence=
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 03:57:07 GMT
content-encoding
br
last-modified
Wed, 02 Aug 2023 16:13:55 GMT
akamai-grn
0.76011002.1715659027.376fa135
etag
"82d7d5f83844c53e91f407b353b1690b25c0f874e6f1692d0316c8cb99d20c31"
stored-attribute-sha-checksum
6d4ebb61f9612a50a3d72c11d3a44db7f9b924321694945e2e0d787ef00c64e3
vary
Accept-Encoding
x-cache
TCP_HIT from a2-16-1-118.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
content-type
application/javascript
cache-control
max-age=21600, max-age=21600
content-length
80419
VGSw
842204.app.netsuite.com/zTKEEkAl9HDonrL0zt7cRnNh/O17QbXJ41LYEaN/M01OIG1RMA/XiE2UkV/
18 B
780 B
XHR
General
Full URL
https://842204.app.netsuite.com/zTKEEkAl9HDonrL0zt7cRnNh/O17QbXJ41LYEaN/M01OIG1RMA/XiE2UkV/VGSw
Requested by
Host: 842204.app.netsuite.com
URL: https://842204.app.netsuite.com/zTKEEkAl9HDonrL0zt7cRnNh/O17QbXJ41LYEaN/M01OIG1RMA/XiE2UkV/VGSw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.192.152.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-152-152.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://842204.app.netsuite.com/pages/customerlogin.jsp?c=842204&whence=
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 14 May 2024 03:57:09 GMT
akamai-grn
0.76011002.1715659028.376fa3cf
vary
Origin
x-cache
TCP_MISS from a2-16-1-118.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
content-type
application/json
access-control-allow-origin
https://842204.app.netsuite.com
access-control-allow-credentials
true
x_req_id
c4d88e16-da9b-42db-82ff-81dee9b272a0
access-control-allow-headers
Content-Type
content-length
18
OracleSans-XBd.woff2
842204.app.netsuite.com/authentication/ui/loginpage/assets/fonts/
29 KB
30 KB
Font
General
Full URL
https://842204.app.netsuite.com/authentication/ui/loginpage/assets/fonts/OracleSans-XBd.woff2
Requested by
Host: 842204.app.netsuite.com
URL: https://842204.app.netsuite.com/assets/loginpage_commonlook/2748716420.css?NS_VER=2024.1&minver=14
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.192.152.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-152-152.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bd0d14f91562f1faf5c2f31433c7a373d210b6d2d65c7797078183e4e7609d1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://842204.app.netsuite.com/assets/loginpage_commonlook/2748716420.css?NS_VER=2024.1&minver=14
Origin
https://842204.app.netsuite.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 14 May 2024 03:57:09 GMT
last-modified
Mon, 13 May 2024 20:50:07 GMT
akamai-grn
0.76011002.1715659028.376fa3d6
content-security-policy-report-only
frame-ancestors 'self'; report-uri /app/security/csp/cspaudit.nl
vary
User-Agent
content-type
font/woff2
x-cache
TCP_MISS from a2-16-1-118.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
ns_rtimer_composite
681652016:616363743132362E70726F642D7068782D6E6131392E636F72652E6E732E696E7465726E616C:80
accept-ranges
bytes
content-length
29952
x-n-operationid
50cc6f77-4bf1-44e1-bc70-a198a5d918e3
x-request-id
30e0e4857b667c0e3b05f9987f984b60
OracleSans-Rg.woff2
842204.app.netsuite.com/authentication/ui/loginpage/assets/fonts/
41 KB
41 KB
Font
General
Full URL
https://842204.app.netsuite.com/authentication/ui/loginpage/assets/fonts/OracleSans-Rg.woff2
Requested by
Host: 842204.app.netsuite.com
URL: https://842204.app.netsuite.com/assets/loginpage_commonlook/2748716420.css?NS_VER=2024.1&minver=14
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.192.152.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-152-152.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0abc65911840d86019c5e62403dbe5ad1b91ca6b1fa861a4346f9c6972752124
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://842204.app.netsuite.com/assets/loginpage_commonlook/2748716420.css?NS_VER=2024.1&minver=14
Origin
https://842204.app.netsuite.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 14 May 2024 03:57:09 GMT
last-modified
Mon, 13 May 2024 20:50:07 GMT
akamai-grn
0.76011002.1715659028.376fa3d7
content-security-policy-report-only
frame-ancestors 'self'; report-uri /app/security/csp/cspaudit.nl
vary
User-Agent
content-type
font/woff2
x-cache
TCP_MISS from a2-16-1-118.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
ns_rtimer_composite
1798843124:616363743132362E70726F642D7068782D6E6131392E636F72652E6E732E696E7465726E616C:80
accept-ranges
bytes
content-length
41512
x-n-operationid
db3dd3a4-2d16-4c9a-951f-59c57f5b50bf
x-request-id
8645ae0179a490e4976c0c963d6d2c00
OracleSans-Bd.woff2
842204.app.netsuite.com/authentication/ui/loginpage/assets/fonts/
41 KB
42 KB
Font
General
Full URL
https://842204.app.netsuite.com/authentication/ui/loginpage/assets/fonts/OracleSans-Bd.woff2
Requested by
Host: 842204.app.netsuite.com
URL: https://842204.app.netsuite.com/assets/loginpage_commonlook/2748716420.css?NS_VER=2024.1&minver=14
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.192.152.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-152-152.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0ba1d1add1865c52c8f2ed3711394487805d790ddb4618ef011123c990dddb1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://842204.app.netsuite.com/assets/loginpage_commonlook/2748716420.css?NS_VER=2024.1&minver=14
Origin
https://842204.app.netsuite.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 14 May 2024 03:57:09 GMT
last-modified
Mon, 13 May 2024 20:50:07 GMT
akamai-grn
0.76011002.1715659028.376fa3d8
content-security-policy-report-only
frame-ancestors 'self'; report-uri /app/security/csp/cspaudit.nl
vary
User-Agent
content-type
font/woff2
x-cache
TCP_MISS from a2-16-1-118.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
ns_rtimer_composite
1278217569:616363743132362E70726F642D7068782D6E6131392E636F72652E6E732E696E7465726E616C:80
accept-ranges
bytes
content-length
42356
x-n-operationid
3a8f6de5-b00a-43c6-9a90-e834cfadde54
x-request-id
e13ecfbc11c5ac087b6942926a0c36c1
OracleSans-SBd.woff2
842204.app.netsuite.com/authentication/ui/loginpage/assets/fonts/
29 KB
29 KB
Font
General
Full URL
https://842204.app.netsuite.com/authentication/ui/loginpage/assets/fonts/OracleSans-SBd.woff2
Requested by
Host: 842204.app.netsuite.com
URL: https://842204.app.netsuite.com/assets/loginpage_commonlook/2748716420.css?NS_VER=2024.1&minver=14
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.192.152.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-152-152.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
583509a2d5b6b72fe70837bd5c9ba6ed833a72aac9d6bc04b32c8c443de016d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://842204.app.netsuite.com/assets/loginpage_commonlook/2748716420.css?NS_VER=2024.1&minver=14
Origin
https://842204.app.netsuite.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 14 May 2024 03:57:08 GMT
last-modified
Mon, 13 May 2024 20:50:07 GMT
akamai-grn
0.76011002.1715659028.376fa3d9
content-security-policy-report-only
frame-ancestors 'self'; report-uri /app/security/csp/cspaudit.nl
vary
User-Agent
content-type
font/woff2
x-cache
TCP_MISS from a2-16-1-118.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
ns_rtimer_composite
1437994887:616363743132362E70726F642D7068782D6E6131392E636F72652E6E732E696E7465726E616C:80
accept-ranges
bytes
content-length
29396
x-n-operationid
ae2b3d2f-2bfe-4327-9b86-ae63b9c70042
x-request-id
4fe7f90640fe1206342853ef0df04250
resource.nl
842204.app.netsuite.com/app/login/loginpage/
83 KB
84 KB
Image
General
Full URL
https://842204.app.netsuite.com/app/login/loginpage/resource.nl?resourcename=violator-817x446-nsaw-what-your-spreadsheets-cant-do.jpg&language=US
Requested by
Host: 842204.app.netsuite.com
URL: https://842204.app.netsuite.com/pages/customerlogin.jsp?c=842204&whence=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.192.152.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-152-152.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7263561821030c654896b5092d784399bcd20d042513e8d49efef7f94bd8c337
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://842204.app.netsuite.com/pages/customerlogin.jsp?c=842204&whence=
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 14 May 2024 03:57:09 GMT
last-modified
Mon, 18 Mar 2024 00:58:46 GMT
akamai-grn
0.76011002.1715659028.376fa3e3
content-security-policy-report-only
frame-ancestors 'self'; report-uri /app/security/csp/cspaudit.nl
x-cache
TCP_MISS from a2-16-1-118.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
content-type
image/jpeg;charset=utf-8
ns_rtimer_composite
1456400640:616363743134322E70726F642D7068782D6E6131392E636F72652E6E732E696E7465726E616C:80
cache-control
public, max-age=604800
content-length
85355
x-n-operationid
85948294-60d8-49c5-b4cb-9840ea67ddc8
x-request-id
8c54c0aedf5fac22fb3929bc919cd3fa
resource.nl
842204.app.netsuite.com/app/login/loginpage/
32 KB
32 KB
Image
General
Full URL
https://842204.app.netsuite.com/app/login/loginpage/resource.nl?resourcename=bnr-leasequery-042224.png&language=US
Requested by
Host: 842204.app.netsuite.com
URL: https://842204.app.netsuite.com/pages/customerlogin.jsp?c=842204&whence=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.192.152.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-152-152.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
eb15ffaef38a568d7d6370ceb6c37e72b2775f7b0d0c39fa350ecd7418d8a4a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://842204.app.netsuite.com/pages/customerlogin.jsp?c=842204&whence=
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 14 May 2024 03:57:09 GMT
last-modified
Mon, 22 Apr 2024 06:39:21 GMT
akamai-grn
0.76011002.1715659028.376fa3e4
content-security-policy-report-only
frame-ancestors 'self'; report-uri /app/security/csp/cspaudit.nl
x-cache
TCP_MISS from a2-16-1-118.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
content-type
image/png;charset=utf-8
ns_rtimer_composite
1666906873:616363743132312E70726F642D7068782D6E6131392E636F72652E6E732E696E7465726E616C:80
cache-control
public, max-age=604800
content-length
32611
x-n-operationid
3d785197-99b1-41ef-ae3e-6b7d9694c878
x-request-id
d4bc903224dae564aee61e008a8ca4ac
favicon.png
842204.app.netsuite.com/authentication/ui/loginpage/assets/icon/
2 KB
2 KB
Other
General
Full URL
https://842204.app.netsuite.com/authentication/ui/loginpage/assets/icon/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.192.152.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-152-152.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
87f538d24cb5d0438386808f73a210c63531193858170df651e3eae756c8f642
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://842204.app.netsuite.com/pages/customerlogin.jsp?c=842204&whence=
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 14 May 2024 03:57:09 GMT
last-modified
Mon, 13 May 2024 20:50:07 GMT
akamai-grn
0.76011002.1715659029.376fa644
content-security-policy-report-only
frame-ancestors 'self'; report-uri /app/security/csp/cspaudit.nl
vary
User-Agent
content-type
image/png
x-cache
TCP_MISS from a2-16-1-118.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
ns_rtimer_composite
1798843127:616363743132362E70726F642D7068782D6E6131392E636F72652E6E732E696E7465726E616C:80
cache-control
max-age=86400
accept-ranges
bytes
content-length
1717
x-n-operationid
87cf1f3c-0056-4c69-a8e7-bc5282273129
x-request-id
00ea06e8fa7f5f44663bdecd493bad82

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| $ function| jQuery object| NS string| protocol string| path string| domain function| wash function| checkWash function| submitButtonAction function| initRandomBanner function| initTop function| initBottom function| validateLoginForm function| init function| getQueryParameter function| HandleReferralInfo function| selectAndGo function| openTourWindow function| closeAndGoTo function| fieldHelp function| setLoginCookie function| populateEmailFromCookie function| populateEmailFromCookieNoFocus function| hasFlash object| _cf object| bmak string| _sdTrace

2 Cookies

Domain/Path Name / Value
.netsuite.com/ Name: bm_sz
Value: CEE8EAA8B088F32205F2C939D08EBD45~YAAQdgEQAi76iTKPAQAABTU/dResZhG3XYbe72QJgo7OwyVrwn7iKU6Ru5hCZcFNby9Nvfm/l4oD/CK9MHp8NSf6E1lfaRdX1EfaGL3h7xI5K/vFo1V4t145mSUE3HmMDoMjUr0VYjkh61T+zqqKtzPevLSaCDW08WDmjf/jvydkBQ6+PPxwb0Qn1fHeStR2bDxHj3uTEa4W1ucs/srEGtPFPA2CSkWegdSBQv3IqoDbYAvu4YnICmaaIYDe5NAY4do+WLRFk3zzAmYv2CE8FVX51XkcF1ul/Q4nJ3mPxGFc8yIdeOaSzj12i+V7By/YwSfrhMIFfktiOyOhkYT1LgfU7lp3x5OQZSCvTjyuAXsXGWYP6sRGZD7Q3tSBssA6ssq/cO5BMguuGIq+COZQVNFa7DK2ibv2xwk=~3355462~4539961
.netsuite.com/ Name: _abck
Value: 5C9B8E5605CBD106CD8AC29A29C1837B~0~YAAQdgEQAjb6iTKPAQAAZTo/dQt3m6p3KVVtsjqP54Llz/j9iPdEyv5TiIqPaFb+bi28NforH4oz7aNgJfi+xykha+l1SYYwTln2o5qiKK2oi9hU+Yv9+9l1v7WZujbZ3xAXGlL+IOw8zwbvKl7nAge3YycDb8BRwCYYq9ylkCiTR584wvyfQyJMNNYa1O/1DYQjiFVbDsCPE67wHxo3R9nbQ5SOyCr+8jfFoKqFjyl+4U6M5HGB2s+PZf/0YDJE8Ar2XFSR/U7/VEmBbpViMBMzIcv7m3ecEm2TZOCLUxhvpfEHJHD7UQubRQvccsXoLFZSbIPSyNbQzLq1MwSTY9dQC7DyxH5sxPyb54tALA5paCurSWkXPrDFzOPdJdwyCvNbCK3p23Bsaq6CveCNIPD8Jrc3SlS8sto=~-1~-1~-1

8 Console Messages

Source Level URL
Text
security error URL: https://842204.app.netsuite.com/pages/customerlogin.jsp?c=842204&whence=
Message:
The Content-Security-Policy directive 'default-src' contains the keyword 'none' alongside with other source expressions. The keyword 'none' must be the only source expression in the directive value, otherwise it is ignored.
security error URL: https://842204.app.netsuite.com/zTKEEkAl9HDonrL0zt7cRnNh/O17QbXJ41LYEaN/M01OIG1RMA/XiE2UkV/VGSw
Message:
The Content-Security-Policy directive 'default-src' contains the keyword 'none' alongside with other source expressions. The keyword 'none' must be the only source expression in the directive value, otherwise it is ignored.
security error URL: https://842204.app.netsuite.com/zTKEEkAl9HDonrL0zt7cRnNh/O17QbXJ41LYEaN/M01OIG1RMA/XiE2UkV/VGSw
Message:
The Content-Security-Policy directive 'default-src' contains the keyword 'none' alongside with other source expressions. The keyword 'none' must be the only source expression in the directive value, otherwise it is ignored.
security error URL: https://842204.app.netsuite.com/zTKEEkAl9HDonrL0zt7cRnNh/O17QbXJ41LYEaN/M01OIG1RMA/XiE2UkV/VGSw
Message:
The Content-Security-Policy directive 'default-src' contains the keyword 'none' alongside with other source expressions. The keyword 'none' must be the only source expression in the directive value, otherwise it is ignored.
security error URL: https://842204.app.netsuite.com/zTKEEkAl9HDonrL0zt7cRnNh/O17QbXJ41LYEaN/M01OIG1RMA/XiE2UkV/VGSw
Message:
The Content-Security-Policy directive 'default-src' contains the keyword 'none' alongside with other source expressions. The keyword 'none' must be the only source expression in the directive value, otherwise it is ignored.
security error URL: https://842204.app.netsuite.com/zTKEEkAl9HDonrL0zt7cRnNh/O17QbXJ41LYEaN/M01OIG1RMA/XiE2UkV/VGSw
Message:
The Content-Security-Policy directive 'default-src' contains the keyword 'none' alongside with other source expressions. The keyword 'none' must be the only source expression in the directive value, otherwise it is ignored.
security error URL: https://842204.app.netsuite.com/zTKEEkAl9HDonrL0zt7cRnNh/O17QbXJ41LYEaN/M01OIG1RMA/XiE2UkV/VGSw
Message:
The Content-Security-Policy directive 'default-src' contains the keyword 'none' alongside with other source expressions. The keyword 'none' must be the only source expression in the directive value, otherwise it is ignored.
security error URL: https://842204.app.netsuite.com/zTKEEkAl9HDonrL0zt7cRnNh/O17QbXJ41LYEaN/M01OIG1RMA/XiE2UkV/VGSw
Message:
The Content-Security-Policy directive 'default-src' contains the keyword 'none' alongside with other source expressions. The keyword 'none' must be the only source expression in the directive value, otherwise it is ignored.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src https://842204.app.netsuite.com/zTKEEkAl9HDonrL0zt7cRnNh/O17QbXJ41LYEaN/M01OIG1RMA/XiE2UkV/VGSw 'nonce-c309553217d4cb22bc393e401cc160fe' 'none'; base-uri 'none'; font-src 'self' data:; frame-ancestors 'self'; img-src 'self'; manifest-src 'self'; script-src 'nonce-c309553217d4cb22bc393e401cc160fe' 'self' 'report-sample'; style-src 'self'; worker-src 'self' suitephone:; upgrade-insecure-requests; report-uri /app/security/csp/cspaudit.nl;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block