urlscan.io logo urlscan.io
SecurityTrails logo

b2ctntprdoejm001.b2clogin.com Open in urlscan Pro
2603:1026:3000:148::e  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ejm.matthey.com/
Effective URL: https://b2ctntprdoejm001.b2clogin.com/b2ctntprdoejm001.onmicrosoft.com/B2C_1A_EJMSIGNUP_SIGNIN/oauth2/v2.0/authorize?response_type=cod...
Submission: On November 07 via manual from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 9 HTTP transactions. The main IP is 2603:1026:3000:148::e, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is b2ctntprdoejm001.b2clogin.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on July 3rd 2023. Valid for: a year.
This is the only time b2ctntprdoejm001.b2clogin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 7 35.201.101.38 396982 (GOOGLE-CL...)
2 2603:1026:300... 8075 (MICROSOFT...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
9 4
Apex Domain
Subdomains		 Transfer
7 matthey.com
ejm.matthey.com
4 MB
2 b2clogin.com
b2ctntprdoejm001.b2clogin.com
95 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 223
28 KB
9 3
Domain Requested by
7 ejm.matthey.com 1 redirects b2ctntprdoejm001.b2clogin.com
2 b2ctntprdoejm001.b2clogin.com b2ctntprdoejm001.b2clogin.com
1 cdnjs.cloudflare.com b2ctntprdoejm001.b2clogin.com
9 3

This site contains no links.

Subject Issuer Validity Valid
graph.windows.net
DigiCert SHA2 Secure Server CA		 2023-07-03 -
2024-07-03		 a year crt.sh
platinum.matthey.com
R3		 2023-10-17 -
2024-01-15		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh

This page contains 1 frames:

Primary Page: https://b2ctntprdoejm001.b2clogin.com/b2ctntprdoejm001.onmicrosoft.com/B2C_1A_EJMSIGNUP_SIGNIN/oauth2/v2.0/authorize?response_type=code&response_mode=form_post&redirect_uri=https%3A%2F%2Fejm.matthey.com%2Fgroup%2Fejm%2Fdashboard&client_id=52759b39-31a9-400c-b528-758dc7f91f43&scope=openid+offline_access+profile+&code_challenge=L7Gv6Yo92OarU-DsQ2jTJ35iD3kYZIKQn8S7BJnjdeg&code_challenge_method=S256&prompt=select_account&state=e6ccba4d-e3ca-4d0a-b737-58090218d9c8&nonce=0345b665-99ca-40b8-9d98-0733d8c87e1f
Frame ID: 9468EB2C444EB7BE42DC3B4F3F2CEF60
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

eJM Login

Page URL History Show full URLs

  1. https://ejm.matthey.com/ HTTP 302
    https://b2ctntprdoejm001.b2clogin.com/b2ctntprdoejm001.onmicrosoft.com/B2C_1A_EJMSIGNUP_SIGNIN/oauth2/v2.0/authori... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

9
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

4521 kB
Transfer

4758 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ejm.matthey.com/ HTTP 302
    https://b2ctntprdoejm001.b2clogin.com/b2ctntprdoejm001.onmicrosoft.com/B2C_1A_EJMSIGNUP_SIGNIN/oauth2/v2.0/authorize?response_type=code&response_mode=form_post&redirect_uri=https%3A%2F%2Fejm.matthey.com%2Fgroup%2Fejm%2Fdashboard&client_id=52759b39-31a9-400c-b528-758dc7f91f43&scope=openid+offline_access+profile+&code_challenge=L7Gv6Yo92OarU-DsQ2jTJ35iD3kYZIKQn8S7BJnjdeg&code_challenge_method=S256&prompt=select_account&state=e6ccba4d-e3ca-4d0a-b737-58090218d9c8&nonce=0345b665-99ca-40b8-9d98-0733d8c87e1f Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request authorize
b2ctntprdoejm001.b2clogin.com/b2ctntprdoejm001.onmicrosoft.com/B2C_1A_EJMSIGNUP_SIGNIN/oauth2/v2.0/
Redirect Chain
  • https://ejm.matthey.com/
  • https://b2ctntprdoejm001.b2clogin.com/b2ctntprdoejm001.onmicrosoft.com/B2C_1A_EJMSIGNUP_SIGNIN/oauth2/v2.0/authorize?response_type=code&response_mode=form_post&redirect_uri=https%3A%2F%2Fejm.matthe...
276 KB
95 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b2ctntprdoejm001.b2clogin.com/b2ctntprdoejm001.onmicrosoft.com/B2C_1A_EJMSIGNUP_SIGNIN/oauth2/v2.0/authorize?response_type=code&response_mode=form_post&redirect_uri=https%3A%2F%2Fejm.matthey.com%2Fgroup%2Fejm%2Fdashboard&client_id=52759b39-31a9-400c-b528-758dc7f91f43&scope=openid+offline_access+profile+&code_challenge=L7Gv6Yo92OarU-DsQ2jTJ35iD3kYZIKQn8S7BJnjdeg&code_challenge_method=S256&prompt=select_account&state=e6ccba4d-e3ca-4d0a-b737-58090218d9c8&nonce=0345b665-99ca-40b8-9d98-0733d8c87e1f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1026:3000:148::e Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a0f6a6001a816f814ae6a789c1a57c9f24e9ffb2609fff695a2eeba3eeed13db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Allow
OPTIONS TRACE GET HEAD POST
Cache-Control
no-store, must-revalidate, no-cache
Content-Encoding
gzip
Content-Length
94735
Content-Type
text/html; charset=utf-8
Date
Tue, 07 Nov 2023 15:04:03 GMT
Expires
-1
Public
OPTIONS,TRACE,GET,HEAD,POST
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Build
1.0.3088.1
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-Request-ID
d524f0a7-d333-4217-af3d-7687070f4bdf
X-UA-Compatible
IE=edge
X-XSS-Protection
1; mode=block
x-ms-gateway-requestid
fb41e0b1-4344-48e3-a7bc-951a3b881ef4

Redirect headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'
date
Tue, 07 Nov 2023 15:04:04 GMT
location
https://b2ctntprdoejm001.b2clogin.com/b2ctntprdoejm001.onmicrosoft.com/B2C_1A_EJMSIGNUP_SIGNIN/oauth2/v2.0/authorize?response_type=code&response_mode=form_post&redirect_uri=https%3A%2F%2Fejm.matthey.com%2Fgroup%2Fejm%2Fdashboard&client_id=52759b39-31a9-400c-b528-758dc7f91f43&scope=openid+offline_access+profile+&code_challenge=L7Gv6Yo92OarU-DsQ2jTJ35iD3kYZIKQn8S7BJnjdeg&code_challenge_method=S256&prompt=select_account&state=e6ccba4d-e3ca-4d0a-b737-58090218d9c8&nonce=0345b665-99ca-40b8-9d98-0733d8c87e1f
strict-transport-security
: max-age=31536000; includeSubdomains; preload
via
1.1 google
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1
selfAssertedWelcome.cshtml
ejm.matthey.com/assets/sso/ 		73 KB
73 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ejm.matthey.com/assets/sso/selfAssertedWelcome.cshtml
Requested by
Host: b2ctntprdoejm001.b2clogin.com
URL: https://b2ctntprdoejm001.b2clogin.com/b2ctntprdoejm001.onmicrosoft.com/B2C_1A_EJMSIGNUP_SIGNIN/oauth2/v2.0/authorize?response_type=code&response_mode=form_post&redirect_uri=https%3A%2F%2Fejm.matthey.com%2Fgroup%2Fejm%2Fdashboard&client_id=52759b39-31a9-400c-b528-758dc7f91f43&scope=openid+offline_access+profile+&code_challenge=L7Gv6Yo92OarU-DsQ2jTJ35iD3kYZIKQn8S7BJnjdeg&code_challenge_method=S256&prompt=select_account&state=e6ccba4d-e3ca-4d0a-b737-58090218d9c8&nonce=0345b665-99ca-40b8-9d98-0733d8c87e1f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.101.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.101.201.35.bc.googleusercontent.com
Software
/
Resource Hash
eb5e6a1054c74ed9657b441643fd955686be28cf1cc9e3874cc9fc9720a66156
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'
Strict-Transport-Security : max-age=31536000; includeSubdomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://b2ctntprdoejm001.b2clogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 15:04:04 GMT
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'
via
1.1 google
strict-transport-security
: max-age=31536000; includeSubdomains; preload
last-modified
Mon, 30 Oct 2023 06:55:37 GMT
etag
W/"74775-1698648937817"
access-control-allow-origin
*
cache-control
private
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74775
image001.png
ejm.matthey.com/assets/img/ 		4 MB
4 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ejm.matthey.com/assets/img/image001.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.101.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.101.201.35.bc.googleusercontent.com
Software
/
Resource Hash
d61bbc4d0bd25143b54bcd965a77ed60845a9b492b72d184069b346b3218adfa
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'
Strict-Transport-Security : max-age=31536000; includeSubdomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://b2ctntprdoejm001.b2clogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 15:04:05 GMT
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'
via
1.1 google
strict-transport-security
: max-age=31536000; includeSubdomains; preload
last-modified
Mon, 30 Oct 2023 07:01:42 GMT
etag
W/"4309443-1698649302548"
content-type
image/png
access-control-allow-origin
*
cache-control
private
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4309443
ejm-footer-logo.PNG
ejm.matthey.com/o/eJM-theme/images/new_platinum_images/ 		1021 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ejm.matthey.com/o/eJM-theme/images/new_platinum_images/ejm-footer-logo.PNG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.101.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.101.201.35.bc.googleusercontent.com
Software
/
Resource Hash
4fc1c4c69efcf1574d34c65f68a5271aeeb1c12c830d02b7302492f272db42b4
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'
Strict-Transport-Security : max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://b2ctntprdoejm001.b2clogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 15:04:05 GMT
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'
x-content-type-options
nosniff
strict-transport-security
: max-age=31536000; includeSubdomains; preload
last-modified
Fri, 27 Oct 2023 13:04:42 GMT
via
1.1 google
etag
W/"1021-1698411882000"
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1021
x-xss-protection
1
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: b2ctntprdoejm001.b2clogin.com
URL: https://b2ctntprdoejm001.b2clogin.com/b2ctntprdoejm001.onmicrosoft.com/B2C_1A_EJMSIGNUP_SIGNIN/oauth2/v2.0/authorize?response_type=code&response_mode=form_post&redirect_uri=https%3A%2F%2Fejm.matthey.com%2Fgroup%2Fejm%2Fdashboard&client_id=52759b39-31a9-400c-b528-758dc7f91f43&scope=openid+offline_access+profile+&code_challenge=L7Gv6Yo92OarU-DsQ2jTJ35iD3kYZIKQn8S7BJnjdeg&code_challenge_method=S256&prompt=select_account&state=e6ccba4d-e3ca-4d0a-b737-58090218d9c8&nonce=0345b665-99ca-40b8-9d98-0733d8c87e1f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://b2ctntprdoejm001.b2clogin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 15:04:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2478830
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27938
last-modified
Tue, 02 Mar 2021 18:58:36 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"603e8adc-15d9d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nO62DffC070WG6pj3nmW%2BiUGWfTD7qJ6iHDXE%2FG%2BKIsI84LLT6bMxlb3dCP%2F8QIn%2FdfW%2Bk77mYA%2BDefpDta4QFOfj6ALQbCBkMbjeyP03oI%2BvcZSoiLfyWQasQhAKK5vJ3xE9FE7kO2z7KpyFQJ2%2FLFm"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
82267779384f6365-LHR
expires
Sun, 27 Oct 2024 15:04:05 GMT
JMSansRegular.woff2
ejm.matthey.com/assets/fonts/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ejm.matthey.com/assets/fonts/JMSansRegular.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.101.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.101.201.35.bc.googleusercontent.com
Software
/
Resource Hash
1e1b1f469765bbc88aa712062d7b70537c551d6180fba58ceeee774ebbbdf8a0
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'
Strict-Transport-Security : max-age=31536000; includeSubdomains; preload

Request headers

Referer
https://b2ctntprdoejm001.b2clogin.com/
Origin
https://b2ctntprdoejm001.b2clogin.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 15:04:05 GMT
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'
via
1.1 google
strict-transport-security
: max-age=31536000; includeSubdomains; preload
last-modified
Mon, 30 Oct 2023 07:01:42 GMT
etag
W/"38172-1698649302524"
content-type
font/woff2
access-control-allow-origin
*
cache-control
private
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38172
truncated
/ 		314 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ecd4ebb099fbbd881c3b191cec5092314d72646cd55aed58101ae394147d10b3

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/svg+xml
JMSansLight.woff2
ejm.matthey.com/assets/fonts/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ejm.matthey.com/assets/fonts/JMSansLight.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.101.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.101.201.35.bc.googleusercontent.com
Software
/
Resource Hash
d385972bc3be0e6a2da925bccfd3304163c0c6e88cc8fdfe289d7427aec05bea
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'
Strict-Transport-Security : max-age=31536000; includeSubdomains; preload

Request headers

Referer
https://b2ctntprdoejm001.b2clogin.com/
Origin
https://b2ctntprdoejm001.b2clogin.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 15:04:05 GMT
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'
via
1.1 google
strict-transport-security
: max-age=31536000; includeSubdomains; preload
last-modified
Mon, 30 Oct 2023 06:55:37 GMT
etag
W/"37664-1698648937784"
content-type
font/woff2
access-control-allow-origin
*
cache-control
private
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37664
JMSansMedium.woff2
ejm.matthey.com/assets/fonts/ 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ejm.matthey.com/assets/fonts/JMSansMedium.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.101.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.101.201.35.bc.googleusercontent.com
Software
/
Resource Hash
3f6792efa234ca2fa7b527379bacc4b86edde58c6e849e240d4938cbefeffa47
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'
Strict-Transport-Security : max-age=31536000; includeSubdomains; preload

Request headers

Referer
https://b2ctntprdoejm001.b2clogin.com/
Origin
https://b2ctntprdoejm001.b2clogin.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 15:04:05 GMT
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'
via
1.1 google
strict-transport-security
: max-age=31536000; includeSubdomains; preload
last-modified
Mon, 30 Oct 2023 06:55:37 GMT
etag
W/"38464-1698648937787"
content-type
font/woff2
access-control-allow-origin
*
cache-control
private
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38464
perftrace
b2ctntprdoejm001.b2clogin.com/b2ctntprdoejm001.onmicrosoft.com/B2C_1A_Ejmsignup_signin/client/ 		0
447 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b2ctntprdoejm001.b2clogin.com/b2ctntprdoejm001.onmicrosoft.com/B2C_1A_Ejmsignup_signin/client/perftrace?tx=StateProperties=eyJUSUQiOiJkNTI0ZjBhNy1kMzMzLTQyMTctYWYzZC03Njg3MDcwZjRiZGYifQ&p=B2C_1A_Ejmsignup_signin
Requested by
Host: b2ctntprdoejm001.b2clogin.com
URL: https://b2ctntprdoejm001.b2clogin.com/b2ctntprdoejm001.onmicrosoft.com/B2C_1A_EJMSIGNUP_SIGNIN/oauth2/v2.0/authorize?response_type=code&response_mode=form_post&redirect_uri=https%3A%2F%2Fejm.matthey.com%2Fgroup%2Fejm%2Fdashboard&client_id=52759b39-31a9-400c-b528-758dc7f91f43&scope=openid+offline_access+profile+&code_challenge=L7Gv6Yo92OarU-DsQ2jTJ35iD3kYZIKQn8S7BJnjdeg&code_challenge_method=S256&prompt=select_account&state=e6ccba4d-e3ca-4d0a-b737-58090218d9c8&nonce=0345b665-99ca-40b8-9d98-0733d8c87e1f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2603:1026:3000:148::e Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://b2ctntprdoejm001.b2clogin.com/b2ctntprdoejm001.onmicrosoft.com/B2C_1A_EJMSIGNUP_SIGNIN/oauth2/v2.0/authorize?response_type=code&response_mode=form_post&redirect_uri=https%3A%2F%2Fejm.matthey.com%2Fgroup%2Fejm%2Fdashboard&client_id=52759b39-31a9-400c-b528-758dc7f91f43&scope=openid+offline_access+profile+&code_challenge=L7Gv6Yo92OarU-DsQ2jTJ35iD3kYZIKQn8S7BJnjdeg&code_challenge_method=S256&prompt=select_account&state=e6ccba4d-e3ca-4d0a-b737-58090218d9c8&nonce=0345b665-99ca-40b8-9d98-0733d8c87e1f
X-Requested-With
XMLHttpRequest
X-CSRF-TOKEN
Zm96MTBETkFNbVE1OXR4Ri9LMU12VFZRZTJTODdORWRucXNwTERvS0VSOFRpUEZITnVxZVhBZU1SOHplNGpxWk1Manl3OHgwRld2eU1ocGo2dEVFMGc9PTsyMDIzLTExLTA3VDE1OjA0OjA0LjYzMzcyMjRaO1loa0MyWjZOcWVBNmUwRm9ON0pNM0E9PTt7IlRhcmdldEVudGl0eSI6IlNpZ25pbkVtYWlsRXhjaGFuZ2UiLCJPcmNoZXN0cmF0aW9uU3RlcCI6MX0=
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Tue, 07 Nov 2023 15:04:04 GMT
X-Content-Type-Options
nosniff
Allow
OPTIONS, TRACE, GET, HEAD, POST
X-Frame-Options
DENY
Public
OPTIONS,TRACE,GET,HEAD,POST
Cache-Control
no-store, must-revalidate, no-cache
x-ms-gateway-requestid
343a22e9-d9d2-4ff8-8829-41fc9544b4c2
Content-Length
0
X-XSS-Protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| SA_FIELDS object| CONTENT object| SETTINGS string| staticHost string| targetSlice string| targetDc number| initializationTimeout boolean| diagsAlways number| maxTrace function| PageLoadTime function| _isFunction function| _mapObject function| _getPerformanceObjectData function| $trace object| $diags object| $santizer object| preloadCssLink function| checkCssPreloaded function| preloadJavaScript object| $cors function| applyTenantBranding function| sendPageLoadTime object| $i2e object| $modal object| $element function| $ function| jQuery boolean| pageReady object| Handlebars boolean| contentReady

5 Cookies

Domain/Path Name / Value
ejm.matthey.com/ Name: JSESSIONID
Value: 7A16A5F6CABFE95DDE7A497C5879A471
ejm.matthey.com/ Name: SERVER_ID
Value: a0fe657a9fc9a0f4
.b2ctntprdoejm001.b2clogin.com/ Name: x-ms-cpim-csrf
Value: Zm96MTBETkFNbVE1OXR4Ri9LMU12VFZRZTJTODdORWRucXNwTERvS0VSOFRpUEZITnVxZVhBZU1SOHplNGpxWk1Manl3OHgwRld2eU1ocGo2dEVFMGc9PTsyMDIzLTExLTA3VDE1OjA0OjA0LjYzMzcyMjRaO1loa0MyWjZOcWVBNmUwRm9ON0pNM0E9PTt7IlRhcmdldEVudGl0eSI6IlNpZ25pbkVtYWlsRXhjaGFuZ2UiLCJPcmNoZXN0cmF0aW9uU3RlcCI6MX0=
.b2ctntprdoejm001.b2clogin.com/ Name: x-ms-cpim-cache|p_ak1tptf0kvpxahbw9l3w_0
Value: m1.Nay8HkvFgN0la059.Iy3Oo4ae4hiILmCb3YTDJw==.0.GQajY/8XxDZjoF4tgM36WXrO9J5FjdHlT0LAGDeMMNAi7bu59ap1OQJslv1RI2X07J/gO+y9lZCyZhNVtXkL76nw8Q0F4KIA8WtWbBeQ3MrmtbVvwKxc+qvJMVHbTrTo7FVcC4Ddn8jrUx2lvuQEcKB3wdJPFVbSY6d07Nb7rsnCP6itzczZ1cFjPT0GHnoD4wObHW0LkICnegBcFKQnHgI4KJvE40+Gttm0gzQlYlXExc+ibBrRX7/nLNkT9VyMOw44KRDvmPp2u/VkWHjZPVESlUi0cKTVMHceUvYAAOOUaoo9/fzepXP9zJMLsu8SJDn8T0cuF+KOHsccO07/xmsU2/45FNav2wUo2F0QOMNclhqoM/Vmr8yo+0Hs2fo+sPRRAiBtHQ7lWOKtHM7qm0hK1VEmKIz88IU3wVg31aOV+g1KmsZM4fN+iMgln/UYHmg2Ni6s91kKB3sJsCPt1dofoq1DZ45L1v8CESNAgYUFYaTvV0lCv2Elkr3vX8vDDOgSkwKOM36SbeqHcxHqFvKm7tKvfBR97NVvPf3buG2WhTaCIokRuJJogYDd6ncG/VjKrXeESF0gzPwBdZEfkEvZRtnRsSrywzlxcS5uPIbeXjqehvfboCdIccY7X8rflPPZps9dJS5Yf4reIqUwPPqAHFM/dSKuAyZOAc3/VA9/b3ZDj8Fn84Pxrob8PE2otXxW6X8/eN6dEkznvm8ZX9wgHwnYzw/HQIec758+Fdr+8akotMAy38FzfS6E2I6ICYYaf6COKTQQHmoo98rdURqmajWWjGzTWLaWC7V544YHipE/n96DPRZtzOTk+x9cWLa0
.b2ctntprdoejm001.b2clogin.com/ Name: x-ms-cpim-trans
Value: eyJUX0RJQyI6W3siSSI6ImQ1MjRmMGE3LWQzMzMtNDIxNy1hZjNkLTc2ODcwNzBmNGJkZiIsIlQiOiJiMmN0bnRwcmRvZWptMDAxLm9ubWljcm9zb2Z0LmNvbSIsIlAiOiJCMkNfMUFfRUpNU0lHTlVQX1NJR05JTiIsIkMiOiI1Mjc1OWIzOS0zMWE5LTQwMGMtYjUyOC03NThkYzdmOTFmNDMiLCJTIjoxLCJNIjp7fSwiRCI6MCwiRSI6IiJ9XSwiQ19JRCI6ImQ1MjRmMGE3LWQzMzMtNDIxNy1hZjNkLTc2ODcwNzBmNGJkZiJ9

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block