urlscan.io logo urlscan.io
SecurityTrails logo

myzone-test.portal.hcm.zellis.com Open in urlscan Pro
2620:1ec:bdf::64  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://myzone-test.portal.hcm.zellis.com/
Effective URL: https://myzone-test.portal.hcm.zellis.com/UserSecurity/LogOn
Submission: On May 19 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 15 HTTP transactions. The main IP is 2620:1ec:bdf::64, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is myzone-test.portal.hcm.zellis.com.
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on May 19th 2024. Valid for: 6 months.
This is the only time myzone-test.portal.hcm.zellis.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 16 2620:1ec:bdf::64 8075 (MICROSOFT...)
15 1
Apex Domain
Subdomains		 Transfer
16 zellis.com
myzone-test.portal.hcm.zellis.com
943 KB
15 1
Domain Requested by
16 myzone-test.portal.hcm.zellis.com 1 redirects myzone-test.portal.hcm.zellis.com
15 1

This site contains no links.

Subject Issuer Validity Valid
myzone-test.portal.hcm.zellis.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2024-05-19 -
2024-11-19		 6 months crt.sh

This page contains 1 frames:

Primary Page: https://myzone-test.portal.hcm.zellis.com/UserSecurity/LogOn
Frame ID: B3A5692F30C5B05924DE13C076EE5F90
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

MyZone

Page URL History Show full URLs

  1. https://myzone-test.portal.hcm.zellis.com/ HTTP 302
    https://myzone-test.portal.hcm.zellis.com/UserSecurity/LogOn Page URL

Page Statistics

15
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

942 kB
Transfer

1376 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://myzone-test.portal.hcm.zellis.com/ HTTP 302
    https://myzone-test.portal.hcm.zellis.com/UserSecurity/LogOn Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request LogOn
myzone-test.portal.hcm.zellis.com/UserSecurity/
Redirect Chain
  • https://myzone-test.portal.hcm.zellis.com/
  • https://myzone-test.portal.hcm.zellis.com/UserSecurity/LogOn
5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://myzone-test.portal.hcm.zellis.com/UserSecurity/LogOn
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6de252cc1d7074578feb139f894412ee139cf990626f3ec867305ce85999bf76
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'nonce-onYnhWxGYCxcqe7XAMUucyzHpWMB8s2da3oX5wyOo+Y='; style-src 'self' 'nonce-onYnhWxGYCxcqe7XAMUucyzHpWMB8s2da3oX5wyOo+Y='; object-src data: 'unsafe-eval'; img-src 'self' data: 'unsafe-eval'; frame-src 'self' https://app.powerbi.com; frame-ancestors 'self'; connect-src 'self'; child-src 'none'
Strict-Transport-Security max-age=31556952; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-expose-headers
Request-Context
cache-control
no-cache, no-store
content-encoding
gzip
content-length
1847
content-security-policy
default-src 'self'; script-src 'self' 'nonce-onYnhWxGYCxcqe7XAMUucyzHpWMB8s2da3oX5wyOo+Y='; style-src 'self' 'nonce-onYnhWxGYCxcqe7XAMUucyzHpWMB8s2da3oX5wyOo+Y='; object-src data: 'unsafe-eval'; img-src 'self' data: 'unsafe-eval'; frame-src 'self' https://app.powerbi.com; frame-ancestors 'self'; connect-src 'self'; child-src 'none'
content-type
text/html; charset=utf-8
date
Sun, 19 May 2024 23:51:03 GMT
expires
-1
logonpage
1
p3p
policyref="/w3c/p3p.xml", CP="CNT NAV OTC PRE IDC COR CUR OUR BUS STP"
pragma
no-cache
request-context
appId=cid-v1:6ce46d13-96db-4a5c-b490-f6dea38df95a
strict-transport-security
max-age=31556952; includeSubDomains
vary
Accept-Encoding
x-azure-ref
20240519T235103Z-17c66ffcdbcgzpgcva22g39030000000051g00000001gh41
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN SAMEORIGIN
x-ua-compatible
IE=Edge,chrome=1

Redirect headers

access-control-expose-headers
Request-Context
content-length
136
content-type
text/html; charset=utf-8
date
Sun, 19 May 2024 23:51:03 GMT
location
/UserSecurity/LogOn
logonpage
1
p3p
policyref="/w3c/p3p.xml", CP="CNT NAV OTC PRE IDC COR CUR OUR BUS STP"
request-context
appId=cid-v1:6ce46d13-96db-4a5c-b490-f6dea38df95a
strict-transport-security
max-age=31556952; includeSubDomains
x-azure-ref
20240519T235103Z-17c66ffcdbcgzpgcva22g39030000000051g00000001gh3u
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-ua-compatible
IE=Edge,chrome=1
core.js
myzone-test.portal.hcm.zellis.com/xpkg/ 		190 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://myzone-test.portal.hcm.zellis.com/xpkg/core.js?v=2024.5.17.10
Requested by
Host: myzone-test.portal.hcm.zellis.com
URL: https://myzone-test.portal.hcm.zellis.com/UserSecurity/LogOn
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
90e897456f10ef82e2358cf9adbd154f1c13138d92167efedd287dc82663f41f
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'nonce-6v79n7g1kj6EySf/0K2dMNzU9tJya56zB3fRxU0kIGI='; style-src 'self' 'nonce-6v79n7g1kj6EySf/0K2dMNzU9tJya56zB3fRxU0kIGI='; object-src data: 'unsafe-eval'; img-src 'self' data: 'unsafe-eval'; frame-src 'self' https://app.powerbi.com; frame-ancestors 'self'; connect-src 'self'; child-src 'none'
Strict-Transport-Security max-age=31556952; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 23:51:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31556952; includeSubDomains
content-security-policy
default-src 'self'; script-src 'self' 'nonce-6v79n7g1kj6EySf/0K2dMNzU9tJya56zB3fRxU0kIGI='; style-src 'self' 'nonce-6v79n7g1kj6EySf/0K2dMNzU9tJya56zB3fRxU0kIGI='; object-src data: 'unsafe-eval'; img-src 'self' data: 'unsafe-eval'; frame-src 'self' https://app.powerbi.com; frame-ancestors 'self'; connect-src 'self'; child-src 'none'
x-cache
CONFIG_NOCACHE
p3p
policyref="/w3c/p3p.xml", CP="CNT NAV OTC PRE IDC COR CUR OUR BUS STP"
request-context
appId=cid-v1:6ce46d13-96db-4a5c-b490-f6dea38df95a
x-ua-compatible
IE=Edge,chrome=1
last-modified
Sun, 19 May 2024 21:16:11 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
x-azure-ref
20240519T235103Z-17c66ffcdbcgzpgcva22g39030000000051g00000001gh4b
access-control-expose-headers
Request-Context
cache-control
private, max-age=77107
expires
Mon, 20 May 2024 21:16:24 GMT
core.css
myzone-test.portal.hcm.zellis.com/xpkg/ 		375 KB
82 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://myzone-test.portal.hcm.zellis.com/xpkg/core.css?v=2024.5.17.10&c=637852972581895630
Requested by
Host: myzone-test.portal.hcm.zellis.com
URL: https://myzone-test.portal.hcm.zellis.com/UserSecurity/LogOn
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
164c6c22f6fd9413626438cc7c2d07346adbe91b350bee1c03dacc50a56327ed
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'nonce-QoA1OT0LK81xwChRfTucqJ46VmeR4i6KofysE4Ug1eU='; style-src 'self' 'nonce-QoA1OT0LK81xwChRfTucqJ46VmeR4i6KofysE4Ug1eU='; object-src data: 'unsafe-eval'; img-src 'self' data: 'unsafe-eval'; frame-src 'self' https://app.powerbi.com; frame-ancestors 'self'; connect-src 'self'; child-src 'none'
Strict-Transport-Security max-age=31556952; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 23:51:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31556952; includeSubDomains
content-security-policy
default-src 'self'; script-src 'self' 'nonce-QoA1OT0LK81xwChRfTucqJ46VmeR4i6KofysE4Ug1eU='; style-src 'self' 'nonce-QoA1OT0LK81xwChRfTucqJ46VmeR4i6KofysE4Ug1eU='; object-src data: 'unsafe-eval'; img-src 'self' data: 'unsafe-eval'; frame-src 'self' https://app.powerbi.com; frame-ancestors 'self'; connect-src 'self'; child-src 'none'
x-cache
CONFIG_NOCACHE
p3p
policyref="/w3c/p3p.xml", CP="CNT NAV OTC PRE IDC COR CUR OUR BUS STP"
request-context
appId=cid-v1:6ce46d13-96db-4a5c-b490-f6dea38df95a
x-ua-compatible
IE=Edge,chrome=1
last-modified
Sun, 19 May 2024 21:16:18 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
x-azure-ref
20240519T235103Z-17c66ffcdbcgzpgcva22g39030000000051g00000001gh48
access-control-expose-headers
Request-Context
cache-control
private, max-age=77115
expires
Mon, 20 May 2024 21:16:23 GMT
$8;foundation;zds-external
myzone-test.portal.hcm.zellis.com/xres/2024.5.17.10/637852972581895630/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://myzone-test.portal.hcm.zellis.com/xres/2024.5.17.10/637852972581895630/css/$8;foundation;zds-external
Requested by
Host: myzone-test.portal.hcm.zellis.com
URL: https://myzone-test.portal.hcm.zellis.com/UserSecurity/LogOn
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1dc3f704a41f7ba3ea2e411704efa1e4e4762b5e1a6d7c0d34e26a63040ebb2d
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'nonce-7JW8qYwsBouEugWdqNkJPPvOn7JzLeYw0sAMnCV3yr0='; style-src 'self' 'nonce-7JW8qYwsBouEugWdqNkJPPvOn7JzLeYw0sAMnCV3yr0='; object-src data: 'unsafe-eval'; img-src 'self' data: 'unsafe-eval'; frame-src 'self' https://app.powerbi.com; frame-ancestors 'self'; connect-src 'self'; child-src 'none'
Strict-Transport-Security max-age=31556952; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 23:51:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31556952; includeSubDomains
content-security-policy
default-src 'self'; script-src 'self' 'nonce-7JW8qYwsBouEugWdqNkJPPvOn7JzLeYw0sAMnCV3yr0='; style-src 'self' 'nonce-7JW8qYwsBouEugWdqNkJPPvOn7JzLeYw0sAMnCV3yr0='; object-src data: 'unsafe-eval'; img-src 'self' data: 'unsafe-eval'; frame-src 'self' https://app.powerbi.com; frame-ancestors 'self'; connect-src 'self'; child-src 'none'
x-cache
CONFIG_NOCACHE
p3p
policyref="/w3c/p3p.xml", CP="CNT NAV OTC PRE IDC COR CUR OUR BUS STP"
content-length
1527
request-context
appId=cid-v1:6ce46d13-96db-4a5c-b490-f6dea38df95a
x-ua-compatible
IE=Edge,chrome=1
last-modified
Sun, 19 May 2024 21:16:12 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
x-azure-ref
20240519T235103Z-17c66ffcdbcgzpgcva22g39030000000051g00000001gh49
access-control-expose-headers
Request-Context
cache-control
private, max-age=77108
accept-ranges
bytes
expires
Mon, 20 May 2024 21:16:22 GMT
$18;usersecurity;logon.ts
myzone-test.portal.hcm.zellis.com/xres/2024.5.17.10/de-DE/js/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://myzone-test.portal.hcm.zellis.com/xres/2024.5.17.10/de-DE/js/$18;usersecurity;logon.ts
Requested by
Host: myzone-test.portal.hcm.zellis.com
URL: https://myzone-test.portal.hcm.zellis.com/UserSecurity/LogOn
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
28f4ffd42ed881f91001acd25cd2ce52a0e734dc746a08eb64ca9c80210bb0a6
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'nonce-FkZT8j6KPWqDz6R6Zmm1Hu1SnpYlhsXb9GDwKt69mMw='; style-src 'self' 'nonce-FkZT8j6KPWqDz6R6Zmm1Hu1SnpYlhsXb9GDwKt69mMw='; object-src data: 'unsafe-eval'; img-src 'self' data: 'unsafe-eval'; frame-src 'self' https://app.powerbi.com; frame-ancestors 'self'; connect-src 'self'; child-src 'none'
Strict-Transport-Security max-age=31556952; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 23:51:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31556952; includeSubDomains
content-security-policy
default-src 'self'; script-src 'self' 'nonce-FkZT8j6KPWqDz6R6Zmm1Hu1SnpYlhsXb9GDwKt69mMw='; style-src 'self' 'nonce-FkZT8j6KPWqDz6R6Zmm1Hu1SnpYlhsXb9GDwKt69mMw='; object-src data: 'unsafe-eval'; img-src 'self' data: 'unsafe-eval'; frame-src 'self' https://app.powerbi.com; frame-ancestors 'self'; connect-src 'self'; child-src 'none'
x-cache
CONFIG_NOCACHE
p3p
policyref="/w3c/p3p.xml", CP="CNT NAV OTC PRE IDC COR CUR OUR BUS STP"
content-length
1006
request-context
appId=cid-v1:6ce46d13-96db-4a5c-b490-f6dea38df95a
x-ua-compatible
IE=Edge,chrome=1
last-modified
Sun, 19 May 2024 23:51:03 GMT
vary
Accept-Encoding, User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
x-azure-ref
20240519T235103Z-17c66ffcdbcgzpgcva22g39030000000051g00000001gh4c
access-control-expose-headers
Request-Context
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Mon, 20 May 2024 23:51:04 GMT
corefonts.css
myzone-test.portal.hcm.zellis.com/xpkg/ 		39 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://myzone-test.portal.hcm.zellis.com/xpkg/corefonts.css?v=2024.5.17.10&c=637852972581895630
Requested by
Host: myzone-test.portal.hcm.zellis.com
URL: https://myzone-test.portal.hcm.zellis.com/UserSecurity/LogOn
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
11142b2a7330b47678172ee29bbfa9b70bc08a10283e79c38e2f94180200940c
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'nonce-XNjvbl4osoHF+OddV+GGjagW7zeDhDC5cr2TybXlPqY='; style-src 'self' 'nonce-XNjvbl4osoHF+OddV+GGjagW7zeDhDC5cr2TybXlPqY='; object-src data: 'unsafe-eval'; img-src 'self' data: 'unsafe-eval'; frame-src 'self' https://app.powerbi.com; frame-ancestors 'self'; connect-src 'self'; child-src 'none'
Strict-Transport-Security max-age=31556952; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 23:51:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31556952; includeSubDomains
content-security-policy
default-src 'self'; script-src 'self' 'nonce-XNjvbl4osoHF+OddV+GGjagW7zeDhDC5cr2TybXlPqY='; style-src 'self' 'nonce-XNjvbl4osoHF+OddV+GGjagW7zeDhDC5cr2TybXlPqY='; object-src data: 'unsafe-eval'; img-src 'self' data: 'unsafe-eval'; frame-src 'self' https://app.powerbi.com; frame-ancestors 'self'; connect-src 'self'; child-src 'none'
x-cache
CONFIG_NOCACHE
p3p
policyref="/w3c/p3p.xml", CP="CNT NAV OTC PRE IDC COR CUR OUR BUS STP"
content-length
11003
request-context
appId=cid-v1:6ce46d13-96db-4a5c-b490-f6dea38df95a
x-ua-compatible
IE=Edge,chrome=1
last-modified
Sun, 19 May 2024 21:16:12 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
x-azure-ref
20240519T235103Z-17c66ffcdbcgzpgcva22g39030000000051g00000001gh4a
access-control-expose-headers
Request-Context
cache-control
private, max-age=77108
accept-ranges
bytes
expires
Mon, 20 May 2024 21:16:30 GMT
$8;foundation;zds-internal
myzone-test.portal.hcm.zellis.com/xres/2024.5.17.10/637852972581895630/css/ 		0
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://myzone-test.portal.hcm.zellis.com/xres/2024.5.17.10/637852972581895630/css/$8;foundation;zds-internal
Requested by
Host: myzone-test.portal.hcm.zellis.com
URL: https://myzone-test.portal.hcm.zellis.com/UserSecurity/LogOn
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'nonce-0r8sGlP76ncACBfB8zW7xkgyyIcfdD01eyS7Tb/mVnc='; style-src 'self' 'nonce-0r8sGlP76ncACBfB8zW7xkgyyIcfdD01eyS7Tb/mVnc='; object-src data: 'unsafe-eval'; img-src 'self' data: 'unsafe-eval'; frame-src 'self' https://app.powerbi.com; frame-ancestors 'self'; connect-src 'self'; child-src 'none'
Strict-Transport-Security max-age=31556952; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 23:51:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31556952; includeSubDomains
content-security-policy
default-src 'self'; script-src 'self' 'nonce-0r8sGlP76ncACBfB8zW7xkgyyIcfdD01eyS7Tb/mVnc='; style-src 'self' 'nonce-0r8sGlP76ncACBfB8zW7xkgyyIcfdD01eyS7Tb/mVnc='; object-src data: 'unsafe-eval'; img-src 'self' data: 'unsafe-eval'; frame-src 'self' https://app.powerbi.com; frame-ancestors 'self'; connect-src 'self'; child-src 'none'
x-cache
CONFIG_NOCACHE
p3p
policyref="/w3c/p3p.xml", CP="CNT NAV OTC PRE IDC COR CUR OUR BUS STP"
content-length
3905
request-context
appId=cid-v1:6ce46d13-96db-4a5c-b490-f6dea38df95a
x-ua-compatible
IE=Edge,chrome=1
last-modified
Sun, 19 May 2024 21:16:26 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
x-azure-ref
20240519T235104Z-17c66ffcdbcgzpgcva22g39030000000051g00000001gh5h
access-control-expose-headers
Request-Context
cache-control
private, max-age=77122
accept-ranges
bytes
expires
Mon, 20 May 2024 21:16:29 GMT
bg_collaborationGroup_Zellis_lg.jpg
myzone-test.portal.hcm.zellis.com/img/ZDS/backgrounds-login/ 		238 KB
238 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://myzone-test.portal.hcm.zellis.com/img/ZDS/backgrounds-login/bg_collaborationGroup_Zellis_lg.jpg
Requested by
Host: myzone-test.portal.hcm.zellis.com
URL: https://myzone-test.portal.hcm.zellis.com/xpkg/core.css?v=2024.5.17.10&c=637852972581895630
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0a57e8e9bfffb745802c2145f5ca085d4fbda9031f3320c46147e608e7baab70
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://myzone-test.portal.hcm.zellis.com/xpkg/core.css?v=2024.5.17.10&c=637852972581895630
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 23:51:04 GMT
strict-transport-security
max-age=31556952; includeSubDomains
x-content-type-options
nosniff
x-cache
CONFIG_NOCACHE
p3p
policyref="/w3c/p3p.xml", CP="CNT NAV OTC PRE IDC COR CUR OUR BUS STP"
content-length
243346
x-ua-compatible
IE=Edge,chrome=1
request-context
appId=cid-v1:6ce46d13-96db-4a5c-b490-f6dea38df95a
last-modified
Fri, 17 May 2024 22:22:08 GMT
etag
"0288fa7a8a8da1:0"
x-frame-options
SAMEORIGIN
x-azure-ref
20240519T235104Z-17c66ffcdbcgzpgcva22g39030000000051g00000001gh5r
content-type
image/jpeg
access-control-expose-headers
Request-Context
cache-control
max-age=432000
accept-ranges
bytes
logo_MyZone.png
myzone-test.portal.hcm.zellis.com/img/ZDS/product-logos/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://myzone-test.portal.hcm.zellis.com/img/ZDS/product-logos/logo_MyZone.png
Requested by
Host: myzone-test.portal.hcm.zellis.com
URL: https://myzone-test.portal.hcm.zellis.com/xres/2024.5.17.10/637852972581895630/css/$8;foundation;zds-external
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
65bc5f272c9b22ebc88a085599e8c09a9a5400333973f5772c6ae5f75a62ee2c
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://myzone-test.portal.hcm.zellis.com/xres/2024.5.17.10/637852972581895630/css/$8;foundation;zds-external
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 23:51:04 GMT
strict-transport-security
max-age=31556952; includeSubDomains
x-content-type-options
nosniff
x-cache
CONFIG_NOCACHE
p3p
policyref="/w3c/p3p.xml", CP="CNT NAV OTC PRE IDC COR CUR OUR BUS STP"
content-length
13097
x-ua-compatible
IE=Edge,chrome=1
request-context
appId=cid-v1:6ce46d13-96db-4a5c-b490-f6dea38df95a
last-modified
Fri, 17 May 2024 22:22:08 GMT
etag
"0288fa7a8a8da1:0"
x-frame-options
SAMEORIGIN
x-azure-ref
20240519T235104Z-17c66ffcdbcgzpgcva22g39030000000051g00000001gh5s
content-type
image/png
access-control-expose-headers
Request-Context
cache-control
max-age=432000
accept-ranges
bytes
Overpass-Black.ttf
myzone-test.portal.hcm.zellis.com/fonts/ZDS/ 		106 KB
107 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://myzone-test.portal.hcm.zellis.com/fonts/ZDS/Overpass-Black.ttf
Requested by
Host: myzone-test.portal.hcm.zellis.com
URL: https://myzone-test.portal.hcm.zellis.com/xpkg/corefonts.css?v=2024.5.17.10&c=637852972581895630
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
236adb0b0e0ec6d5bc3b59717d31d2ef860bbb9348fddec483badcf153025312
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://myzone-test.portal.hcm.zellis.com/xpkg/corefonts.css?v=2024.5.17.10&c=637852972581895630
Origin
https://myzone-test.portal.hcm.zellis.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 23:51:04 GMT
strict-transport-security
max-age=31556952; includeSubDomains
x-content-type-options
nosniff
x-cache
CONFIG_NOCACHE
p3p
policyref="/w3c/p3p.xml", CP="CNT NAV OTC PRE IDC COR CUR OUR BUS STP"
content-length
108632
x-ua-compatible
IE=Edge,chrome=1
request-context
appId=cid-v1:6ce46d13-96db-4a5c-b490-f6dea38df95a
last-modified
Fri, 17 May 2024 22:22:08 GMT
etag
"0288fa7a8a8da1:0"
x-frame-options
SAMEORIGIN
x-azure-ref
20240519T235104Z-17c66ffcdbcgzpgcva22g39030000000051g00000001gh5v
content-type
application/octet-stream
access-control-expose-headers
Request-Context
cache-control
max-age=432000
accept-ranges
bytes
OpenSans-Regular.ttf
myzone-test.portal.hcm.zellis.com/fonts/ZDS/ 		93 KB
94 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://myzone-test.portal.hcm.zellis.com/fonts/ZDS/OpenSans-Regular.ttf
Requested by
Host: myzone-test.portal.hcm.zellis.com
URL: https://myzone-test.portal.hcm.zellis.com/xpkg/corefonts.css?v=2024.5.17.10&c=637852972581895630
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c0550c4cc4cf771d919a56b123416c84c00eec2861b285bf8155e6053dee09ec
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://myzone-test.portal.hcm.zellis.com/xpkg/corefonts.css?v=2024.5.17.10&c=637852972581895630
Origin
https://myzone-test.portal.hcm.zellis.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 23:51:04 GMT
strict-transport-security
max-age=31556952; includeSubDomains
x-content-type-options
nosniff
x-cache
CONFIG_NOCACHE
p3p
policyref="/w3c/p3p.xml", CP="CNT NAV OTC PRE IDC COR CUR OUR BUS STP"
content-length
95548
x-ua-compatible
IE=Edge,chrome=1
request-context
appId=cid-v1:6ce46d13-96db-4a5c-b490-f6dea38df95a
last-modified
Fri, 17 May 2024 22:22:08 GMT
etag
"0288fa7a8a8da1:0"
x-frame-options
SAMEORIGIN
x-azure-ref
20240519T235104Z-17c66ffcdbcgzpgcva22g39030000000051g00000001gh5w
content-type
application/octet-stream
access-control-expose-headers
Request-Context
cache-control
max-age=432000
accept-ranges
bytes
OpenSans-Bold.ttf
myzone-test.portal.hcm.zellis.com/fonts/ZDS/ 		100 KB
101 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://myzone-test.portal.hcm.zellis.com/fonts/ZDS/OpenSans-Bold.ttf
Requested by
Host: myzone-test.portal.hcm.zellis.com
URL: https://myzone-test.portal.hcm.zellis.com/xpkg/corefonts.css?v=2024.5.17.10&c=637852972581895630
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
67e6576e3a2553642ab5c65767dc8dcd7949dab7691cc7bd7049b0b81d450d05
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://myzone-test.portal.hcm.zellis.com/xpkg/corefonts.css?v=2024.5.17.10&c=637852972581895630
Origin
https://myzone-test.portal.hcm.zellis.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 23:51:04 GMT
strict-transport-security
max-age=31556952; includeSubDomains
x-content-type-options
nosniff
x-cache
CONFIG_NOCACHE
p3p
policyref="/w3c/p3p.xml", CP="CNT NAV OTC PRE IDC COR CUR OUR BUS STP"
content-length
102664
x-ua-compatible
IE=Edge,chrome=1
request-context
appId=cid-v1:6ce46d13-96db-4a5c-b490-f6dea38df95a
last-modified
Fri, 17 May 2024 22:22:08 GMT
etag
"0288fa7a8a8da1:0"
x-frame-options
SAMEORIGIN
x-azure-ref
20240519T235104Z-17c66ffcdbcgzpgcva22g39030000000051g00000001gh5x
content-type
application/octet-stream
access-control-expose-headers
Request-Context
cache-control
max-age=432000
accept-ranges
bytes
Overpass-Bold.ttf
myzone-test.portal.hcm.zellis.com/fonts/ZDS/ 		104 KB
105 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://myzone-test.portal.hcm.zellis.com/fonts/ZDS/Overpass-Bold.ttf
Requested by
Host: myzone-test.portal.hcm.zellis.com
URL: https://myzone-test.portal.hcm.zellis.com/xpkg/corefonts.css?v=2024.5.17.10&c=637852972581895630
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
92f08a4e4226c45ab98744bc4f3a9046af8bcb207bcb4f2d75a661c2638d0239
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://myzone-test.portal.hcm.zellis.com/xpkg/corefonts.css?v=2024.5.17.10&c=637852972581895630
Origin
https://myzone-test.portal.hcm.zellis.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 23:51:04 GMT
strict-transport-security
max-age=31556952; includeSubDomains
x-content-type-options
nosniff
x-cache
CONFIG_NOCACHE
p3p
policyref="/w3c/p3p.xml", CP="CNT NAV OTC PRE IDC COR CUR OUR BUS STP"
content-length
106996
x-ua-compatible
IE=Edge,chrome=1
request-context
appId=cid-v1:6ce46d13-96db-4a5c-b490-f6dea38df95a
last-modified
Fri, 17 May 2024 22:22:08 GMT
etag
"0288fa7a8a8da1:0"
x-frame-options
SAMEORIGIN
x-azure-ref
20240519T235104Z-17c66ffcdbcgzpgcva22g39030000000051g00000001gh5y
content-type
application/octet-stream
access-control-expose-headers
Request-Context
cache-control
max-age=432000
accept-ranges
bytes
OpenSans-Italic.ttf
myzone-test.portal.hcm.zellis.com/fonts/ZDS/ 		88 KB
89 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://myzone-test.portal.hcm.zellis.com/fonts/ZDS/OpenSans-Italic.ttf
Requested by
Host: myzone-test.portal.hcm.zellis.com
URL: https://myzone-test.portal.hcm.zellis.com/xpkg/corefonts.css?v=2024.5.17.10&c=637852972581895630
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
aaa67dca2072579e34b26529c2a2046572357e3e05581f08660a9151d6ead6b6
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://myzone-test.portal.hcm.zellis.com/xpkg/corefonts.css?v=2024.5.17.10&c=637852972581895630
Origin
https://myzone-test.portal.hcm.zellis.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 23:51:04 GMT
strict-transport-security
max-age=31556952; includeSubDomains
x-content-type-options
nosniff
x-cache
CONFIG_NOCACHE
p3p
policyref="/w3c/p3p.xml", CP="CNT NAV OTC PRE IDC COR CUR OUR BUS STP"
content-length
90388
x-ua-compatible
IE=Edge,chrome=1
request-context
appId=cid-v1:6ce46d13-96db-4a5c-b490-f6dea38df95a
last-modified
Fri, 17 May 2024 22:22:08 GMT
etag
"0288fa7a8a8da1:0"
x-frame-options
SAMEORIGIN
x-azure-ref
20240519T235104Z-17c66ffcdbcgzpgcva22g39030000000051g00000001gh5z
content-type
application/octet-stream
access-control-expose-headers
Request-Context
cache-control
max-age=432000
accept-ranges
bytes
FavIcon
myzone-test.portal.hcm.zellis.com/Image/ 		15 KB
16 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://myzone-test.portal.hcm.zellis.com/Image/FavIcon?c=637852972581895630
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0a69ff10bd23c78ed923eff7410a6e600d99e7e9a57f3258ce3656d9eca871ea
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'nonce-iuqdhjnHI0z+LwU0Qfst2fj2xzU2SttD/B+pnSbWcak='; style-src 'self' 'nonce-iuqdhjnHI0z+LwU0Qfst2fj2xzU2SttD/B+pnSbWcak='; object-src data: 'unsafe-eval'; img-src 'self' data: 'unsafe-eval'; frame-src 'self' https://app.powerbi.com; frame-ancestors 'self'; connect-src 'self'; child-src 'none'
Strict-Transport-Security max-age=31556952; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 23:51:04 GMT
strict-transport-security
max-age=31556952; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' 'nonce-iuqdhjnHI0z+LwU0Qfst2fj2xzU2SttD/B+pnSbWcak='; style-src 'self' 'nonce-iuqdhjnHI0z+LwU0Qfst2fj2xzU2SttD/B+pnSbWcak='; object-src data: 'unsafe-eval'; img-src 'self' data: 'unsafe-eval'; frame-src 'self' https://app.powerbi.com; frame-ancestors 'self'; connect-src 'self'; child-src 'none'
x-cache
CONFIG_NOCACHE
p3p
policyref="/w3c/p3p.xml", CP="CNT NAV OTC PRE IDC COR CUR OUR BUS STP"
content-disposition
attachment; filename=favicon.ico
content-length
15086
request-context
appId=cid-v1:6ce46d13-96db-4a5c-b490-f6dea38df95a
x-ua-compatible
IE=Edge,chrome=1
last-modified
Sun, 19 May 2024 23:51:04 GMT
x-frame-options
SAMEORIGIN
x-azure-ref
20240519T235104Z-17c66ffcdbcgzpgcva22g39030000000051g00000001gh7d
content-type
image/x-icon
access-control-expose-headers
Request-Context
cache-control
private, max-age=864000
accept-ranges
bytes
expires
Wed, 29 May 2024 23:51:04 GMT

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| $$ undefined| $$pageModel function| __extends function| __spreadArray object| compensate function| $ function| jQuery

3 Cookies

Domain/Path Name / Value
.myzone-test.portal.hcm.zellis.com/ Name: ARRAffinity
Value: 54e25495543135d1bc6005f20a6da35971b6cef4229593049e00c37f0506b154
.myzone-test.portal.hcm.zellis.com/ Name: ARRAffinitySameSite
Value: 54e25495543135d1bc6005f20a6da35971b6cef4229593049e00c37f0506b154
myzone-test.portal.hcm.zellis.com/ Name: __RequestVerificationToken
Value: 9N6ckz47OyVd-pD-gAmYyZEWYB7xkPWB2yQtAcARmqaZ4sulMBoPIogU2Vv2Cvb2e6FD0y_8pqp9mJf2K2RsNvMRr_1J2tyawrFLaPvsMIY1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; script-src 'self' 'nonce-onYnhWxGYCxcqe7XAMUucyzHpWMB8s2da3oX5wyOo+Y='; style-src 'self' 'nonce-onYnhWxGYCxcqe7XAMUucyzHpWMB8s2da3oX5wyOo+Y='; object-src data: 'unsafe-eval'; img-src 'self' data: 'unsafe-eval'; frame-src 'self' https://app.powerbi.com; frame-ancestors 'self'; connect-src 'self'; child-src 'none'
Strict-Transport-Security max-age=31556952; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN