urlscan.io logo urlscan.io
SecurityTrails logo

login-staging.eurostar.com Open in urlscan Pro
18.196.29.0  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://eil-accounts-stg-pr-679.dev.eurostar.com/
Effective URL: https://login-staging.eurostar.com/login?state=g6Fo2SBRWXVVVzJxZFFlWnMwcG1ycko1eUpaMlVjSzVENHFVY6N0aWTZIE5sLURkR1JZRHBzTjdVS04ybEIx...
Submission: On September 20 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 4 countries across 10 domains to perform 46 HTTP transactions. The main IP is 18.196.29.0, located in Frankfurt am Main, Germany and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is login-staging.eurostar.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on September 6th 2019. Valid for: 3 months.
This is the only time login-staging.eurostar.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 10 54.229.217.60 16509 (AMAZON-02)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 2a04:4e42:1b:... 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 152.199.23.241 15133 (EDGECAST)
8 151.101.13.106 54113 (FASTLY)
1 2 18.196.29.0 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:200... 54113 (FASTLY)
1 143.204.215.119 16509 (AMAZON-02)
46 13
10    54.229.217.60 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-229-217-60.eu-west-1.compute.amazonaws.com
eil-accounts-stg-pr-679.dev.eurostar.com
1    2a02:26f0:6c00:181::13b8 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
cdn.optimizely.com
2    2a04:4e42:1b::621 (Ascension Island)

ASN54113 (FASTLY - Fastly, US)
cdn.polyfill.io
1    2606:4700::6813:c797 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdnjs.cloudflare.com
1    2a00:1450:4001:819::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
1    152.199.23.241 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
tags.tiqcdn.com
8    151.101.13.106 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
staging.eurostar.com
static.eurostar.com
2    18.196.29.0 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-196-29-0.eu-central-1.compute.amazonaws.com
login-staging.eurostar.com
2    2a00:1450:4001:825::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
ampcid.google.com
1    2a04:4e42:200::621 (Ascension Island)

ASN54113 (FASTLY - Fastly, US)
polyfill.io
1    143.204.215.119 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-215-119.fra53.r.cloudfront.net
cdn.auth0.com
Domain Requested by
10 eil-accounts-stg-pr-679.dev.eurostar.com 1 redirects eil-accounts-stg-pr-679.dev.eurostar.com
7 static.eurostar.com eil-accounts-stg-pr-679.dev.eurostar.com
login-staging.eurostar.com
2 www.google-analytics.com tags.tiqcdn.com
www.google-analytics.com
2 login-staging.eurostar.com 1 redirects eil-accounts-stg-pr-679.dev.eurostar.com
2 cdn.polyfill.io eil-accounts-stg-pr-679.dev.eurostar.com
1 cdn.auth0.com login-staging.eurostar.com
1 polyfill.io login-staging.eurostar.com
1 ampcid.google.com www.google-analytics.com
1 staging.eurostar.com eil-accounts-stg-pr-679.dev.eurostar.com
1 tags.tiqcdn.com eil-accounts-stg-pr-679.dev.eurostar.com
tags.tiqcdn.com
1 www.googletagmanager.com eil-accounts-stg-pr-679.dev.eurostar.com
1 cdnjs.cloudflare.com eil-accounts-stg-pr-679.dev.eurostar.com
1 cdn.optimizely.com eil-accounts-stg-pr-679.dev.eurostar.com
0 ampcid.google.de Failed www.google-analytics.com
46 14

This site contains links to these domains. Also see Links.

Domain
accounts-staging.eurostar.com
Subject Issuer Validity Valid
eil-accounts-stg-pr-679.dev.eurostar.com
Let's Encrypt Authority X3		 2019-09-20 -
2019-12-19		 3 months crt.sh
cdn.optimizely.com
DigiCert ECC Secure Server CA		 2018-11-24 -
2020-02-23		 a year crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-05-29 -
2020-04-23		 a year crt.sh
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-08-10 -
2020-02-16		 6 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-09-05 -
2019-11-28		 3 months crt.sh
*.tiqcdn.com
DigiCert SHA2 Secure Server CA		 2017-10-25 -
2020-05-13		 3 years crt.sh
*.eurostar.com
DigiCert SHA2 Secure Server CA		 2018-03-14 -
2020-03-18		 2 years crt.sh
login-staging.eurostar.com
Let's Encrypt Authority X3		 2019-09-06 -
2019-12-05		 3 months crt.sh
*.google.com
GTS CA 1O1		 2019-09-05 -
2019-11-28		 3 months crt.sh
*.auth0.com
Amazon		 2019-06-21 -
2020-07-21		 a year crt.sh

This page contains 1 frames:

Primary Page: https://login-staging.eurostar.com/login?state=g6Fo2SBRWXVVVzJxZFFlWnMwcG1ycko1eUpaMlVjSzVENHFVY6N0aWTZIE5sLURkR1JZRHBzTjdVS04ybEIxY2s2UmNoNmdVdng3o2NpZNkgNkE2emxYaTQycERXSzJsWUtVZFFyUk1hVWNxVGcxR20&client=6A6zlXi42pDWK2lYKUdQrRMaUcqTg1Gm&protocol=oauth2&response_type=token%20id_token&redirect_uri=https%3A%2F%2Feil-accounts-stg-pr-679.dev.eurostar.com%2Fuk-en%2F&ui_locales=en&connection=Accounts-Service&nonce=lTBy7zfY9wCaFOERt97zhYtp8GjZMH40&scope=openid%20profile%20email&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xMC4wIn0%3D
Frame ID: 767C38823A2F3417A2FB32B239CAC223
Requests: 47 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://eil-accounts-stg-pr-679.dev.eurostar.com/ HTTP 307
    https://eil-accounts-stg-pr-679.dev.eurostar.com/uk-en Page URL
  2. https://login-staging.eurostar.com/authorize?client_id=6A6zlXi42pDWK2lYKUdQrRMaUcqTg1Gm&response_type=token%20i... HTTP 302
    https://login-staging.eurostar.com/login?state=g6Fo2SBRWXVVVzJxZFFlWnMwcG1ycko1eUpaMlVjSzVENHFVY6N0aWTZIE5sLURk... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^Cowboy$/i
Overall confidence: 100%
Detected patterns
  • headers server /^Cowboy$/i

Page Statistics

46
Requests

63 %
HTTPS

58 %
IPv6

10
Domains

14
Subdomains

13
IPs

4
Countries

838 kB
Transfer

2753 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://eil-accounts-stg-pr-679.dev.eurostar.com/ HTTP 307
    https://eil-accounts-stg-pr-679.dev.eurostar.com/uk-en Page URL
  2. https://login-staging.eurostar.com/authorize?client_id=6A6zlXi42pDWK2lYKUdQrRMaUcqTg1Gm&response_type=token%20id_token&redirect_uri=https%3A%2F%2Feil-accounts-stg-pr-679.dev.eurostar.com%2Fuk-en%2F&ui_locales=en&state=UBLe0TQnf3kIRA82V0JPA&connection=Accounts-Service&nonce=lTBy7zfY9wCaFOERt97zhYtp8GjZMH40&scope=openid%20profile%20email&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xMC4wIn0%3D HTTP 302
    https://login-staging.eurostar.com/login?state=g6Fo2SBRWXVVVzJxZFFlWnMwcG1ycko1eUpaMlVjSzVENHFVY6N0aWTZIE5sLURkR1JZRHBzTjdVS04ybEIxY2s2UmNoNmdVdng3o2NpZNkgNkE2emxYaTQycERXSzJsWUtVZFFyUk1hVWNxVGcxR20&client=6A6zlXi42pDWK2lYKUdQrRMaUcqTg1Gm&protocol=oauth2&response_type=token%20id_token&redirect_uri=https%3A%2F%2Feil-accounts-stg-pr-679.dev.eurostar.com%2Fuk-en%2F&ui_locales=en&connection=Accounts-Service&nonce=lTBy7zfY9wCaFOERt97zhYtp8GjZMH40&scope=openid%20profile%20email&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xMC4wIn0%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://eil-accounts-stg-pr-679.dev.eurostar.com/ HTTP 307
  • https://eil-accounts-stg-pr-679.dev.eurostar.com/uk-en

46 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set uk-en
eil-accounts-stg-pr-679.dev.eurostar.com/
Redirect Chain
  • https://eil-accounts-stg-pr-679.dev.eurostar.com/
  • https://eil-accounts-stg-pr-679.dev.eurostar.com/uk-en
16 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eil-accounts-stg-pr-679.dev.eurostar.com/uk-en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.217.60 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-229-217-60.eu-west-1.compute.amazonaws.com
Software
Cowboy /
Resource Hash
d586b93e24e90a9a2dc206b99714b53d8e0cf43e9a56de616e403713f2860209
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; frame-src 'self' https: *.doubleclick.net; script-src *.monetate.net *.google.com *.facebook.net *.googletagmanager.com *.google-analytics.com 'self' https: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com https:; font-src 'self' *.gstatic.com data: *.googleapis.com https://static.eurostar.com; style-src 'self' *.eurostar.com eurostarhelp.secure.force.com *.googleapis.com *.gstatic.com *.google.com 'unsafe-inline'; connect-src 'self' https:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Host
eil-accounts-stg-pr-679.dev.eurostar.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
none
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1

Response headers

Server
Cowboy
Connection
keep-alive
X-Xss-Protection
1; mode=block
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
X-Frame-Options
DENY
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self' https:; frame-src 'self' https: *.doubleclick.net; script-src *.monetate.net *.google.com *.facebook.net *.googletagmanager.com *.google-analytics.com 'self' https: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com https:; font-src 'self' *.gstatic.com data: *.googleapis.com https://static.eurostar.com; style-src 'self' *.eurostar.com eurostarhelp.secure.force.com *.googleapis.com *.gstatic.com *.google.com 'unsafe-inline'; connect-src 'self' https:
Set-Cookie
_estarCID=ACL-P3JUN-KAFUF; path=/; secure esMarket=uk-en; path=/; secure; httponly
Accept-Ranges
bytes
Cache-Control
public, max-age=0
Last-Modified
Fri, 20 Sep 2019 12:09:15 GMT
Etag
W/"3f74-16d4e938b30"
Content-Type
text/html; charset=UTF-8
Content-Length
16244
Date
Fri, 20 Sep 2019 12:09:15 GMT
Via
1.1 vegur

Redirect headers

Server
Cowboy
Connection
keep-alive
X-Xss-Protection
1; mode=block
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin
X-Frame-Options
DENY
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self' https:; frame-src 'self' https: *.doubleclick.net; script-src *.monetate.net *.google.com *.facebook.net *.googletagmanager.com *.google-analytics.com 'self' https: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com https:; font-src 'self' *.gstatic.com data: *.googleapis.com https://static.eurostar.com; style-src 'self' *.eurostar.com eurostarhelp.secure.force.com *.googleapis.com *.gstatic.com *.google.com 'unsafe-inline'; connect-src 'self' https:
Location
/uk-en
Vary
Accept
Content-Type
text/html; charset=utf-8
Content-Length
69
Date
Fri, 20 Sep 2019 12:09:15 GMT
Via
1.1 vegur
11109464064.js
cdn.optimizely.com/js/ 		277 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.optimizely.com/js/11109464064.js
Requested by
Host: eil-accounts-stg-pr-679.dev.eurostar.com
URL: https://eil-accounts-stg-pr-679.dev.eurostar.com/uk-en
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:181::13b8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1b5ef3705d1b0063fd01e5064b1baa2f41a1d8c6ecfe898b99b5c45d73a1bc58
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://eil-accounts-stg-pr-679.dev.eurostar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-meta-pci_enabled
False
x-amz-version-id
LAw53PipPHuX02zha4rPS0WwYzk4ss81
content-encoding
gzip
etag
"30929c7f31ad25ddd1cf4925d30fc98a"
x-amz-request-id
95BEA0125BE6D170
status
200
x-amz-replication-status
COMPLETED
access-control-allow-methods
GET, HEAD
server-timing
cdn;desc="AkamaiION";dur=0,rtt;desc="6";dur=0,cdnip;desc="2a02:26f0:6c00:181::13b8";dur=0,cdnmap;desc="";dur=0,proto;desc="h2";dur=0
vary
Accept-Encoding
content-length
85550
x-amz-id-2
8eB9/didAhnkvx5aBHzKSqVxT9PDvV4rJ7ESQR8ARxPJCEafDPT1xNSjV0xrVxutQIhjqWH28aA=
last-modified
Fri, 05 Jul 2019 12:33:09 GMT
server
AmazonS3
date
Fri, 20 Sep 2019 12:09:15 GMT
access-control-max-age
86400
strict-transport-security
max-age=15768000
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
x-amz-meta-revision
cache-control
max-age=900
x-amz-meta-revision
431
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
polyfill.min.js
cdn.polyfill.io/v2/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.polyfill.io/v2/polyfill.min.js?features=es6,URL,Object.values,Array.prototype.includes,Intl.~locale.en,Intl.~locale.fr,Intl.~locale.nl,HTMLPictureElement
Requested by
Host: eil-accounts-stg-pr-679.dev.eurostar.com
URL: https://eil-accounts-stg-pr-679.dev.eurostar.com/uk-en
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
e8af73fa4560eec175777bb3599db76a417328e8b6a2efecb9f6c1629c7dc67b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://eil-accounts-stg-pr-679.dev.eurostar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
947190
detected-user-agent
Chrome/74.0.3729
status
200
request_came_from_shield
HHN
server-timing
HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT-CLUSTER, fastly;desc="Edge time";dur=1
content-length
926
etag
W/"39e-W9Ah0W2Rzzqjj5ilHv5XOdMbY9c"
referrer-policy
origin-when-cross-origin
date
Fri, 20 Sep 2019 12:09:15 GMT
vary
User-Agent, Accept-Encoding
normalized-user-agent
chrome/74.0.0
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
app.96a8ee4a.css
eil-accounts-stg-pr-679.dev.eurostar.com/static/css/ 		187 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://eil-accounts-stg-pr-679.dev.eurostar.com/static/css/app.96a8ee4a.css
Requested by
Host: eil-accounts-stg-pr-679.dev.eurostar.com
URL: https://eil-accounts-stg-pr-679.dev.eurostar.com/uk-en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.217.60 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-229-217-60.eu-west-1.compute.amazonaws.com
Software
Cowboy /
Resource Hash
59361d094ec9217edaffb4a4010bde1125f6f15cb3496b58e088e5c345c77a1a
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; frame-src 'self' https: *.doubleclick.net; script-src *.monetate.net *.google.com *.facebook.net *.googletagmanager.com *.google-analytics.com 'self' https: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com https:; font-src 'self' *.gstatic.com data: *.googleapis.com https://static.eurostar.com; style-src 'self' *.eurostar.com eurostarhelp.secure.force.com *.googleapis.com *.gstatic.com *.google.com 'unsafe-inline'; connect-src 'self' https:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://eil-accounts-stg-pr-679.dev.eurostar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
br
Etag
W/"59ef-16d4e8dd120"
Connection
keep-alive
Content-Length
23023
X-Xss-Protection
1; mode=block
Referrer-Policy
strict-origin
Last-Modified
Fri, 20 Sep 2019 12:03:00 GMT
Server
Cowboy
X-Frame-Options
DENY
Date
Fri, 20 Sep 2019 12:09:15 GMT
Vary
Accept-Encoding
Content-Type
text/css; charset=UTF-8
Via
1.1 vegur
Cache-Control
public, max-age=0
Content-Security-Policy
default-src 'self' https:; frame-src 'self' https: *.doubleclick.net; script-src *.monetate.net *.google.com *.facebook.net *.googletagmanager.com *.google-analytics.com 'self' https: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com https:; font-src 'self' *.gstatic.com data: *.googleapis.com https://static.eurostar.com; style-src 'self' *.eurostar.com eurostarhelp.secure.force.com *.googleapis.com *.gstatic.com *.google.com 'unsafe-inline'; connect-src 'self' https:
Accept-Ranges
bytes
X-Content-Type-Options
nosniff
vendors.5b540317.js
eil-accounts-stg-pr-679.dev.eurostar.com/static/js/ 		449 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eil-accounts-stg-pr-679.dev.eurostar.com/static/js/vendors.5b540317.js
Requested by
Host: eil-accounts-stg-pr-679.dev.eurostar.com
URL: https://eil-accounts-stg-pr-679.dev.eurostar.com/uk-en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.217.60 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-229-217-60.eu-west-1.compute.amazonaws.com
Software
Cowboy /
Resource Hash
46d0d1a217f5ae05d7e081b792865c67e583aa3ef244c14362921bd693636dbc
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; frame-src 'self' https: *.doubleclick.net; script-src *.monetate.net *.google.com *.facebook.net *.googletagmanager.com *.google-analytics.com 'self' https: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com https:; font-src 'self' *.gstatic.com data: *.googleapis.com https://static.eurostar.com; style-src 'self' *.eurostar.com eurostarhelp.secure.force.com *.googleapis.com *.gstatic.com *.google.com 'unsafe-inline'; connect-src 'self' https:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://eil-accounts-stg-pr-679.dev.eurostar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
br
Etag
W/"1a31a-16d4e8dd120"
Connection
keep-alive
Content-Length
107290
X-Xss-Protection
1; mode=block
Referrer-Policy
strict-origin
Last-Modified
Fri, 20 Sep 2019 12:03:00 GMT
Server
Cowboy
X-Frame-Options
DENY
Date
Fri, 20 Sep 2019 12:09:15 GMT
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Via
1.1 vegur
Cache-Control
public, max-age=0
Content-Security-Policy
default-src 'self' https:; frame-src 'self' https: *.doubleclick.net; script-src *.monetate.net *.google.com *.facebook.net *.googletagmanager.com *.google-analytics.com 'self' https: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com https:; font-src 'self' *.gstatic.com data: *.googleapis.com https://static.eurostar.com; style-src 'self' *.eurostar.com eurostarhelp.secure.force.com *.googleapis.com *.gstatic.com *.google.com 'unsafe-inline'; connect-src 'self' https:
Accept-Ranges
bytes
X-Content-Type-Options
nosniff
app.3c600c55.js
eil-accounts-stg-pr-679.dev.eurostar.com/static/js/ 		400 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eil-accounts-stg-pr-679.dev.eurostar.com/static/js/app.3c600c55.js
Requested by
Host: eil-accounts-stg-pr-679.dev.eurostar.com
URL: https://eil-accounts-stg-pr-679.dev.eurostar.com/uk-en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.217.60 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-229-217-60.eu-west-1.compute.amazonaws.com
Software
Cowboy /
Resource Hash
4fae212ff045f6f3eeb6c4ef0b8c799561635feda24670935639b122e6de11f8
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; frame-src 'self' https: *.doubleclick.net; script-src *.monetate.net *.google.com *.facebook.net *.googletagmanager.com *.google-analytics.com 'self' https: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com https:; font-src 'self' *.gstatic.com data: *.googleapis.com https://static.eurostar.com; style-src 'self' *.eurostar.com eurostarhelp.secure.force.com *.googleapis.com *.gstatic.com *.google.com 'unsafe-inline'; connect-src 'self' https:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://eil-accounts-stg-pr-679.dev.eurostar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
br
Etag
W/"104d2-16d4e8dd120"
Connection
keep-alive
Content-Length
66770
X-Xss-Protection
1; mode=block
Referrer-Policy
strict-origin
Last-Modified
Fri, 20 Sep 2019 12:03:00 GMT
Server
Cowboy
X-Frame-Options
DENY
Date
Fri, 20 Sep 2019 12:09:15 GMT
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Via
1.1 vegur
Cache-Control
public, max-age=0
Content-Security-Policy
default-src 'self' https:; frame-src 'self' https: *.doubleclick.net; script-src *.monetate.net *.google.com *.facebook.net *.googletagmanager.com *.google-analytics.com 'self' https: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com https:; font-src 'self' *.gstatic.com data: *.googleapis.com https://static.eurostar.com; style-src 'self' *.eurostar.com eurostarhelp.secure.force.com *.googleapis.com *.gstatic.com *.google.com 'unsafe-inline'; connect-src 'self' https:
Accept-Ranges
bytes
X-Content-Type-Options
nosniff
polyfills.198be673.js
eil-accounts-stg-pr-679.dev.eurostar.com/static/js/ 		214 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eil-accounts-stg-pr-679.dev.eurostar.com/static/js/polyfills.198be673.js
Requested by
Host: eil-accounts-stg-pr-679.dev.eurostar.com
URL: https://eil-accounts-stg-pr-679.dev.eurostar.com/uk-en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.217.60 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-229-217-60.eu-west-1.compute.amazonaws.com
Software
Cowboy /
Resource Hash
652a2ee03a9f1cf1bffc0063e69c0a12c45da3aa0477ec0cb2b7c5d0731acd09
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; frame-src 'self' https: *.doubleclick.net; script-src *.monetate.net *.google.com *.facebook.net *.googletagmanager.com *.google-analytics.com 'self' https: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com https:; font-src 'self' *.gstatic.com data: *.googleapis.com https://static.eurostar.com; style-src 'self' *.eurostar.com eurostarhelp.secure.force.com *.googleapis.com *.gstatic.com *.google.com 'unsafe-inline'; connect-src 'self' https:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://eil-accounts-stg-pr-679.dev.eurostar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Via
1.1 vegur
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
214
X-Xss-Protection
1; mode=block
Referrer-Policy
strict-origin
Last-Modified
Fri, 20 Sep 2019 12:03:00 GMT
Server
Cowboy
Date
Fri, 20 Sep 2019 12:09:15 GMT
X-Frame-Options
DENY
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0
Etag
W/"d6-16d4e8dd120"
Content-Security-Policy
default-src 'self' https:; frame-src 'self' https: *.doubleclick.net; script-src *.monetate.net *.google.com *.facebook.net *.googletagmanager.com *.google-analytics.com 'self' https: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com https:; font-src 'self' *.gstatic.com data: *.googleapis.com https://static.eurostar.com; style-src 'self' *.eurostar.com eurostarhelp.secure.force.com *.googleapis.com *.gstatic.com *.google.com 'unsafe-inline'; connect-src 'self' https:
Accept-Ranges
bytes
rollbar.min.js
cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.0.1/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.0.1/rollbar.min.js
Requested by
Host: eil-accounts-stg-pr-679.dev.eurostar.com
URL: https://eil-accounts-stg-pr-679.dev.eurostar.com/uk-en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:c797 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d429a20b4686e7341900cacb0e4a41310f6f724bc3ee9b4cb6f9051de9bad8b9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode
cors
Referer
https://eil-accounts-stg-pr-679.dev.eurostar.com/
Origin
https://eil-accounts-stg-pr-679.dev.eurostar.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 20 Sep 2019 12:09:15 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
13615259
status
200
served-in-seconds
0.027
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:25:30 GMT
server
cloudflare
etag
W/"5afd4a8a-976c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
5193b080dd8acba0-VIE
expires
Wed, 09 Sep 2020 12:09:15 GMT
polyfill.min.js
cdn.polyfill.io/v2/ 		4 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.polyfill.io/v2/polyfill.min.js?features=es6,URL,Object.values,Array.prototype.includes,Intl.~locale.en,Intl.~locale.fr,Intl.~locale.nl,HTMLPictureElement
Requested by
Host: eil-accounts-stg-pr-679.dev.eurostar.com
URL: https://eil-accounts-stg-pr-679.dev.eurostar.com/uk-en
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
e8af73fa4560eec175777bb3599db76a417328e8b6a2efecb9f6c1629c7dc67b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://eil-accounts-stg-pr-679.dev.eurostar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
947190
detected-user-agent
Chrome/74.0.3729
status
200
request_came_from_shield
HHN
server-timing
HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT, fastly;desc="Edge time";dur=0
content-length
926
etag
W/"39e-W9Ah0W2Rzzqjj5ilHv5XOdMbY9c"
referrer-policy
origin-when-cross-origin
date
Fri, 20 Sep 2019 12:09:15 GMT
vary
User-Agent, Accept-Encoding
normalized-user-agent
chrome/74.0.0
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
gtm.js
www.googletagmanager.com/ 		167 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MQ8V7X
Requested by
Host: eil-accounts-stg-pr-679.dev.eurostar.com
URL: https://eil-accounts-stg-pr-679.dev.eurostar.com/uk-en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5be9c9c57fdc7c1b8796c46f3405041b6b3934d2b452ef5edc6cf34011677de1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://eil-accounts-stg-pr-679.dev.eurostar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 20 Sep 2019 12:09:15 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
39422
x-xss-protection
0
expires
Fri, 20 Sep 2019 12:09:15 GMT
utag.js
tags.tiqcdn.com/utag/eurostar/main/qa/ 		216 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/eurostar/main/qa/utag.js
Requested by
Host: eil-accounts-stg-pr-679.dev.eurostar.com
URL: https://eil-accounts-stg-pr-679.dev.eurostar.com/uk-en
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.241 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
EOS (vny006/0450) /
Resource Hash

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://eil-accounts-stg-pr-679.dev.eurostar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 20 Sep 2019 12:10:17 GMT
content-encoding
gzip
last-modified
Thu, 19 Sep 2019 11:07:58 GMT
server
EOS (vny006/0450)
etag
"1891102036"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=300
accept-ranges
bytes
content-length
55447
expires
Fri, 20 Sep 2019 12:14:15 GMT
cookie-banner.js
staging.eurostar.com/static/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://staging.eurostar.com/static/cookie-banner.js?language=en
Requested by
Host: eil-accounts-stg-pr-679.dev.eurostar.com
URL: https://eil-accounts-stg-pr-679.dev.eurostar.com/uk-en
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.106 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
9d8812ccbb5e1fc74ca7853f3f5dfe094f922ef6fefeceef5d5a419a20d5eb6d
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: https: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://eil-accounts-stg-pr-679.dev.eurostar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 20 Sep 2019 12:09:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
fastly-country-code
DE
x-cache
MISS
status
200
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-served-by
cache-fra19139-FRA
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 20 Sep 2019 10:28:31 GMT
x-frame-options
SAMEORIGIN
etag
W/"6813-16d4e375098"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=604800
content-security-policy
default-src * data: blob: filesystem: https: 'unsafe-inline' 'unsafe-eval'
accept-ranges
bytes, bytes
x-cache-hits
0
21.ab82d79a.chunk.js
eil-accounts-stg-pr-679.dev.eurostar.com/static/js/ 		179 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eil-accounts-stg-pr-679.dev.eurostar.com/static/js/21.ab82d79a.chunk.js
Requested by
Host: eil-accounts-stg-pr-679.dev.eurostar.com
URL: https://eil-accounts-stg-pr-679.dev.eurostar.com/static/js/vendors.5b540317.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.217.60 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-229-217-60.eu-west-1.compute.amazonaws.com
Software
Cowboy /
Resource Hash
70823360e07aa1a176e0942a4684e425a0f68011d3b4c262c277646aeff9040f
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; frame-src 'self' https: *.doubleclick.net; script-src *.monetate.net *.google.com *.facebook.net *.googletagmanager.com *.google-analytics.com 'self' https: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com https:; font-src 'self' *.gstatic.com data: *.googleapis.com https://static.eurostar.com; style-src 'self' *.eurostar.com eurostarhelp.secure.force.com *.googleapis.com *.gstatic.com *.google.com 'unsafe-inline'; connect-src 'self' https:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://eil-accounts-stg-pr-679.dev.eurostar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Via
1.1 vegur
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
179
X-Xss-Protection
1; mode=block
Referrer-Policy
strict-origin
Last-Modified
Fri, 20 Sep 2019 12:03:00 GMT
Server
Cowboy
Date
Fri, 20 Sep 2019 12:09:15 GMT
X-Frame-Options
DENY
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0
Etag
W/"b3-16d4e8dd120"
Content-Security-Policy
default-src 'self' https:; frame-src 'self' https: *.doubleclick.net; script-src *.monetate.net *.google.com *.facebook.net *.googletagmanager.com *.google-analytics.com 'self' https: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com https:; font-src 'self' *.gstatic.com data: *.googleapis.com https://static.eurostar.com; style-src 'self' *.eurostar.com eurostarhelp.secure.force.com *.googleapis.com *.gstatic.com *.google.com 'unsafe-inline'; connect-src 'self' https:
Accept-Ranges
bytes
18.8c141929.chunk.js
eil-accounts-stg-pr-679.dev.eurostar.com/static/js/ 		8 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eil-accounts-stg-pr-679.dev.eurostar.com/static/js/18.8c141929.chunk.js
Requested by
Host: eil-accounts-stg-pr-679.dev.eurostar.com
URL: https://eil-accounts-stg-pr-679.dev.eurostar.com/static/js/vendors.5b540317.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.217.60 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-229-217-60.eu-west-1.compute.amazonaws.com
Software
Cowboy /
Resource Hash
e5598703e7a4d59e10bb83a6811c3578ca5bffe405500f4e6b8bf6b77997e180
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; frame-src 'self' https: *.doubleclick.net; script-src *.monetate.net *.google.com *.facebook.net *.googletagmanager.com *.google-analytics.com 'self' https: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com https:; font-src 'self' *.gstatic.com data: *.googleapis.com https://static.eurostar.com; style-src 'self' *.eurostar.com eurostarhelp.secure.force.com *.googleapis.com *.gstatic.com *.google.com 'unsafe-inline'; connect-src 'self' https:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://eil-accounts-stg-pr-679.dev.eurostar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Via
1.1 vegur
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
8295
X-Xss-Protection
1; mode=block
Referrer-Policy
strict-origin
Last-Modified
Fri, 20 Sep 2019 12:03:00 GMT
Server
Cowboy
Date
Fri, 20 Sep 2019 12:09:15 GMT
X-Frame-Options
DENY
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0
Etag
W/"2067-16d4e8dd120"
Content-Security-Policy
default-src 'self' https:; frame-src 'self' https: *.doubleclick.net; script-src *.monetate.net *.google.com *.facebook.net *.googletagmanager.com *.google-analytics.com 'self' https: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com https:; font-src 'self' *.gstatic.com data: *.googleapis.com https://static.eurostar.com; style-src 'self' *.eurostar.com eurostarhelp.secure.force.com *.googleapis.com *.gstatic.com *.google.com 'unsafe-inline'; connect-src 'self' https:
Accept-Ranges
bytes
1.92e44256.chunk.js
eil-accounts-stg-pr-679.dev.eurostar.com/static/js/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eil-accounts-stg-pr-679.dev.eurostar.com/static/js/1.92e44256.chunk.js
Requested by
Host: eil-accounts-stg-pr-679.dev.eurostar.com
URL: https://eil-accounts-stg-pr-679.dev.eurostar.com/static/js/vendors.5b540317.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.217.60 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-229-217-60.eu-west-1.compute.amazonaws.com
Software
Cowboy /
Resource Hash
8bef54deaecb32a051eedff58f5cb2af6019e5390bd6c1a05d611914fca306b2
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; frame-src 'self' https: *.doubleclick.net; script-src *.monetate.net *.google.com *.facebook.net *.googletagmanager.com *.google-analytics.com 'self' https: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com https:; font-src 'self' *.gstatic.com data: *.googleapis.com https://static.eurostar.com; style-src 'self' *.eurostar.com eurostarhelp.secure.force.com *.googleapis.com *.gstatic.com *.google.com 'unsafe-inline'; connect-src 'self' https:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://eil-accounts-stg-pr-679.dev.eurostar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
br
Etag
W/"1682-16d4e8dd120"
Connection
keep-alive
Content-Length
5762
X-Xss-Protection
1; mode=block
Referrer-Policy
strict-origin
Last-Modified
Fri, 20 Sep 2019 12:03:00 GMT
Server
Cowboy
X-Frame-Options
DENY
Date
Fri, 20 Sep 2019 12:09:15 GMT
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Via
1.1 vegur
Cache-Control
public, max-age=0
Content-Security-Policy
default-src 'self' https:; frame-src 'self' https: *.doubleclick.net; script-src *.monetate.net *.google.com *.facebook.net *.googletagmanager.com *.google-analytics.com 'self' https: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com https:; font-src 'self' *.gstatic.com data: *.googleapis.com https://static.eurostar.com; style-src 'self' *.eurostar.com eurostarhelp.secure.force.com *.googleapis.com *.gstatic.com *.google.com 'unsafe-inline'; connect-src 'self' https:
Accept-Ranges
bytes
X-Content-Type-Options
nosniff
9.43b15436.chunk.js
eil-accounts-stg-pr-679.dev.eurostar.com/static/js/ 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eil-accounts-stg-pr-679.dev.eurostar.com/static/js/9.43b15436.chunk.js
Requested by
Host: eil-accounts-stg-pr-679.dev.eurostar.com
URL: https://eil-accounts-stg-pr-679.dev.eurostar.com/static/js/vendors.5b540317.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.217.60 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-229-217-60.eu-west-1.compute.amazonaws.com
Software
Cowboy /
Resource Hash
e0e4b6ecc4f509075235503801dd2513a58cc91a2dd96bc1debdae7cc33c2741
Security Headers
Name Value
Content-Security-Policy default-src 'self' https:; frame-src 'self' https: *.doubleclick.net; script-src *.monetate.net *.google.com *.facebook.net *.googletagmanager.com *.google-analytics.com 'self' https: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com https:; font-src 'self' *.gstatic.com data: *.googleapis.com https://static.eurostar.com; style-src 'self' *.eurostar.com eurostarhelp.secure.force.com *.googleapis.com *.gstatic.com *.google.com 'unsafe-inline'; connect-src 'self' https:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://eil-accounts-stg-pr-679.dev.eurostar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Via
1.1 vegur
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
5128
X-Xss-Protection
1; mode=block
Referrer-Policy
strict-origin
Last-Modified
Fri, 20 Sep 2019 12:03:00 GMT
Server
Cowboy
Date
Fri, 20 Sep 2019 12:09:15 GMT
X-Frame-Options
DENY
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0
Etag
W/"1408-16d4e8dd120"
Content-Security-Policy
default-src 'self' https:; frame-src 'self' https: *.doubleclick.net; script-src *.monetate.net *.google.com *.facebook.net *.googletagmanager.com *.google-analytics.com 'self' https: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com https:; font-src 'self' *.gstatic.com data: *.googleapis.com https://static.eurostar.com; style-src 'self' *.eurostar.com eurostarhelp.secure.force.com *.googleapis.com *.gstatic.com *.google.com 'unsafe-inline'; connect-src 'self' https:
Accept-Ranges
bytes
pemw-md.woff2
static.eurostar.com/shared/fonts-licensed/PemW-Md/ 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.eurostar.com/shared/fonts-licensed/PemW-Md/pemw-md.woff2
Requested by
Host: eil-accounts-stg-pr-679.dev.eurostar.com
URL: https://eil-accounts-stg-pr-679.dev.eurostar.com/uk-en
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.106 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Sec-Fetch-Mode
cors
Referer
https://eil-accounts-stg-pr-679.dev.eurostar.com/
Origin
https://eil-accounts-stg-pr-679.dev.eurostar.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 20 Sep 2019 12:09:15 GMT
content-encoding
gzip
age
158804
x-cache
HIT
status
200
content-length
40305
x-served-by
cache-fra19172-FRA
access-control-allow-origin
*
last-modified
Wed, 11 Sep 2019 15:59:00 GMT
x-timer
S1568981356.815721,VS0,VE0
etag
"aa7272a51cfe7d49072b21632e1e5754"
vary
Accept-Encoding
content-type
binary/octet-stream
via
1.1 varnish
cache-control
public, max-age=604800
accept-ranges
bytes
x-cache-hits
2
pemw-rg.woff2
static.eurostar.com/shared/fonts-licensed/PemW-Rg/ 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.eurostar.com/shared/fonts-licensed/PemW-Rg/pemw-rg.woff2
Requested by
Host: eil-accounts-stg-pr-679.dev.eurostar.com
URL: https://eil-accounts-stg-pr-679.dev.eurostar.com/uk-en
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.106 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Sec-Fetch-Mode
cors
Referer
https://eil-accounts-stg-pr-679.dev.eurostar.com/
Origin
https://eil-accounts-stg-pr-679.dev.eurostar.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 20 Sep 2019 12:09:15 GMT
content-encoding
gzip
age
213761
x-cache
HIT
status
200
content-length
38832
x-served-by
cache-fra19172-FRA
access-control-allow-origin
*
last-modified
Wed, 11 Sep 2019 15:59:00 GMT
x-timer
S1568981356.815708,VS0,VE0
etag
"207c3e7bf83156021b04c5e9a9c4443d"
vary
Accept-Encoding
content-type
binary/octet-stream
via
1.1 varnish
cache-control
public, max-age=604800
accept-ranges
bytes
x-cache-hits
2
Primary Request login
login-staging.eurostar.com/
Redirect Chain
  • https://login-staging.eurostar.com/authorize?client_id=6A6zlXi42pDWK2lYKUdQrRMaUcqTg1Gm&response_type=token%20id_token&redirect_uri=https%3A%2F%2Feil-accounts-stg-pr-679.dev.eurostar.com%2Fuk-en%2F...
  • https://login-staging.eurostar.com/login?state=g6Fo2SBRWXVVVzJxZFFlWnMwcG1ycko1eUpaMlVjSzVENHFVY6N0aWTZIE5sLURkR1JZRHBzTjdVS04ybEIxY2s2UmNoNmdVdng3o2NpZNkgNkE2emxYaTQycERXSzJsWUtVZFFyUk1hVWNxVGcxR2...
607 KB
184 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login-staging.eurostar.com/login?state=g6Fo2SBRWXVVVzJxZFFlWnMwcG1ycko1eUpaMlVjSzVENHFVY6N0aWTZIE5sLURkR1JZRHBzTjdVS04ybEIxY2s2UmNoNmdVdng3o2NpZNkgNkE2emxYaTQycERXSzJsWUtVZFFyUk1hVWNxVGcxR20&client=6A6zlXi42pDWK2lYKUdQrRMaUcqTg1Gm&protocol=oauth2&response_type=token%20id_token&redirect_uri=https%3A%2F%2Feil-accounts-stg-pr-679.dev.eurostar.com%2Fuk-en%2F&ui_locales=en&connection=Accounts-Service&nonce=lTBy7zfY9wCaFOERt97zhYtp8GjZMH40&scope=openid%20profile%20email&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xMC4wIn0%3D
Requested by
Host: eil-accounts-stg-pr-679.dev.eurostar.com
URL: https://eil-accounts-stg-pr-679.dev.eurostar.com/static/js/vendors.5b540317.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.196.29.0 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-196-29-0.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
59649c49651f6e57d2cd278a5536fce7595debd39f5bbdfa71ed3c616bda221c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
login-staging.eurostar.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
same-site
Referer
https://eil-accounts-stg-pr-679.dev.eurostar.com/
Accept-Encoding
gzip, deflate, br
Cookie
OPTOUTMULTI=0:0%7Cc4:0%7Cc3:0%7Cc2:0; utag_main=v_id:016d4e938d3c006d3c39d18449e000079003f07100b08$_sn:1$_ss:1$_st:1568983155837$ses_id:1568981355837%3Bexp-session$_pn:1%3Bexp-session; did=s%3Av0%3A77445240-db9f-11e9-a0fc-8d31375e205a.H%2BZWAFQIyi320IEEAegoWq5DOwGo4X2pk1%2BV%2BiRORzA; auth0=s%3AQcBHwZX5lrWZ3kE1MtCKgd7-BNyoxPAl.GDOl2TiABudncz3wMGbXPhchhGELnupLRywSOWmM%2Bn0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Referer
https://eil-accounts-stg-pr-679.dev.eurostar.com/

Response headers

Server
nginx
Date
Fri, 20 Sep 2019 12:09:15 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
ot-tracer-spanid
6fc1f8a935dcf332
ot-tracer-traceid
541afc3d65354be1
ot-tracer-sampled
true
X-Auth0-RequestId
0e01d9abef8a1e8cbab5
set-cookie
_csrf=jPG8CGjXUVutA_W_wIRxnmIA; Max-Age=864000000; Path=/usernamepassword/login; HttpOnly; Secure
X-Robots-Tag
noindex, nofollow noindex, nofollow, nosnippet, noarchive
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
Referrer-Policy
same-origin
ETag
W/"97a85-Kp8MqftF1W51y2uXsd40RrHVTyk"
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-transform
Content-Encoding
gzip
Strict-Transport-Security
max-age=15768000

Redirect headers

Server
nginx
Date
Fri, 20 Sep 2019 12:09:15 GMT
Content-Type
text/html; charset=utf-8
Content-Length
1134
Connection
keep-alive
ot-tracer-spanid
0000fd8244bdce55
ot-tracer-traceid
4f0d9ee16b98cd13
ot-tracer-sampled
true
X-Auth0-RequestId
062227e13b601968a026
set-cookie
did=s%3Av0%3A77445240-db9f-11e9-a0fc-8d31375e205a.H%2BZWAFQIyi320IEEAegoWq5DOwGo4X2pk1%2BV%2BiRORzA; Max-Age=157788000; Path=/; Expires=Thu, 19 Sep 2024 18:09:15 GMT; HttpOnly; Secure auth0=s%3AQcBHwZX5lrWZ3kE1MtCKgd7-BNyoxPAl.GDOl2TiABudncz3wMGbXPhchhGELnupLRywSOWmM%2Bn0; Path=/; Expires=Mon, 23 Sep 2019 12:09:15 GMT; HttpOnly; Secure
Location
/login?state=g6Fo2SBRWXVVVzJxZFFlWnMwcG1ycko1eUpaMlVjSzVENHFVY6N0aWTZIE5sLURkR1JZRHBzTjdVS04ybEIxY2s2UmNoNmdVdng3o2NpZNkgNkE2emxYaTQycERXSzJsWUtVZFFyUk1hVWNxVGcxR20&client=6A6zlXi42pDWK2lYKUdQrRMaUcqTg1Gm&protocol=oauth2&response_type=token%20id_token&redirect_uri=https%3A%2F%2Feil-accounts-stg-pr-679.dev.eurostar.com%2Fuk-en%2F&ui_locales=en&connection=Accounts-Service&nonce=lTBy7zfY9wCaFOERt97zhYtp8GjZMH40&scope=openid%20profile%20email&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xMC4wIn0%3D
Vary
Accept
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-transform
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Strict-Transport-Security
max-age=15768000
icons_v1.3.9.svg
static.eurostar.com/shared/iconography/ 		0
0
icons_v1.3.9.svg
static.eurostar.com/shared/iconography/ 		0
0
icons_v1.3.9.svg
static.eurostar.com/shared/iconography/ 		0
0
icons_v1.3.9.svg
static.eurostar.com/shared/iconography/ 		0
0
icons_v1.3.9.svg
static.eurostar.com/shared/iconography/ 		0
0
icons_v1.3.9.svg
static.eurostar.com/shared/iconography/ 		0
0
icons_v1.3.9.svg
static.eurostar.com/shared/iconography/ 		0
0
icons_v1.3.9.svg
static.eurostar.com/shared/iconography/ 		0
0
icons_v1.3.9.svg
static.eurostar.com/shared/iconography/ 		0
0
icons_v1.3.9.svg
static.eurostar.com/shared/iconography/ 		0
0
icons_v1.3.9.svg
static.eurostar.com/shared/iconography/ 		0
0
icons_v1.3.9.svg
static.eurostar.com/shared/iconography/ 		0
0
icons_v1.3.9.svg
static.eurostar.com/shared/iconography/ 		0
0
icons_v1.3.9.svg
static.eurostar.com/shared/iconography/ 		0
0
logo.svg
static.eurostar.com/shared/images/logos/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.eurostar.com/shared/images/logos/logo.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.106 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://eil-accounts-stg-pr-679.dev.eurostar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 20 Sep 2019 12:09:15 GMT
content-encoding
gzip
age
130205
x-cache
HIT
status
200
content-length
1002
x-served-by
cache-fra19139-FRA
access-control-allow-origin
*
last-modified
Wed, 11 Sep 2019 15:59:02 GMT
x-timer
S1568981356.826463,VS0,VE1
etag
"b6dceef5e0290cfb3c5566b693b941b4"
vary
Accept-Encoding
content-type
image/svg+xml
via
1.1 varnish
cache-control
public, max-age=604800
accept-ranges
bytes
x-cache-hits
1
logo-desktop.svg
static.eurostar.com/shared/images/logos/ 		10 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.eurostar.com/shared/images/logos/logo-desktop.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.106 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://eil-accounts-stg-pr-679.dev.eurostar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 20 Sep 2019 12:09:15 GMT
content-encoding
gzip
age
191570
x-cache
HIT
status
200
content-length
5290
x-served-by
cache-fra19139-FRA
access-control-allow-origin
*
last-modified
Wed, 11 Sep 2019 15:59:02 GMT
x-timer
S1568981356.826304,VS0,VE1
etag
"913b600d61ae14c1b0a7b2c6037ebb9c"
vary
Accept-Encoding
content-type
image/svg+xml
via
1.1 varnish
cache-control
public, max-age=604800
accept-ranges
bytes
x-cache-hits
1
train-loader.svg
static.eurostar.com/shared/images/ 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.eurostar.com/shared/images/train-loader.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.106 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://eil-accounts-stg-pr-679.dev.eurostar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 20 Sep 2019 12:09:15 GMT
content-encoding
gzip
age
191570
x-cache
HIT
status
200
content-length
2617
x-served-by
cache-fra19139-FRA
access-control-allow-origin
*
last-modified
Wed, 11 Sep 2019 15:59:02 GMT
x-timer
S1568981356.826475,VS0,VE2
etag
"82348349a14496fa0fb1a953b1d252f7"
vary
Accept-Encoding
content-type
image/svg+xml
via
1.1 varnish
cache-control
public, max-age=604800
accept-ranges
bytes
x-cache-hits
1
pemw-lt.woff2
static.eurostar.com/shared/fonts-licensed/PemW-Lt/ 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.eurostar.com/shared/fonts-licensed/PemW-Lt/pemw-lt.woff2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.106 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Sec-Fetch-Mode
cors
Referer
https://eil-accounts-stg-pr-679.dev.eurostar.com/
Origin
https://eil-accounts-stg-pr-679.dev.eurostar.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 20 Sep 2019 12:09:15 GMT
content-encoding
gzip
age
158805
x-cache
HIT
status
200
content-length
38803
x-served-by
cache-fra19172-FRA
access-control-allow-origin
*
last-modified
Wed, 11 Sep 2019 15:58:59 GMT
x-timer
S1568981356.829114,VS0,VE0
etag
"349bee77b9ff0761472abd837ee9894f"
vary
Accept-Encoding
content-type
binary/octet-stream
via
1.1 varnish
cache-control
public, max-age=604800
accept-ranges
bytes
x-cache-hits
1
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/eurostar/main/qa/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://eil-accounts-stg-pr-679.dev.eurostar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
5142
date
Fri, 20 Sep 2019 10:43:33 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
17803
expires
Fri, 20 Sep 2019 12:43:33 GMT
utag.38.js
tags.tiqcdn.com/utag/eurostar/main/qa/ 		0
0
utag.58.js
tags.tiqcdn.com/utag/eurostar/main/qa/ 		0
0
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://eil-accounts-stg-pr-679.dev.eurostar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 20 Sep 2019 11:43:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 21 Apr 2016 03:17:22 GMT
server
sffe
age
1561
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
1296
x-xss-protection
0
expires
Fri, 20 Sep 2019 12:43:14 GMT
publisher:getClientId
ampcid.google.com/v1/ 		74 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://eil-accounts-stg-pr-679.dev.eurostar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 20 Sep 2019 12:09:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
server
ESF
status
200
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eil-accounts-stg-pr-679.dev.eurostar.com
access-control-expose-headers
content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
94
x-xss-protection
0
publisher:getClientId
ampcid.google.de/v1/ 		0
0
polyfill.js
polyfill.io/v3/ 		228 B
608 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.js?features=es5,es6,es7&flags=gated
Requested by
Host: login-staging.eurostar.com
URL: https://login-staging.eurostar.com/login?state=g6Fo2SBRWXVVVzJxZFFlWnMwcG1ycko1eUpaMlVjSzVENHFVY6N0aWTZIE5sLURkR1JZRHBzTjdVS04ybEIxY2s2UmNoNmdVdng3o2NpZNkgNkE2emxYaTQycERXSzJsWUtVZFFyUk1hVWNxVGcxR20&client=6A6zlXi42pDWK2lYKUdQrRMaUcqTg1Gm&protocol=oauth2&response_type=token%20id_token&redirect_uri=https%3A%2F%2Feil-accounts-stg-pr-679.dev.eurostar.com%2Fuk-en%2F&ui_locales=en&connection=Accounts-Service&nonce=lTBy7zfY9wCaFOERt97zhYtp8GjZMH40&scope=openid%20profile%20email&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xMC4wIn0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::621 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
4a3201b3338b2feaff13aa8ff1fcb1fdef4ed117201553be9a20d1f6af461d21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
947295
detected-user-agent
Chrome/74.0.3729
status
200
request_came_from_shield
FRA
server-timing
HIT, fastly;desc="Edge time";dur=0, HIT-CLUSTER, fastly;desc="Edge time";dur=1
content-length
132
etag
W/"84-181BDsTiO6uZH/4IkFnGpLRRY+s"
referrer-policy
origin-when-cross-origin
date
Fri, 20 Sep 2019 12:09:16 GMT
vary
User-Agent, Accept-Encoding
normalized-user-agent
chrome/74.0.0
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
auth0.min.js
cdn.auth0.com/js/auth0/9.2/ 		104 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.auth0.com/js/auth0/9.2/auth0.min.js
Requested by
Host: login-staging.eurostar.com
URL: https://login-staging.eurostar.com/login?state=g6Fo2SBRWXVVVzJxZFFlWnMwcG1ycko1eUpaMlVjSzVENHFVY6N0aWTZIE5sLURkR1JZRHBzTjdVS04ybEIxY2s2UmNoNmdVdng3o2NpZNkgNkE2emxYaTQycERXSzJsWUtVZFFyUk1hVWNxVGcxR20&client=6A6zlXi42pDWK2lYKUdQrRMaUcqTg1Gm&protocol=oauth2&response_type=token%20id_token&redirect_uri=https%3A%2F%2Feil-accounts-stg-pr-679.dev.eurostar.com%2Fuk-en%2F&ui_locales=en&connection=Accounts-Service&nonce=lTBy7zfY9wCaFOERt97zhYtp8GjZMH40&scope=openid%20profile%20email&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xMC4wIn0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.215.119 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-215-119.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fce79ad0dc27c2fddccde55022529d9e15285498462784fa285e35947735ac6d

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
cX2dwhcsKZ5AKJsWrnFXSdVpuKQyLjok
content-encoding
gzip
last-modified
Wed, 14 Feb 2018 22:56:33 GMT
server
AmazonS3
age
10437
date
Fri, 20 Sep 2019 09:15:20 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=10800,public
x-amz-replication-status
COMPLETED
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
of8X73o5YObpo2yb7uBWztZZcCOTvNxP4HFCSCIxFSD5A3qi8yxYXg==
via
1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
818e14580b9416dde2678e26018b8e4aaa52172952fd4308f946dc5c08a6f259

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
pembrokeweb-regular.woff2
static.eurostar.com/shared/fonts/ 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.eurostar.com/shared/fonts/pembrokeweb-regular.woff2
Requested by
Host: login-staging.eurostar.com
URL: https://login-staging.eurostar.com/login?state=g6Fo2SBRWXVVVzJxZFFlWnMwcG1ycko1eUpaMlVjSzVENHFVY6N0aWTZIE5sLURkR1JZRHBzTjdVS04ybEIxY2s2UmNoNmdVdng3o2NpZNkgNkE2emxYaTQycERXSzJsWUtVZFFyUk1hVWNxVGcxR20&client=6A6zlXi42pDWK2lYKUdQrRMaUcqTg1Gm&protocol=oauth2&response_type=token%20id_token&redirect_uri=https%3A%2F%2Feil-accounts-stg-pr-679.dev.eurostar.com%2Fuk-en%2F&ui_locales=en&connection=Accounts-Service&nonce=lTBy7zfY9wCaFOERt97zhYtp8GjZMH40&scope=openid%20profile%20email&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xMC4wIn0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.106 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
c8fe91186dafe2bc5d7049614f03615eb4f10e9216d0e195e6a48dbedc93bb26

Request headers

Sec-Fetch-Mode
cors
Origin
https://login-staging.eurostar.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 20 Sep 2019 12:09:16 GMT
content-encoding
gzip
age
151871
x-cache
HIT
status
200
content-length
39643
x-served-by
cache-fra19172-FRA
access-control-allow-origin
*
last-modified
Wed, 11 Sep 2019 15:59:00 GMT
x-timer
S1568981356.145387,VS0,VE0
etag
"86238cc09df56ea64bbd5290c46b4710"
vary
Accept-Encoding
content-type
binary/octet-stream
via
1.1 varnish
cache-control
public, max-age=604800
accept-ranges
bytes
x-cache-hits
1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.eurostar.com
URL
https://static.eurostar.com/shared/iconography/icons_v1.3.9.svg
Domain
static.eurostar.com
URL
https://static.eurostar.com/shared/iconography/icons_v1.3.9.svg
Domain
static.eurostar.com
URL
https://static.eurostar.com/shared/iconography/icons_v1.3.9.svg
Domain
static.eurostar.com
URL
https://static.eurostar.com/shared/iconography/icons_v1.3.9.svg
Domain
static.eurostar.com
URL
https://static.eurostar.com/shared/iconography/icons_v1.3.9.svg
Domain
static.eurostar.com
URL
https://static.eurostar.com/shared/iconography/icons_v1.3.9.svg
Domain
static.eurostar.com
URL
https://static.eurostar.com/shared/iconography/icons_v1.3.9.svg
Domain
static.eurostar.com
URL
https://static.eurostar.com/shared/iconography/icons_v1.3.9.svg
Domain
static.eurostar.com
URL
https://static.eurostar.com/shared/iconography/icons_v1.3.9.svg
Domain
static.eurostar.com
URL
https://static.eurostar.com/shared/iconography/icons_v1.3.9.svg
Domain
static.eurostar.com
URL
https://static.eurostar.com/shared/iconography/icons_v1.3.9.svg
Domain
static.eurostar.com
URL
https://static.eurostar.com/shared/iconography/icons_v1.3.9.svg
Domain
static.eurostar.com
URL
https://static.eurostar.com/shared/iconography/icons_v1.3.9.svg
Domain
static.eurostar.com
URL
https://static.eurostar.com/shared/iconography/icons_v1.3.9.svg
Domain
tags.tiqcdn.com
URL
https://tags.tiqcdn.com/utag/eurostar/main/qa/utag.38.js?utv=ut4.45.201905240928
Domain
tags.tiqcdn.com
URL
https://tags.tiqcdn.com/utag/eurostar/main/qa/utag.58.js?utv=ut4.45.201907231625
Domain
ampcid.google.de
URL
https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| auth0 object| scCGSHMRCache object| regeneratorRuntime

5 Cookies

Domain/Path Name / Value
.eurostar.com/ Name: AMP_TOKEN
Value: %24RETRIEVING
login-staging.eurostar.com/ Name: auth0
Value: s%3AQcBHwZX5lrWZ3kE1MtCKgd7-BNyoxPAl.GDOl2TiABudncz3wMGbXPhchhGELnupLRywSOWmM%2Bn0
login-staging.eurostar.com/ Name: did
Value: s%3Av0%3A77445240-db9f-11e9-a0fc-8d31375e205a.H%2BZWAFQIyi320IEEAegoWq5DOwGo4X2pk1%2BV%2BiRORzA
.eurostar.com/ Name: utag_main
Value: v_id:016d4e938d3c006d3c39d18449e000079003f07100b08$_sn:1$_ss:1$_st:1568983155837$ses_id:1568981355837%3Bexp-session$_pn:1%3Bexp-session
.eurostar.com/ Name: OPTOUTMULTI
Value: 0:0%7Cc4:0%7Cc3:0%7Cc2:0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' https:; frame-src 'self' https: *.doubleclick.net; script-src *.monetate.net *.google.com *.facebook.net *.googletagmanager.com *.google-analytics.com 'self' https: 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.google-analytics.com https:; font-src 'self' *.gstatic.com data: *.googleapis.com https://static.eurostar.com; style-src 'self' *.eurostar.com eurostarhelp.secure.force.com *.googleapis.com *.gstatic.com *.google.com 'unsafe-inline'; connect-src 'self' https:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ampcid.google.com
ampcid.google.de
cdn.auth0.com
cdn.optimizely.com
cdn.polyfill.io
cdnjs.cloudflare.com
eil-accounts-stg-pr-679.dev.eurostar.com
login-staging.eurostar.com
polyfill.io
staging.eurostar.com
static.eurostar.com
tags.tiqcdn.com
www.google-analytics.com
www.googletagmanager.com
ampcid.google.de
static.eurostar.com
tags.tiqcdn.com
143.204.215.119
151.101.13.106
152.199.23.241
18.196.29.0
2606:4700::6813:c797
2a00:1450:4001:819::2008
2a00:1450:4001:821::200e
2a00:1450:4001:825::200e
2a02:26f0:6c00:181::13b8
2a04:4e42:1b::621
2a04:4e42:200::621
54.229.217.60
1b5ef3705d1b0063fd01e5064b1baa2f41a1d8c6ecfe898b99b5c45d73a1bc58
46d0d1a217f5ae05d7e081b792865c67e583aa3ef244c14362921bd693636dbc
4a3201b3338b2feaff13aa8ff1fcb1fdef4ed117201553be9a20d1f6af461d21
4fae212ff045f6f3eeb6c4ef0b8c799561635feda24670935639b122e6de11f8
59361d094ec9217edaffb4a4010bde1125f6f15cb3496b58e088e5c345c77a1a
59649c49651f6e57d2cd278a5536fce7595debd39f5bbdfa71ed3c616bda221c
5be9c9c57fdc7c1b8796c46f3405041b6b3934d2b452ef5edc6cf34011677de1
652a2ee03a9f1cf1bffc0063e69c0a12c45da3aa0477ec0cb2b7c5d0731acd09
70823360e07aa1a176e0942a4684e425a0f68011d3b4c262c277646aeff9040f
818e14580b9416dde2678e26018b8e4aaa52172952fd4308f946dc5c08a6f259
8bef54deaecb32a051eedff58f5cb2af6019e5390bd6c1a05d611914fca306b2
9d8812ccbb5e1fc74ca7853f3f5dfe094f922ef6fefeceef5d5a419a20d5eb6d
c8fe91186dafe2bc5d7049614f03615eb4f10e9216d0e195e6a48dbedc93bb26
d429a20b4686e7341900cacb0e4a41310f6f724bc3ee9b4cb6f9051de9bad8b9
d586b93e24e90a9a2dc206b99714b53d8e0cf43e9a56de616e403713f2860209
e0e4b6ecc4f509075235503801dd2513a58cc91a2dd96bc1debdae7cc33c2741
e5598703e7a4d59e10bb83a6811c3578ca5bffe405500f4e6b8bf6b77997e180
e8af73fa4560eec175777bb3599db76a417328e8b6a2efecb9f6c1629c7dc67b
fce79ad0dc27c2fddccde55022529d9e15285498462784fa285e35947735ac6d