idp.ecovadis-survey.com Open in urlscan Pro
2620:1ec:46::46 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://app.salesforceiq.com/r?target=64faba019c07771363f67c0d&t=AFwhZf3xBAERTEyNBbyY9y1T6fB2Uz10s7c5WhuJQp24-C1Q5NY3p8VAFJ4f...
Effective URL:
https://idp.ecovadis-survey.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dbellucci%26redirect_uri%...
Submission: On September 11 via manual (September 11th 2023, 1:16:02 am UTC) from JP — Scanned from JP

Summary HTTP 32 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 8 domains to perform 32 HTTP transactions. The main IP is 2620:1ec:46::46, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is idp.ecovadis-survey.com. The Cisco Umbrella rank of the primary domain is 422248.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on February 20th 2023. Valid for: a year.

This is the only time idp.ecovadis-survey.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	44.237.87.138 44.237.87.138	16509 (AMAZON-02) (AMAZON-02)
1 24	2620:1ec:46::46 2620:1ec:46::46	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	34.255.46.117 34.255.46.117	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20e... 2600:9000:20e4:f200:1b:df26:7b40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2404:6800:400... 2404:6800:4004:824::200a	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:824::2008	15169 (GOOGLE) (GOOGLE)
1	13.35.49.119 13.35.49.119	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:219... 2600:9000:2197:3e00:1f:aa31:7740:93a1	16509 (AMAZON-02) (AMAZON-02)
32	8

1 44.237.87.138 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-44-237-87-138.us-west-2.compute.amazonaws.com

app.salesforceiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2620:1ec:46::46 (United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.ecovadis-survey.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
idp.ecovadis-survey.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.255.46.117 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-46-117.eu-west-1.compute.amazonaws.com

dub01.online.tableau.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20e4:f200:1b:df26:7b40:93a1 (United States)

ASN16509 (AMAZON-02, US)

embedding.tableauusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:824::200a (Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:824::2008 (Australia)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.49.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-49-119.nrt20.r.cloudfront.net

static.site24x7rum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2197:3e00:1f:aa31:7740:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.pendo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	ecovadis-survey.com 1 redirects www.ecovadis-survey.com — Cisco Umbrella Rank: 270843 idp.ecovadis-survey.com — Cisco Umbrella Rank: 422248	6 MB
2	tableau.com dub01.online.tableau.com — Cisco Umbrella Rank: 185825	46 KB
1	pendo.io cdn.pendo.io — Cisco Umbrella Rank: 985	150 KB
1	site24x7rum.com static.site24x7rum.com — Cisco Umbrella Rank: 21079 col.site24x7rum.com Failed	24 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	79 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 58	1 KB
1	tableauusercontent.com embedding.tableauusercontent.com — Cisco Umbrella Rank: 638726	161 KB
1	salesforceiq.com 1 redirects app.salesforceiq.com — Cisco Umbrella Rank: 45468	1 KB
32	8

	Domain	Requested by
13	idp.ecovadis-survey.com	1 redirects www.ecovadis-survey.com idp.ecovadis-survey.com
11	www.ecovadis-survey.com	www.ecovadis-survey.com
2	dub01.online.tableau.com	www.ecovadis-survey.com dub01.online.tableau.com
1	cdn.pendo.io	www.ecovadis-survey.com
1	static.site24x7rum.com	www.ecovadis-survey.com
1	www.googletagmanager.com	www.ecovadis-survey.com
1	fonts.googleapis.com	www.ecovadis-survey.com
1	embedding.tableauusercontent.com	www.ecovadis-survey.com
1	app.salesforceiq.com	1 redirects
0	col.site24x7rum.com Failed	static.site24x7rum.com
32	10

This site contains links to these domains. Also see Links.

Domain
www.ecovadis-survey.com
support.ecovadis.com

Subject Issuer	Validity	Valid
*.ecovadis-survey.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-20` - `2024-03-22`	a year	crt.sh
dub01.online.tableau.com Amazon RSA 2048 M02	`2023-02-09` - `2023-12-21`	10 months	crt.sh
tableauusercontent.com Amazon RSA 2048 M02	`2023-02-23` - `2023-11-24`	9 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.site24x7rum.com Amazon RSA 2048 M01	`2023-07-01` - `2024-07-29`	a year	crt.sh
cdn.pendo.io Amazon RSA 2048 M02	`2023-06-30` - `2024-07-28`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://idp.ecovadis-survey.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dbellucci%26redirect_uri%3Dhttps%253A%252F%252Fwww.ecovadis-survey.com%252Fapp%252F%2523%252Fsso-callback%253F%26response_type%3Did_token%2520token%26scope%3Dopenid%2520profile%2520actinguserid%2520anakinapi%2520idpapi%2520offline_access%26response_mode%3Dfragment%26nonce%3Dmei8tihx3d%26language%3Den-GB
Frame ID: 4A54501A360961B58DAA0630685EAC01
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login | Ecovadis Platform

Page URL History Show full URLs

https://app.salesforceiq.com/r?target=64faba019c07771363f67c0d&t=AFwhZf3xBAERTEyNBbyY9y1T6fB2Uz10s7c5WhuJ... HTTP 307
https://www.ecovadis-survey.com/app/ Page URL
https://idp.ecovadis-survey.com/connect/authorize/callback?client_id=bellucci&redirect_uri=https%3A%2F%2Fwww... HTTP 302
https://idp.ecovadis-survey.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dbell... Page URL

Detected technologies

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

32
Requests

94 %
HTTPS

63 %
IPv6

8
Domains

10
Subdomains

8
IPs

3
Countries

6419 kB
Transfer

20068 kB
Size

10
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ecovadis-survey.com/app/#/password-reset?language=en-GB
Title: Forgot your password?

Search URL Search Domain Scan URL

URL: https://support.ecovadis.com/hc/en-us/articles/115003531211-Legal-Notice-Data-Protection
Title: Legal notice - Data protection

Search URL Search Domain Scan URL

URL: https://support.ecovadis.com/
Title: Need help?

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://app.salesforceiq.com/r?target=64faba019c07771363f67c0d&t=AFwhZf3xBAERTEyNBbyY9y1T6fB2Uz10s7c5WhuJQp24-C1Q5NY3p8VAFJ4fB5CC4CWRMG7P9KhBCv4cGEOZCZ6_tCpcBT9-OUZV_j34HGXILrKtDnSokDsFajPH1cAXGCHSEcn_mbMg&url=https%3A%2F%2Fwww.ecovadis-survey.com%2Fapp%2F%23%2Flogin HTTP 307
https://www.ecovadis-survey.com/app/ Page URL
https://idp.ecovadis-survey.com/connect/authorize/callback?client_id=bellucci&redirect_uri=https%3A%2F%2Fwww.ecovadis-survey.com%2Fapp%2F%23%2Fsso-callback%3F&response_type=id_token%20token&scope=openid%20profile%20actinguserid%20anakinapi%20idpapi%20offline_access&response_mode=fragment&nonce=mei8tihx3d&language=en-GB HTTP 302
https://idp.ecovadis-survey.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dbellucci%26redirect_uri%3Dhttps%253A%252F%252Fwww.ecovadis-survey.com%252Fapp%252F%2523%252Fsso-callback%253F%26response_type%3Did_token%2520token%26scope%3Dopenid%2520profile%2520actinguserid%2520anakinapi%2520idpapi%2520offline_access%26response_mode%3Dfragment%26nonce%3Dmei8tihx3d%26language%3Den-GB Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://app.salesforceiq.com/r?target=64faba019c07771363f67c0d&t=AFwhZf3xBAERTEyNBbyY9y1T6fB2Uz10s7c5WhuJQp24-C1Q5NY3p8VAFJ4fB5CC4CWRMG7P9KhBCv4cGEOZCZ6_tCpcBT9-OUZV_j34HGXILrKtDnSokDsFajPH1cAXGCHSEcn_mbMg&url=https%3A%2F%2Fwww.ecovadis-survey.com%2Fapp%2F%23%2Flogin HTTP 307
https://www.ecovadis-survey.com/app/

32 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
www.ecovadis-survey.com/app/
Redirect Chain

https://app.salesforceiq.com/r?target=64faba019c07771363f67c0d&t=AFwhZf3xBAERTEyNBbyY9y1T6fB2Uz10s7c5WhuJQp24-C1Q5NY3p8VAFJ4fB5CC4CWRMG7P9KhBCv4cGEOZCZ6_tCpcBT9-OUZV_j34HGXILrKtDnSokDsFajPH1cAXGCHS...
https://www.ecovadis-survey.com/app/

2 KB
3 KB

1169ms
993ms

Document
text/html

2620:1ec:46::46
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ecovadis-survey.com/app/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:46::46 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

aace8508c462388720051206f0c148c4df8f692ce077090d9e772e60d3629fd2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https://.hotjar.com https://.hotjar.io wss://.hotjar.com https://data.eu.pendo.io; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' .site24x7rum.com .google-analytics.com .googletagmanager.com ajax.googleapis.com .uservoice.com .tableau.com .tableauusercontent.com .stripe.com .datatables.net .ecovadis-survey.com .hotjar.com .storage.googleapis.com .pendo.io;style-src 'report-sample' 'self' 'unsafe-inline' blob: fonts.googleapis.com .datatables.net .jsdelivr.net .storage.googleapis.com .pendo.io .ecovadis-survey.com; connect-src 'self' col.site24x7rum.com .ecovadis-survey.com .google-analytics.com com sentry.io .visualstudio.com https://data.eu.pendo.io/ .blob.core.windows.net .g.doubleclick.net .hotjar.com wss://.hotjar.com .pendo.io .storage.googleapis.com; frame-src 'self' .googletagmanager.com .online.tableau.com .stripe.com https://pendo-eu-extensions.storage.googleapis.com/ .hotjar.com/ .pendo.io https://portal.productboard.com/;img-src 'self' blob: data: .google-analytics.com .stripe.com https://data.eu.pendo.io .storage.googleapis.com .slgnt.eu https://ecovadis.slgnt.eu .google.com .google.pl .storage.googleapis.com .pendo.io * ; manifest-src 'self' .ecovadis-survey.com; media-src 'self'; worker-src 'none'; object-src 'none'; base-uri 'self'; frame-ancestors .pendo.io; child-src *.pendo.io; font-src 'self' data: fonts.gstatic.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
content-length: 1864
content-md5: B7Kf3CUGbBZQScrWs79uqw==
content-security-policy: default-src 'self' 'unsafe-inline' https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://data.eu.pendo.io; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' *.site24x7rum.com *.google-analytics.com *.googletagmanager.com ajax.googleapis.com *.uservoice.com *.tableau.com *.tableauusercontent.com *.stripe.com *.datatables.net *.ecovadis-survey.com *.hotjar.com *.storage.googleapis.com *.pendo.io;style-src 'report-sample' 'self' 'unsafe-inline' blob: fonts.googleapis.com *.datatables.net *.jsdelivr.net *.storage.googleapis.com *.pendo.io *.ecovadis-survey.com; connect-src 'self' col.site24x7rum.com *.ecovadis-survey.com *.google-analytics.com com sentry.io *.visualstudio.com https://data.eu.pendo.io/ *.blob.core.windows.net *.g.doubleclick.net *.hotjar.com wss://*.hotjar.com *.pendo.io *.storage.googleapis.com; frame-src 'self' *.googletagmanager.com *.online.tableau.com *.stripe.com https://pendo-eu-extensions.storage.googleapis.com/ *.hotjar.com/ *.pendo.io https://portal.productboard.com/;img-src 'self' blob: data: *.google-analytics.com *.stripe.com https://data.eu.pendo.io *.storage.googleapis.com *.slgnt.eu https://ecovadis.slgnt.eu *.google.com *.google.pl *.storage.googleapis.com *.pendo.io * ; manifest-src 'self' *.ecovadis-survey.com; media-src 'self'; worker-src 'none'; object-src 'none'; base-uri 'self'; frame-ancestors *.pendo.io; child-src *.pendo.io; font-src 'self' data: fonts.gstatic.com;
content-type: text/html
date: Mon, 11 Sep 2023 01:15:56 GMT
etag: "0x8DBAD388A57B843"
last-modified: Mon, 04 Sep 2023 11:17:35 GMT
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
referrer-policy: no-referrer
strict-transport-security: max-age=31536000; includeSubDomains
x-azure-ref: 20230911T011555Z-t7711tm5qd5rf2ddc8qy91z35g00000004sg000000005m5z
x-cache: CONFIG_NOCACHE
x-content-type-options: nosniff
x-frame-options: DENY
x-ms-request-id: 85c8c2e3-c01e-002a-5c4d-e41757000000

Redirect headers

Cache-control: no-cache="set-cookie"
Connection: keep-alive
Content-Length: 0
access-control-allow-credentials: true
access-control-allow-headers: Accept,Pragma,Redirect-Target-Host,X-XSRF-TOKEN,RIQ-Client,Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers: txnid
date: Mon, 11 Sep 2023 01:15:54 GMT
location: https://www.ecovadis-survey.com/app/#/login
server: nginx
timing-allow-origin: *
txnid: 121zwn50gbzj2nf05g44vjjd7
vary: Origin
x-build-time: 1693270085824

GET
H/1.1 200
OK tableau-2.min.js Show response
dub01.online.tableau.com/javascripts/api/ 396 B
1 KB 965ms
240ms Script
application/javascript 34.255.46.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dub01.online.tableau.com/javascripts/api/tableau-2.min.js

Requested by

Host: www.ecovadis-survey.com
URL: https://www.ecovadis-survey.com/app/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.255.46.117 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-255-46-117.eu-west-1.compute.amazonaws.com

Software

Tableau /

Resource Hash

31f0249e6eaf9542391d9872a054497646614d5ce96d7a5dce08751cff0b4027

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 01:15:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NON"
x-tableau: Tableau Server
Connection: keep-alive
Content-Length: 274
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 17 Aug 2023 18:04:08 GMT
server: Tableau
etag: "18c-603223d1109de-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: application/javascript
cache-control: no-cache, no-store
accept-ranges: bytes
expires: Tue, 10 Sep 2024 01:15:56 GMT

GET
H2 200 tableau.embedding.3.0.0.min.js Show response
embedding.tableauusercontent.com/ 161 KB
161 KB 38ms
3ms Script
application/javascript 2600:9000:20e4:f200:1b:df26:7b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embedding.tableauusercontent.com/tableau.embedding.3.0.0.min.js
Requested by: Host: www.ecovadis-survey.com
URL: https://www.ecovadis-survey.com/app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:f200:1b:df26:7b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d632e8d8ae3ad0746868c263443ac606500433723439f29e8a051e12361a1137

Request headers

Referer
Origin: https://www.ecovadis-survey.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 02:28:19 GMT
via: 1.1 8a972df08f4e2357f91ceb45555e161a.cloudfront.net (CloudFront)
last-modified: Wed, 01 Dec 2021 16:49:55 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 82058
etag: "d950cf0596c9c38ec36f818dbb025344"
access-control-max-age: 3600
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 164485
x-amz-cf-id: OGtvvP0LpyNpu-2DwCAVbxkWFjhhVWKUjD9HHbyN_00StGvz475DFQ==

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 87ms
41ms Stylesheet
text/css 2404:6800:4004:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:300|Noto+Sans:400,700&subset=cyrillic,cyrillic-ext,devanagari,greek,greek-ext,latin-ext,vietnamese

Requested by

Host: www.ecovadis-survey.com
URL: https://www.ecovadis-survey.com/app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b9b5ae86f3b4c0e662bd3208337fe7edffe8fcfbdc1d019480d3c497be267125

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 11 Sep 2023 01:15:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 01:15:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 Sep 2023 01:15:56 GMT

GET
H2 200 1.38d917dfd2a29185b826.css
www.ecovadis-survey.com/app/ 8 MB
2 MB 22ms
18ms Stylesheet
text/css 2620:1ec:46::46
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ecovadis-survey.com/app/1.38d917dfd2a29185b826.css

Requested by

Host: www.ecovadis-survey.com
URL: https://www.ecovadis-survey.com/app/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:46::46 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3fef80bddae6ccb09bbd3b44f88d6e34be5b8b88131a6852289742dfe47b26a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https://.hotjar.com https://.hotjar.io wss://.hotjar.com https://data.eu.pendo.io; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' .site24x7rum.com .google-analytics.com .googletagmanager.com ajax.googleapis.com .uservoice.com .tableau.com .tableauusercontent.com .stripe.com .datatables.net .ecovadis-survey.com .hotjar.com .storage.googleapis.com .pendo.io;style-src 'report-sample' 'self' 'unsafe-inline' blob: fonts.googleapis.com .datatables.net .jsdelivr.net .storage.googleapis.com .pendo.io .ecovadis-survey.com; connect-src 'self' col.site24x7rum.com .ecovadis-survey.com .google-analytics.com com sentry.io .visualstudio.com https://data.eu.pendo.io/ .blob.core.windows.net .g.doubleclick.net .hotjar.com wss://.hotjar.com .pendo.io .storage.googleapis.com; frame-src 'self' .googletagmanager.com .online.tableau.com .stripe.com https://pendo-eu-extensions.storage.googleapis.com/ .hotjar.com/ .pendo.io https://portal.productboard.com/;img-src 'self' blob: data: .google-analytics.com .stripe.com https://data.eu.pendo.io .storage.googleapis.com .slgnt.eu https://ecovadis.slgnt.eu .google.com .google.pl .storage.googleapis.com .pendo.io * ; manifest-src 'self' .ecovadis-survey.com; media-src 'self'; worker-src 'none'; object-src 'none'; base-uri 'self'; frame-ancestors .pendo.io; child-src *.pendo.io; font-src 'self' data: fonts.gstatic.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 01:15:56 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self' 'unsafe-inline' https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://data.eu.pendo.io; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' *.site24x7rum.com *.google-analytics.com *.googletagmanager.com ajax.googleapis.com *.uservoice.com *.tableau.com *.tableauusercontent.com *.stripe.com *.datatables.net *.ecovadis-survey.com *.hotjar.com *.storage.googleapis.com *.pendo.io;style-src 'report-sample' 'self' 'unsafe-inline' blob: fonts.googleapis.com *.datatables.net *.jsdelivr.net *.storage.googleapis.com *.pendo.io *.ecovadis-survey.com; connect-src 'self' col.site24x7rum.com *.ecovadis-survey.com *.google-analytics.com com sentry.io *.visualstudio.com https://data.eu.pendo.io/ *.blob.core.windows.net *.g.doubleclick.net *.hotjar.com wss://*.hotjar.com *.pendo.io *.storage.googleapis.com; frame-src 'self' *.googletagmanager.com *.online.tableau.com *.stripe.com https://pendo-eu-extensions.storage.googleapis.com/ *.hotjar.com/ *.pendo.io https://portal.productboard.com/;img-src 'self' blob: data: *.google-analytics.com *.stripe.com https://data.eu.pendo.io *.storage.googleapis.com *.slgnt.eu https://ecovadis.slgnt.eu *.google.com *.google.pl *.storage.googleapis.com *.pendo.io * ; manifest-src 'self' *.ecovadis-survey.com; media-src 'self'; worker-src 'none'; object-src 'none'; base-uri 'self'; frame-ancestors *.pendo.io; child-src *.pendo.io; font-src 'self' data: fonts.gstatic.com;
x-cache: TCP_HIT
referrer-policy: no-referrer
last-modified: Mon, 04 Sep 2023 11:17:35 GMT
etag: W/"0x8DBAD388A4BAC23"
rule-microfrontendroutercachedisable-v: 5.1
vary: Accept-Encoding
x-azure-ref: 20230911T011556Z-t7711tm5qd5rf2ddc8qy91z35g00000004sg000000005m7z
content-type: text/css
x-frame-options: DENY
x-ms-request-id: 1a2bfa9b-f01e-0049-6221-df2873000000
cache-control: public, max-age=43200
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()

GET
H2 200 runtime~main.be129b88.js Show response
www.ecovadis-survey.com/app/static/js/ 3 KB
3 KB 23ms
19ms Script
application/javascript 2620:1ec:46::46
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ecovadis-survey.com/app/static/js/runtime~main.be129b88.js

Requested by

Host: www.ecovadis-survey.com
URL: https://www.ecovadis-survey.com/app/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:46::46 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1ac61e34331597f87f27beee1c265032310f9747974d22b7d58da19970144552

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https://.hotjar.com https://.hotjar.io wss://.hotjar.com https://data.eu.pendo.io; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' .site24x7rum.com .google-analytics.com .googletagmanager.com ajax.googleapis.com .uservoice.com .tableau.com .tableauusercontent.com .stripe.com .datatables.net .ecovadis-survey.com .hotjar.com .storage.googleapis.com .pendo.io;style-src 'report-sample' 'self' 'unsafe-inline' blob: fonts.googleapis.com .datatables.net .jsdelivr.net .storage.googleapis.com .pendo.io .ecovadis-survey.com; connect-src 'self' col.site24x7rum.com .ecovadis-survey.com .google-analytics.com com sentry.io .visualstudio.com https://data.eu.pendo.io/ .blob.core.windows.net .g.doubleclick.net .hotjar.com wss://.hotjar.com .pendo.io .storage.googleapis.com; frame-src 'self' .googletagmanager.com .online.tableau.com .stripe.com https://pendo-eu-extensions.storage.googleapis.com/ .hotjar.com/ .pendo.io https://portal.productboard.com/;img-src 'self' blob: data: .google-analytics.com .stripe.com https://data.eu.pendo.io .storage.googleapis.com .slgnt.eu https://ecovadis.slgnt.eu .google.com .google.pl .storage.googleapis.com .pendo.io * ; manifest-src 'self' .ecovadis-survey.com; media-src 'self'; worker-src 'none'; object-src 'none'; base-uri 'self'; frame-ancestors .pendo.io; child-src *.pendo.io; font-src 'self' data: fonts.gstatic.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 01:15:56 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self' 'unsafe-inline' https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://data.eu.pendo.io; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' *.site24x7rum.com *.google-analytics.com *.googletagmanager.com ajax.googleapis.com *.uservoice.com *.tableau.com *.tableauusercontent.com *.stripe.com *.datatables.net *.ecovadis-survey.com *.hotjar.com *.storage.googleapis.com *.pendo.io;style-src 'report-sample' 'self' 'unsafe-inline' blob: fonts.googleapis.com *.datatables.net *.jsdelivr.net *.storage.googleapis.com *.pendo.io *.ecovadis-survey.com; connect-src 'self' col.site24x7rum.com *.ecovadis-survey.com *.google-analytics.com com sentry.io *.visualstudio.com https://data.eu.pendo.io/ *.blob.core.windows.net *.g.doubleclick.net *.hotjar.com wss://*.hotjar.com *.pendo.io *.storage.googleapis.com; frame-src 'self' *.googletagmanager.com *.online.tableau.com *.stripe.com https://pendo-eu-extensions.storage.googleapis.com/ *.hotjar.com/ *.pendo.io https://portal.productboard.com/;img-src 'self' blob: data: *.google-analytics.com *.stripe.com https://data.eu.pendo.io *.storage.googleapis.com *.slgnt.eu https://ecovadis.slgnt.eu *.google.com *.google.pl *.storage.googleapis.com *.pendo.io * ; manifest-src 'self' *.ecovadis-survey.com; media-src 'self'; worker-src 'none'; object-src 'none'; base-uri 'self'; frame-ancestors *.pendo.io; child-src *.pendo.io; font-src 'self' data: fonts.gstatic.com;
x-cache: TCP_HIT
referrer-policy: no-referrer
last-modified: Mon, 04 Sep 2023 11:17:38 GMT
etag: W/"0x8DBAD388C2E5655"
rule-microfrontendroutercachedisable-v: 5.1
vary: Accept-Encoding
x-azure-ref: 20230911T011556Z-t7711tm5qd5rf2ddc8qy91z35g00000004sg000000005m80
content-type: application/javascript
x-frame-options: DENY
x-ms-request-id: 09dadf8c-001e-000a-6021-df8664000000
cache-control: public, max-age=43200
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()

GET
H2 200 styles.3fa6b0e4.chunk.js Show response
www.ecovadis-survey.com/app/static/js/ 506 KB
81 KB 24ms
21ms Script
application/javascript 2620:1ec:46::46
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ecovadis-survey.com/app/static/js/styles.3fa6b0e4.chunk.js

Requested by

Host: www.ecovadis-survey.com
URL: https://www.ecovadis-survey.com/app/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:46::46 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9602e95c3f5449807338c80b21cb3731077bc1eab5b5ae8ed59e656561853e66

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https://.hotjar.com https://.hotjar.io wss://.hotjar.com https://data.eu.pendo.io; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' .site24x7rum.com .google-analytics.com .googletagmanager.com ajax.googleapis.com .uservoice.com .tableau.com .tableauusercontent.com .stripe.com .datatables.net .ecovadis-survey.com .hotjar.com .storage.googleapis.com .pendo.io;style-src 'report-sample' 'self' 'unsafe-inline' blob: fonts.googleapis.com .datatables.net .jsdelivr.net .storage.googleapis.com .pendo.io .ecovadis-survey.com; connect-src 'self' col.site24x7rum.com .ecovadis-survey.com .google-analytics.com com sentry.io .visualstudio.com https://data.eu.pendo.io/ .blob.core.windows.net .g.doubleclick.net .hotjar.com wss://.hotjar.com .pendo.io .storage.googleapis.com; frame-src 'self' .googletagmanager.com .online.tableau.com .stripe.com https://pendo-eu-extensions.storage.googleapis.com/ .hotjar.com/ .pendo.io https://portal.productboard.com/;img-src 'self' blob: data: .google-analytics.com .stripe.com https://data.eu.pendo.io .storage.googleapis.com .slgnt.eu https://ecovadis.slgnt.eu .google.com .google.pl .storage.googleapis.com .pendo.io * ; manifest-src 'self' .ecovadis-survey.com; media-src 'self'; worker-src 'none'; object-src 'none'; base-uri 'self'; frame-ancestors .pendo.io; child-src *.pendo.io; font-src 'self' data: fonts.gstatic.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 01:15:56 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self' 'unsafe-inline' https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://data.eu.pendo.io; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' *.site24x7rum.com *.google-analytics.com *.googletagmanager.com ajax.googleapis.com *.uservoice.com *.tableau.com *.tableauusercontent.com *.stripe.com *.datatables.net *.ecovadis-survey.com *.hotjar.com *.storage.googleapis.com *.pendo.io;style-src 'report-sample' 'self' 'unsafe-inline' blob: fonts.googleapis.com *.datatables.net *.jsdelivr.net *.storage.googleapis.com *.pendo.io *.ecovadis-survey.com; connect-src 'self' col.site24x7rum.com *.ecovadis-survey.com *.google-analytics.com com sentry.io *.visualstudio.com https://data.eu.pendo.io/ *.blob.core.windows.net *.g.doubleclick.net *.hotjar.com wss://*.hotjar.com *.pendo.io *.storage.googleapis.com; frame-src 'self' *.googletagmanager.com *.online.tableau.com *.stripe.com https://pendo-eu-extensions.storage.googleapis.com/ *.hotjar.com/ *.pendo.io https://portal.productboard.com/;img-src 'self' blob: data: *.google-analytics.com *.stripe.com https://data.eu.pendo.io *.storage.googleapis.com *.slgnt.eu https://ecovadis.slgnt.eu *.google.com *.google.pl *.storage.googleapis.com *.pendo.io * ; manifest-src 'self' *.ecovadis-survey.com; media-src 'self'; worker-src 'none'; object-src 'none'; base-uri 'self'; frame-ancestors *.pendo.io; child-src *.pendo.io; font-src 'self' data: fonts.gstatic.com;
x-cache: TCP_HIT
referrer-policy: no-referrer
last-modified: Mon, 04 Sep 2023 11:17:38 GMT
etag: W/"0x8DBAD388C361D64"
rule-microfrontendroutercachedisable-v: 5.1
vary: Accept-Encoding
x-azure-ref: 20230911T011556Z-t7711tm5qd5rf2ddc8qy91z35g00000004sg000000005m81
content-type: application/javascript
x-frame-options: DENY
x-ms-request-id: b3bdfb5d-401e-0076-0221-df807d000000
cache-control: public, max-age=43200
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()

GET
H2 200 messages.2259cf9e.chunk.js Show response
www.ecovadis-survey.com/app/static/js/ 592 KB
145 KB 27ms
25ms Script
application/javascript 2620:1ec:46::46
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ecovadis-survey.com/app/static/js/messages.2259cf9e.chunk.js

Requested by

Host: www.ecovadis-survey.com
URL: https://www.ecovadis-survey.com/app/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:46::46 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

45e27a18a7754dd82f591984f80fc2ca58aaa1d3394abe9fa135d951e3cc967c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https://.hotjar.com https://.hotjar.io wss://.hotjar.com https://data.eu.pendo.io; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' .site24x7rum.com .google-analytics.com .googletagmanager.com ajax.googleapis.com .uservoice.com .tableau.com .tableauusercontent.com .stripe.com .datatables.net .ecovadis-survey.com .hotjar.com .storage.googleapis.com .pendo.io;style-src 'report-sample' 'self' 'unsafe-inline' blob: fonts.googleapis.com .datatables.net .jsdelivr.net .storage.googleapis.com .pendo.io .ecovadis-survey.com; connect-src 'self' col.site24x7rum.com .ecovadis-survey.com .google-analytics.com com sentry.io .visualstudio.com https://data.eu.pendo.io/ .blob.core.windows.net .g.doubleclick.net .hotjar.com wss://.hotjar.com .pendo.io .storage.googleapis.com; frame-src 'self' .googletagmanager.com .online.tableau.com .stripe.com https://pendo-eu-extensions.storage.googleapis.com/ .hotjar.com/ .pendo.io https://portal.productboard.com/;img-src 'self' blob: data: .google-analytics.com .stripe.com https://data.eu.pendo.io .storage.googleapis.com .slgnt.eu https://ecovadis.slgnt.eu .google.com .google.pl .storage.googleapis.com .pendo.io * ; manifest-src 'self' .ecovadis-survey.com; media-src 'self'; worker-src 'none'; object-src 'none'; base-uri 'self'; frame-ancestors .pendo.io; child-src *.pendo.io; font-src 'self' data: fonts.gstatic.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 01:15:56 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self' 'unsafe-inline' https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://data.eu.pendo.io; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' *.site24x7rum.com *.google-analytics.com *.googletagmanager.com ajax.googleapis.com *.uservoice.com *.tableau.com *.tableauusercontent.com *.stripe.com *.datatables.net *.ecovadis-survey.com *.hotjar.com *.storage.googleapis.com *.pendo.io;style-src 'report-sample' 'self' 'unsafe-inline' blob: fonts.googleapis.com *.datatables.net *.jsdelivr.net *.storage.googleapis.com *.pendo.io *.ecovadis-survey.com; connect-src 'self' col.site24x7rum.com *.ecovadis-survey.com *.google-analytics.com com sentry.io *.visualstudio.com https://data.eu.pendo.io/ *.blob.core.windows.net *.g.doubleclick.net *.hotjar.com wss://*.hotjar.com *.pendo.io *.storage.googleapis.com; frame-src 'self' *.googletagmanager.com *.online.tableau.com *.stripe.com https://pendo-eu-extensions.storage.googleapis.com/ *.hotjar.com/ *.pendo.io https://portal.productboard.com/;img-src 'self' blob: data: *.google-analytics.com *.stripe.com https://data.eu.pendo.io *.storage.googleapis.com *.slgnt.eu https://ecovadis.slgnt.eu *.google.com *.google.pl *.storage.googleapis.com *.pendo.io * ; manifest-src 'self' *.ecovadis-survey.com; media-src 'self'; worker-src 'none'; object-src 'none'; base-uri 'self'; frame-ancestors *.pendo.io; child-src *.pendo.io; font-src 'self' data: fonts.gstatic.com;
x-cache: TCP_HIT
referrer-policy: no-referrer
last-modified: Mon, 04 Sep 2023 11:17:38 GMT
etag: W/"0x8DBAD388C08AB64"
rule-microfrontendroutercachedisable-v: 5.1
vary: Accept-Encoding
x-azure-ref: 20230911T011556Z-t7711tm5qd5rf2ddc8qy91z35g00000004sg000000005m82
content-type: application/javascript
x-frame-options: DENY
x-ms-request-id: e2bbbf1b-701e-0005-64c6-e20f7b000000
cache-control: public, max-age=43200
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()

GET
H2 200 main.b8c57284.chunk.js Show response
www.ecovadis-survey.com/app/static/js/ 2 MB
745 KB 28ms
26ms Script
application/javascript 2620:1ec:46::46
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ecovadis-survey.com/app/static/js/main.b8c57284.chunk.js

Requested by

Host: www.ecovadis-survey.com
URL: https://www.ecovadis-survey.com/app/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:46::46 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

50b7ed9964a2aeceff3c7cd4ecb000ba1a80fc80b0fedcb9752a02ac0cbb344d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https://.hotjar.com https://.hotjar.io wss://.hotjar.com https://data.eu.pendo.io; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' .site24x7rum.com .google-analytics.com .googletagmanager.com ajax.googleapis.com .uservoice.com .tableau.com .tableauusercontent.com .stripe.com .datatables.net .ecovadis-survey.com .hotjar.com .storage.googleapis.com .pendo.io;style-src 'report-sample' 'self' 'unsafe-inline' blob: fonts.googleapis.com .datatables.net .jsdelivr.net .storage.googleapis.com .pendo.io .ecovadis-survey.com; connect-src 'self' col.site24x7rum.com .ecovadis-survey.com .google-analytics.com com sentry.io .visualstudio.com https://data.eu.pendo.io/ .blob.core.windows.net .g.doubleclick.net .hotjar.com wss://.hotjar.com .pendo.io .storage.googleapis.com; frame-src 'self' .googletagmanager.com .online.tableau.com .stripe.com https://pendo-eu-extensions.storage.googleapis.com/ .hotjar.com/ .pendo.io https://portal.productboard.com/;img-src 'self' blob: data: .google-analytics.com .stripe.com https://data.eu.pendo.io .storage.googleapis.com .slgnt.eu https://ecovadis.slgnt.eu .google.com .google.pl .storage.googleapis.com .pendo.io * ; manifest-src 'self' .ecovadis-survey.com; media-src 'self'; worker-src 'none'; object-src 'none'; base-uri 'self'; frame-ancestors .pendo.io; child-src *.pendo.io; font-src 'self' data: fonts.gstatic.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 01:15:56 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self' 'unsafe-inline' https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://data.eu.pendo.io; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' *.site24x7rum.com *.google-analytics.com *.googletagmanager.com ajax.googleapis.com *.uservoice.com *.tableau.com *.tableauusercontent.com *.stripe.com *.datatables.net *.ecovadis-survey.com *.hotjar.com *.storage.googleapis.com *.pendo.io;style-src 'report-sample' 'self' 'unsafe-inline' blob: fonts.googleapis.com *.datatables.net *.jsdelivr.net *.storage.googleapis.com *.pendo.io *.ecovadis-survey.com; connect-src 'self' col.site24x7rum.com *.ecovadis-survey.com *.google-analytics.com com sentry.io *.visualstudio.com https://data.eu.pendo.io/ *.blob.core.windows.net *.g.doubleclick.net *.hotjar.com wss://*.hotjar.com *.pendo.io *.storage.googleapis.com; frame-src 'self' *.googletagmanager.com *.online.tableau.com *.stripe.com https://pendo-eu-extensions.storage.googleapis.com/ *.hotjar.com/ *.pendo.io https://portal.productboard.com/;img-src 'self' blob: data: *.google-analytics.com *.stripe.com https://data.eu.pendo.io *.storage.googleapis.com *.slgnt.eu https://ecovadis.slgnt.eu *.google.com *.google.pl *.storage.googleapis.com *.pendo.io * ; manifest-src 'self' *.ecovadis-survey.com; media-src 'self'; worker-src 'none'; object-src 'none'; base-uri 'self'; frame-ancestors *.pendo.io; child-src *.pendo.io; font-src 'self' data: fonts.gstatic.com;
x-cache: TCP_HIT
referrer-policy: no-referrer
last-modified: Mon, 04 Sep 2023 11:17:37 GMT
etag: W/"0x8DBAD388BDA011A"
rule-microfrontendroutercachedisable-v: 5.1
vary: Accept-Encoding
x-azure-ref: 20230911T011556Z-t7711tm5qd5rf2ddc8qy91z35g00000004sg000000005m83
content-type: application/javascript
x-frame-options: DENY
x-ms-request-id: 352d4251-201e-0070-7921-df7a71000000
cache-control: public, max-age=43200
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 230 KB
79 KB 84ms
43ms Script
application/javascript 2404:6800:4004:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NQVHVVG

Requested by

Host: www.ecovadis-survey.com
URL: https://www.ecovadis-survey.com/app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2351850837ce193f215cd0688b6c00bbb34c327dc957638502695334a808073f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 01:15:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80960
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 11 Sep 2023 01:15:56 GMT

GET
H/1.1 200
OK tableau-2.9.2.min.js Show response
dub01.online.tableau.com/javascripts/api/ 197 KB
45 KB 487ms
486ms Script
application/javascript 34.255.46.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dub01.online.tableau.com/javascripts/api/tableau-2.9.2.min.js

Requested by

Host: dub01.online.tableau.com
URL: https://dub01.online.tableau.com/javascripts/api/tableau-2.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.255.46.117 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-255-46-117.eu-west-1.compute.amazonaws.com

Software

Tableau /

Resource Hash

35a9d821a2812ff8f18ec2d1b69ba65eb524cd3aacddd487cc0c5380ff5743df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 11 Sep 2023 01:15:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NON"
x-tableau: Tableau Server
Connection: keep-alive
Content-Length: 45627
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 17 Aug 2023 18:04:07 GMT
server: Tableau
etag: "312ee-603223d0012d8-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
expires: Tue, 10 Sep 2024 01:15:57 GMT

GET
H/1.1 200
OK site24x7rum-min.js Show response
static.site24x7rum.com/beacon/ 94 KB
24 KB 28ms
4ms Script
application/javascript 13.35.49.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.site24x7rum.com/beacon/site24x7rum-min.js?appKey=b4665f2193a97efeb69fd609e267c258
Requested by: Host: www.ecovadis-survey.com
URL: https://www.ecovadis-survey.com/app/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.49.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-49-119.nrt20.r.cloudfront.net
Software: ZGS /
Resource Hash: 0d9a85dafecc722bb8c186f443520f5ae8c63d85c3c0f096f865b27ce2b3d4bd

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Sun, 10 Sep 2023 22:24:56 GMT
Content-Encoding: gzip
Via: 1.1 dd8f51bb351d32dc7365f17f23248a8e.cloudfront.net (CloudFront)
Server: ZGS
X-Amz-Cf-Pop: NRT20-C1
Age: 10261
Transfer-Encoding: chunked
Vary: accept-encoding
Content-Type: application/javascript;charset=ISO-8859-1
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: mBxGPKotnRhTV9PLQd9P293FpSmCcsYwa2AZVaJG4rgcj7rQ6ojhLw==

GET
H2 200 10.211b5ec9.chunk.js Show response
www.ecovadis-survey.com/app/static/js/ 1 MB
330 KB 9ms
9ms Script
application/javascript 2620:1ec:46::46
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ecovadis-survey.com/app/static/js/10.211b5ec9.chunk.js

Requested by

Host: www.ecovadis-survey.com
URL: https://www.ecovadis-survey.com/app/static/js/runtime~main.be129b88.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:46::46 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b601a3b0b8c5debb0295b4543c1b5b635cc6365658bec13b54d646a0699fc692

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https://.hotjar.com https://.hotjar.io wss://.hotjar.com https://data.eu.pendo.io; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' .site24x7rum.com .google-analytics.com .googletagmanager.com ajax.googleapis.com .uservoice.com .tableau.com .tableauusercontent.com .stripe.com .datatables.net .ecovadis-survey.com .hotjar.com .storage.googleapis.com .pendo.io;style-src 'report-sample' 'self' 'unsafe-inline' blob: fonts.googleapis.com .datatables.net .jsdelivr.net .storage.googleapis.com .pendo.io .ecovadis-survey.com; connect-src 'self' col.site24x7rum.com .ecovadis-survey.com .google-analytics.com com sentry.io .visualstudio.com https://data.eu.pendo.io/ .blob.core.windows.net .g.doubleclick.net .hotjar.com wss://.hotjar.com .pendo.io .storage.googleapis.com; frame-src 'self' .googletagmanager.com .online.tableau.com .stripe.com https://pendo-eu-extensions.storage.googleapis.com/ .hotjar.com/ .pendo.io https://portal.productboard.com/;img-src 'self' blob: data: .google-analytics.com .stripe.com https://data.eu.pendo.io .storage.googleapis.com .slgnt.eu https://ecovadis.slgnt.eu .google.com .google.pl .storage.googleapis.com .pendo.io * ; manifest-src 'self' .ecovadis-survey.com; media-src 'self'; worker-src 'none'; object-src 'none'; base-uri 'self'; frame-ancestors .pendo.io; child-src *.pendo.io; font-src 'self' data: fonts.gstatic.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 01:15:57 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self' 'unsafe-inline' https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://data.eu.pendo.io; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' *.site24x7rum.com *.google-analytics.com *.googletagmanager.com ajax.googleapis.com *.uservoice.com *.tableau.com *.tableauusercontent.com *.stripe.com *.datatables.net *.ecovadis-survey.com *.hotjar.com *.storage.googleapis.com *.pendo.io;style-src 'report-sample' 'self' 'unsafe-inline' blob: fonts.googleapis.com *.datatables.net *.jsdelivr.net *.storage.googleapis.com *.pendo.io *.ecovadis-survey.com; connect-src 'self' col.site24x7rum.com *.ecovadis-survey.com *.google-analytics.com com sentry.io *.visualstudio.com https://data.eu.pendo.io/ *.blob.core.windows.net *.g.doubleclick.net *.hotjar.com wss://*.hotjar.com *.pendo.io *.storage.googleapis.com; frame-src 'self' *.googletagmanager.com *.online.tableau.com *.stripe.com https://pendo-eu-extensions.storage.googleapis.com/ *.hotjar.com/ *.pendo.io https://portal.productboard.com/;img-src 'self' blob: data: *.google-analytics.com *.stripe.com https://data.eu.pendo.io *.storage.googleapis.com *.slgnt.eu https://ecovadis.slgnt.eu *.google.com *.google.pl *.storage.googleapis.com *.pendo.io * ; manifest-src 'self' *.ecovadis-survey.com; media-src 'self'; worker-src 'none'; object-src 'none'; base-uri 'self'; frame-ancestors *.pendo.io; child-src *.pendo.io; font-src 'self' data: fonts.gstatic.com;
x-cache: TCP_HIT
referrer-policy: no-referrer
last-modified: Mon, 04 Sep 2023 11:17:35 GMT
etag: W/"0x8DBAD388A643997"
rule-microfrontendroutercachedisable-v: 5.1
vary: Accept-Encoding
x-azure-ref: 20230911T011557Z-t7711tm5qd5rf2ddc8qy91z35g00000004sg000000005m9k
content-type: application/javascript
x-frame-options: DENY
x-ms-request-id: d551eed3-701e-0005-1642-e20f7b000000
cache-control: public, max-age=43200
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()

GET
H2 200 recharts.184dc757.chunk.js Show response
www.ecovadis-survey.com/app/static/js/ 311 KB
103 KB 12ms
11ms Script
application/javascript 2620:1ec:46::46
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ecovadis-survey.com/app/static/js/recharts.184dc757.chunk.js

Requested by

Host: www.ecovadis-survey.com
URL: https://www.ecovadis-survey.com/app/static/js/runtime~main.be129b88.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:46::46 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

fc81abf3dda876ba9f77f8ee4e62ebbc53b592c69ed66ec22ddca40bbc5e6988

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https://.hotjar.com https://.hotjar.io wss://.hotjar.com https://data.eu.pendo.io; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' .site24x7rum.com .google-analytics.com .googletagmanager.com ajax.googleapis.com .uservoice.com .tableau.com .tableauusercontent.com .stripe.com .datatables.net .ecovadis-survey.com .hotjar.com .storage.googleapis.com .pendo.io;style-src 'report-sample' 'self' 'unsafe-inline' blob: fonts.googleapis.com .datatables.net .jsdelivr.net .storage.googleapis.com .pendo.io .ecovadis-survey.com; connect-src 'self' col.site24x7rum.com .ecovadis-survey.com .google-analytics.com com sentry.io .visualstudio.com https://data.eu.pendo.io/ .blob.core.windows.net .g.doubleclick.net .hotjar.com wss://.hotjar.com .pendo.io .storage.googleapis.com; frame-src 'self' .googletagmanager.com .online.tableau.com .stripe.com https://pendo-eu-extensions.storage.googleapis.com/ .hotjar.com/ .pendo.io https://portal.productboard.com/;img-src 'self' blob: data: .google-analytics.com .stripe.com https://data.eu.pendo.io .storage.googleapis.com .slgnt.eu https://ecovadis.slgnt.eu .google.com .google.pl .storage.googleapis.com .pendo.io * ; manifest-src 'self' .ecovadis-survey.com; media-src 'self'; worker-src 'none'; object-src 'none'; base-uri 'self'; frame-ancestors .pendo.io; child-src *.pendo.io; font-src 'self' data: fonts.gstatic.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 01:15:58 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self' 'unsafe-inline' https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://data.eu.pendo.io; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' *.site24x7rum.com *.google-analytics.com *.googletagmanager.com ajax.googleapis.com *.uservoice.com *.tableau.com *.tableauusercontent.com *.stripe.com *.datatables.net *.ecovadis-survey.com *.hotjar.com *.storage.googleapis.com *.pendo.io;style-src 'report-sample' 'self' 'unsafe-inline' blob: fonts.googleapis.com *.datatables.net *.jsdelivr.net *.storage.googleapis.com *.pendo.io *.ecovadis-survey.com; connect-src 'self' col.site24x7rum.com *.ecovadis-survey.com *.google-analytics.com com sentry.io *.visualstudio.com https://data.eu.pendo.io/ *.blob.core.windows.net *.g.doubleclick.net *.hotjar.com wss://*.hotjar.com *.pendo.io *.storage.googleapis.com; frame-src 'self' *.googletagmanager.com *.online.tableau.com *.stripe.com https://pendo-eu-extensions.storage.googleapis.com/ *.hotjar.com/ *.pendo.io https://portal.productboard.com/;img-src 'self' blob: data: *.google-analytics.com *.stripe.com https://data.eu.pendo.io *.storage.googleapis.com *.slgnt.eu https://ecovadis.slgnt.eu *.google.com *.google.pl *.storage.googleapis.com *.pendo.io * ; manifest-src 'self' *.ecovadis-survey.com; media-src 'self'; worker-src 'none'; object-src 'none'; base-uri 'self'; frame-ancestors *.pendo.io; child-src *.pendo.io; font-src 'self' data: fonts.gstatic.com;
x-cache: TCP_HIT
referrer-policy: no-referrer
last-modified: Mon, 04 Sep 2023 11:17:38 GMT
etag: W/"0x8DBAD388C1E0505"
rule-microfrontendroutercachedisable-v: 5.1
vary: Accept-Encoding
x-azure-ref: 20230911T011557Z-t7711tm5qd5rf2ddc8qy91z35g00000004sg000000005m9s
content-type: application/javascript
x-frame-options: DENY
x-ms-request-id: 74508aa4-401e-005a-3af8-e1e557000000
cache-control: public, max-age=43200
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()

GET
H2 200 3.ef40b53a.chunk.js Show response
www.ecovadis-survey.com/app/static/js/ 1 MB
567 KB 12ms
12ms Script
application/javascript 2620:1ec:46::46
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ecovadis-survey.com/app/static/js/3.ef40b53a.chunk.js

Requested by

Host: www.ecovadis-survey.com
URL: https://www.ecovadis-survey.com/app/static/js/runtime~main.be129b88.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:46::46 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8fed288c68b5dbb77b744542572431e44b46b06c9f8259d0d4fb6cada0b2db44

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https://.hotjar.com https://.hotjar.io wss://.hotjar.com https://data.eu.pendo.io; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' .site24x7rum.com .google-analytics.com .googletagmanager.com ajax.googleapis.com .uservoice.com .tableau.com .tableauusercontent.com .stripe.com .datatables.net .ecovadis-survey.com .hotjar.com .storage.googleapis.com .pendo.io;style-src 'report-sample' 'self' 'unsafe-inline' blob: fonts.googleapis.com .datatables.net .jsdelivr.net .storage.googleapis.com .pendo.io .ecovadis-survey.com; connect-src 'self' col.site24x7rum.com .ecovadis-survey.com .google-analytics.com com sentry.io .visualstudio.com https://data.eu.pendo.io/ .blob.core.windows.net .g.doubleclick.net .hotjar.com wss://.hotjar.com .pendo.io .storage.googleapis.com; frame-src 'self' .googletagmanager.com .online.tableau.com .stripe.com https://pendo-eu-extensions.storage.googleapis.com/ .hotjar.com/ .pendo.io https://portal.productboard.com/;img-src 'self' blob: data: .google-analytics.com .stripe.com https://data.eu.pendo.io .storage.googleapis.com .slgnt.eu https://ecovadis.slgnt.eu .google.com .google.pl .storage.googleapis.com .pendo.io * ; manifest-src 'self' .ecovadis-survey.com; media-src 'self'; worker-src 'none'; object-src 'none'; base-uri 'self'; frame-ancestors .pendo.io; child-src *.pendo.io; font-src 'self' data: fonts.gstatic.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 01:15:58 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self' 'unsafe-inline' https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://data.eu.pendo.io; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' *.site24x7rum.com *.google-analytics.com *.googletagmanager.com ajax.googleapis.com *.uservoice.com *.tableau.com *.tableauusercontent.com *.stripe.com *.datatables.net *.ecovadis-survey.com *.hotjar.com *.storage.googleapis.com *.pendo.io;style-src 'report-sample' 'self' 'unsafe-inline' blob: fonts.googleapis.com *.datatables.net *.jsdelivr.net *.storage.googleapis.com *.pendo.io *.ecovadis-survey.com; connect-src 'self' col.site24x7rum.com *.ecovadis-survey.com *.google-analytics.com com sentry.io *.visualstudio.com https://data.eu.pendo.io/ *.blob.core.windows.net *.g.doubleclick.net *.hotjar.com wss://*.hotjar.com *.pendo.io *.storage.googleapis.com; frame-src 'self' *.googletagmanager.com *.online.tableau.com *.stripe.com https://pendo-eu-extensions.storage.googleapis.com/ *.hotjar.com/ *.pendo.io https://portal.productboard.com/;img-src 'self' blob: data: *.google-analytics.com *.stripe.com https://data.eu.pendo.io *.storage.googleapis.com *.slgnt.eu https://ecovadis.slgnt.eu *.google.com *.google.pl *.storage.googleapis.com *.pendo.io * ; manifest-src 'self' *.ecovadis-survey.com; media-src 'self'; worker-src 'none'; object-src 'none'; base-uri 'self'; frame-ancestors *.pendo.io; child-src *.pendo.io; font-src 'self' data: fonts.gstatic.com;
x-cache: TCP_HIT
referrer-policy: no-referrer
last-modified: Mon, 04 Sep 2023 11:17:36 GMT
etag: W/"0x8DBAD388B032178"
rule-microfrontendroutercachedisable-v: 5.1
vary: Accept-Encoding
x-azure-ref: 20230911T011557Z-t7711tm5qd5rf2ddc8qy91z35g00000004sg000000005m9t
content-type: application/javascript
x-frame-options: DENY
x-ms-request-id: c441c41a-e01e-0028-34d5-e14153000000
cache-control: public, max-age=43200
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()

GET
H2 200 6.76716804.chunk.js Show response
www.ecovadis-survey.com/app/static/js/ 4 MB
1 MB 13ms
12ms Script
application/javascript 2620:1ec:46::46
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ecovadis-survey.com/app/static/js/6.76716804.chunk.js

Requested by

Host: www.ecovadis-survey.com
URL: https://www.ecovadis-survey.com/app/static/js/runtime~main.be129b88.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:46::46 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d1be41b4e5860f8eed76ebb4efa0a298480e913eba42e33ce174b4504e77a452

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https://.hotjar.com https://.hotjar.io wss://.hotjar.com https://data.eu.pendo.io; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' .site24x7rum.com .google-analytics.com .googletagmanager.com ajax.googleapis.com .uservoice.com .tableau.com .tableauusercontent.com .stripe.com .datatables.net .ecovadis-survey.com .hotjar.com .storage.googleapis.com .pendo.io;style-src 'report-sample' 'self' 'unsafe-inline' blob: fonts.googleapis.com .datatables.net .jsdelivr.net .storage.googleapis.com .pendo.io .ecovadis-survey.com; connect-src 'self' col.site24x7rum.com .ecovadis-survey.com .google-analytics.com com sentry.io .visualstudio.com https://data.eu.pendo.io/ .blob.core.windows.net .g.doubleclick.net .hotjar.com wss://.hotjar.com .pendo.io .storage.googleapis.com; frame-src 'self' .googletagmanager.com .online.tableau.com .stripe.com https://pendo-eu-extensions.storage.googleapis.com/ .hotjar.com/ .pendo.io https://portal.productboard.com/;img-src 'self' blob: data: .google-analytics.com .stripe.com https://data.eu.pendo.io .storage.googleapis.com .slgnt.eu https://ecovadis.slgnt.eu .google.com .google.pl .storage.googleapis.com .pendo.io * ; manifest-src 'self' .ecovadis-survey.com; media-src 'self'; worker-src 'none'; object-src 'none'; base-uri 'self'; frame-ancestors .pendo.io; child-src *.pendo.io; font-src 'self' data: fonts.gstatic.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 01:15:58 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self' 'unsafe-inline' https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://data.eu.pendo.io; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' *.site24x7rum.com *.google-analytics.com *.googletagmanager.com ajax.googleapis.com *.uservoice.com *.tableau.com *.tableauusercontent.com *.stripe.com *.datatables.net *.ecovadis-survey.com *.hotjar.com *.storage.googleapis.com *.pendo.io;style-src 'report-sample' 'self' 'unsafe-inline' blob: fonts.googleapis.com *.datatables.net *.jsdelivr.net *.storage.googleapis.com *.pendo.io *.ecovadis-survey.com; connect-src 'self' col.site24x7rum.com *.ecovadis-survey.com *.google-analytics.com com sentry.io *.visualstudio.com https://data.eu.pendo.io/ *.blob.core.windows.net *.g.doubleclick.net *.hotjar.com wss://*.hotjar.com *.pendo.io *.storage.googleapis.com; frame-src 'self' *.googletagmanager.com *.online.tableau.com *.stripe.com https://pendo-eu-extensions.storage.googleapis.com/ *.hotjar.com/ *.pendo.io https://portal.productboard.com/;img-src 'self' blob: data: *.google-analytics.com *.stripe.com https://data.eu.pendo.io *.storage.googleapis.com *.slgnt.eu https://ecovadis.slgnt.eu *.google.com *.google.pl *.storage.googleapis.com *.pendo.io * ; manifest-src 'self' *.ecovadis-survey.com; media-src 'self'; worker-src 'none'; object-src 'none'; base-uri 'self'; frame-ancestors *.pendo.io; child-src *.pendo.io; font-src 'self' data: fonts.gstatic.com;
x-cache: TCP_HIT
referrer-policy: no-referrer
last-modified: Mon, 04 Sep 2023 11:17:36 GMT
etag: W/"0x8DBAD388B3E7414"
rule-microfrontendroutercachedisable-v: 5.1
vary: Accept-Encoding
x-azure-ref: 20230911T011557Z-t7711tm5qd5rf2ddc8qy91z35g00000004sg000000005m9u
content-type: application/javascript
x-frame-options: DENY
x-ms-request-id: 611f39d3-d01e-0077-3421-dfab7f000000
cache-control: public, max-age=43200
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()

GET
H2 200 pendo.js Show response
cdn.pendo.io/agent/static/33d4609f-63f4-450b-591e-282584b1664d/ 457 KB
150 KB 32ms
6ms Script
application/json 2600:9000:2197:3e00:1f:aa31:7740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pendo.io/agent/static/33d4609f-63f4-450b-591e-282584b1664d/pendo.js
Requested by: Host: www.ecovadis-survey.com
URL: https://www.ecovadis-survey.com/app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2197:3e00:1f:aa31:7740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 75478839d53d23eee740949bff6b587c914f55a5bd89bf46cf4de845793ec27e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 01:13:49 GMT
content-encoding: gzip
via: 1.1 01e4ad03c80c45f7c69bb168f20c9836.cloudfront.net (CloudFront)
x-amz-cf-pop: NRT20-C1
age: 158
x-guploader-uploadid: ADPycdviBYr82ED8f9957Jg3dZC_SEV8cLEKKUrD_I8b4mZ9oZdKyTUX0jxg3Drn6RZiMrIaKuiLPCgMX63RzmqJoBEGDk9XnDdh
x-cache: Hit from cloudfront
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 152457
last-modified: Mon, 04 Sep 2023 07:09:03 GMT
server: UploadServer
etag: "88b40bc22b8093ef249062c021cee2b6"
vary: Accept-Encoding
x-goog-generation: 1693811343486270
content-type: application/json
access-control-allow-origin: *
x-goog-hash: crc32c=z1lKWw==, md5=iLQLwiuAk+8kkGLAIc7itg==
access-control-expose-headers: *
cache-control: max-age=450
x-goog-stored-content-length: 152457
accept-ranges: bytes
x-amz-cf-id: h_f4Z47PQsPoIOE-Adb9BQzcwd01hHANn_f8CTVzZ6qqZDqaH5zJFw==
expires: Mon, 11 Sep 2023 01:20:50 GMT

GET
H2 200 getAllApplicationLanguages
www.ecovadis-survey.com/Anakin.WebApi/api/user/language/ 576 B
944 B 906ms
903ms XHR
application/json 2620:1ec:46::46
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ecovadis-survey.com/Anakin.WebApi/api/user/language/getAllApplicationLanguages
Requested by: Host: www.ecovadis-survey.com
URL: https://www.ecovadis-survey.com/app/static/js/main.b8c57284.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::46 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Pragma: no-cache
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: application/json
Cache-Control: no-cache
Referer
X-Requested-With: XMLHttpRequest
Expires: Sat, 01 Jan 2000 00:00:00 GMT

Response headers

p3p: CP="NOI ADM DEV COM NAV OUR STP"
date: Mon, 11 Sep 2023 01:15:58 GMT
request-context: appId=cid-v1:c8f27ed6-4b42-44ec-b4d3-ef8950b6bb6a
s: 10
x-azure-ref: 20230911T011558Z-t7711tm5qd5rf2ddc8qy91z35g00000004sg000000005m9w
x-cache: CONFIG_NOCACHE
content-type: application/json; charset=utf-8

GET
H2

200

Primary Request Login Show response
idp.ecovadis-survey.com/Account/
Redirect Chain

https://idp.ecovadis-survey.com/connect/authorize/callback?client_id=bellucci&redirect_uri=https%3A%2F%2Fwww.ecovadis-survey.com%2Fapp%2F%23%2Fsso-callback%3F&response_type=id_token%20token&scope=o...
https://idp.ecovadis-survey.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dbellucci%26redirect_uri%3Dhttps%253A%252F%252Fwww.ecovadis-survey.com%252Fapp%252F%2523%252Fs...

9 KB
10 KB

237ms
235ms

Document
text/html

2620:1ec:46::46
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://idp.ecovadis-survey.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dbellucci%26redirect_uri%3Dhttps%253A%252F%252Fwww.ecovadis-survey.com%252Fapp%252F%2523%252Fsso-callback%253F%26response_type%3Did_token%2520token%26scope%3Dopenid%2520profile%2520actinguserid%2520anakinapi%2520idpapi%2520offline_access%26response_mode%3Dfragment%26nonce%3Dmei8tihx3d%26language%3Den-GB

Requested by

Host: www.ecovadis-survey.com
URL: https://www.ecovadis-survey.com/app/static/js/6.76716804.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:46::46 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

88a7d4e0f1bf869cf9f0c90a20a0796ba30f2a9372a18c74bde51fbc535decb1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' data: .ecovadis-itlab.com .ecovadis-survey.com; object-src 'none'; frame-ancestors 'none'; sandbox allow-popups allow-forms allow-same-origin allow-scripts; base-uri 'self'; img-src 'self' blob: data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Security-Policy	default-src 'self' 'unsafe-inline' data: .ecovadis-itlab.com .ecovadis-survey.com; object-src 'none'; frame-ancestors 'none'; sandbox allow-popups allow-forms allow-same-origin allow-scripts; base-uri 'self'; img-src 'self' blob: data:;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.ecovadis-survey.com/app/#/login
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: no-cache, no-store
content-security-policy: default-src 'self' 'unsafe-inline' data: *.ecovadis-itlab.com *.ecovadis-survey.com; object-src 'none'; frame-ancestors 'none'; sandbox allow-popups allow-forms allow-same-origin allow-scripts; base-uri 'self'; img-src 'self' blob: data:;
content-type: text/html; charset=utf-8
date: Mon, 11 Sep 2023 01:15:59 GMT
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
pragma: no-cache
referrer-policy: no-referrer
request-context: appId=cid-v1:b7f3c470-42d9-40ae-97cb-bed35937343c
strict-transport-security: max-age=31536000; includeSubDomains
x-azure-ref: 20230911T011559Z-t7711tm5qd5rf2ddc8qy91z35g00000004sg000000005mb8
x-cache: CONFIG_NOCACHE
x-content-security-policy: default-src 'self' 'unsafe-inline' data: *.ecovadis-itlab.com *.ecovadis-survey.com; object-src 'none'; frame-ancestors 'none'; sandbox allow-popups allow-forms allow-same-origin allow-scripts; base-uri 'self'; img-src 'self' blob: data:;
x-content-type-options: nosniff
x-frame-options: DENY

Redirect headers

content-length: 0
content-security-policy: default-src 'self' 'unsafe-inline' data: *.ecovadis-itlab.com *.ecovadis-survey.com; object-src 'none'; frame-ancestors 'none'; sandbox allow-popups allow-forms allow-same-origin allow-scripts; base-uri 'self'; img-src 'self' blob: data:;
date: Mon, 11 Sep 2023 01:15:59 GMT
location: https://idp.ecovadis-survey.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dbellucci%26redirect_uri%3Dhttps%253A%252F%252Fwww.ecovadis-survey.com%252Fapp%252F%2523%252Fsso-callback%253F%26response_type%3Did_token%2520token%26scope%3Dopenid%2520profile%2520actinguserid%2520anakinapi%2520idpapi%2520offline_access%26response_mode%3Dfragment%26nonce%3Dmei8tihx3d%26language%3Den-GB
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
referrer-policy: no-referrer
request-context: appId=cid-v1:b7f3c470-42d9-40ae-97cb-bed35937343c
strict-transport-security: max-age=31536000; includeSubDomains
x-azure-ref: 20230911T011558Z-t7711tm5qd5rf2ddc8qy91z35g00000004sg000000005ma7
x-cache: CONFIG_NOCACHE
x-content-security-policy: default-src 'self' 'unsafe-inline' data: *.ecovadis-itlab.com *.ecovadis-survey.com; object-src 'none'; frame-ancestors 'none'; sandbox allow-popups allow-forms allow-same-origin allow-scripts; base-uri 'self'; img-src 'self' blob: data:;
x-content-type-options: nosniff
x-frame-options: DENY

POST trace
col.site24x7rum.com/rum/ 0
0

POST wcv
col.site24x7rum.com/rum/ 0
0

GET
H2 200 fonts.min.css
idp.ecovadis-survey.com/css/ 4 KB
5 KB 231ms
230ms Stylesheet
text/css 2620:1ec:46::46
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://idp.ecovadis-survey.com/css/fonts.min.css

Requested by

Host: idp.ecovadis-survey.com
URL: https://idp.ecovadis-survey.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dbellucci%26redirect_uri%3Dhttps%253A%252F%252Fwww.ecovadis-survey.com%252Fapp%252F%2523%252Fsso-callback%253F%26response_type%3Did_token%2520token%26scope%3Dopenid%2520profile%2520actinguserid%2520anakinapi%2520idpapi%2520offline_access%26response_mode%3Dfragment%26nonce%3Dmei8tihx3d%26language%3Den-GB

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:46::46 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f6002e854e9072f218fc82b88c45b5642f5b711970de5ce19a7579c44d23bc16

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' data: .ecovadis-itlab.com .ecovadis-survey.com; object-src 'none'; frame-ancestors 'none'; sandbox allow-popups allow-forms allow-same-origin allow-scripts; base-uri 'self'; img-src 'self' blob: data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Security-Policy	default-src 'self' 'unsafe-inline' data: .ecovadis-itlab.com .ecovadis-survey.com; object-src 'none'; frame-ancestors 'none'; sandbox allow-popups allow-forms allow-same-origin allow-scripts; base-uri 'self'; img-src 'self' blob: data:;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 01:15:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-inline' data: *.ecovadis-itlab.com *.ecovadis-survey.com; object-src 'none'; frame-ancestors 'none'; sandbox allow-popups allow-forms allow-same-origin allow-scripts; base-uri 'self'; img-src 'self' blob: data:;
x-cache: CONFIG_NOCACHE
content-length: 4185
request-context: appId=cid-v1:b7f3c470-42d9-40ae-97cb-bed35937343c
referrer-policy: no-referrer
last-modified: Thu, 31 Aug 2023 08:31:44 GMT
etag: "1d9dbe592bd0859"
x-frame-options: DENY
x-azure-ref: 20230911T011559Z-t7711tm5qd5rf2ddc8qy91z35g00000004sg000000005mbr
content-type: text/css
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
x-content-security-policy: default-src 'self' 'unsafe-inline' data: *.ecovadis-itlab.com *.ecovadis-survey.com; object-src 'none'; frame-ancestors 'none'; sandbox allow-popups allow-forms allow-same-origin allow-scripts; base-uri 'self'; img-src 'self' blob: data:;

GET
H2 200 ev10.css
idp.ecovadis-survey.com/css/ 14 KB
15 KB 896ms
895ms Stylesheet
text/css 2620:1ec:46::46
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://idp.ecovadis-survey.com/css/ev10.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:46::46 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

656cceed63fef855d6aa63ce2a93fac39120c13e4ef46e673818aad89b022a10

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' data: .ecovadis-itlab.com .ecovadis-survey.com; object-src 'none'; frame-ancestors 'none'; sandbox allow-popups allow-forms allow-same-origin allow-scripts; base-uri 'self'; img-src 'self' blob: data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Security-Policy	default-src 'self' 'unsafe-inline' data: .ecovadis-itlab.com .ecovadis-survey.com; object-src 'none'; frame-ancestors 'none'; sandbox allow-popups allow-forms allow-same-origin allow-scripts; base-uri 'self'; img-src 'self' blob: data:;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 01:16:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-inline' data: *.ecovadis-itlab.com *.ecovadis-survey.com; object-src 'none'; frame-ancestors 'none'; sandbox allow-popups allow-forms allow-same-origin allow-scripts; base-uri 'self'; img-src 'self' blob: data:;
x-cache: CONFIG_NOCACHE
content-length: 14437
request-context: appId=cid-v1:b7f3c470-42d9-40ae-97cb-bed35937343c
referrer-policy: no-referrer
last-modified: Thu, 31 Aug 2023 08:31:44 GMT
etag: "1d9dbe592bd2065"
x-frame-options: DENY
x-azure-ref: 20230911T011559Z-t7711tm5qd5rf2ddc8qy91z35g00000004sg000000005mbs
content-type: text/css
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
x-content-security-policy: default-src 'self' 'unsafe-inline' data: *.ecovadis-itlab.com *.ecovadis-survey.com; object-src 'none'; frame-ancestors 'none'; sandbox allow-popups allow-forms allow-same-origin allow-scripts; base-uri 'self'; img-src 'self' blob: data:;

GET
H2 200 logo_header.svg
idp.ecovadis-survey.com/images/ 3 KB
3 KB 230ms
229ms Image
image/svg+xml 2620:1ec:46::46
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://idp.ecovadis-survey.com/images/logo_header.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:46::46 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

529df736d80aff296c3bd1d6d06d2a8b20d0080e1a858477f58355afb0747a05

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' data: .ecovadis-itlab.com .ecovadis-survey.com; object-src 'none'; frame-ancestors 'none'; sandbox allow-popups allow-forms allow-same-origin allow-scripts; base-uri 'self'; img-src 'self' blob: data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Security-Policy	default-src 'self' 'unsafe-inline' data: .ecovadis-itlab.com .ecovadis-survey.com; object-src 'none'; frame-ancestors 'none'; sandbox allow-popups allow-forms allow-same-origin allow-scripts; base-uri 'self'; img-src 'self' blob: data:;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 01:15:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-inline' data: *.ecovadis-itlab.com *.ecovadis-survey.com; object-src 'none'; frame-ancestors 'none'; sandbox allow-popups allow-forms allow-same-origin allow-scripts; base-uri 'self'; img-src 'self' blob: data:;
x-cache: CONFIG_NOCACHE
content-length: 2581
request-context: appId=cid-v1:b7f3c470-42d9-40ae-97cb-bed35937343c
referrer-policy: no-referrer
last-modified: Thu, 31 Aug 2023 08:31:44 GMT
etag: "1d9dbe592bd1215"
x-frame-options: DENY
x-azure-ref: 20230911T011559Z-t7711tm5qd5rf2ddc8qy91z35g00000004sg000000005mc3
content-type: image/svg+xml
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
x-content-security-policy: default-src 'self' 'unsafe-inline' data: *.ecovadis-itlab.com *.ecovadis-survey.com; object-src 'none'; frame-ancestors 'none'; sandbox allow-popups allow-forms allow-same-origin allow-scripts; base-uri 'self'; img-src 'self' blob: data:;

GET
H2 200 eye_open.svg
idp.ecovadis-survey.com/images/ 522 B
1 KB 233ms
232ms Image
image/svg+xml 2620:1ec:46::46
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://idp.ecovadis-survey.com/images/eye_open.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:46::46 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

15c28ef4d3279fd7a32785169f7dcc95e3010f66ada544621a74e512fc79d977

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' data: .ecovadis-itlab.com .ecovadis-survey.com; object-src 'none'; frame-ancestors 'none'; sandbox allow-popups allow-forms allow-same-origin allow-scripts; base-uri 'self'; img-src 'self' blob: data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Security-Policy	default-src 'self' 'unsafe-inline' data: .ecovadis-itlab.com .ecovadis-survey.com; object-src 'none'; frame-ancestors 'none'; sandbox allow-popups allow-forms allow-same-origin allow-scripts; base-uri 'self'; img-src 'self' blob: data:;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 01:16:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-inline' data: *.ecovadis-itlab.com *.ecovadis-survey.com; object-src 'none'; frame-ancestors 'none'; sandbox allow-popups allow-forms allow-same-origin allow-scripts; base-uri 'self'; img-src 'self' blob: data:;
x-cache: CONFIG_NOCACHE
content-length: 522
request-context: appId=cid-v1:b7f3c470-42d9-40ae-97cb-bed35937343c
referrer-policy: no-referrer
last-modified: Thu, 31 Aug 2023 08:31:44 GMT
etag: "1d9dbe592bd1a0a"
x-frame-options: DENY
x-azure-ref: 20230911T011559Z-t7711tm5qd5rf2ddc8qy91z35g00000004sg000000005mca
content-type: image/svg+xml
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
x-content-security-policy: default-src 'self' 'unsafe-inline' data: *.ecovadis-itlab.com *.ecovadis-survey.com; object-src 'none'; frame-ancestors 'none'; sandbox allow-popups allow-forms allow-same-origin allow-scripts; base-uri 'self'; img-src 'self' blob: data:;

GET
H2 200 eye_crossed.svg
idp.ecovadis-survey.com/images/ 784 B
2 KB 249ms
248ms Image
image/svg+xml 2620:1ec:46::46
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://idp.ecovadis-survey.com/images/eye_crossed.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:46::46 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d9fab5aae5b9f751435ab8a2b1955f48e9fad0e880ced80aece52dcf760f60d6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' data: .ecovadis-itlab.com .ecovadis-survey.com; object-src 'none'; frame-ancestors 'none'; sandbox allow-popups allow-forms allow-same-origin allow-scripts; base-uri 'self'; img-src 'self' blob: data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Security-Policy	default-src 'self' 'unsafe-inline' data: .ecovadis-itlab.com .ecovadis-survey.com; object-src 'none'; frame-ancestors 'none'; sandbox allow-popups allow-forms allow-same-origin allow-scripts; base-uri 'self'; img-src 'self' blob: data:;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 01:16:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-inline' data: *.ecovadis-itlab.com *.ecovadis-survey.com; object-src 'none'; frame-ancestors 'none'; sandbox allow-popups allow-forms allow-same-origin allow-scripts; base-uri 'self'; img-src 'self' blob: data:;
x-cache: CONFIG_NOCACHE
content-length: 784
request-context: appId=cid-v1:b7f3c470-42d9-40ae-97cb-bed35937343c
referrer-policy: no-referrer
last-modified: Thu, 31 Aug 2023 08:31:44 GMT
etag: "1d9dbe592bd1b10"
x-frame-options: DENY
x-azure-ref: 20230911T011600Z-t7711tm5qd5rf2ddc8qy91z35g00000004sg000000005mch
content-type: image/svg+xml
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
x-content-security-policy: default-src 'self' 'unsafe-inline' data: *.ecovadis-itlab.com *.ecovadis-survey.com; object-src 'none'; frame-ancestors 'none'; sandbox allow-popups allow-forms allow-same-origin allow-scripts; base-uri 'self'; img-src 'self' blob: data:;

GET
H2 200 jquery-3.6.1.min.js Show response
idp.ecovadis-survey.com/lib/jquery/ 88 KB
89 KB 913ms
911ms Script
application/javascript 2620:1ec:46::46
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://idp.ecovadis-survey.com/lib/jquery/jquery-3.6.1.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:46::46 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' data: .ecovadis-itlab.com .ecovadis-survey.com; object-src 'none'; frame-ancestors 'none'; sandbox allow-popups allow-forms allow-same-origin allow-scripts; base-uri 'self'; img-src 'self' blob: data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Security-Policy	default-src 'self' 'unsafe-inline' data: .ecovadis-itlab.com .ecovadis-survey.com; object-src 'none'; frame-ancestors 'none'; sandbox allow-popups allow-forms allow-same-origin allow-scripts; base-uri 'self'; img-src 'self' blob: data:;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 01:16:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-inline' data: *.ecovadis-itlab.com *.ecovadis-survey.com; object-src 'none'; frame-ancestors 'none'; sandbox allow-popups allow-forms allow-same-origin allow-scripts; base-uri 'self'; img-src 'self' blob: data:;
x-cache: CONFIG_NOCACHE
content-length: 89664
request-context: appId=cid-v1:b7f3c470-42d9-40ae-97cb-bed35937343c
referrer-policy: no-referrer
last-modified: Thu, 31 Aug 2023 08:31:44 GMT
etag: "1d9dbe592bc4640"
x-frame-options: DENY
x-azure-ref: 20230911T011559Z-t7711tm5qd5rf2ddc8qy91z35g00000004sg000000005mbt
content-type: application/javascript
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
x-content-security-policy: default-src 'self' 'unsafe-inline' data: *.ecovadis-itlab.com *.ecovadis-survey.com; object-src 'none'; frame-ancestors 'none'; sandbox allow-popups allow-forms allow-same-origin allow-scripts; base-uri 'self'; img-src 'self' blob: data:;

GET
H2 200 messages.js Show response
idp.ecovadis-survey.com/js/ 85 KB
86 KB 928ms
926ms Script
application/javascript 2620:1ec:46::46
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://idp.ecovadis-survey.com/js/messages.js?v=09/11/2023%2000:00:00

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:46::46 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

152d98d0d6bd6bc6bf9aa0dd54c61af7975bb7b13af3b424f0f5180449096f01

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' data: .ecovadis-itlab.com .ecovadis-survey.com; object-src 'none'; frame-ancestors 'none'; sandbox allow-popups allow-forms allow-same-origin allow-scripts; base-uri 'self'; img-src 'self' blob: data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Security-Policy	default-src 'self' 'unsafe-inline' data: .ecovadis-itlab.com .ecovadis-survey.com; object-src 'none'; frame-ancestors 'none'; sandbox allow-popups allow-forms allow-same-origin allow-scripts; base-uri 'self'; img-src 'self' blob: data:;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 01:16:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-inline' data: *.ecovadis-itlab.com *.ecovadis-survey.com; object-src 'none'; frame-ancestors 'none'; sandbox allow-popups allow-forms allow-same-origin allow-scripts; base-uri 'self'; img-src 'self' blob: data:;
x-cache: CONFIG_NOCACHE
content-length: 86746
request-context: appId=cid-v1:b7f3c470-42d9-40ae-97cb-bed35937343c
referrer-policy: no-referrer
last-modified: Thu, 31 Aug 2023 08:31:44 GMT
etag: "1d9dbe592bc4ada"
x-frame-options: DENY
x-azure-ref: 20230911T011559Z-t7711tm5qd5rf2ddc8qy91z35g00000004sg000000005mbu
content-type: application/javascript
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
x-content-security-policy: default-src 'self' 'unsafe-inline' data: *.ecovadis-itlab.com *.ecovadis-survey.com; object-src 'none'; frame-ancestors 'none'; sandbox allow-popups allow-forms allow-same-origin allow-scripts; base-uri 'self'; img-src 'self' blob: data:;

GET
H2 200 messages-placeholders.js Show response
idp.ecovadis-survey.com/js/ 539 B
1 KB 674ms
672ms Script
application/javascript 2620:1ec:46::46
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://idp.ecovadis-survey.com/js/messages-placeholders.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:46::46 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

33af89619f12044f18ff0a7e3b065066d403de154b8a40444de47db0da8554f0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' data: .ecovadis-itlab.com .ecovadis-survey.com; object-src 'none'; frame-ancestors 'none'; sandbox allow-popups allow-forms allow-same-origin allow-scripts; base-uri 'self'; img-src 'self' blob: data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Security-Policy	default-src 'self' 'unsafe-inline' data: .ecovadis-itlab.com .ecovadis-survey.com; object-src 'none'; frame-ancestors 'none'; sandbox allow-popups allow-forms allow-same-origin allow-scripts; base-uri 'self'; img-src 'self' blob: data:;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 01:16:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-inline' data: *.ecovadis-itlab.com *.ecovadis-survey.com; object-src 'none'; frame-ancestors 'none'; sandbox allow-popups allow-forms allow-same-origin allow-scripts; base-uri 'self'; img-src 'self' blob: data:;
x-cache: CONFIG_NOCACHE
content-length: 539
request-context: appId=cid-v1:b7f3c470-42d9-40ae-97cb-bed35937343c
referrer-policy: no-referrer
last-modified: Thu, 31 Aug 2023 08:31:44 GMT
etag: "1d9dbe592bd1a1b"
x-frame-options: DENY
x-azure-ref: 20230911T011559Z-t7711tm5qd5rf2ddc8qy91z35g00000004sg000000005mbv
content-type: application/javascript
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
x-content-security-policy: default-src 'self' 'unsafe-inline' data: *.ecovadis-itlab.com *.ecovadis-survey.com; object-src 'none'; frame-ancestors 'none'; sandbox allow-popups allow-forms allow-same-origin allow-scripts; base-uri 'self'; img-src 'self' blob: data:;

GET
H2 200 layout.js Show response
idp.ecovadis-survey.com/js/ 9 KB
10 KB 684ms
682ms Script
application/javascript 2620:1ec:46::46
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://idp.ecovadis-survey.com/js/layout.js?v=09/11/2023%2000:00:00

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:46::46 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4b2d0f7341c734808f8af7f3122e063aec55e94878f5a814263011d92c5299ec

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' data: .ecovadis-itlab.com .ecovadis-survey.com; object-src 'none'; frame-ancestors 'none'; sandbox allow-popups allow-forms allow-same-origin allow-scripts; base-uri 'self'; img-src 'self' blob: data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Security-Policy	default-src 'self' 'unsafe-inline' data: .ecovadis-itlab.com .ecovadis-survey.com; object-src 'none'; frame-ancestors 'none'; sandbox allow-popups allow-forms allow-same-origin allow-scripts; base-uri 'self'; img-src 'self' blob: data:;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 01:16:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-inline' data: *.ecovadis-itlab.com *.ecovadis-survey.com; object-src 'none'; frame-ancestors 'none'; sandbox allow-popups allow-forms allow-same-origin allow-scripts; base-uri 'self'; img-src 'self' blob: data:;
x-cache: CONFIG_NOCACHE
content-length: 9085
request-context: appId=cid-v1:b7f3c470-42d9-40ae-97cb-bed35937343c
referrer-policy: no-referrer
last-modified: Thu, 31 Aug 2023 08:31:44 GMT
etag: "1d9dbe592bd3b7d"
x-frame-options: DENY
x-azure-ref: 20230911T011559Z-t7711tm5qd5rf2ddc8qy91z35g00000004sg000000005mbw
content-type: application/javascript
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
x-content-security-policy: default-src 'self' 'unsafe-inline' data: *.ecovadis-itlab.com *.ecovadis-survey.com; object-src 'none'; frame-ancestors 'none'; sandbox allow-popups allow-forms allow-same-origin allow-scripts; base-uri 'self'; img-src 'self' blob: data:;

GET
H2 200 o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
idp.ecovadis-survey.com/css/fonts/ 10 KB
11 KB 265ms
264ms Font
font/woff2 2620:1ec:46::46
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://idp.ecovadis-survey.com/css/fonts/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2

Requested by

Host: idp.ecovadis-survey.com
URL: https://idp.ecovadis-survey.com/css/fonts.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:46::46 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e56f53b3b976e9c05d86645a1e85cfc69e961601d201e957768455580fa30478

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' data: .ecovadis-itlab.com .ecovadis-survey.com; object-src 'none'; frame-ancestors 'none'; sandbox allow-popups allow-forms allow-same-origin allow-scripts; base-uri 'self'; img-src 'self' blob: data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Security-Policy	default-src 'self' 'unsafe-inline' data: .ecovadis-itlab.com .ecovadis-survey.com; object-src 'none'; frame-ancestors 'none'; sandbox allow-popups allow-forms allow-same-origin allow-scripts; base-uri 'self'; img-src 'self' blob: data:;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer
Origin: https://idp.ecovadis-survey.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 01:16:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-inline' data: *.ecovadis-itlab.com *.ecovadis-survey.com; object-src 'none'; frame-ancestors 'none'; sandbox allow-popups allow-forms allow-same-origin allow-scripts; base-uri 'self'; img-src 'self' blob: data:;
x-cache: CONFIG_NOCACHE
content-length: 10292
request-context: appId=cid-v1:b7f3c470-42d9-40ae-97cb-bed35937343c
referrer-policy: no-referrer
last-modified: Thu, 31 Aug 2023 08:31:44 GMT
etag: "1d9dbe592bd3034"
x-frame-options: DENY
x-azure-ref: 20230911T011600Z-t7711tm5qd5rf2ddc8qy91z35g00000004sg000000005mcx
content-type: font/woff2
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
x-content-security-policy: default-src 'self' 'unsafe-inline' data: *.ecovadis-itlab.com *.ecovadis-survey.com; object-src 'none'; frame-ancestors 'none'; sandbox allow-popups allow-forms allow-same-origin allow-scripts; base-uri 'self'; img-src 'self' blob: data:;

GET
H2 200 o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2
idp.ecovadis-survey.com/css/fonts/ 10 KB
11 KB 287ms
287ms Font
font/woff2 2620:1ec:46::46
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://idp.ecovadis-survey.com/css/fonts/o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2

Requested by

Host: idp.ecovadis-survey.com
URL: https://idp.ecovadis-survey.com/css/fonts.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:46::46 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6195b1bce0085db8c9b1b936150dfd7b070aa9be52d44580b1b6f16752dece34

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' data: .ecovadis-itlab.com .ecovadis-survey.com; object-src 'none'; frame-ancestors 'none'; sandbox allow-popups allow-forms allow-same-origin allow-scripts; base-uri 'self'; img-src 'self' blob: data:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Security-Policy	default-src 'self' 'unsafe-inline' data: .ecovadis-itlab.com .ecovadis-survey.com; object-src 'none'; frame-ancestors 'none'; sandbox allow-popups allow-forms allow-same-origin allow-scripts; base-uri 'self'; img-src 'self' blob: data:;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer
Origin: https://idp.ecovadis-survey.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 01:16:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-inline' data: *.ecovadis-itlab.com *.ecovadis-survey.com; object-src 'none'; frame-ancestors 'none'; sandbox allow-popups allow-forms allow-same-origin allow-scripts; base-uri 'self'; img-src 'self' blob: data:;
x-cache: CONFIG_NOCACHE
content-length: 10116
request-context: appId=cid-v1:b7f3c470-42d9-40ae-97cb-bed35937343c
referrer-policy: no-referrer
last-modified: Thu, 31 Aug 2023 08:31:44 GMT
etag: "1d9dbe592bd3f84"
x-frame-options: DENY
x-azure-ref: 20230911T011600Z-t7711tm5qd5rf2ddc8qy91z35g00000004sg000000005mcy
content-type: font/woff2
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges: bytes
x-content-security-policy: default-src 'self' 'unsafe-inline' data: *.ecovadis-itlab.com *.ecovadis-survey.com; object-src 'none'; frame-ancestors 'none'; sandbox allow-popups allow-forms allow-same-origin allow-scripts; base-uri 'self'; img-src 'self' blob: data:;

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: col.site24x7rum.com
URL: https://col.site24x7rum.com/rum/trace

Domain: col.site24x7rum.com
URL: https://col.site24x7rum.com/rum/wcv

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
app.salesforceiq.com/	1970-01-20 14:39:58	Name: AWSELB Value: 374BDD3B1C8D95541202F5C305D5BF48C4F178928B8F2106DFDC5B3A49F4103DA0BABB7C232E8CF5156DE0D82387EBEE8552B73BAB3D42D750930575806BBA0E134DC81EFD
app.salesforceiq.com/	1970-01-20 14:39:58	Name: AWSELBCORS Value: 374BDD3B1C8D95541202F5C305D5BF48C4F178928B8F2106DFDC5B3A49F4103DA0BABB7C232E8CF5156DE0D82387EBEE8552B73BAB3D42D750930575806BBA0E134DC81EFD
.dub01.online.tableau.com/	1969-12-31 23:59:59	Name: hid Value: dub01pd-hap01
.dub01.online.tableau.com/	1969-12-31 23:59:59	Name: AWSELB Value: C5750B1F1C02CA9630AA7C7905CEF4E81E1406D8286D96385BA85FA2BDAFD8338A5348BCF0CE76AD03EBB006F4EE69FC2553ED68A52C03BDA21C525EE0A7D9C86C3D04649090B3D2054AC673438F2F12B6FD4A5623
www.ecovadis-survey.com/	1970-01-20 23:25:30	Name: ai_user Value: 55OLS\|2023-09-11T01:15:58.178Z
www.ecovadis-survey.com/	1969-12-31 23:59:59	Name: https-anakin-prodCORS Value: 1e46de6ad05de6ef1ad2e70a2d9f8b37
www.ecovadis-survey.com/	1969-12-31 23:59:59	Name: https-anakin-prod Value: 1e46de6ad05de6ef1ad2e70a2d9f8b37
idp.ecovadis-survey.com/	1969-12-31 23:59:59	Name: .AspNetCore.Antiforgery.VyLW6ORzMgk Value: CfDJ8Fda_2KIxUlFu9iZYvveDDE220qbA3H6uMHsOxcc8_wABqbeTF7BbncmPzZozFknojERjby0NcTr0DD68Zup2lGV24z0vS6Fx4YgemtDJnfq2c-szPPDcmTEIHgDhAW4Pno8iHhew2kzvbRA4Qeoxmo
www.ecovadis-survey.com/	1970-01-20 23:52:52	Name: site24x7rumID Value: 6099264240069.1694394954385.1694394954385
col.site24x7rum.com/	1969-12-31 23:59:59	Name: s247cname Value: adfaeef4-cdc0-485e-8219-b02f7230127b

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://dub01.online.tableau.com/javascripts/api/tableau-2.min.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dub01.online.tableau.com/javascripts/api/tableau-2.9.2.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://dub01.online.tableau.com/javascripts/api/tableau-2.min.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dub01.online.tableau.com/javascripts/api/tableau-2.9.2.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security	warning	URL: https://idp.ecovadis-survey.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dbellucci%26redirect_uri%3Dhttps%253A%252F%252Fwww.ecovadis-survey.com%252Fapp%252F%2523%252Fsso-callback%253F%26response_type%3Did_token%2520token%26scope%3Dopenid%2520profile%2520actinguserid%2520anakinapi%2520idpapi%2520offline_access%26response_mode%3Dfragment%26nonce%3Dmei8tihx3d%26language%3Den-GB Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https://.hotjar.com https://.hotjar.io wss://.hotjar.com https://data.eu.pendo.io; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' .site24x7rum.com .google-analytics.com .googletagmanager.com ajax.googleapis.com .uservoice.com .tableau.com .tableauusercontent.com .stripe.com .datatables.net .ecovadis-survey.com .hotjar.com .storage.googleapis.com .pendo.io;style-src 'report-sample' 'self' 'unsafe-inline' blob: fonts.googleapis.com .datatables.net .jsdelivr.net .storage.googleapis.com .pendo.io .ecovadis-survey.com; connect-src 'self' col.site24x7rum.com .ecovadis-survey.com .google-analytics.com com sentry.io .visualstudio.com https://data.eu.pendo.io/ .blob.core.windows.net .g.doubleclick.net .hotjar.com wss://.hotjar.com .pendo.io .storage.googleapis.com; frame-src 'self' .googletagmanager.com .online.tableau.com .stripe.com https://pendo-eu-extensions.storage.googleapis.com/ .hotjar.com/ .pendo.io https://portal.productboard.com/;img-src 'self' blob: data: .google-analytics.com .stripe.com https://data.eu.pendo.io .storage.googleapis.com .slgnt.eu https://ecovadis.slgnt.eu .google.com .google.pl .storage.googleapis.com .pendo.io * ; manifest-src 'self' .ecovadis-survey.com; media-src 'self'; worker-src 'none'; object-src 'none'; base-uri 'self'; frame-ancestors .pendo.io; child-src *.pendo.io; font-src 'self' data: fonts.gstatic.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.salesforceiq.com
cdn.pendo.io
col.site24x7rum.com
dub01.online.tableau.com
embedding.tableauusercontent.com
fonts.googleapis.com
idp.ecovadis-survey.com
static.site24x7rum.com
www.ecovadis-survey.com
www.googletagmanager.com
col.site24x7rum.com
13.35.49.119
2404:6800:4004:824::2008
2404:6800:4004:824::200a
2600:9000:20e4:f200:1b:df26:7b40:93a1
2600:9000:2197:3e00:1f:aa31:7740:93a1
2620:1ec:46::46
34.255.46.117
44.237.87.138
0d9a85dafecc722bb8c186f443520f5ae8c63d85c3c0f096f865b27ce2b3d4bd
152d98d0d6bd6bc6bf9aa0dd54c61af7975bb7b13af3b424f0f5180449096f01
15c28ef4d3279fd7a32785169f7dcc95e3010f66ada544621a74e512fc79d977
1ac61e34331597f87f27beee1c265032310f9747974d22b7d58da19970144552
2351850837ce193f215cd0688b6c00bbb34c327dc957638502695334a808073f
31f0249e6eaf9542391d9872a054497646614d5ce96d7a5dce08751cff0b4027
33af89619f12044f18ff0a7e3b065066d403de154b8a40444de47db0da8554f0
35a9d821a2812ff8f18ec2d1b69ba65eb524cd3aacddd487cc0c5380ff5743df
45e27a18a7754dd82f591984f80fc2ca58aaa1d3394abe9fa135d951e3cc967c
4b2d0f7341c734808f8af7f3122e063aec55e94878f5a814263011d92c5299ec
50b7ed9964a2aeceff3c7cd4ecb000ba1a80fc80b0fedcb9752a02ac0cbb344d
529df736d80aff296c3bd1d6d06d2a8b20d0080e1a858477f58355afb0747a05
6195b1bce0085db8c9b1b936150dfd7b070aa9be52d44580b1b6f16752dece34
656cceed63fef855d6aa63ce2a93fac39120c13e4ef46e673818aad89b022a10
75478839d53d23eee740949bff6b587c914f55a5bd89bf46cf4de845793ec27e
88a7d4e0f1bf869cf9f0c90a20a0796ba30f2a9372a18c74bde51fbc535decb1
8fed288c68b5dbb77b744542572431e44b46b06c9f8259d0d4fb6cada0b2db44
9602e95c3f5449807338c80b21cb3731077bc1eab5b5ae8ed59e656561853e66
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
aace8508c462388720051206f0c148c4df8f692ce077090d9e772e60d3629fd2
b601a3b0b8c5debb0295b4543c1b5b635cc6365658bec13b54d646a0699fc692
b9b5ae86f3b4c0e662bd3208337fe7edffe8fcfbdc1d019480d3c497be267125
d1be41b4e5860f8eed76ebb4efa0a298480e913eba42e33ce174b4504e77a452
d632e8d8ae3ad0746868c263443ac606500433723439f29e8a051e12361a1137
d9fab5aae5b9f751435ab8a2b1955f48e9fad0e880ced80aece52dcf760f60d6
e3fef80bddae6ccb09bbd3b44f88d6e34be5b8b88131a6852289742dfe47b26a
e56f53b3b976e9c05d86645a1e85cfc69e961601d201e957768455580fa30478
f6002e854e9072f218fc82b88c45b5642f5b711970de5ce19a7579c44d23bc16
fc81abf3dda876ba9f77f8ee4e62ebbc53b592c69ed66ec22ddca40bbc5e6988

idp.ecovadis-survey.com Open in urlscan Pro 2620:1ec:46::46 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

32 Requests

94 %HTTPS

63 %IPv6

8 Domains

10 Subdomains

8 IPs

3 Countries

6419 kBTransfer

20068 kBSize

10 Cookies

3 Outgoing links

Page URL History

Redirected requests

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

idp.ecovadis-survey.com Open in urlscan Pro
2620:1ec:46::46 Public Scan

Screenshot
Live screenshot

Full Image

32
Requests

94 %
HTTPS

63 %
IPv6

8
Domains

10
Subdomains

8
IPs

3
Countries

6419 kB
Transfer

20068 kB
Size

10
Cookies

32 HTTP transactions
0 data transactions