Submitted URL: https://login.nmautoglass.com/
Effective URL: https://showroom.inflowinventory.com/03676edc-f1ba-4fee-9149-0c9108378562
Submission: On January 04 via api from US — Scanned from US

Summary

This website contacted 3 IPs in 1 countries across 4 domains to perform 17 HTTP transactions. The main IP is 52.159.81.216, located in Chicago, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is showroom.inflowinventory.com.
TLS certificate: Issued by R3 on January 1st 2024. Valid for: 3 months.
This is the only time showroom.inflowinventory.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 198.49.23.144 53831 (SQUARESPACE)
1 16 52.159.81.216 8075 (MICROSOFT...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 20.150.126.4 8075 (MICROSOFT...)
17 3
Apex Domain
Subdomains
Transfer
16 inflowinventory.com
showroom.inflowinventory.com
accounts.inflowinventory.com — Cisco Umbrella Rank: 873962
cloudapi.inflowinventory.com — Cisco Umbrella Rank: 806979
952 KB
1 windows.net
inflowclouduser.blob.core.windows.net
51 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101
21 KB
1 nmautoglass.com
login.nmautoglass.com
198 B
17 4
Domain Requested by
10 showroom.inflowinventory.com showroom.inflowinventory.com
4 cloudapi.inflowinventory.com showroom.inflowinventory.com
2 accounts.inflowinventory.com 1 redirects showroom.inflowinventory.com
1 inflowclouduser.blob.core.windows.net
1 www.google-analytics.com showroom.inflowinventory.com
1 login.nmautoglass.com 1 redirects
17 6

This site contains no links.

Subject Issuer Validity Valid
app.inflowinventory.com
R3
2024-01-01 -
2024-03-31
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.blob.core.windows.net
Microsoft RSA TLS CA 01
2023-09-28 -
2024-09-28
a year crt.sh

This page contains 2 frames:

Primary Page: https://showroom.inflowinventory.com/03676edc-f1ba-4fee-9149-0c9108378562
Frame ID: 680CDDD745E261DBEC6D6B156E79B229
Requests: 13 HTTP requests in this frame

Frame: https://showroom.inflowinventory.com/silent-login
Frame ID: EDB480505B6F7369C31557D45FD3972C
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Nielsen and Moller Auto Glass Distributors's Showroom

Page URL History Show full URLs

  1. https://login.nmautoglass.com/ HTTP 302
    https://showroom.inflowinventory.com/03676edc-f1ba-4fee-9149-0c9108378562 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

17
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

6
Subdomains

3
IPs

1
Countries

1023 kB
Transfer

4128 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://login.nmautoglass.com/ HTTP 302
    https://showroom.inflowinventory.com/03676edc-f1ba-4fee-9149-0c9108378562 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://accounts.inflowinventory.com/connect/authorize?client_id=inFlowShowroom&redirect_uri=https%3A%2F%2Fshowroom.inflowinventory.com%2Fsilent-login&response_type=id_token%20token&scope=openid%20profile%20email%20inFlowApi&state=f8286100b7d84f75aa0fa3fff656d195&nonce=8a0ec615330445a69d0c98d928fd5513&prompt=none HTTP 302
  • https://showroom.inflowinventory.com/silent-login

17 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request 03676edc-f1ba-4fee-9149-0c9108378562
showroom.inflowinventory.com/
Redirect Chain
  • https://login.nmautoglass.com/
  • https://showroom.inflowinventory.com/03676edc-f1ba-4fee-9149-0c9108378562
6 KB
3 KB
Document
General
Full URL
https://showroom.inflowinventory.com/03676edc-f1ba-4fee-9149-0c9108378562
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.159.81.216 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
984670d435b2d4c455502d83003c53d09adcbdd40918db1b046349007034105e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://accounts.inflowinventory.com;frame-src 'self' https://accounts.inflowinventory.com https://js.stripe.com/ https://libs.na.bambora.com/
Strict-Transport-Security max-age=7776000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-security-policy
frame-ancestors 'self' https://accounts.inflowinventory.com;frame-src 'self' https://accounts.inflowinventory.com https://js.stripe.com/ https://libs.na.bambora.com/
content-type
text/html; charset=utf-8
date
Thu, 04 Jan 2024 06:04:22 GMT
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://inflowappprod.report-uri.com/a/d/g"}],"include_subdomains":true}
request-context
appId=cid-v1:b026ff8e-4992-4226-b26a-5412a0a77515
strict-transport-security
max-age=7776000
vary
Accept-Encoding

Redirect headers

age
5230
content-length
0
date
Thu, 04 Jan 2024 04:37:12 GMT
location
https://showroom.inflowinventory.com/03676edc-f1ba-4fee-9149-0c9108378562
server
Squarespace
x-contextid
x6odtRKY/4OYvUdQC
toastify.css
showroom.inflowinventory.com/css/
10 KB
2 KB
Stylesheet
General
Full URL
https://showroom.inflowinventory.com/css/toastify.css?v=-m-LORWrQxFvY41_4TmjxgfsGxtzSdrW1nTzwop-qw4
Requested by
Host: showroom.inflowinventory.com
URL: https://showroom.inflowinventory.com/03676edc-f1ba-4fee-9149-0c9108378562
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.159.81.216 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fa6f8b3915ab43116f638d7fe139a3c607ec1b1b7349dad6d674f3c28a7eab0e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://accounts.inflowinventory.com;frame-src 'self' https://accounts.inflowinventory.com https://js.stripe.com/ https://libs.na.bambora.com/
Strict-Transport-Security max-age=7776000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://showroom.inflowinventory.com/03676edc-f1ba-4fee-9149-0c9108378562
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 06:04:22 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
last-modified
Tue, 01 Aug 2023 12:22:14 GMT
content-security-policy
frame-ancestors 'self' https://accounts.inflowinventory.com;frame-src 'self' https://accounts.inflowinventory.com https://js.stripe.com/ https://libs.na.bambora.com/
etag
"1d9c472cdab38bc"
vary
Accept-Encoding
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://inflowappprod.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type
text/css
accept-ranges
bytes
request-context
appId=cid-v1:b026ff8e-4992-4226-b26a-5412a0a77515
styles.css
showroom.inflowinventory.com/dist/
0
0
Stylesheet
General
Full URL
https://showroom.inflowinventory.com/dist/styles.css
Requested by
Host: showroom.inflowinventory.com
URL: https://showroom.inflowinventory.com/03676edc-f1ba-4fee-9149-0c9108378562
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.159.81.216 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://showroom.inflowinventory.com/03676edc-f1ba-4fee-9149-0c9108378562
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
-1
pragma
no-cache
date
Thu, 04 Jan 2024 06:04:22 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
vary
Accept-Encoding
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://inflowappprod.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type
text/html; charset=utf-8
cache-control
no-cache,no-store
request-context
appId=cid-v1:b026ff8e-4992-4226-b26a-5412a0a77515
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: showroom.inflowinventory.com
URL: https://showroom.inflowinventory.com/03676edc-f1ba-4fee-9149-0c9108378562
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://showroom.inflowinventory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 04 Jan 2024 05:51:49 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
754
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 04 Jan 2024 07:51:49 GMT
main-client.js
showroom.inflowinventory.com/dist/
3 MB
771 KB
Script
General
Full URL
https://showroom.inflowinventory.com/dist/main-client.js?v=ydv9iCH3SEqhrJdU-_TIHTZaJsKkswDwnsQWddKGktw
Requested by
Host: showroom.inflowinventory.com
URL: https://showroom.inflowinventory.com/03676edc-f1ba-4fee-9149-0c9108378562
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.159.81.216 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c9dbfd8821f7484aa1ac9754fbf4c81d365a26c2a4b300f09ec41675d28692dc
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://accounts.inflowinventory.com;frame-src 'self' https://accounts.inflowinventory.com https://js.stripe.com/ https://libs.na.bambora.com/
Strict-Transport-Security max-age=7776000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://showroom.inflowinventory.com/03676edc-f1ba-4fee-9149-0c9108378562
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 06:04:23 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
last-modified
Tue, 15 Aug 2023 21:17:35 GMT
content-security-policy
frame-ancestors 'self' https://accounts.inflowinventory.com;frame-src 'self' https://accounts.inflowinventory.com https://js.stripe.com/ https://libs.na.bambora.com/
etag
"1d9cfbde9388abe"
vary
Accept-Encoding
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://inflowappprod.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type
application/javascript
accept-ranges
bytes
request-context
appId=cid-v1:b026ff8e-4992-4226-b26a-5412a0a77515
roboto-light.woff2
showroom.inflowinventory.com/fonts/roboto/
20 KB
21 KB
Font
General
Full URL
https://showroom.inflowinventory.com/fonts/roboto/roboto-light.woff2
Requested by
Host: showroom.inflowinventory.com
URL: https://showroom.inflowinventory.com/03676edc-f1ba-4fee-9149-0c9108378562
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.159.81.216 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c87574346ec3dee9612a83991ef620675f59aca649b4da13fb66f6ff2c225054
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://accounts.inflowinventory.com;frame-src 'self' https://accounts.inflowinventory.com https://js.stripe.com/ https://libs.na.bambora.com/
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://showroom.inflowinventory.com/03676edc-f1ba-4fee-9149-0c9108378562
Origin
https://showroom.inflowinventory.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 06:04:23 GMT
strict-transport-security
max-age=7776000
content-security-policy
frame-ancestors 'self' https://accounts.inflowinventory.com;frame-src 'self' https://accounts.inflowinventory.com https://js.stripe.com/ https://libs.na.bambora.com/
last-modified
Tue, 01 Aug 2023 12:22:14 GMT
etag
"1d9c472cdab4ec0"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://inflowappprod.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type
font/woff2
accept-ranges
bytes
content-length
20928
request-context
appId=cid-v1:b026ff8e-4992-4226-b26a-5412a0a77515
openid-configuration
accounts.inflowinventory.com/.well-known/
2 KB
3 KB
XHR
General
Full URL
https://accounts.inflowinventory.com/.well-known/openid-configuration
Requested by
Host: showroom.inflowinventory.com
URL: https://showroom.inflowinventory.com/dist/main-client.js?v=ydv9iCH3SEqhrJdU-_TIHTZaJsKkswDwnsQWddKGktw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.159.81.216 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9ac2cc8955028097ecb3252e8c2cc100f29b36f513d74a205f37c60ae351abb8
Security Headers
Name Value
Strict-Transport-Security max-age=7776000, max-age=7776000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://showroom.inflowinventory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 06:04:23 GMT
strict-transport-security
max-age=7776000, max-age=7776000
vary
Origin
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://inflowappprod.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://showroom.inflowinventory.com
access-control-allow-credentials
true
request-context
appId=cid-v1:b026ff8e-4992-4226-b26a-5412a0a77515, appId=cid-v1:b026ff8e-4992-4226-b26a-5412a0a77515
silent-login
showroom.inflowinventory.com/ Frame EDB4
Redirect Chain
  • https://accounts.inflowinventory.com/connect/authorize?client_id=inFlowShowroom&redirect_uri=https%3A%2F%2Fshowroom.inflowinventory.com%2Fsilent-login&response_type=id_token%20token&scope=openid%20...
  • https://showroom.inflowinventory.com/silent-login
314 B
313 B
Document
General
Full URL
https://showroom.inflowinventory.com/silent-login
Requested by
Host: showroom.inflowinventory.com
URL: https://showroom.inflowinventory.com/dist/main-client.js?v=ydv9iCH3SEqhrJdU-_TIHTZaJsKkswDwnsQWddKGktw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.159.81.216 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c7a06be275951fd91f47dc3afe00a23e5cc66483af935542177431fa2b85135e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://accounts.inflowinventory.com;frame-src 'self' https://accounts.inflowinventory.com https://js.stripe.com/ https://libs.na.bambora.com/
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://showroom.inflowinventory.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-security-policy
frame-ancestors 'self' https://accounts.inflowinventory.com;frame-src 'self' https://accounts.inflowinventory.com https://js.stripe.com/ https://libs.na.bambora.com/
content-type
text/html; charset=utf-8
date
Thu, 04 Jan 2024 06:04:24 GMT
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://inflowappprod.report-uri.com/a/d/g"}],"include_subdomains":true}
request-context
appId=cid-v1:b026ff8e-4992-4226-b26a-5412a0a77515
strict-transport-security
max-age=7776000
vary
Accept-Encoding

Redirect headers

cache-control
no-store, no-cache, max-age=0
content-length
0
content-security-policy
script-src 'self' 'sha256-orD0/VhH8hLqrLxKHD/HUEMdwqX6/0ve7c5hspX5VJ8=' 'sha256-fa5rxHhZ799izGRP38+h4ud5QXNT0SFaFlh4eqDumBI=' https://www.inflowinventory.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://grsm.io https://q.quora.com https://px.ads.linkedin.com https://bat.bing.com https://www.googletagmanager.com https://www.google-analytics.com https://www.googleadservices.com https://ct.capterra.com https://api.hubapi.com https://api.hubspot.com https://app.hubspot.com https://track.hubspot.com https://forms.hubspot.com https://forms.hsforms.com https://js-na1.hs-scripts.com https://js.hs-analytics.net https://js.hs-banner.com https://js.usemessages.com https://js.hscollectedforms.net https://js.hsadspixel.net https://js.hs-banner.com https://js.hs-analytics.netforms.hsforms.com https://js.hs-scripts.com https://connect.facebook.net https://analytics.tiktok.com; style-src 'self' https://www.inflowinventory.com; frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://www.facebook.com; img-src 'self' https://px.ads.linkedin.com https://www.linkedin.com https://bat.bing.com https://q.quora.com https://www.google-analytics.com https://track.hubspot.com https://forms.hsforms.com https://www.facebook.com https://cdn.inflowinventory.com https://d1axv6bfszrjec.cloudfront.net https://www.inflowinventory.com https://inflowclouduser.blob.core.windows.net/; connect-src 'self' https://www.google-analytics.com https://bat.bing.com https://grsm.io https://api.hubapi.com https://api.hubspot.com https://forms.hubspot.com https://forms.hscollectedforms.net https://analytics.tiktok.com https://www.inflowinventory.com https://cloudapi.inflowinventory.com; font-src 'self' https://www.inflowinventory.com https://fonts.gstatic.com data:
date
Thu, 04 Jan 2024 06:04:23 GMT
location
https://showroom.inflowinventory.com/silent-login#error=login_required&state=f8286100b7d84f75aa0fa3fff656d195&session_state=-bJVVJAd2BYJhBQUDLzksB9IcGSiz3A3b-3xAky91NQ.F87029D186EE21D2FE4ED69D116C0C30
pragma
no-cache
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://inflowappprod.report-uri.com/a/d/g"}],"include_subdomains":true}
request-context
appId=cid-v1:b026ff8e-4992-4226-b26a-5412a0a77515 appId=cid-v1:b026ff8e-4992-4226-b26a-5412a0a77515
strict-transport-security
max-age=7776000 max-age=7776000
oidc-client.min.js
showroom.inflowinventory.com/js/ Frame EDB4
331 KB
91 KB
Script
General
Full URL
https://showroom.inflowinventory.com/js/oidc-client.min.js?v=k_P1lHPL4nw0-vuUbSlSg27MoHWBQrJ1KSGOsERmU8U
Requested by
Host: showroom.inflowinventory.com
URL: https://showroom.inflowinventory.com/silent-login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.159.81.216 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
93f3f59473cbe27c34fafb946d2952836ecca0758142b27529218eb0446653c5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://accounts.inflowinventory.com;frame-src 'self' https://accounts.inflowinventory.com https://js.stripe.com/ https://libs.na.bambora.com/
Strict-Transport-Security max-age=7776000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://showroom.inflowinventory.com/silent-login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 06:04:24 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
last-modified
Tue, 01 Aug 2023 12:22:14 GMT
content-security-policy
frame-ancestors 'self' https://accounts.inflowinventory.com;frame-src 'self' https://accounts.inflowinventory.com https://js.stripe.com/ https://libs.na.bambora.com/
etag
"1d9c472cdae34b7"
vary
Accept-Encoding
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://inflowappprod.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type
application/javascript
accept-ranges
bytes
request-context
appId=cid-v1:b026ff8e-4992-4226-b26a-5412a0a77515
showroom-info
cloudapi.inflowinventory.com/03676edc-f1ba-4fee-9149-0c9108378562/ Frame
0
0
Preflight
General
Full URL
https://cloudapi.inflowinventory.com/03676edc-f1ba-4fee-9149-0c9108378562/showroom-info
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.159.81.216 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7776000 max-age=7776000

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-origin,cache-control,expires,pragma
Access-Control-Request-Method
GET
Origin
https://showroom.inflowinventory.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
access-control-allow-origin,cache-control,expires,pragma
access-control-allow-methods
GET
access-control-allow-origin
https://showroom.inflowinventory.com
date
Thu, 04 Jan 2024 06:04:23 GMT
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://inflowappprod.report-uri.com/a/d/g"}],"include_subdomains":true}
request-context
appId=cid-v1:b026ff8e-4992-4226-b26a-5412a0a77515 appId=cid-v1:b026ff8e-4992-4226-b26a-5412a0a77515
strict-transport-security
max-age=7776000 max-age=7776000
vary
Origin
showroom-cart
cloudapi.inflowinventory.com/03676edc-f1ba-4fee-9149-0c9108378562/ Frame
0
0
Preflight
General
Full URL
https://cloudapi.inflowinventory.com/03676edc-f1ba-4fee-9149-0c9108378562/showroom-cart
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.159.81.216 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7776000 max-age=7776000

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-origin,cache-control,expires,pragma
Access-Control-Request-Method
GET
Origin
https://showroom.inflowinventory.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
access-control-allow-origin,cache-control,expires,pragma
access-control-allow-methods
GET
access-control-allow-origin
https://showroom.inflowinventory.com
date
Thu, 04 Jan 2024 06:04:23 GMT
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://inflowappprod.report-uri.com/a/d/g"}],"include_subdomains":true}
request-context
appId=cid-v1:b026ff8e-4992-4226-b26a-5412a0a77515 appId=cid-v1:b026ff8e-4992-4226-b26a-5412a0a77515
strict-transport-security
max-age=7776000 max-age=7776000
vary
Origin
showroom-info
cloudapi.inflowinventory.com/03676edc-f1ba-4fee-9149-0c9108378562/
2 KB
750 B
XHR
General
Full URL
https://cloudapi.inflowinventory.com/03676edc-f1ba-4fee-9149-0c9108378562/showroom-info
Requested by
Host: showroom.inflowinventory.com
URL: https://showroom.inflowinventory.com/dist/main-client.js?v=ydv9iCH3SEqhrJdU-_TIHTZaJsKkswDwnsQWddKGktw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.159.81.216 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b67203bdde13a36886efe22279bdc48599f95d20412baa506c5c020fcef78129
Security Headers
Name Value
Strict-Transport-Security max-age=7776000, max-age=7776000

Request headers

Pragma
no-cache
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Access-Control-Allow-Origin
true
Accept
application/vnd.api+json; version=2021-04-26
Cache-Control
no-cache
Referer
https://showroom.inflowinventory.com/
Expires
0

Response headers

date
Thu, 04 Jan 2024 06:04:23 GMT
content-encoding
br
strict-transport-security
max-age=7776000, max-age=7776000
vary
Accept-Encoding, Origin
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://inflowappprod.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type
application/vnd.api+json
access-control-allow-origin
https://showroom.inflowinventory.com
access-control-allow-credentials
true
request-context
appId=cid-v1:b026ff8e-4992-4226-b26a-5412a0a77515, appId=cid-v1:b026ff8e-4992-4226-b26a-5412a0a77515
showroom-cart
cloudapi.inflowinventory.com/03676edc-f1ba-4fee-9149-0c9108378562/
218 B
294 B
XHR
General
Full URL
https://cloudapi.inflowinventory.com/03676edc-f1ba-4fee-9149-0c9108378562/showroom-cart
Requested by
Host: showroom.inflowinventory.com
URL: https://showroom.inflowinventory.com/dist/main-client.js?v=ydv9iCH3SEqhrJdU-_TIHTZaJsKkswDwnsQWddKGktw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.159.81.216 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8498234def6d6f14e58d0e37209eb52aac3dd358d77ad49bac8d0e70adcbc70a
Security Headers
Name Value
Strict-Transport-Security max-age=7776000, max-age=7776000

Request headers

Pragma
no-cache
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Access-Control-Allow-Origin
true
Accept
application/vnd.api+json; version=2021-04-26
Cache-Control
no-cache
Referer
https://showroom.inflowinventory.com/
Expires
0

Response headers

date
Thu, 04 Jan 2024 06:04:24 GMT
content-encoding
br
strict-transport-security
max-age=7776000, max-age=7776000
vary
Accept-Encoding, Origin
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://inflowappprod.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type
application/vnd.api+json
access-control-allow-origin
https://showroom.inflowinventory.com
access-control-allow-credentials
true
request-context
appId=cid-v1:b026ff8e-4992-4226-b26a-5412a0a77515, appId=cid-v1:b026ff8e-4992-4226-b26a-5412a0a77515
pssbf1kivihcycav0e2uoqtl-large.jpg
inflowclouduser.blob.core.windows.net/03676edc-f1ba-4fee-9149-0c9108378562/images/
51 KB
51 KB
Image
General
Full URL
https://inflowclouduser.blob.core.windows.net/03676edc-f1ba-4fee-9149-0c9108378562/images/pssbf1kivihcycav0e2uoqtl-large.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.150.126.4 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5b49204d76ac5be3b75cb8679ea286e482581f9ab295c34afd2d145bf5be8596

Request headers

accept-language
en-US,en;q=0.9
Referer
https://showroom.inflowinventory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Thu, 04 Jan 2024 06:04:24 GMT
Last-Modified
Thu, 30 Nov 2023 04:09:25 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
Ayg691P0s7txzlDQrEATIw==
ETag
0x8DBF15A24286834
Vary
Origin
Content-Type
image/jpeg
x-ms-request-id
07d61868-001e-004d-25d3-3e040d000000
x-ms-version
2009-09-19
Content-Length
52081
inflowwebicons.woff
showroom.inflowinventory.com/fonts/inflow-web-icons/
40 KB
16 KB
Font
General
Full URL
https://showroom.inflowinventory.com/fonts/inflow-web-icons/inflowwebicons.woff
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.159.81.216 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e70538c85281e392c9fa7cf9cc8edb94d0c5512f6b718db15a88e6ef9a382880
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://accounts.inflowinventory.com;frame-src 'self' https://accounts.inflowinventory.com https://js.stripe.com/ https://libs.na.bambora.com/
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://showroom.inflowinventory.com/03676edc-f1ba-4fee-9149-0c9108378562
Origin
https://showroom.inflowinventory.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 06:04:24 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
last-modified
Fri, 11 Aug 2023 17:49:02 GMT
content-security-policy
frame-ancestors 'self' https://accounts.inflowinventory.com;frame-src 'self' https://accounts.inflowinventory.com https://js.stripe.com/ https://libs.na.bambora.com/
etag
"1d9cc7c1d136430"
vary
Accept-Encoding
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://inflowappprod.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type
application/font-woff
accept-ranges
bytes
request-context
appId=cid-v1:b026ff8e-4992-4226-b26a-5412a0a77515
roboto-regular.woff2
showroom.inflowinventory.com/fonts/roboto/
21 KB
21 KB
Font
General
Full URL
https://showroom.inflowinventory.com/fonts/roboto/roboto-regular.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.159.81.216 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7fe5ba183f35dc5dc4ed1eaca7edd613e64fac1af530e82ff9953b22b2cf472c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://accounts.inflowinventory.com;frame-src 'self' https://accounts.inflowinventory.com https://js.stripe.com/ https://libs.na.bambora.com/
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://showroom.inflowinventory.com/03676edc-f1ba-4fee-9149-0c9108378562
Origin
https://showroom.inflowinventory.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 06:04:24 GMT
strict-transport-security
max-age=7776000
content-security-policy
frame-ancestors 'self' https://accounts.inflowinventory.com;frame-src 'self' https://accounts.inflowinventory.com https://js.stripe.com/ https://libs.na.bambora.com/
last-modified
Tue, 01 Aug 2023 12:22:14 GMT
etag
"1d9c472cdab4b04"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://inflowappprod.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type
font/woff2
accept-ranges
bytes
content-length
21508
request-context
appId=cid-v1:b026ff8e-4992-4226-b26a-5412a0a77515
roboto-bold.woff2
showroom.inflowinventory.com/fonts/roboto/
21 KB
21 KB
Font
General
Full URL
https://showroom.inflowinventory.com/fonts/roboto/roboto-bold.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.159.81.216 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2165b44807a296d463dab02423c78406bbd899da175ce82701dafee13f956577
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://accounts.inflowinventory.com;frame-src 'self' https://accounts.inflowinventory.com https://js.stripe.com/ https://libs.na.bambora.com/
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://showroom.inflowinventory.com/03676edc-f1ba-4fee-9149-0c9108378562
Origin
https://showroom.inflowinventory.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 06:04:24 GMT
strict-transport-security
max-age=7776000
content-security-policy
frame-ancestors 'self' https://accounts.inflowinventory.com;frame-src 'self' https://accounts.inflowinventory.com https://js.stripe.com/ https://libs.na.bambora.com/
last-modified
Tue, 01 Aug 2023 12:22:14 GMT
etag
"1d9c472cdab4a84"
report-to
{"group":"default","max_age":31536000,"endpoints":[{"url":"https://inflowappprod.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type
font/woff2
accept-ranges
bytes
content-length
21892
request-context
appId=cid-v1:b026ff8e-4992-4226-b26a-5412a0a77515

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| ga object| initialReduxState object| google_tag_data object| gaplugins object| regeneratorRuntime function| Mousetrap function| setImmediate function| clearImmediate

1 Cookies

Domain/Path Name / Value
login.nmautoglass.com/ Name: crumb
Value: BYIpHOV87ykkMTJlOWQ4ODIyOTdmYmZlM2RhMmJjMGM5MjA1ZGM2

1 Console Messages

Source Level URL
Text
network error URL: https://showroom.inflowinventory.com/dist/styles.css
Message:
Failed to load resource: the server responded with a status of 500 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' https://accounts.inflowinventory.com;frame-src 'self' https://accounts.inflowinventory.com https://js.stripe.com/ https://libs.na.bambora.com/
Strict-Transport-Security max-age=7776000