urlscan.io logo urlscan.io
SecurityTrails logo

payments-common-prod.kibana.believeintheidea.io Open in urlscan Pro
51.105.232.240  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://payments-common-prod.kibana.believeintheidea.io/
Effective URL: https://payments-common-prod.kibana.believeintheidea.io/internal/security/capture-url?next=%2F%3Fauth_provider_hint%3Dsaml1
Submission: On March 17 via automatic, source certstream-suspicious — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 18 HTTP transactions. The main IP is 51.105.232.240, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is payments-common-prod.kibana.believeintheidea.io.
TLS certificate: Issued by R3 on March 17th 2023. Valid for: 3 months.
This is the only time payments-common-prod.kibana.believeintheidea.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 19 51.105.232.240 8075 (MICROSOFT...)
18 1
Apex Domain
Subdomains		 Transfer
19 believeintheidea.io
payments-common-prod.kibana.believeintheidea.io
2 MB
18 1
Domain Requested by
19 payments-common-prod.kibana.believeintheidea.io 1 redirects payments-common-prod.kibana.believeintheidea.io
18 1

This site contains no links.

Subject Issuer Validity Valid
payments-common-prod.kibana.believeintheidea.io
R3		 2023-03-17 -
2023-06-15		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://payments-common-prod.kibana.believeintheidea.io/internal/security/capture-url?next=%2F%3Fauth_provider_hint%3Dsaml1
Frame ID: DF54A6FA0A2CCB563DE687E9355BF692
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Elastic

Page URL History Show full URLs

  1. https://payments-common-prod.kibana.believeintheidea.io/ HTTP 302
    https://payments-common-prod.kibana.believeintheidea.io/internal/security/capture-url?next=%2F%3Fauth_provider_hint%3Dsaml1 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Page Statistics

18
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

1958 kB
Transfer

10834 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://payments-common-prod.kibana.believeintheidea.io/ HTTP 302
    https://payments-common-prod.kibana.believeintheidea.io/internal/security/capture-url?next=%2F%3Fauth_provider_hint%3Dsaml1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request capture-url
payments-common-prod.kibana.believeintheidea.io/internal/security/
Redirect Chain
  • https://payments-common-prod.kibana.believeintheidea.io/
  • https://payments-common-prod.kibana.believeintheidea.io/internal/security/capture-url?next=%2F%3Fauth_provider_hint%3Dsaml1
90 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://payments-common-prod.kibana.believeintheidea.io/internal/security/capture-url?next=%2F%3Fauth_provider_hint%3Dsaml1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.105.232.240 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
df46d5973f7bcdbee5c7b33f3936ed0784b47e5394c2bbf4b49b299492818bda
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval'; worker-src blob: 'self'; style-src 'unsafe-inline' 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
private, no-cache, no-store, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'self' 'unsafe-eval'; worker-src blob: 'self'; style-src 'unsafe-inline' 'self'
content-type
text/html; charset=utf-8
date
Fri, 17 Mar 2023 11:09:51 GMT
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding

Redirect headers

cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
script-src 'self' 'unsafe-eval'; worker-src blob: 'self'; style-src 'unsafe-inline' 'self'
date
Fri, 17 Mar 2023 11:09:51 GMT
location
/internal/security/capture-url?next=%2F%3Fauth_provider_hint%3Dsaml1
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=31536000; includeSubDomains
kbn-ui-shared-deps-npm.v8.light.css
payments-common-prod.kibana.believeintheidea.io/59020/bundles/kbn-ui-shared-deps-npm/ 		291 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payments-common-prod.kibana.believeintheidea.io/59020/bundles/kbn-ui-shared-deps-npm/kbn-ui-shared-deps-npm.v8.light.css
Requested by
Host: payments-common-prod.kibana.believeintheidea.io
URL: https://payments-common-prod.kibana.believeintheidea.io/internal/security/capture-url?next=%2F%3Fauth_provider_hint%3Dsaml1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.105.232.240 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2ef7ea91d7a26760975babced0c42219f0cc8fdba25fc2019bce414f918d9820
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval'; worker-src blob: 'self'; style-src 'unsafe-inline' 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://payments-common-prod.kibana.believeintheidea.io/internal/security/capture-url?next=%2F%3Fauth_provider_hint%3Dsaml1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 11:09:51 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
content-security-policy
script-src 'self' 'unsafe-eval'; worker-src blob: 'self'; style-src 'unsafe-inline' 'self'
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
content-type
text/css; charset=utf-8
cache-control
max-age=31536000
kbn-ui-shared-deps-src.css
payments-common-prod.kibana.believeintheidea.io/59020/bundles/kbn-ui-shared-deps-src/ 		83 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payments-common-prod.kibana.believeintheidea.io/59020/bundles/kbn-ui-shared-deps-src/kbn-ui-shared-deps-src.css
Requested by
Host: payments-common-prod.kibana.believeintheidea.io
URL: https://payments-common-prod.kibana.believeintheidea.io/internal/security/capture-url?next=%2F%3Fauth_provider_hint%3Dsaml1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.105.232.240 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7977326224b9e3f624d11dc2ef56f89f793a01363fbb7f4f8f7f99b2d3e101a8
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval'; worker-src blob: 'self'; style-src 'unsafe-inline' 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://payments-common-prod.kibana.believeintheidea.io/internal/security/capture-url?next=%2F%3Fauth_provider_hint%3Dsaml1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 11:09:51 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
content-security-policy
script-src 'self' 'unsafe-eval'; worker-src blob: 'self'; style-src 'unsafe-inline' 'self'
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
content-type
text/css; charset=utf-8
cache-control
max-age=31536000
kui_light.min.css
payments-common-prod.kibana.believeintheidea.io/node_modules/@kbn/ui-framework/dist/ 		37 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payments-common-prod.kibana.believeintheidea.io/node_modules/@kbn/ui-framework/dist/kui_light.min.css
Requested by
Host: payments-common-prod.kibana.believeintheidea.io
URL: https://payments-common-prod.kibana.believeintheidea.io/internal/security/capture-url?next=%2F%3Fauth_provider_hint%3Dsaml1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.105.232.240 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b81404e000665c4e548d7572dccc5934a357dd22ad0b83f5f46bd1b54e0c633c
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval'; worker-src blob: 'self'; style-src 'unsafe-inline' 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://payments-common-prod.kibana.believeintheidea.io/internal/security/capture-url?next=%2F%3Fauth_provider_hint%3Dsaml1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 11:09:51 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
content-security-policy
script-src 'self' 'unsafe-eval'; worker-src blob: 'self'; style-src 'unsafe-inline' 'self'
last-modified
Mon, 13 Feb 2023 12:20:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
etag
"0196c794261c0c76071b1222f64b4ca216ebd33a-gzip"
vary
accept-encoding
content-type
text/css; charset=utf-8
cache-control
must-revalidate
accept-ranges
bytes
legacy_light_theme.min.css
payments-common-prod.kibana.believeintheidea.io/ui/ 		77 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payments-common-prod.kibana.believeintheidea.io/ui/legacy_light_theme.min.css
Requested by
Host: payments-common-prod.kibana.believeintheidea.io
URL: https://payments-common-prod.kibana.believeintheidea.io/internal/security/capture-url?next=%2F%3Fauth_provider_hint%3Dsaml1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.105.232.240 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
112ba6f9abac8104fdfaf624e0fc4376e79954ab8a515298e14d7623622d4127
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval'; worker-src blob: 'self'; style-src 'unsafe-inline' 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://payments-common-prod.kibana.believeintheidea.io/internal/security/capture-url?next=%2F%3Fauth_provider_hint%3Dsaml1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 11:09:51 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
content-security-policy
script-src 'self' 'unsafe-eval'; worker-src blob: 'self'; style-src 'unsafe-inline' 'self'
last-modified
Mon, 13 Feb 2023 12:20:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
etag
"8e63f7c5a6041612e93d8641f4bbea87da3f0115-gzip"
vary
accept-encoding
content-type
text/css; charset=utf-8
cache-control
must-revalidate
accept-ranges
bytes
bootstrap-anonymous.js
payments-common-prod.kibana.believeintheidea.io/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payments-common-prod.kibana.believeintheidea.io/bootstrap-anonymous.js
Requested by
Host: payments-common-prod.kibana.believeintheidea.io
URL: https://payments-common-prod.kibana.believeintheidea.io/internal/security/capture-url?next=%2F%3Fauth_provider_hint%3Dsaml1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.105.232.240 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
38cb49bb85b51b48623d3571771abe565e34237eeb45a0a3adacfff5c535b399
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval'; worker-src blob: 'self'; style-src 'unsafe-inline' 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://payments-common-prod.kibana.believeintheidea.io/internal/security/capture-url?next=%2F%3Fauth_provider_hint%3Dsaml1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 11:09:51 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
content-security-policy
script-src 'self' 'unsafe-eval'; worker-src blob: 'self'; style-src 'unsafe-inline' 'self'
strict-transport-security
max-age=31536000; includeSubDomains
etag
"f3a5c537c73086dd73cac9861853b60cee392f4d-gzip"
vary
accept-encoding
content-type
application/javascript; charset=utf-8
cache-control
must-revalidate
content-length
1505
kbn-ui-shared-deps-npm.dll.js
payments-common-prod.kibana.believeintheidea.io/59020/bundles/kbn-ui-shared-deps-npm/ 		5 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://payments-common-prod.kibana.believeintheidea.io/59020/bundles/kbn-ui-shared-deps-npm/kbn-ui-shared-deps-npm.dll.js
Requested by
Host: payments-common-prod.kibana.believeintheidea.io
URL: https://payments-common-prod.kibana.believeintheidea.io/bootstrap-anonymous.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.105.232.240 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
45a14d47bc09013e72873bdf834ae92e33c7b198aef3dcf557f7aa525ca695c4
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval'; worker-src blob: 'self'; style-src 'unsafe-inline' 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://payments-common-prod.kibana.believeintheidea.io/internal/security/capture-url?next=%2F%3Fauth_provider_hint%3Dsaml1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 11:09:51 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
content-security-policy
script-src 'self' 'unsafe-eval'; worker-src blob: 'self'; style-src 'unsafe-inline' 'self'
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
kbn-ui-shared-deps-src.js
payments-common-prod.kibana.believeintheidea.io/59020/bundles/kbn-ui-shared-deps-src/ 		4 MB
601 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payments-common-prod.kibana.believeintheidea.io/59020/bundles/kbn-ui-shared-deps-src/kbn-ui-shared-deps-src.js
Requested by
Host: payments-common-prod.kibana.believeintheidea.io
URL: https://payments-common-prod.kibana.believeintheidea.io/bootstrap-anonymous.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.105.232.240 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4c91d5dad2eec05dce268ed5ce7400b3e05521c0022b756ac5d5176e8e0a4b1b
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval'; worker-src blob: 'self'; style-src 'unsafe-inline' 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://payments-common-prod.kibana.believeintheidea.io/internal/security/capture-url?next=%2F%3Fauth_provider_hint%3Dsaml1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 11:09:51 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
content-security-policy
script-src 'self' 'unsafe-eval'; worker-src blob: 'self'; style-src 'unsafe-inline' 'self'
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
core.entry.js
payments-common-prod.kibana.believeintheidea.io/59020/bundles/core/ 		378 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payments-common-prod.kibana.believeintheidea.io/59020/bundles/core/core.entry.js
Requested by
Host: payments-common-prod.kibana.believeintheidea.io
URL: https://payments-common-prod.kibana.believeintheidea.io/bootstrap-anonymous.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.105.232.240 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4b533d5f48d85a5c2915cd4e3e81c18d1de5eb4ee2340e1ccfe675831fd0dfc0
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval'; worker-src blob: 'self'; style-src 'unsafe-inline' 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://payments-common-prod.kibana.believeintheidea.io/internal/security/capture-url?next=%2F%3Fauth_provider_hint%3Dsaml1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 11:09:51 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
content-security-policy
script-src 'self' 'unsafe-eval'; worker-src blob: 'self'; style-src 'unsafe-inline' 'self'
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
security.plugin.js
payments-common-prod.kibana.believeintheidea.io/59020/bundles/plugin/security/8.0.0/ 		58 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payments-common-prod.kibana.believeintheidea.io/59020/bundles/plugin/security/8.0.0/security.plugin.js
Requested by
Host: payments-common-prod.kibana.believeintheidea.io
URL: https://payments-common-prod.kibana.believeintheidea.io/bootstrap-anonymous.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.105.232.240 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4e8e4e9d9252fde7e102b823a67dd474b787a0b0992e794530b7a968743b82c9
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval'; worker-src blob: 'self'; style-src 'unsafe-inline' 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://payments-common-prod.kibana.believeintheidea.io/internal/security/capture-url?next=%2F%3Fauth_provider_hint%3Dsaml1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 11:09:51 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
content-security-policy
script-src 'self' 'unsafe-eval'; worker-src blob: 'self'; style-src 'unsafe-inline' 'self'
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
esUiShared.plugin.js
payments-common-prod.kibana.believeintheidea.io/59020/bundles/plugin/esUiShared/kibana/ 		159 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payments-common-prod.kibana.believeintheidea.io/59020/bundles/plugin/esUiShared/kibana/esUiShared.plugin.js
Requested by
Host: payments-common-prod.kibana.believeintheidea.io
URL: https://payments-common-prod.kibana.believeintheidea.io/bootstrap-anonymous.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.105.232.240 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0c5fce9ec04b7c83dcb547df59cf6b0cad7dda7f8512d9ff1c55d0f7387b174a
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval'; worker-src blob: 'self'; style-src 'unsafe-inline' 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://payments-common-prod.kibana.believeintheidea.io/internal/security/capture-url?next=%2F%3Fauth_provider_hint%3Dsaml1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 11:09:51 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
content-security-policy
script-src 'self' 'unsafe-eval'; worker-src blob: 'self'; style-src 'unsafe-inline' 'self'
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
kibanaReact.plugin.js
payments-common-prod.kibana.believeintheidea.io/59020/bundles/plugin/kibanaReact/kibana/ 		52 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payments-common-prod.kibana.believeintheidea.io/59020/bundles/plugin/kibanaReact/kibana/kibanaReact.plugin.js
Requested by
Host: payments-common-prod.kibana.believeintheidea.io
URL: https://payments-common-prod.kibana.believeintheidea.io/bootstrap-anonymous.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.105.232.240 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c6fac861da26fb0c099e00e8a15343c97cd856fd29dee82c69817d11b6728770
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval'; worker-src blob: 'self'; style-src 'unsafe-inline' 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://payments-common-prod.kibana.believeintheidea.io/internal/security/capture-url?next=%2F%3Fauth_provider_hint%3Dsaml1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 11:09:51 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
content-security-policy
script-src 'self' 'unsafe-eval'; worker-src blob: 'self'; style-src 'unsafe-inline' 'self'
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
dataViews.plugin.js
payments-common-prod.kibana.believeintheidea.io/59020/bundles/plugin/dataViews/kibana/ 		45 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payments-common-prod.kibana.believeintheidea.io/59020/bundles/plugin/dataViews/kibana/dataViews.plugin.js
Requested by
Host: payments-common-prod.kibana.believeintheidea.io
URL: https://payments-common-prod.kibana.believeintheidea.io/bootstrap-anonymous.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.105.232.240 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a9ea07d27de479d5360968ae8d657184015acb91b27bc71bed3b9fd126c30930
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval'; worker-src blob: 'self'; style-src 'unsafe-inline' 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://payments-common-prod.kibana.believeintheidea.io/internal/security/capture-url?next=%2F%3Fauth_provider_hint%3Dsaml1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 11:09:51 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
content-security-policy
script-src 'self' 'unsafe-eval'; worker-src blob: 'self'; style-src 'unsafe-inline' 'self'
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
kibanaUtils.plugin.js
payments-common-prod.kibana.believeintheidea.io/59020/bundles/plugin/kibanaUtils/kibana/ 		69 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payments-common-prod.kibana.believeintheidea.io/59020/bundles/plugin/kibanaUtils/kibana/kibanaUtils.plugin.js
Requested by
Host: payments-common-prod.kibana.believeintheidea.io
URL: https://payments-common-prod.kibana.believeintheidea.io/bootstrap-anonymous.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.105.232.240 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a8176d4064d52672117e93b36e611da16851ef46e227f9b3cc5f8ca5b117645c
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval'; worker-src blob: 'self'; style-src 'unsafe-inline' 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://payments-common-prod.kibana.believeintheidea.io/internal/security/capture-url?next=%2F%3Fauth_provider_hint%3Dsaml1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 11:09:51 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
content-security-policy
script-src 'self' 'unsafe-eval'; worker-src blob: 'self'; style-src 'unsafe-inline' 'self'
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
spaces.plugin.js
payments-common-prod.kibana.believeintheidea.io/59020/bundles/plugin/spaces/8.0.0/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payments-common-prod.kibana.believeintheidea.io/59020/bundles/plugin/spaces/8.0.0/spaces.plugin.js
Requested by
Host: payments-common-prod.kibana.believeintheidea.io
URL: https://payments-common-prod.kibana.believeintheidea.io/bootstrap-anonymous.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.105.232.240 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c5978f5b4ddc63eeb0f2b543cacfc5ab82739163379b29313e7c602f6888a1da
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval'; worker-src blob: 'self'; style-src 'unsafe-inline' 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://payments-common-prod.kibana.believeintheidea.io/internal/security/capture-url?next=%2F%3Fauth_provider_hint%3Dsaml1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 11:09:51 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
content-security-policy
script-src 'self' 'unsafe-eval'; worker-src blob: 'self'; style-src 'unsafe-inline' 'self'
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
banners.plugin.js
payments-common-prod.kibana.believeintheidea.io/59020/bundles/plugin/banners/8.0.0/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payments-common-prod.kibana.believeintheidea.io/59020/bundles/plugin/banners/8.0.0/banners.plugin.js
Requested by
Host: payments-common-prod.kibana.believeintheidea.io
URL: https://payments-common-prod.kibana.believeintheidea.io/bootstrap-anonymous.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.105.232.240 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ffa6795a71d41a540d4423e65c80fb156a87493e80234c44b25739dd761454c6
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval'; worker-src blob: 'self'; style-src 'unsafe-inline' 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://payments-common-prod.kibana.believeintheidea.io/internal/security/capture-url?next=%2F%3Fauth_provider_hint%3Dsaml1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 11:09:51 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
content-security-policy
script-src 'self' 'unsafe-eval'; worker-src blob: 'self'; style-src 'unsafe-inline' 'self'
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
features.plugin.js
payments-common-prod.kibana.believeintheidea.io/59020/bundles/plugin/features/8.0.0/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payments-common-prod.kibana.believeintheidea.io/59020/bundles/plugin/features/8.0.0/features.plugin.js
Requested by
Host: payments-common-prod.kibana.believeintheidea.io
URL: https://payments-common-prod.kibana.believeintheidea.io/bootstrap-anonymous.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.105.232.240 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
74d2d4153660635e80f5cd211438699dd3b19bca41a8f638f6202b5c2ffd82f9
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval'; worker-src blob: 'self'; style-src 'unsafe-inline' 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://payments-common-prod.kibana.believeintheidea.io/internal/security/capture-url?next=%2F%3Fauth_provider_hint%3Dsaml1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 11:09:51 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
content-security-policy
script-src 'self' 'unsafe-eval'; worker-src blob: 'self'; style-src 'unsafe-inline' 'self'
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
content-length
1086
licensing.plugin.js
payments-common-prod.kibana.believeintheidea.io/59020/bundles/plugin/licensing/0.0.1/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payments-common-prod.kibana.believeintheidea.io/59020/bundles/plugin/licensing/0.0.1/licensing.plugin.js
Requested by
Host: payments-common-prod.kibana.believeintheidea.io
URL: https://payments-common-prod.kibana.believeintheidea.io/bootstrap-anonymous.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.105.232.240 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
faba46624f96a026cf6cfe4c79bfe5bc745e4318464e8e6d34473301e69e8996
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval'; worker-src blob: 'self'; style-src 'unsafe-inline' 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://payments-common-prod.kibana.believeintheidea.io/internal/security/capture-url?next=%2F%3Fauth_provider_hint%3Dsaml1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 11:09:51 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
content-security-policy
script-src 'self' 'unsafe-eval'; worker-src blob: 'self'; style-src 'unsafe-inline' 'self'
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| kbnBundlesLoader object| kbnCsp undefined| legacyBrowserError object| loadingMessage boolean| __kbnStrictCsp__ string| __kbnThemeTag__ object| __kbnPublicPath__ object| __kbnBundles__ function| __kbnSharedDeps_npm__ object| webpackJsonp_kbnSharedDeps_npm_ undefined| __kbnSharedDeps__ object| webpackJsonp_kbnSharedDeps_ function| clearImmediate function| setImmediate object| regeneratorRuntime function| jQuery function| $ object| MonacoEnvironment object| core_bundle_jsonpfunction object| security_bundle_jsonpfunction object| esUiShared_bundle_jsonpfunction object| kibanaReact_bundle_jsonpfunction object| dataViews_bundle_jsonpfunction object| kibanaUtils_bundle_jsonpfunction object| spaces_bundle_jsonpfunction

0 Cookies

1 Console Messages

Source Level URL
Text
security error URL: https://payments-common-prod.kibana.believeintheidea.io/internal/security/capture-url?next=%2F%3Fauth_provider_hint%3Dsaml1(Line 285)
Message:
Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval'". Either the 'unsafe-inline' keyword, a hash ('sha256-P5polb1UreUSOe5V/Pv7tc+yeZuJXiOi/3fqhGsU7BE='), or a nonce ('nonce-...') is required to enable inline execution.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy script-src 'self' 'unsafe-eval'; worker-src blob: 'self'; style-src 'unsafe-inline' 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains