urlscan.io logo urlscan.io
SecurityTrails logo

identity.stage.metaforcelabs.com Open in urlscan Pro
51.105.106.195  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://inncore.bettershore-customers.com/
Effective URL: https://identity.stage.metaforcelabs.com/Authentication/Login/sima?returnUrl=%2fconnect%2fauthorize%2fcallback%3fclient_id%3dsima_web%26r...
Submission: On January 12 via automatic, source certstream-suspicious — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 14 HTTP transactions. The main IP is 51.105.106.195, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is identity.stage.metaforcelabs.com.
TLS certificate: Issued by R3 on December 24th 2023. Valid for: 3 months.
This is the only time identity.stage.metaforcelabs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 188.166.132.65 14061 (DIGITALOC...)
1 2a00:1450:400... 15169 (GOOGLE)
2 8 51.105.106.195 8075 (MICROSOFT...)
1 20.60.197.33 8075 (MICROSOFT...)
14 4
Domain Requested by
8 identity.stage.metaforcelabs.com 2 redirects inncore.bettershore-customers.com
identity.stage.metaforcelabs.com
6 inncore.bettershore-customers.com inncore.bettershore-customers.com
1 staticpicture.blob.core.windows.net identity.stage.metaforcelabs.com
1 fonts.googleapis.com inncore.bettershore-customers.com
14 4

This site contains no links.

Subject Issuer Validity Valid
inncore.bettershore-customers.com
R3		 2024-01-12 -
2024-04-11		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
identity.stage.metaforcelabs.com
R3		 2023-12-24 -
2024-03-23		 3 months crt.sh
*.blob.core.windows.net
Microsoft RSA TLS CA 01		 2023-09-28 -
2024-09-28		 a year crt.sh

This page contains 1 frames:

Primary Page: https://identity.stage.metaforcelabs.com/Authentication/Login/sima?returnUrl=%2fconnect%2fauthorize%2fcallback%3fclient_id%3dsima_web%26redirect_uri%3dhttps%253a%252f%252finncore.bettershore-customers.com%252fauthentication%252fcallback%26response_type%3dcode%26scope%3dopenid%2bprofile%2bemail%2bapi.internal%2boffline_access%26state%3d80258d993946494eb609fd82afb97d1f%26code_challenge%3dEz1Qh-hvBK4D3ElGDI5xq00mBwG8C5Km8D4RQuql-Kw%26code_challenge_method%3dS256%26response_mode%3dquery
Frame ID: 61F9768B31CEA2CFBE330F31C3A70910
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Identity

Page URL History Show full URLs

  1. https://inncore.bettershore-customers.com/ Page URL
  2. https://identity.stage.metaforcelabs.com/connect/authorize?client_id=sima_web&redirect_uri=https%3A%2F%2Finncore.bett... HTTP 302
    https://identity.stage.metaforcelabs.com/Authentication/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id... HTTP 302
    https://identity.stage.metaforcelabs.com/Authentication/Login/sima?returnUrl=%2fconnect%2fauthorize%2fcallback%3fclie... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

14
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

13917 kB
Transfer

13888 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://inncore.bettershore-customers.com/ Page URL
  2. https://identity.stage.metaforcelabs.com/connect/authorize?client_id=sima_web&redirect_uri=https%3A%2F%2Finncore.bettershore-customers.com%2Fauthentication%2Fcallback&response_type=code&scope=openid%20profile%20email%20api.internal%20offline_access&state=80258d993946494eb609fd82afb97d1f&code_challenge=Ez1Qh-hvBK4D3ElGDI5xq00mBwG8C5Km8D4RQuql-Kw&code_challenge_method=S256&response_mode=query&loginBrand=sima HTTP 302
    https://identity.stage.metaforcelabs.com/Authentication/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dsima_web%26redirect_uri%3Dhttps%253A%252F%252Finncore.bettershore-customers.com%252Fauthentication%252Fcallback%26response_type%3Dcode%26scope%3Dopenid%2520profile%2520email%2520api.internal%2520offline_access%26state%3D80258d993946494eb609fd82afb97d1f%26code_challenge%3DEz1Qh-hvBK4D3ElGDI5xq00mBwG8C5Km8D4RQuql-Kw%26code_challenge_method%3DS256%26response_mode%3Dquery%26loginBrand%3Dsima HTTP 302
    https://identity.stage.metaforcelabs.com/Authentication/Login/sima?returnUrl=%2fconnect%2fauthorize%2fcallback%3fclient_id%3dsima_web%26redirect_uri%3dhttps%253a%252f%252finncore.bettershore-customers.com%252fauthentication%252fcallback%26response_type%3dcode%26scope%3dopenid%2bprofile%2bemail%2bapi.internal%2boffline_access%26state%3d80258d993946494eb609fd82afb97d1f%26code_challenge%3dEz1Qh-hvBK4D3ElGDI5xq00mBwG8C5Km8D4RQuql-Kw%26code_challenge_method%3dS256%26response_mode%3dquery Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
inncore.bettershore-customers.com/ 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://inncore.bettershore-customers.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.166.132.65 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
dbc45b3d930d1665987122ef00add6f38653a99dbc11592aed95a9d90684f001
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
content-length
3398
content-type
text/html
date
Fri, 12 Jan 2024 06:55:49 GMT
etag
"65a0e1c4-d46"
last-modified
Fri, 12 Jan 2024 06:52:52 GMT
strict-transport-security
max-age=15724800; includeSubDomains
env-config.js
inncore.bettershore-customers.com/ 		676 B
864 B 		Script
General
Check archive.org
Download Go to
Full URL
https://inncore.bettershore-customers.com/env-config.js
Requested by
Host: inncore.bettershore-customers.com
URL: https://inncore.bettershore-customers.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.166.132.65 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
5814d8aae49ae7bc927efa689984c6a556a90dc8be7c6bf44f3b818391c2ac65
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://inncore.bettershore-customers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 06:55:49 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 12 Jan 2024 06:54:09 GMT
accept-ranges
bytes
etag
"65a0e211-2a4"
content-length
676
content-type
application/javascript
css2
fonts.googleapis.com/ 		2 KB
973 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Plus+Jakarta+Sans&display=swap
Requested by
Host: inncore.bettershore-customers.com
URL: https://inncore.bettershore-customers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
940cb766c58244e684525be180aa15d9d99b705fc79855ce4a65e3b17495b922
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://inncore.bettershore-customers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 12 Jan 2024 06:55:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 12 Jan 2024 06:38:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 12 Jan 2024 06:55:49 GMT
2.a26561a6.chunk.css
inncore.bettershore-customers.com/static/css/ 		31 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://inncore.bettershore-customers.com/static/css/2.a26561a6.chunk.css
Requested by
Host: inncore.bettershore-customers.com
URL: https://inncore.bettershore-customers.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.166.132.65 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
46d75c5c7526ab74690c08e368cbfba129df1b7b2945e8d1f8bc841eb08a2512
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://inncore.bettershore-customers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 06:55:49 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 12 Jan 2024 06:52:52 GMT
accept-ranges
bytes
etag
"65a0e1c4-7c88"
content-length
31880
content-type
text/css
main.7bac441e.chunk.css
inncore.bettershore-customers.com/static/css/ 		5 MB
5 MB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://inncore.bettershore-customers.com/static/css/main.7bac441e.chunk.css
Requested by
Host: inncore.bettershore-customers.com
URL: https://inncore.bettershore-customers.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.166.132.65 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://inncore.bettershore-customers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 06:55:49 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 12 Jan 2024 06:52:52 GMT
accept-ranges
bytes
etag
"65a0e1c4-4c5afb"
content-length
5004027
content-type
text/css
2.1da72278.chunk.js
inncore.bettershore-customers.com/static/js/ 		5 MB
5 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://inncore.bettershore-customers.com/static/js/2.1da72278.chunk.js
Requested by
Host: inncore.bettershore-customers.com
URL: https://inncore.bettershore-customers.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.166.132.65 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
44d78dd7d82b53eec27e06fadf1881222057d3968288d4199a350fd33e7218a8
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://inncore.bettershore-customers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 06:55:49 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 12 Jan 2024 06:52:52 GMT
accept-ranges
bytes
etag
"65a0e1c4-556d90"
content-length
5598608
content-type
application/javascript
main.f8d3b761.chunk.js
inncore.bettershore-customers.com/static/js/ 		472 KB
473 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://inncore.bettershore-customers.com/static/js/main.f8d3b761.chunk.js
Requested by
Host: inncore.bettershore-customers.com
URL: https://inncore.bettershore-customers.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.166.132.65 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
f1753b99d18dfa786acb40de6c74d3a268c1e5dab4cbc519e384085f1e9dc408
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://inncore.bettershore-customers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 06:55:49 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 12 Jan 2024 06:52:52 GMT
accept-ranges
bytes
etag
"65a0e1c4-75fc8"
content-length
483272
content-type
application/javascript
openid-configuration
identity.stage.metaforcelabs.com/.well-known/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://identity.stage.metaforcelabs.com/.well-known/openid-configuration
Requested by
Host: inncore.bettershore-customers.com
URL: https://inncore.bettershore-customers.com/static/js/2.1da72278.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.105.106.195 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://inncore.bettershore-customers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 12 Jan 2024 06:55:50 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/json; charset=UTF-8
Primary Request sima
identity.stage.metaforcelabs.com/Authentication/Login/
Redirect Chain
  • https://identity.stage.metaforcelabs.com/connect/authorize?client_id=sima_web&redirect_uri=https%3A%2F%2Finncore.bettershore-customers.com%2Fauthentication%2Fcallback&response_type=code&scope=openi...
  • https://identity.stage.metaforcelabs.com/Authentication/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dsima_web%26redirect_uri%3Dhttps%253A%252F%252Finncore.bettershore-customers.c...
  • https://identity.stage.metaforcelabs.com/Authentication/Login/sima?returnUrl=%2fconnect%2fauthorize%2fcallback%3fclient_id%3dsima_web%26redirect_uri%3dhttps%253a%252f%252finncore.bettershore-custom...
6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://identity.stage.metaforcelabs.com/Authentication/Login/sima?returnUrl=%2fconnect%2fauthorize%2fcallback%3fclient_id%3dsima_web%26redirect_uri%3dhttps%253a%252f%252finncore.bettershore-customers.com%252fauthentication%252fcallback%26response_type%3dcode%26scope%3dopenid%2bprofile%2bemail%2bapi.internal%2boffline_access%26state%3d80258d993946494eb609fd82afb97d1f%26code_challenge%3dEz1Qh-hvBK4D3ElGDI5xq00mBwG8C5Km8D4RQuql-Kw%26code_challenge_method%3dS256%26response_mode%3dquery
Requested by
Host: inncore.bettershore-customers.com
URL: https://inncore.bettershore-customers.com/static/js/2.1da72278.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.105.106.195 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
54b41db139ec29bac0b273b901f60cb9d405d9cc816f5039307a28ecc697d75f
Security Headers
Name Value
Content-Security-Policy default-src 'self'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';img-src 'self' https://cdn2.hubspot.net/ https://staticpicture.blob.core.windows.net/ data:;
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Security-Policy default-src 'self'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';img-src 'self' https://cdn2.hubspot.net/ https://staticpicture.blob.core.windows.net/ data:;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://inncore.bettershore-customers.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-cache, no-store
content-security-policy
default-src 'self'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';img-src 'self' https://cdn2.hubspot.net/ https://staticpicture.blob.core.windows.net/ data:;
content-type
text/html; charset=utf-8
date
Fri, 12 Jan 2024 06:55:52 GMT
pragma
no-cache
referrer-policy
same-origin
strict-transport-security
max-age=15724800; includeSubDomains
x-content-security-policy
default-src 'self'; object-src 'none'; frame-ancestors 'none'; sandbox allow-forms allow-same-origin allow-scripts; base-uri 'self';img-src 'self' https://cdn2.hubspot.net/ https://staticpicture.blob.core.windows.net/ data:;
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN

Redirect headers

content-length
0
date
Fri, 12 Jan 2024 06:55:51 GMT
location
/Authentication/Login/sima?returnUrl=%2fconnect%2fauthorize%2fcallback%3fclient_id%3dsima_web%26redirect_uri%3dhttps%253a%252f%252finncore.bettershore-customers.com%252fauthentication%252fcallback%26response_type%3dcode%26scope%3dopenid%2bprofile%2bemail%2bapi.internal%2boffline_access%26state%3d80258d993946494eb609fd82afb97d1f%26code_challenge%3dEz1Qh-hvBK4D3ElGDI5xq00mBwG8C5Km8D4RQuql-Kw%26code_challenge_method%3dS256%26response_mode%3dquery
strict-transport-security
max-age=15724800; includeSubDomains
tailwindcss_v_2_2_11.css
identity.stage.metaforcelabs.com/css/ 		3 MB
3 MB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://identity.stage.metaforcelabs.com/css/tailwindcss_v_2_2_11.css
Requested by
Host: identity.stage.metaforcelabs.com
URL: https://identity.stage.metaforcelabs.com/Authentication/Login/sima?returnUrl=%2fconnect%2fauthorize%2fcallback%3fclient_id%3dsima_web%26redirect_uri%3dhttps%253a%252f%252finncore.bettershore-customers.com%252fauthentication%252fcallback%26response_type%3dcode%26scope%3dopenid%2bprofile%2bemail%2bapi.internal%2boffline_access%26state%3d80258d993946494eb609fd82afb97d1f%26code_challenge%3dEz1Qh-hvBK4D3ElGDI5xq00mBwG8C5Km8D4RQuql-Kw%26code_challenge_method%3dS256%26response_mode%3dquery
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.105.106.195 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
77a534ae422c9b88d77552479523960fd023b69439467bf2433e3a73d132ca1a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://identity.stage.metaforcelabs.com/Authentication/Login/sima?returnUrl=%2fconnect%2fauthorize%2fcallback%3fclient_id%3dsima_web%26redirect_uri%3dhttps%253a%252f%252finncore.bettershore-customers.com%252fauthentication%252fcallback%26response_type%3dcode%26scope%3dopenid%2bprofile%2bemail%2bapi.internal%2boffline_access%26state%3d80258d993946494eb609fd82afb97d1f%26code_challenge%3dEz1Qh-hvBK4D3ElGDI5xq00mBwG8C5Km8D4RQuql-Kw%26code_challenge_method%3dS256%26response_mode%3dquery
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 06:55:52 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Mon, 08 Jan 2024 22:48:59 GMT
accept-ranges
bytes
etag
"1da4284de3a7a83"
content-length
2934019
content-type
text/css
InnCore.png
staticpicture.blob.core.windows.net/publicpictures/ 		215 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staticpicture.blob.core.windows.net/publicpictures/InnCore.png
Requested by
Host: identity.stage.metaforcelabs.com
URL: https://identity.stage.metaforcelabs.com/Authentication/Login/sima?returnUrl=%2fconnect%2fauthorize%2fcallback%3fclient_id%3dsima_web%26redirect_uri%3dhttps%253a%252f%252finncore.bettershore-customers.com%252fauthentication%252fcallback%26response_type%3dcode%26scope%3dopenid%2bprofile%2bemail%2bapi.internal%2boffline_access%26state%3d80258d993946494eb609fd82afb97d1f%26code_challenge%3dEz1Qh-hvBK4D3ElGDI5xq00mBwG8C5Km8D4RQuql-Kw%26code_challenge_method%3dS256%26response_mode%3dquery
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.197.33 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
aabba6c36bcf6f546e127fb56230430c1bbb17cfbafdc04f917a2fd7fa2a1794

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-request-id
9569e39b-d01e-0016-2924-4512b5000000
Date
Fri, 12 Jan 2024 06:55:51 GMT
x-ms-version
2009-09-19
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-Length
215
Content-Type
application/xml
microsoft.png
identity.stage.metaforcelabs.com/images/providers/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://identity.stage.metaforcelabs.com/images/providers/microsoft.png
Requested by
Host: identity.stage.metaforcelabs.com
URL: https://identity.stage.metaforcelabs.com/Authentication/Login/sima?returnUrl=%2fconnect%2fauthorize%2fcallback%3fclient_id%3dsima_web%26redirect_uri%3dhttps%253a%252f%252finncore.bettershore-customers.com%252fauthentication%252fcallback%26response_type%3dcode%26scope%3dopenid%2bprofile%2bemail%2bapi.internal%2boffline_access%26state%3d80258d993946494eb609fd82afb97d1f%26code_challenge%3dEz1Qh-hvBK4D3ElGDI5xq00mBwG8C5Km8D4RQuql-Kw%26code_challenge_method%3dS256%26response_mode%3dquery
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.105.106.195 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b8e0b7c14b3d0c943bd986d5bb91196fa5551356e7453cb95849e17c89a663d0
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://identity.stage.metaforcelabs.com/Authentication/Login/sima?returnUrl=%2fconnect%2fauthorize%2fcallback%3fclient_id%3dsima_web%26redirect_uri%3dhttps%253a%252f%252finncore.bettershore-customers.com%252fauthentication%252fcallback%26response_type%3dcode%26scope%3dopenid%2bprofile%2bemail%2bapi.internal%2boffline_access%26state%3d80258d993946494eb609fd82afb97d1f%26code_challenge%3dEz1Qh-hvBK4D3ElGDI5xq00mBwG8C5Km8D4RQuql-Kw%26code_challenge_method%3dS256%26response_mode%3dquery
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 06:55:52 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Mon, 08 Jan 2024 22:48:59 GMT
accept-ranges
bytes
etag
"1da4284de16b8d5"
content-length
1877
content-type
image/png
jquery.slim.min.js
identity.stage.metaforcelabs.com/js/ 		71 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://identity.stage.metaforcelabs.com/js/jquery.slim.min.js
Requested by
Host: identity.stage.metaforcelabs.com
URL: https://identity.stage.metaforcelabs.com/Authentication/Login/sima?returnUrl=%2fconnect%2fauthorize%2fcallback%3fclient_id%3dsima_web%26redirect_uri%3dhttps%253a%252f%252finncore.bettershore-customers.com%252fauthentication%252fcallback%26response_type%3dcode%26scope%3dopenid%2bprofile%2bemail%2bapi.internal%2boffline_access%26state%3d80258d993946494eb609fd82afb97d1f%26code_challenge%3dEz1Qh-hvBK4D3ElGDI5xq00mBwG8C5Km8D4RQuql-Kw%26code_challenge_method%3dS256%26response_mode%3dquery
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.105.106.195 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
325bac0cb2483f519180bace7e5510b6c8723f44f04ff4475ec235c161a7421b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://identity.stage.metaforcelabs.com/Authentication/Login/sima?returnUrl=%2fconnect%2fauthorize%2fcallback%3fclient_id%3dsima_web%26redirect_uri%3dhttps%253a%252f%252finncore.bettershore-customers.com%252fauthentication%252fcallback%26response_type%3dcode%26scope%3dopenid%2bprofile%2bemail%2bapi.internal%2boffline_access%26state%3d80258d993946494eb609fd82afb97d1f%26code_challenge%3dEz1Qh-hvBK4D3ElGDI5xq00mBwG8C5Km8D4RQuql-Kw%26code_challenge_method%3dS256%26response_mode%3dquery
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 06:55:52 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Mon, 08 Jan 2024 22:48:59 GMT
accept-ranges
bytes
etag
"1da4284de17a54d"
content-length
72397
content-type
application/javascript
bootstrap.bundle.min.js
identity.stage.metaforcelabs.com/js/ 		79 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://identity.stage.metaforcelabs.com/js/bootstrap.bundle.min.js
Requested by
Host: identity.stage.metaforcelabs.com
URL: https://identity.stage.metaforcelabs.com/Authentication/Login/sima?returnUrl=%2fconnect%2fauthorize%2fcallback%3fclient_id%3dsima_web%26redirect_uri%3dhttps%253a%252f%252finncore.bettershore-customers.com%252fauthentication%252fcallback%26response_type%3dcode%26scope%3dopenid%2bprofile%2bemail%2bapi.internal%2boffline_access%26state%3d80258d993946494eb609fd82afb97d1f%26code_challenge%3dEz1Qh-hvBK4D3ElGDI5xq00mBwG8C5Km8D4RQuql-Kw%26code_challenge_method%3dS256%26response_mode%3dquery
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.105.106.195 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
394156ee114ed3faf968419340ecfd17f69740eb7e4f0a88d59e1f6d5bf0c34e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://identity.stage.metaforcelabs.com/Authentication/Login/sima?returnUrl=%2fconnect%2fauthorize%2fcallback%3fclient_id%3dsima_web%26redirect_uri%3dhttps%253a%252f%252finncore.bettershore-customers.com%252fauthentication%252fcallback%26response_type%3dcode%26scope%3dopenid%2bprofile%2bemail%2bapi.internal%2boffline_access%26state%3d80258d993946494eb609fd82afb97d1f%26code_challenge%3dEz1Qh-hvBK4D3ElGDI5xq00mBwG8C5Km8D4RQuql-Kw%26code_challenge_method%3dS256%26response_mode%3dquery
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 06:55:52 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Mon, 08 Jan 2024 22:48:59 GMT
accept-ranges
bytes
etag
"1da4284de1784ba"
content-length
80698
content-type
application/javascript

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| $ function| jQuery object| bootstrap

2 Cookies

Domain/Path Name / Value
identity.stage.metaforcelabs.com/ Name: login-brand
Value: sima
identity.stage.metaforcelabs.com/ Name: .Metaforce.Antiforgery
Value: CfDJ8OQxeJt7OpNHgs9qxViAP7drQr4SfLzoXoAzS2Xx1B50ujFFwu7YSLxemRlEQUM6FdtKTEe0qxY5CzdfE3Ncf5Yxg-iEkM521ApeplKq4KNjBtTDa_xdQN1QX5r83xU1_R0-QyOwjqOV8_4ALQjYPrc

3 Console Messages

Source Level URL
Text
security warning URL: https://identity.stage.metaforcelabs.com/Authentication/Login/sima?returnUrl=%2fconnect%2fauthorize%2fcallback%3fclient_id%3dsima_web%26redirect_uri%3dhttps%253a%252f%252finncore.bettershore-customers.com%252fauthentication%252fcallback%26response_type%3dcode%26scope%3dopenid%2bprofile%2bemail%2bapi.internal%2boffline_access%26state%3d80258d993946494eb609fd82afb97d1f%26code_challenge%3dEz1Qh-hvBK4D3ElGDI5xq00mBwG8C5Km8D4RQuql-Kw%26code_challenge_method%3dS256%26response_mode%3dquery
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security error URL: https://identity.stage.metaforcelabs.com/Authentication/Login/sima?returnUrl=%2fconnect%2fauthorize%2fcallback%3fclient_id%3dsima_web%26redirect_uri%3dhttps%253a%252f%252finncore.bettershore-customers.com%252fauthentication%252fcallback%26response_type%3dcode%26scope%3dopenid%2bprofile%2bemail%2bapi.internal%2boffline_access%26state%3d80258d993946494eb609fd82afb97d1f%26code_challenge%3dEz1Qh-hvBK4D3ElGDI5xq00mBwG8C5Km8D4RQuql-Kw%26code_challenge_method%3dS256%26response_mode%3dquery(Line 72)
Message:
Refused to apply inline style because it violates the following Content Security Policy directive: "default-src 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-9W1it15QVgepuA247hymT2L/w73Af1117SkUIuqgwDs='), or a nonce ('nonce-...') is required to enable inline execution. Note that hashes do not apply to event handlers, style attributes and javascript: navigations unless the 'unsafe-hashes' keyword is present. Note also that 'style-src' was not explicitly set, so 'default-src' is used as a fallback.
network error URL: https://staticpicture.blob.core.windows.net/publicpictures/InnCore.png
Message:
Failed to load resource: the server responded with a status of 404 (The specified blob does not exist.)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains