urlscan.io logo urlscan.io
SecurityTrails logo

auth-server.staging-beyondlabz.com Open in urlscan Pro
137.184.245.111  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://auth-server.staging-beyondlabz.com/
Effective URL: https://auth-server.staging-beyondlabz.com/interaction/97OuVHh_xnpcKE69ffjyK
Submission Tags: @ecarlesi possiblethreat #possiblethreat #@ecarlesi Search All
Submission: On November 14 via api from SG — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 7 domains to perform 30 HTTP transactions. The main IP is 137.184.245.111, located in Santa Clara, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is auth-server.staging-beyondlabz.com.
TLS certificate: Issued by E1 on November 7th 2023. Valid for: 3 months.
This is the only time auth-server.staging-beyondlabz.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

10    137.184.245.111 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
auth-server.staging-beyondlabz.com
5    2600:9000:2003:2e00:6:1289:fdc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
gibbs.staging-beyondlabz.com
2    2404:6800:4003:c02::5f (Singapore, Singapore)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2404:6800:4003:c1c::61 (Singapore, Singapore)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    35.180.145.57 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-180-145-57.eu-west-3.compute.amazonaws.com
stonly.com
1    2404:6800:4003:c11::71 (Singapore, Singapore)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    65.9.66.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-103.fra56.r.cloudfront.net
s.stonly.com
1    2600:9000:229f:800:1a:b364:9280:93a1 (United States)

ASN16509 (AMAZON-02, US)
public.beyondlabz.com
1    52.47.44.97 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-47-44-97.eu-west-3.compute.amazonaws.com
api.stonly.com
2    2404:6800:4003:c11::5e (Singapore, Singapore)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
15 staging-beyondlabz.com
auth-server.staging-beyondlabz.com
gibbs.staging-beyondlabz.com
2 MB
7 stonly.com
stonly.com — Cisco Umbrella Rank: 32551
s.stonly.com — Cisco Umbrella Rank: 51930
api.stonly.com — Cisco Umbrella Rank: 35081 Failed
140 KB
2 gstatic.com
fonts.gstatic.com
31 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
145 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
2 KB
1 beyondlabz.com
public.beyondlabz.com
77 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
263 B
30 7
Domain Requested by
10 auth-server.staging-beyondlabz.com 3 redirects gibbs.staging-beyondlabz.com
auth-server.staging-beyondlabz.com
5 stonly.com gibbs.staging-beyondlabz.com
stonly.com
5 gibbs.staging-beyondlabz.com gibbs.staging-beyondlabz.com
2 fonts.gstatic.com fonts.googleapis.com
2 www.googletagmanager.com gibbs.staging-beyondlabz.com
www.googletagmanager.com
2 fonts.googleapis.com gibbs.staging-beyondlabz.com
auth-server.staging-beyondlabz.com
1 api.stonly.com stonly.com
1 public.beyondlabz.com gibbs.staging-beyondlabz.com
1 s.stonly.com stonly.com
1 www.google-analytics.com www.googletagmanager.com
30 10

This site contains links to these domains. Also see Links.

Domain
d3znl86qux8qx.cloudfront.net
public.staging-beyondlabz.com
www.beyondlabz.com
Subject Issuer Validity Valid
*.beyondlabz.com
Amazon RSA 2048 M03		 2023-11-06 -
2024-12-04		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
stonly.com
R3		 2023-10-19 -
2024-01-17		 3 months crt.sh
*.staging-beyondlabz.com
E1		 2023-11-07 -
2024-02-05		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://auth-server.staging-beyondlabz.com/interaction/97OuVHh_xnpcKE69ffjyK
Frame ID: 8B8A61AF5DA9D3FD27A89EB89AF26FFB
Requests: 28 HTTP requests in this frame

Frame: https://s.stonly.com/stonly-stat-id.html?widgetId=5b80a1d8-6ee3-11ec-82f1-064cee365e5a&v=1.5
Frame ID: F2B287C1F0101B0E9D73761562191158
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign-in

Page URL History Show full URLs

  1. http://auth-server.staging-beyondlabz.com/ HTTP 307
    https://auth-server.staging-beyondlabz.com/ HTTP 302
    https://gibbs.staging-beyondlabz.com/ Page URL
  2. https://auth-server.staging-beyondlabz.com/auth?client_id=gibbs_staging_bl_app&redirect_uri=https%3A%2F%2Fgibbs.staging... HTTP 302
    https://auth-server.staging-beyondlabz.com/interaction/97OuVHh_xnpcKE69ffjyK Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

30
Requests

90 %
HTTPS

60 %
IPv6

7
Domains

10
Subdomains

11
IPs

3
Countries

2224 kB
Transfer

4731 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://auth-server.staging-beyondlabz.com/ HTTP 307
    https://auth-server.staging-beyondlabz.com/ HTTP 302
    https://gibbs.staging-beyondlabz.com/ Page URL
  2. https://auth-server.staging-beyondlabz.com/auth?client_id=gibbs_staging_bl_app&redirect_uri=https%3A%2F%2Fgibbs.staging-beyondlabz.com%2Fcallback.html&response_type=id_token%20token&scope=openid%20profile%20user%20licenses%20roles%20reseller%20reseller_admin%20lms_token%20blsupport&state=2105f6605c5445e4bef0d46cddd08ff9&nonce=053f98b7b4974354b82e7ca7391eaee9 HTTP 302
    https://auth-server.staging-beyondlabz.com/interaction/97OuVHh_xnpcKE69ffjyK Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://auth-server.staging-beyondlabz.com/ HTTP 307
  • https://auth-server.staging-beyondlabz.com/ HTTP 302
  • https://gibbs.staging-beyondlabz.com/

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
gibbs.staging-beyondlabz.com/
Redirect Chain
  • http://auth-server.staging-beyondlabz.com/
  • https://auth-server.staging-beyondlabz.com/
  • https://gibbs.staging-beyondlabz.com/
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gibbs.staging-beyondlabz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2003:2e00:6:1289:fdc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f2e7b835799f86d97bb2960484ed81ad5703cae61e634e050ca3055dee7d0f94

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

content-encoding
br
content-type
text/html
date
Tue, 14 Nov 2023 00:12:38 GMT
etag
W/"f8f71200273fa1ec9c76ea53cf098da9"
last-modified
Mon, 30 Oct 2023 23:39:14 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 3d1e30eb4cc84a00e30ba5e6b067e3f6.cloudfront.net (CloudFront)
x-amz-cf-id
FFLk0vX5PpYQIOgc1ePjnKw-dmNxZOTMXJIG3Xk3wMjRFBKsSxjiQw==
x-amz-cf-pop
SIN2-C1
x-cache
Miss from cloudfront

Redirect headers

content-length
118
content-type
text/html; charset=utf-8
date
Tue, 14 Nov 2023 00:12:36 GMT
location
https://gibbs.staging-beyondlabz.com/
vary
Accept
x-powered-by
Express
index.44488e28.js
gibbs.staging-beyondlabz.com/assets/ 		506 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gibbs.staging-beyondlabz.com/assets/index.44488e28.js
Requested by
Host: gibbs.staging-beyondlabz.com
URL: https://gibbs.staging-beyondlabz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2003:2e00:6:1289:fdc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7411a0a0ee44d37b5c7a12f494b84ee122d2621a98ace4c78e66b40ab4897855

Request headers

Referer
https://gibbs.staging-beyondlabz.com/
Origin
https://gibbs.staging-beyondlabz.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:12:38 GMT
content-encoding
gzip
via
1.1 3d1e30eb4cc84a00e30ba5e6b067e3f6.cloudfront.net (CloudFront)
last-modified
Mon, 30 Oct 2023 23:39:14 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-C1
etag
W/"2ee2c1c5742673068e709145e5257c2d"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/javascript
x-amz-cf-id
xRT7FmYqMgki_NFthBBy7qXCTQoocyzU57aLau4KoDk2UEb7o5ojdg==
vendor.0244068a.js
gibbs.staging-beyondlabz.com/assets/ 		2 MB
530 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gibbs.staging-beyondlabz.com/assets/vendor.0244068a.js
Requested by
Host: gibbs.staging-beyondlabz.com
URL: https://gibbs.staging-beyondlabz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2003:2e00:6:1289:fdc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f51a0ed30d9afb135e90bc7e2b5276747744e1eb2d7da4b3cdd30e79833fee8f

Request headers

Referer
https://gibbs.staging-beyondlabz.com/
Origin
https://gibbs.staging-beyondlabz.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:12:38 GMT
content-encoding
br
via
1.1 3d1e30eb4cc84a00e30ba5e6b067e3f6.cloudfront.net (CloudFront)
last-modified
Mon, 30 Oct 2023 23:39:14 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-C1
etag
W/"75249bf9f44557f5ba9ccabeb4a4e503"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript
x-amz-cf-id
kUp-HyJYL-ZbBgYFF-0vZv9dX_IcF6S_3xR5IaPe8qaYAx1CcQSqMQ==
vendor.99bacb60.css
gibbs.staging-beyondlabz.com/assets/ 		2 KB
889 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gibbs.staging-beyondlabz.com/assets/vendor.99bacb60.css
Requested by
Host: gibbs.staging-beyondlabz.com
URL: https://gibbs.staging-beyondlabz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2003:2e00:6:1289:fdc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
463a4eaea7fadca9509059caee3c667f5e89a5ec4ff532769d5b653f2c0a2c5c

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://gibbs.staging-beyondlabz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:12:38 GMT
content-encoding
br
via
1.1 3d1e30eb4cc84a00e30ba5e6b067e3f6.cloudfront.net (CloudFront)
last-modified
Mon, 30 Oct 2023 23:39:14 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-C1
etag
W/"3dffa68d2cb5abc4680c98387957152a"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
x-amz-cf-id
bS_xUjax85KJ3Ve9aRks5YCot0goeKnmIvvsL8lENqc5IOcqiPmxGA==
index.a6b8cac2.css
gibbs.staging-beyondlabz.com/assets/ 		550 KB
86 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gibbs.staging-beyondlabz.com/assets/index.a6b8cac2.css
Requested by
Host: gibbs.staging-beyondlabz.com
URL: https://gibbs.staging-beyondlabz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2003:2e00:6:1289:fdc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a21ddfa83e07085a4343a181a90bb31a413aa3c0aae03c424cd3e5e30b1021a1

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://gibbs.staging-beyondlabz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:12:38 GMT
content-encoding
gzip
via
1.1 3d1e30eb4cc84a00e30ba5e6b067e3f6.cloudfront.net (CloudFront)
last-modified
Mon, 30 Oct 2023 23:39:14 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-C1
etag
W/"8be5d24b0c34b4c90b40f9c0c4cf8f9b"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/css
x-amz-cf-id
2NKOkiu8k6uTlHdzS3SYaATMP9gUD7cyTDbcP9wwCM4iRomD60Zskg==
css
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: gibbs.staging-beyondlabz.com
URL: https://gibbs.staging-beyondlabz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c02::5f Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4ddf6973fa3421cc10d8946187a761c0317632b66442c3d20c736024fba1029f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://gibbs.staging-beyondlabz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 14 Nov 2023 00:12:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 00:01:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 Nov 2023 00:12:37 GMT
gtm.js
www.googletagmanager.com/ 		175 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T77QWN6
Requested by
Host: gibbs.staging-beyondlabz.com
URL: https://gibbs.staging-beyondlabz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c1c::61 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3154411c85ad9053b93da80f4c112d92016f7df5285c79cf3e889b39378305d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://gibbs.staging-beyondlabz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:12:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
63158
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 14 Nov 2023 00:12:37 GMT
version
stonly.com/js/widget/v2/ 		8 B
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stonly.com/js/widget/v2/version?v=1699920757197
Requested by
Host: gibbs.staging-beyondlabz.com
URL: https://gibbs.staging-beyondlabz.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
35.180.145.57 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-180-145-57.eu-west-3.compute.amazonaws.com
Software
nginx /
Resource Hash
4f3d70eb16f3447936c56a7ff78318e9df96626814800332669e9ab753512dfc

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://gibbs.staging-beyondlabz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 00:12:37 GMT
Last-Modified
Thu, 09 Nov 2023 11:32:15 GMT
Server
nginx
ETag
"654cc33f-8"
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8
Expires
Thu, 01 Jan 1970 00:00:01 GMT
stn.js
stonly.com/js/tracker/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stonly.com/js/tracker/stn.js
Requested by
Host: gibbs.staging-beyondlabz.com
URL: https://gibbs.staging-beyondlabz.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
35.180.145.57 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-180-145-57.eu-west-3.compute.amazonaws.com
Software
nginx /
Resource Hash
396a89f28490faefdf4ebe5a90dab186e693379ca543122092cf71f60ae073e8

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://gibbs.staging-beyondlabz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 00:12:37 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Nov 2023 11:31:21 GMT
Server
nginx
ETag
W/"654cc309-7389"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Connection
keep-alive
Expires
Tue, 28 Nov 2023 00:12:37 GMT
js
www.googletagmanager.com/gtag/ 		240 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-9JDRRMVE5C&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T77QWN6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c1c::61 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
93063d9c911e80e76e100e2fabf7534fc7ecf8f368f63fc1ff9672b8308fb5d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://gibbs.staging-beyondlabz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:12:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85249
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 14 Nov 2023 00:12:37 GMT
collect
www.google-analytics.com/g/ 		0
263 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-9JDRRMVE5C&gtm=45je3b81v871905571z8849949581&_p=1699920757196&gcd=11l1l1l1l1&dma=0&cid=150541777.1699920757&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699920757&sct=1&seg=0&dl=https%3A%2F%2Fgibbs.staging-beyondlabz.com%2F&dt=Beyond%20Labz%20Portal&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1504
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9JDRRMVE5C&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c11::71 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://gibbs.staging-beyondlabz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 00:12:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://gibbs.staging-beyondlabz.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
stonly-widget.js
stonly.com/js/widget/v2/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stonly.com/js/widget/v2/stonly-widget.js?v=ffd59196
Requested by
Host: gibbs.staging-beyondlabz.com
URL: https://gibbs.staging-beyondlabz.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
35.180.145.57 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-180-145-57.eu-west-3.compute.amazonaws.com
Software
nginx /
Resource Hash
bcc1d1e69a04e232f0c472580f45a978ef638ec9a86434edc803bd9d998e30d8

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://gibbs.staging-beyondlabz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 00:12:37 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Nov 2023 11:32:15 GMT
Server
nginx
ETag
W/"654cc33f-9c93"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Connection
keep-alive
Expires
Tue, 28 Nov 2023 00:12:37 GMT
vendors~widget-6a10b4723bf3a3343a8a.stonly.js
stonly.com/js/widget/v2/ 		179 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stonly.com/js/widget/v2/vendors~widget-6a10b4723bf3a3343a8a.stonly.js
Requested by
Host: stonly.com
URL: https://stonly.com/js/widget/v2/stonly-widget.js?v=ffd59196
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
35.180.145.57 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-180-145-57.eu-west-3.compute.amazonaws.com
Software
nginx /
Resource Hash
c62370c1f168c29ef078fe65730f0c85dc2ea3f12187b4e9896a0598aacd92b6

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://gibbs.staging-beyondlabz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 00:12:38 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Nov 2023 11:32:15 GMT
Server
nginx
ETag
W/"654cc33f-2cd57"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Connection
keep-alive
Expires
Tue, 28 Nov 2023 00:12:38 GMT
widget-dd070e0e1e9056ff3a05.stonly.js
stonly.com/js/widget/v2/ 		169 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stonly.com/js/widget/v2/widget-dd070e0e1e9056ff3a05.stonly.js
Requested by
Host: stonly.com
URL: https://stonly.com/js/widget/v2/stonly-widget.js?v=ffd59196
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
35.180.145.57 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-180-145-57.eu-west-3.compute.amazonaws.com
Software
nginx /
Resource Hash
6e2a3d760ddbae53879b82cae2fceb861fa5a4c31576cd1f2d60824dcfe0dadb

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://gibbs.staging-beyondlabz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 00:12:38 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Nov 2023 11:32:15 GMT
Server
nginx
ETag
W/"654cc33f-2a2e4"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=1209600
Connection
keep-alive
Expires
Tue, 28 Nov 2023 00:12:38 GMT
stonly-stat-id.html
s.stonly.com/ Frame F2B2 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.stonly.com/stonly-stat-id.html?widgetId=5b80a1d8-6ee3-11ec-82f1-064cee365e5a&v=1.5
Requested by
Host: stonly.com
URL: https://stonly.com/js/widget/v2/widget-dd070e0e1e9056ff3a05.stonly.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-103.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1290c09b37acd3340000035d9cd01338f557e85d46748202ecefe02cfae9a343

Request headers

Referer
https://gibbs.staging-beyondlabz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

age
62087
content-encoding
br
content-type
text/html
date
Mon, 13 Nov 2023 06:57:53 GMT
etag
W/"b714291e1f3178ac2a5d4e3c7974d64b"
last-modified
Wed, 08 Nov 2023 09:37:13 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 6165dcc1fdf84ac65e8204c05709f1ca.cloudfront.net (CloudFront)
x-amz-cf-id
X4xf4BxwtaCNg14I1msNWyz6JhZft1GRB_24YgwcknkD2RvW1tQypA==
x-amz-cf-pop
FRA56-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
openid-configuration
auth-server.staging-beyondlabz.com/.well-known/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://auth-server.staging-beyondlabz.com/.well-known/openid-configuration
Requested by
Host: gibbs.staging-beyondlabz.com
URL: https://gibbs.staging-beyondlabz.com/assets/vendor.0244068a.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
137.184.245.111 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/ Express
Resource Hash

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://gibbs.staging-beyondlabz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin
https://gibbs.staging-beyondlabz.com
date
Tue, 14 Nov 2023 00:12:39 GMT
x-powered-by
Express
content-length
2433
vary
Origin
content-type
application/json; charset=utf-8
BL_lab_loading.gif
public.beyondlabz.com/images/ 		76 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://public.beyondlabz.com/images/BL_lab_loading.gif
Requested by
Host: gibbs.staging-beyondlabz.com
URL: https://gibbs.staging-beyondlabz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:229f:800:1a:b364:9280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
71e14dad88d56965706565463c7d65d5fce52388c7d803fb679e5977263b3c32

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://gibbs.staging-beyondlabz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:12:40 GMT
via
1.1 d74ff44bb3d68115cb0aef895f2ee456.cloudfront.net (CloudFront)
last-modified
Fri, 23 Jun 2023 20:25:35 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P1
etag
"23c834c5dac450ff718a3ace98d9afae"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/gif
content-length
78155
x-amz-cf-id
kEyf2rFgF3x_9LJ9EyxmTtVgT-OVDJ0s22Gbpztq20s2VQ3W-rwhbg==
identify
api.stonly.com/api/v1/targeting/ 		0
0
identify
api.stonly.com/api/v1/targeting/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.stonly.com/api/v1/targeting/identify
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.47.44.97 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-47-44-97.eu-west-3.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,timestamp
Access-Control-Request-Method
POST
Origin
https://gibbs.staging-beyondlabz.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,timestamp
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://gibbs.staging-beyondlabz.com
cache-control
no-cache
date
Tue, 14 Nov 2023 00:12:39 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
referrer-policy
strict-origin-when-cross-origin
server
nginx
strict-transport-security
max-age=2592000;
vary
Origin, Access-Control-Request-Headers
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Primary Request 97OuVHh_xnpcKE69ffjyK
auth-server.staging-beyondlabz.com/interaction/
Redirect Chain
  • https://auth-server.staging-beyondlabz.com/auth?client_id=gibbs_staging_bl_app&redirect_uri=https%3A%2F%2Fgibbs.staging-beyondlabz.com%2Fcallback.html&response_type=id_token%20token&scope=openid%20...
  • https://auth-server.staging-beyondlabz.com/interaction/97OuVHh_xnpcKE69ffjyK
9 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://auth-server.staging-beyondlabz.com/interaction/97OuVHh_xnpcKE69ffjyK
Requested by
Host: gibbs.staging-beyondlabz.com
URL: https://gibbs.staging-beyondlabz.com/assets/vendor.0244068a.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
137.184.245.111 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/ Express
Resource Hash
30298aa05d936c20029a7e585410c4228ad3ecd3f71e914a4414af7fda7d0dab

Request headers

Referer
https://gibbs.staging-beyondlabz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
no-cache, no-store
content-length
9456
content-type
text/html; charset=utf-8
date
Tue, 14 Nov 2023 00:12:39 GMT
etag
W/"24f0-6Ei+nwpNaZrPkz/D8wycUYSdkoE"
pragma
no-cache
x-powered-by
Express

Redirect headers

cache-control
no-cache, no-store
content-length
99
content-type
text/html; charset=utf-8
date
Tue, 14 Nov 2023 00:12:39 GMT
location
/interaction/97OuVHh_xnpcKE69ffjyK
pragma
no-cache
x-powered-by
Express
collect
www.google-analytics.com/g/ 		0
0
collect
www.google-analytics.com/g/ 		0
0
css
fonts.googleapis.com/ 		4 KB
752 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,100
Requested by
Host: auth-server.staging-beyondlabz.com
URL: https://auth-server.staging-beyondlabz.com/interaction/97OuVHh_xnpcKE69ffjyK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c02::5f Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
569f84430f3b5e767103f3cea68d34fcee3a01ac1bf1a46a63d3b615ed2a5b56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://auth-server.staging-beyondlabz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 14 Nov 2023 00:12:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 00:12:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 Nov 2023 00:12:39 GMT
styles.css
auth-server.staging-beyondlabz.com/static/ 		4 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth-server.staging-beyondlabz.com/static/styles.css
Requested by
Host: auth-server.staging-beyondlabz.com
URL: https://auth-server.staging-beyondlabz.com/interaction/97OuVHh_xnpcKE69ffjyK
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
137.184.245.111 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/ Express
Resource Hash
875fa892d708c4fff09f397800cd9916aaca12d92913e01967ce36d0e4a9bd4d

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://auth-server.staging-beyondlabz.com/interaction/97OuVHh_xnpcKE69ffjyK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:12:39 GMT
last-modified
Wed, 01 Feb 2023 17:48:16 GMT
x-powered-by
Express
etag
W/"11ae-1860e17f300"
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
content-length
4526
logo.png
auth-server.staging-beyondlabz.com/static/images/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://auth-server.staging-beyondlabz.com/static/images/logo.png
Requested by
Host: auth-server.staging-beyondlabz.com
URL: https://auth-server.staging-beyondlabz.com/interaction/97OuVHh_xnpcKE69ffjyK
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
137.184.245.111 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/ Express
Resource Hash
f8e44f646a983aeae758b39649e8d27931aabaf60e013bf5737ea94bc121c41a

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://auth-server.staging-beyondlabz.com/interaction/97OuVHh_xnpcKE69ffjyK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:12:40 GMT
last-modified
Wed, 01 Feb 2023 17:48:16 GMT
x-powered-by
Express
etag
W/"bcc0-1860e17f300"
content-type
image/png
cache-control
public, max-age=0
accept-ranges
bytes
content-length
48320
register_logo.svg
auth-server.staging-beyondlabz.com/static/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://auth-server.staging-beyondlabz.com/static/images/register_logo.svg
Requested by
Host: auth-server.staging-beyondlabz.com
URL: https://auth-server.staging-beyondlabz.com/interaction/97OuVHh_xnpcKE69ffjyK
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
137.184.245.111 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/ Express
Resource Hash
f66d1755a8e46fc92ee954e476267c3ba5a3adca2168f622a0e02ec4f371b35c

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://auth-server.staging-beyondlabz.com/interaction/97OuVHh_xnpcKE69ffjyK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:12:40 GMT
last-modified
Wed, 01 Feb 2023 17:48:16 GMT
x-powered-by
Express
etag
W/"ee9-1860e17f300"
content-type
image/svg+xml
cache-control
public, max-age=0
accept-ranges
bytes
content-length
3817
randomizeBg.js
auth-server.staging-beyondlabz.com/static/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth-server.staging-beyondlabz.com/static/randomizeBg.js
Requested by
Host: auth-server.staging-beyondlabz.com
URL: https://auth-server.staging-beyondlabz.com/interaction/97OuVHh_xnpcKE69ffjyK
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
137.184.245.111 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/ Express
Resource Hash
b5f49e7bd7789290fe2d66d8800c1069ceef8835219892e7765837f834c24866

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://auth-server.staging-beyondlabz.com/interaction/97OuVHh_xnpcKE69ffjyK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:12:40 GMT
last-modified
Wed, 01 Feb 2023 17:48:16 GMT
x-powered-by
Express
etag
W/"c4c-1860e17f300"
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
content-length
3148
KFOkCnqEu92Fr1MmgVxIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1MmgVxIIzI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c11::5e Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f303f31706d39866cced9dcc17b61fb8423674278d7f6051d66b3a79ffbca18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://auth-server.staging-beyondlabz.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 18:04:33 GMT
x-content-type-options
nosniff
age
367686
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15764
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Nov 2024 18:04:33 GMT
registration_background.svg
auth-server.staging-beyondlabz.com/static/images/ 		1007 KB
1007 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://auth-server.staging-beyondlabz.com/static/images/registration_background.svg
Requested by
Host: auth-server.staging-beyondlabz.com
URL: https://auth-server.staging-beyondlabz.com/static/styles.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
137.184.245.111 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/ Express
Resource Hash
a2ab03f17060b505589adb284a3f1d3c67e6fde0e350f05b9d1eef6f01ba7e23

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://auth-server.staging-beyondlabz.com/static/styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 00:12:40 GMT
last-modified
Wed, 01 Feb 2023 17:48:16 GMT
x-powered-by
Express
etag
W/"fbbae-1860e17f300"
content-type
image/svg+xml
cache-control
public, max-age=0
accept-ranges
bytes
content-length
1031086
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c11::5e Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://auth-server.staging-beyondlabz.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 17:42:48 GMT
x-content-type-options
nosniff
age
368992
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Nov 2024 17:42:48 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.stonly.com
URL
https://api.stonly.com/api/v1/targeting/identify
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/g/collect?v=2&tid=G-9JDRRMVE5C&gtm=45je3b81v871905571&_p=1699920757196&gcd=11l1l1l1l1&dma=0&cid=150541777.1699920757&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1699920757&sct=1&seg=0&dl=https%3A%2F%2Fgibbs.staging-beyondlabz.com%2F&dt=Beyond%20Labz%20Portal&en=scroll&epn.percent_scrolled=90&_et=8&tfd=4068
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/g/collect?v=2&tid=G-9JDRRMVE5C&gtm=45je3b81v871905571&_p=1699920757196&gcd=11l1l1l1l1&dma=0&cid=150541777.1699920757&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=3&sid=1699920757&sct=1&seg=0&dl=https%3A%2F%2Fgibbs.staging-beyondlabz.com%2F&dt=Beyond%20Labz%20Portal&en=user_engagement&_et=2551&tfd=4069

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| setCookie function| getCookie function| eraseCookie function| rotateBackground function| init function| checkRememberMe

7 Cookies

Domain/Path Name / Value
auth-server.staging-beyondlabz.com/interaction/97OuVHh_xnpcKE69ffjyK Name: _interaction
Value: 97OuVHh_xnpcKE69ffjyK
auth-server.staging-beyondlabz.com/interaction/97OuVHh_xnpcKE69ffjyK Name: _interaction.sig
Value: YRLmD2oNYoawwvNdInUO2M2kqOE
auth-server.staging-beyondlabz.com/auth/97OuVHh_xnpcKE69ffjyK Name: _interaction_resume
Value: 97OuVHh_xnpcKE69ffjyK
auth-server.staging-beyondlabz.com/auth/97OuVHh_xnpcKE69ffjyK Name: _interaction_resume.sig
Value: WXN-jsoiA1QYDw5QoKh-sugsMbI
.staging-beyondlabz.com/ Name: _ga
Value: GA1.1.150541777.1699920757
.staging-beyondlabz.com/ Name: blz-redirect
Value: https%3A%2F%2Fgibbs.staging-beyondlabz.com%2F
.staging-beyondlabz.com/ Name: _ga_9JDRRMVE5C
Value: GS1.1.1699920757.1.0.1699920759.0.0.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.stonly.com
auth-server.staging-beyondlabz.com
fonts.googleapis.com
fonts.gstatic.com
gibbs.staging-beyondlabz.com
public.beyondlabz.com
s.stonly.com
stonly.com
www.google-analytics.com
www.googletagmanager.com
api.stonly.com
www.google-analytics.com
137.184.245.111
2404:6800:4003:c02::5f
2404:6800:4003:c11::5e
2404:6800:4003:c11::71
2404:6800:4003:c1c::61
2600:9000:2003:2e00:6:1289:fdc0:93a1
2600:9000:229f:800:1a:b364:9280:93a1
35.180.145.57
52.47.44.97
65.9.66.103
0f303f31706d39866cced9dcc17b61fb8423674278d7f6051d66b3a79ffbca18
1290c09b37acd3340000035d9cd01338f557e85d46748202ecefe02cfae9a343
30298aa05d936c20029a7e585410c4228ad3ecd3f71e914a4414af7fda7d0dab
3154411c85ad9053b93da80f4c112d92016f7df5285c79cf3e889b39378305d3
396a89f28490faefdf4ebe5a90dab186e693379ca543122092cf71f60ae073e8
463a4eaea7fadca9509059caee3c667f5e89a5ec4ff532769d5b653f2c0a2c5c
4ddf6973fa3421cc10d8946187a761c0317632b66442c3d20c736024fba1029f
4f3d70eb16f3447936c56a7ff78318e9df96626814800332669e9ab753512dfc
569f84430f3b5e767103f3cea68d34fcee3a01ac1bf1a46a63d3b615ed2a5b56
6e2a3d760ddbae53879b82cae2fceb861fa5a4c31576cd1f2d60824dcfe0dadb
71e14dad88d56965706565463c7d65d5fce52388c7d803fb679e5977263b3c32
7411a0a0ee44d37b5c7a12f494b84ee122d2621a98ace4c78e66b40ab4897855
875fa892d708c4fff09f397800cd9916aaca12d92913e01967ce36d0e4a9bd4d
93063d9c911e80e76e100e2fabf7534fc7ecf8f368f63fc1ff9672b8308fb5d7
a21ddfa83e07085a4343a181a90bb31a413aa3c0aae03c424cd3e5e30b1021a1
a2ab03f17060b505589adb284a3f1d3c67e6fde0e350f05b9d1eef6f01ba7e23
b5f49e7bd7789290fe2d66d8800c1069ceef8835219892e7765837f834c24866
bcc1d1e69a04e232f0c472580f45a978ef638ec9a86434edc803bd9d998e30d8
c62370c1f168c29ef078fe65730f0c85dc2ea3f12187b4e9896a0598aacd92b6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f2e7b835799f86d97bb2960484ed81ad5703cae61e634e050ca3055dee7d0f94
f51a0ed30d9afb135e90bc7e2b5276747744e1eb2d7da4b3cdd30e79833fee8f
f66d1755a8e46fc92ee954e476267c3ba5a3adca2168f622a0e02ec4f371b35c
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8e44f646a983aeae758b39649e8d27931aabaf60e013bf5737ea94bc121c41a