urlscan.io logo urlscan.io
SecurityTrails logo

metlife-prod.indico.domains Open in urlscan Pro
52.72.21.128  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://metlife-prod.indico.domains/
Effective URL: https://metlife-prod.indico.domains/auth
Submission: On August 11 via manual from IN — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 16 HTTP transactions. The main IP is 52.72.21.128, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is metlife-prod.indico.domains.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on August 7th 2024. Valid for: 3 months.
This is the only time metlife-prod.indico.domains was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 17 52.72.21.128 14618 (AMAZON-AES)
16 1
Apex Domain
Subdomains		 Transfer
17 indico.domains
metlife-prod.indico.domains
4 MB
16 1
Domain Requested by
17 metlife-prod.indico.domains 1 redirects metlife-prod.indico.domains
16 1

This site contains links to these domains. Also see Links.

Domain
developer.indicodata.ai
docs.indicodata.ai
Subject Issuer Validity Valid
metlife-prod.indico.domains
ZeroSSL RSA Domain Secure Site CA		 2024-08-07 -
2024-11-05		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://metlife-prod.indico.domains/auth
Frame ID: 66983D15D3DCCB2A06BC053117824470
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Intelligent Process Automation by indico

Page URL History Show full URLs

  1. http://metlife-prod.indico.domains/ HTTP 307
    https://metlife-prod.indico.domains/ HTTP 301
    http://metlife-prod.indico.domains/auth HTTP 307
    https://metlife-prod.indico.domains/auth Page URL

Page Statistics

16
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

3593 kB
Transfer

3573 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://metlife-prod.indico.domains/ HTTP 307
    https://metlife-prod.indico.domains/ HTTP 301
    http://metlife-prod.indico.domains/auth HTTP 307
    https://metlife-prod.indico.domains/auth Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request auth
metlife-prod.indico.domains/
Redirect Chain
  • http://metlife-prod.indico.domains/
  • https://metlife-prod.indico.domains/
  • http://metlife-prod.indico.domains/auth
  • https://metlife-prod.indico.domains/auth
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://metlife-prod.indico.domains/auth
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.72.21.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-21-128.compute-1.amazonaws.com
Software
/
Resource Hash
8d303795d42eff73a8515ccffa04679ad517cd35e3f3b5f2b7ba5ad09e77b929
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' https://sentry.io/ https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://*.gstatic.com https://api.mixpanel.com https://*.cloudfront.net https://maxcdn.bootstrapcdn.com https://fonts.googleapis.com/ https://cdnjs.cloudflare.com/ https://cdn.jsdelivr.net/ https://js.stripe.com/ https://api.keen.io/ https://*.appcues.com https://*.appcues.net wss://*.appcues.net wss://*.appcues.com; img-src * 'self' res.cloudinary.com twemoji.maxcdn.com data:; worker-src blob: metlife-prod.indico.domains
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-length
1459
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' https://sentry.io/ https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://*.gstatic.com https://api.mixpanel.com https://*.cloudfront.net https://maxcdn.bootstrapcdn.com https://fonts.googleapis.com/ https://cdnjs.cloudflare.com/ https://cdn.jsdelivr.net/ https://js.stripe.com/ https://api.keen.io/ https://*.appcues.com https://*.appcues.net wss://*.appcues.net wss://*.appcues.com; img-src * 'self' res.cloudinary.com twemoji.maxcdn.com data:; worker-src blob: metlife-prod.indico.domains
content-type
text/html
date
Sun, 11 Aug 2024 04:43:56 GMT
etag
"65c5a652-5b3"
feature-policy
geolocation none;midi none;notifications none;push none;sync-xhr none;microphone none;camera none;magnetometer none;gyroscope none;speaker self;vibrate none;fullscreen self;payment none;
last-modified
Fri, 09 Feb 2024 04:13:06 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
x-frame-options
DENY

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://metlife-prod.indico.domains/auth
Non-Authoritative-Reason
HSTS
app-config.js
metlife-prod.indico.domains/js/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://metlife-prod.indico.domains/js/app-config.js
Requested by
Host: metlife-prod.indico.domains
URL: https://metlife-prod.indico.domains/auth
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.72.21.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-21-128.compute-1.amazonaws.com
Software
/
Resource Hash
28e37b7b9e3772cfa5327a9ca21fc888d7725cc930ecbd1b9c91d436e7049a11
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY, DENY

Request headers

Referer
https://metlife-prod.indico.domains/auth
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 04:43:56 GMT
content-security-policy
default-src 'self'
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 08 Jun 2024 14:36:04 GMT
etag
"66646c54-48e"
x-frame-options
DENY, DENY
content-type
application/javascript
cache-control
max-age=0, no-cache
feature-policy
geolocation none;midi none;notifications none;push none;sync-xhr none;microphone none;camera none;magnetometer none;gyroscope none;speaker self;vibrate none;fullscreen self;payment none;
accept-ranges
bytes
content-length
1166
expires
Sun, 11 Aug 2024 04:43:56 GMT
index.c9a08bb1.css
metlife-prod.indico.domains/ 		5 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://metlife-prod.indico.domains/index.c9a08bb1.css
Requested by
Host: metlife-prod.indico.domains
URL: https://metlife-prod.indico.domains/auth
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.72.21.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-21-128.compute-1.amazonaws.com
Software
/
Resource Hash
2095c572dd5e9e8649782c83d54d5614f72ae60ea4a934b3343d4d47d5831937
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' https://sentry.io/ https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://*.gstatic.com https://api.mixpanel.com https://*.cloudfront.net https://maxcdn.bootstrapcdn.com https://fonts.googleapis.com/ https://cdnjs.cloudflare.com/ https://cdn.jsdelivr.net/ https://js.stripe.com/ https://api.keen.io/ https://*.appcues.com https://*.appcues.net wss://*.appcues.net wss://*.appcues.com; img-src * 'self' res.cloudinary.com twemoji.maxcdn.com data:; worker-src blob: metlife-prod.indico.domains
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://metlife-prod.indico.domains/auth
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 04:43:56 GMT
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' https://sentry.io/ https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://*.gstatic.com https://api.mixpanel.com https://*.cloudfront.net https://maxcdn.bootstrapcdn.com https://fonts.googleapis.com/ https://cdnjs.cloudflare.com/ https://cdn.jsdelivr.net/ https://js.stripe.com/ https://api.keen.io/ https://*.appcues.com https://*.appcues.net wss://*.appcues.net wss://*.appcues.com; img-src * 'self' res.cloudinary.com twemoji.maxcdn.com data:; worker-src blob: metlife-prod.indico.domains
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 09 Feb 2024 04:13:06 GMT
etag
"65c5a652-15df"
x-frame-options
DENY
content-type
text/css
feature-policy
geolocation none;midi none;notifications none;push none;sync-xhr none;microphone none;camera none;magnetometer none;gyroscope none;speaker self;vibrate none;fullscreen self;payment none;
accept-ranges
bytes
content-length
5599
index.81128eca.css
metlife-prod.indico.domains/ 		3 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://metlife-prod.indico.domains/index.81128eca.css
Requested by
Host: metlife-prod.indico.domains
URL: https://metlife-prod.indico.domains/auth
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.72.21.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-21-128.compute-1.amazonaws.com
Software
/
Resource Hash
72fbe46478a6768c4c1bcbaf17170f7a500ea1989d8e155204ae67520f93cd53
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' https://sentry.io/ https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://*.gstatic.com https://api.mixpanel.com https://*.cloudfront.net https://maxcdn.bootstrapcdn.com https://fonts.googleapis.com/ https://cdnjs.cloudflare.com/ https://cdn.jsdelivr.net/ https://js.stripe.com/ https://api.keen.io/ https://*.appcues.com https://*.appcues.net wss://*.appcues.net wss://*.appcues.com; img-src * 'self' res.cloudinary.com twemoji.maxcdn.com data:; worker-src blob: metlife-prod.indico.domains
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://metlife-prod.indico.domains/auth
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 04:43:56 GMT
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' https://sentry.io/ https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://*.gstatic.com https://api.mixpanel.com https://*.cloudfront.net https://maxcdn.bootstrapcdn.com https://fonts.googleapis.com/ https://cdnjs.cloudflare.com/ https://cdn.jsdelivr.net/ https://js.stripe.com/ https://api.keen.io/ https://*.appcues.com https://*.appcues.net wss://*.appcues.net wss://*.appcues.com; img-src * 'self' res.cloudinary.com twemoji.maxcdn.com data:; worker-src blob: metlife-prod.indico.domains
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 09 Feb 2024 04:13:06 GMT
etag
"65c5a652-d83"
x-frame-options
DENY
content-type
text/css
feature-policy
geolocation none;midi none;notifications none;push none;sync-xhr none;microphone none;camera none;magnetometer none;gyroscope none;speaker self;vibrate none;fullscreen self;payment none;
accept-ranges
bytes
content-length
3459
index.08cdeb4a.css
metlife-prod.indico.domains/ 		407 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://metlife-prod.indico.domains/index.08cdeb4a.css
Requested by
Host: metlife-prod.indico.domains
URL: https://metlife-prod.indico.domains/auth
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.72.21.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-21-128.compute-1.amazonaws.com
Software
/
Resource Hash
071091e2e8301f51486e1bb8b7505664e0853b1e8c50fe6f85909205faaa2668
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' https://sentry.io/ https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://*.gstatic.com https://api.mixpanel.com https://*.cloudfront.net https://maxcdn.bootstrapcdn.com https://fonts.googleapis.com/ https://cdnjs.cloudflare.com/ https://cdn.jsdelivr.net/ https://js.stripe.com/ https://api.keen.io/ https://*.appcues.com https://*.appcues.net wss://*.appcues.net wss://*.appcues.com; img-src * 'self' res.cloudinary.com twemoji.maxcdn.com data:; worker-src blob: metlife-prod.indico.domains
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://metlife-prod.indico.domains/auth
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 04:43:56 GMT
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' https://sentry.io/ https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://*.gstatic.com https://api.mixpanel.com https://*.cloudfront.net https://maxcdn.bootstrapcdn.com https://fonts.googleapis.com/ https://cdnjs.cloudflare.com/ https://cdn.jsdelivr.net/ https://js.stripe.com/ https://api.keen.io/ https://*.appcues.com https://*.appcues.net wss://*.appcues.net wss://*.appcues.com; img-src * 'self' res.cloudinary.com twemoji.maxcdn.com data:; worker-src blob: metlife-prod.indico.domains
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 09 Feb 2024 04:13:06 GMT
etag
"65c5a652-197"
x-frame-options
DENY
content-type
text/css
feature-policy
geolocation none;midi none;notifications none;push none;sync-xhr none;microphone none;camera none;magnetometer none;gyroscope none;speaker self;vibrate none;fullscreen self;payment none;
accept-ranges
bytes
content-length
407
index.aff25f3c.js
metlife-prod.indico.domains/ 		3 MB
3 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://metlife-prod.indico.domains/index.aff25f3c.js
Requested by
Host: metlife-prod.indico.domains
URL: https://metlife-prod.indico.domains/auth
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.72.21.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-21-128.compute-1.amazonaws.com
Software
/
Resource Hash
b69e60cb437c1706f02439fc676f5f2a05efea6fffd210ddba9e92e29129ddd7
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' https://sentry.io/ https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://*.gstatic.com https://api.mixpanel.com https://*.cloudfront.net https://maxcdn.bootstrapcdn.com https://fonts.googleapis.com/ https://cdnjs.cloudflare.com/ https://cdn.jsdelivr.net/ https://js.stripe.com/ https://api.keen.io/ https://*.appcues.com https://*.appcues.net wss://*.appcues.net wss://*.appcues.com; img-src * 'self' res.cloudinary.com twemoji.maxcdn.com data:; worker-src blob: metlife-prod.indico.domains
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://metlife-prod.indico.domains/auth
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 04:43:57 GMT
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' https://sentry.io/ https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://*.gstatic.com https://api.mixpanel.com https://*.cloudfront.net https://maxcdn.bootstrapcdn.com https://fonts.googleapis.com/ https://cdnjs.cloudflare.com/ https://cdn.jsdelivr.net/ https://js.stripe.com/ https://api.keen.io/ https://*.appcues.com https://*.appcues.net wss://*.appcues.net wss://*.appcues.com; img-src * 'self' res.cloudinary.com twemoji.maxcdn.com data:; worker-src blob: metlife-prod.indico.domains
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 09 Feb 2024 04:13:06 GMT
etag
"65c5a652-36e6b0"
x-frame-options
DENY
content-type
application/javascript
feature-policy
geolocation none;midi none;notifications none;push none;sync-xhr none;microphone none;camera none;magnetometer none;gyroscope none;speaker self;vibrate none;fullscreen self;payment none;
accept-ranges
bytes
content-length
3598000
feature_config.json
metlife-prod.indico.domains/ 		173 B
704 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://metlife-prod.indico.domains/feature_config.json
Requested by
Host: metlife-prod.indico.domains
URL: https://metlife-prod.indico.domains/index.aff25f3c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.72.21.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-21-128.compute-1.amazonaws.com
Software
/
Resource Hash
8d25bea355486c96749bb161cad646335995b2bb29fda56e190e79ef413e731a
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY, DENY

Request headers

Referer
https://metlife-prod.indico.domains/auth
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 04:43:57 GMT
content-security-policy
default-src 'self'
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 08 Jun 2024 14:36:04 GMT
etag
"66646c54-ad"
x-frame-options
DENY, DENY
content-type
application/json
access-control-allow-origin
metlife-prod.indico.domains
cache-control
max-age=0, no-cache
feature-policy
geolocation none;midi none;notifications none;push none;sync-xhr none;microphone none;camera none;magnetometer none;gyroscope none;speaker self;vibrate none;fullscreen self;payment none;
accept-ranges
bytes
content-length
173
expires
Sun, 11 Aug 2024 04:43:57 GMT
favicon.65861f58.svg
metlife-prod.indico.domains/ 		648 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://metlife-prod.indico.domains/favicon.65861f58.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.72.21.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-21-128.compute-1.amazonaws.com
Software
/
Resource Hash
69b2fb50f022ab674fa39c3d87e7ce18fd4146510bcaabca9f42620a31fabb37
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' https://sentry.io/ https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://*.gstatic.com https://api.mixpanel.com https://*.cloudfront.net https://maxcdn.bootstrapcdn.com https://fonts.googleapis.com/ https://cdnjs.cloudflare.com/ https://cdn.jsdelivr.net/ https://js.stripe.com/ https://api.keen.io/ https://*.appcues.com https://*.appcues.net wss://*.appcues.net wss://*.appcues.com; img-src * 'self' res.cloudinary.com twemoji.maxcdn.com data:; worker-src blob: metlife-prod.indico.domains
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://metlife-prod.indico.domains/auth
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 04:43:57 GMT
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' https://sentry.io/ https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://*.gstatic.com https://api.mixpanel.com https://*.cloudfront.net https://maxcdn.bootstrapcdn.com https://fonts.googleapis.com/ https://cdnjs.cloudflare.com/ https://cdn.jsdelivr.net/ https://js.stripe.com/ https://api.keen.io/ https://*.appcues.com https://*.appcues.net wss://*.appcues.net wss://*.appcues.com; img-src * 'self' res.cloudinary.com twemoji.maxcdn.com data:; worker-src blob: metlife-prod.indico.domains
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 09 Feb 2024 04:13:06 GMT
etag
"65c5a652-288"
x-frame-options
DENY
content-type
image/svg+xml
feature-policy
geolocation none;midi none;notifications none;push none;sync-xhr none;microphone none;camera none;magnetometer none;gyroscope none;speaker self;vibrate none;fullscreen self;payment none;
accept-ranges
bytes
content-length
648
LoginView.6219cdcf.js
metlife-prod.indico.domains/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://metlife-prod.indico.domains/LoginView.6219cdcf.js
Requested by
Host: metlife-prod.indico.domains
URL: https://metlife-prod.indico.domains/index.aff25f3c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.72.21.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-21-128.compute-1.amazonaws.com
Software
/
Resource Hash
de00ab68b65c40b8533415e2920e15f63b43fab0c27b2866ee1c069cd08d1d1f
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' https://sentry.io/ https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://*.gstatic.com https://api.mixpanel.com https://*.cloudfront.net https://maxcdn.bootstrapcdn.com https://fonts.googleapis.com/ https://cdnjs.cloudflare.com/ https://cdn.jsdelivr.net/ https://js.stripe.com/ https://api.keen.io/ https://*.appcues.com https://*.appcues.net wss://*.appcues.net wss://*.appcues.com; img-src * 'self' res.cloudinary.com twemoji.maxcdn.com data:; worker-src blob: metlife-prod.indico.domains
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://metlife-prod.indico.domains/auth
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 04:43:57 GMT
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' https://sentry.io/ https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://*.gstatic.com https://api.mixpanel.com https://*.cloudfront.net https://maxcdn.bootstrapcdn.com https://fonts.googleapis.com/ https://cdnjs.cloudflare.com/ https://cdn.jsdelivr.net/ https://js.stripe.com/ https://api.keen.io/ https://*.appcues.com https://*.appcues.net wss://*.appcues.net wss://*.appcues.com; img-src * 'self' res.cloudinary.com twemoji.maxcdn.com data:; worker-src blob: metlife-prod.indico.domains
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 09 Feb 2024 04:13:06 GMT
etag
"65c5a652-1669"
x-frame-options
DENY
content-type
application/javascript
feature-policy
geolocation none;midi none;notifications none;push none;sync-xhr none;microphone none;camera none;magnetometer none;gyroscope none;speaker self;vibrate none;fullscreen self;payment none;
accept-ranges
bytes
content-length
5737
LoginView.cc34ee09.js
metlife-prod.indico.domains/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://metlife-prod.indico.domains/LoginView.cc34ee09.js
Requested by
Host: metlife-prod.indico.domains
URL: https://metlife-prod.indico.domains/index.aff25f3c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.72.21.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-21-128.compute-1.amazonaws.com
Software
/
Resource Hash
8b84491d3581bcb4930de7f85b57ced1a44328764da87db3172e3d87aeffdb12
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' https://sentry.io/ https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://*.gstatic.com https://api.mixpanel.com https://*.cloudfront.net https://maxcdn.bootstrapcdn.com https://fonts.googleapis.com/ https://cdnjs.cloudflare.com/ https://cdn.jsdelivr.net/ https://js.stripe.com/ https://api.keen.io/ https://*.appcues.com https://*.appcues.net wss://*.appcues.net wss://*.appcues.com; img-src * 'self' res.cloudinary.com twemoji.maxcdn.com data:; worker-src blob: metlife-prod.indico.domains
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://metlife-prod.indico.domains/auth
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 04:43:57 GMT
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' https://sentry.io/ https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://*.gstatic.com https://api.mixpanel.com https://*.cloudfront.net https://maxcdn.bootstrapcdn.com https://fonts.googleapis.com/ https://cdnjs.cloudflare.com/ https://cdn.jsdelivr.net/ https://js.stripe.com/ https://api.keen.io/ https://*.appcues.com https://*.appcues.net wss://*.appcues.net wss://*.appcues.com; img-src * 'self' res.cloudinary.com twemoji.maxcdn.com data:; worker-src blob: metlife-prod.indico.domains
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 09 Feb 2024 04:13:06 GMT
etag
"65c5a652-be8"
x-frame-options
DENY
content-type
application/javascript
feature-policy
geolocation none;midi none;notifications none;push none;sync-xhr none;microphone none;camera none;magnetometer none;gyroscope none;speaker self;vibrate none;fullscreen self;payment none;
accept-ranges
bytes
content-length
3048
LoginView.713d1e58.js
metlife-prod.indico.domains/ 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://metlife-prod.indico.domains/LoginView.713d1e58.js
Requested by
Host: metlife-prod.indico.domains
URL: https://metlife-prod.indico.domains/index.aff25f3c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.72.21.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-21-128.compute-1.amazonaws.com
Software
/
Resource Hash
5bc0108a6b18a7f764f8fb492a7c09aab2e715a9e5b3ad5f047e45aab4ba1ac6
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' https://sentry.io/ https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://*.gstatic.com https://api.mixpanel.com https://*.cloudfront.net https://maxcdn.bootstrapcdn.com https://fonts.googleapis.com/ https://cdnjs.cloudflare.com/ https://cdn.jsdelivr.net/ https://js.stripe.com/ https://api.keen.io/ https://*.appcues.com https://*.appcues.net wss://*.appcues.net wss://*.appcues.com; img-src * 'self' res.cloudinary.com twemoji.maxcdn.com data:; worker-src blob: metlife-prod.indico.domains
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://metlife-prod.indico.domains/auth
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 04:43:57 GMT
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' https://sentry.io/ https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://*.gstatic.com https://api.mixpanel.com https://*.cloudfront.net https://maxcdn.bootstrapcdn.com https://fonts.googleapis.com/ https://cdnjs.cloudflare.com/ https://cdn.jsdelivr.net/ https://js.stripe.com/ https://api.keen.io/ https://*.appcues.com https://*.appcues.net wss://*.appcues.net wss://*.appcues.com; img-src * 'self' res.cloudinary.com twemoji.maxcdn.com data:; worker-src blob: metlife-prod.indico.domains
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 09 Feb 2024 04:13:06 GMT
etag
"65c5a652-26af"
x-frame-options
DENY
content-type
application/javascript
feature-policy
geolocation none;midi none;notifications none;push none;sync-xhr none;microphone none;camera none;magnetometer none;gyroscope none;speaker self;vibrate none;fullscreen self;payment none;
accept-ranges
bytes
content-length
9903
LoginView.80fb028d.js
metlife-prod.indico.domains/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://metlife-prod.indico.domains/LoginView.80fb028d.js
Requested by
Host: metlife-prod.indico.domains
URL: https://metlife-prod.indico.domains/index.aff25f3c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.72.21.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-21-128.compute-1.amazonaws.com
Software
/
Resource Hash
639209465394ccb7cf1c13f8b2451dc9e8ec8a3f35aa755470e6a976f4b03a01
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' https://sentry.io/ https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://*.gstatic.com https://api.mixpanel.com https://*.cloudfront.net https://maxcdn.bootstrapcdn.com https://fonts.googleapis.com/ https://cdnjs.cloudflare.com/ https://cdn.jsdelivr.net/ https://js.stripe.com/ https://api.keen.io/ https://*.appcues.com https://*.appcues.net wss://*.appcues.net wss://*.appcues.com; img-src * 'self' res.cloudinary.com twemoji.maxcdn.com data:; worker-src blob: metlife-prod.indico.domains
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://metlife-prod.indico.domains/auth
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 04:43:57 GMT
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' https://sentry.io/ https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://*.gstatic.com https://api.mixpanel.com https://*.cloudfront.net https://maxcdn.bootstrapcdn.com https://fonts.googleapis.com/ https://cdnjs.cloudflare.com/ https://cdn.jsdelivr.net/ https://js.stripe.com/ https://api.keen.io/ https://*.appcues.com https://*.appcues.net wss://*.appcues.net wss://*.appcues.com; img-src * 'self' res.cloudinary.com twemoji.maxcdn.com data:; worker-src blob: metlife-prod.indico.domains
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 09 Feb 2024 04:13:06 GMT
etag
"65c5a652-2251"
x-frame-options
DENY
content-type
application/javascript
feature-policy
geolocation none;midi none;notifications none;push none;sync-xhr none;microphone none;camera none;magnetometer none;gyroscope none;speaker self;vibrate none;fullscreen self;payment none;
accept-ranges
bytes
content-length
8785
details
metlife-prod.indico.domains/auth/users/ 		138 B
649 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://metlife-prod.indico.domains/auth/users/details
Requested by
Host: metlife-prod.indico.domains
URL: https://metlife-prod.indico.domains/index.aff25f3c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.72.21.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-21-128.compute-1.amazonaws.com
Software
/
Resource Hash
c7505373212f506ae2333f4b0957d7090e571157e32df0879d2fd0ba8a56c6d8
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
application/json
Referer
https://metlife-prod.indico.domains/auth
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 11 Aug 2024 04:43:57 GMT
strict-transport-security
max-age=15724800; includeSubDomains
accept-charset
ISO-8859-1,utf-8;q=0.7,*;q=0.7
accept-encoding
gzip,deflate
indico_host
GET /users/details (10.0.58.242)
accept-language
en-us,en;q=0.5
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://metlife-prod.indico.domains
accept
text/html,application/xhtml+xml,application/xml,application/json;q=0.9,*/*;q=0.8
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, x-xsrftoken
content-length
138
latin-noto-400.c83182d8.woff2
metlife-prod.indico.domains/ 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://metlife-prod.indico.domains/latin-noto-400.c83182d8.woff2
Requested by
Host: metlife-prod.indico.domains
URL: https://metlife-prod.indico.domains/index.c9a08bb1.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.72.21.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-21-128.compute-1.amazonaws.com
Software
/
Resource Hash
ede8a63ae7f13de45eeb9c9156f791c7ee1d588f931cc54f4d8754154cbd3a52
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' https://sentry.io/ https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://*.gstatic.com https://api.mixpanel.com https://*.cloudfront.net https://maxcdn.bootstrapcdn.com https://fonts.googleapis.com/ https://cdnjs.cloudflare.com/ https://cdn.jsdelivr.net/ https://js.stripe.com/ https://api.keen.io/ https://*.appcues.com https://*.appcues.net wss://*.appcues.net wss://*.appcues.com; img-src * 'self' res.cloudinary.com twemoji.maxcdn.com data:; worker-src blob: metlife-prod.indico.domains
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://metlife-prod.indico.domains/index.c9a08bb1.css
Origin
https://metlife-prod.indico.domains
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 04:43:57 GMT
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' https://sentry.io/ https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://*.gstatic.com https://api.mixpanel.com https://*.cloudfront.net https://maxcdn.bootstrapcdn.com https://fonts.googleapis.com/ https://cdnjs.cloudflare.com/ https://cdn.jsdelivr.net/ https://js.stripe.com/ https://api.keen.io/ https://*.appcues.com https://*.appcues.net wss://*.appcues.net wss://*.appcues.com; img-src * 'self' res.cloudinary.com twemoji.maxcdn.com data:; worker-src blob: metlife-prod.indico.domains
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 09 Feb 2024 04:13:06 GMT
etag
"65c5a652-26d8"
x-frame-options
DENY
content-type
font/woff2
feature-policy
geolocation none;midi none;notifications none;push none;sync-xhr none;microphone none;camera none;magnetometer none;gyroscope none;speaker self;vibrate none;fullscreen self;payment none;
accept-ranges
bytes
content-length
9944
xsrf
metlife-prod.indico.domains/auth/api/ 		66 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://metlife-prod.indico.domains/auth/api/xsrf
Requested by
Host: metlife-prod.indico.domains
URL: https://metlife-prod.indico.domains/index.aff25f3c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.72.21.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-21-128.compute-1.amazonaws.com
Software
/
Resource Hash
d3ebaa17998bc295f10053d3ebda94703a33be92a659cb895d910102a840bb25
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' https://sentry.io/ https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://*.gstatic.com https://api.mixpanel.com https://*.cloudfront.net https://maxcdn.bootstrapcdn.com https://fonts.googleapis.com/ https://cdnjs.cloudflare.com/ https://cdn.jsdelivr.net/ https://js.stripe.com/ https://api.keen.io/ https://*.appcues.com https://*.appcues.net wss://*.appcues.net wss://*.appcues.com; img-src * 'self' res.cloudinary.com twemoji.maxcdn.com data:; worker-src blob: metlife-prod.indico.domains
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
application/json
Referer
https://metlife-prod.indico.domains/auth
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 11 Aug 2024 04:43:57 GMT
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' https://sentry.io/ https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://*.gstatic.com https://api.mixpanel.com https://*.cloudfront.net https://maxcdn.bootstrapcdn.com https://fonts.googleapis.com/ https://cdnjs.cloudflare.com/ https://cdn.jsdelivr.net/ https://js.stripe.com/ https://api.keen.io/ https://*.appcues.com https://*.appcues.net wss://*.appcues.net wss://*.appcues.com; img-src * 'self' res.cloudinary.com twemoji.maxcdn.com data:; worker-src blob: metlife-prod.indico.domains
indico_host
GET /api/xsrf (10.0.58.242)
accept-encoding
gzip,deflate
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
accept-language
en-us,en;q=0.5
content-length
66
accept-charset
ISO-8859-1,utf-8;q=0.7,*;q=0.7
etag
"17ca9750c51516843474707113f5bd3fc0cf39b0"
x-frame-options
DENY
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://metlife-prod.indico.domains
accept
text/html,application/xhtml+xml,application/xml,application/json;q=0.9,*/*;q=0.8
access-control-allow-credentials
true
feature-policy
geolocation none;midi none;notifications none;push none;sync-xhr none;microphone none;camera none;magnetometer none;gyroscope none;speaker self;vibrate none;fullscreen self;payment none;
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, x-xsrftoken
latin-noto-700.c58cb9fb.woff2
metlife-prod.indico.domains/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://metlife-prod.indico.domains/latin-noto-700.c58cb9fb.woff2
Requested by
Host: metlife-prod.indico.domains
URL: https://metlife-prod.indico.domains/index.c9a08bb1.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.72.21.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-21-128.compute-1.amazonaws.com
Software
/
Resource Hash
693448f744bc3f7709d647cf0e9efa64ce50c54e98b816ecfb530a5590114efe
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' https://sentry.io/ https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://*.gstatic.com https://api.mixpanel.com https://*.cloudfront.net https://maxcdn.bootstrapcdn.com https://fonts.googleapis.com/ https://cdnjs.cloudflare.com/ https://cdn.jsdelivr.net/ https://js.stripe.com/ https://api.keen.io/ https://*.appcues.com https://*.appcues.net wss://*.appcues.net wss://*.appcues.com; img-src * 'self' res.cloudinary.com twemoji.maxcdn.com data:; worker-src blob: metlife-prod.indico.domains
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://metlife-prod.indico.domains/index.c9a08bb1.css
Origin
https://metlife-prod.indico.domains
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 04:43:57 GMT
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' https://sentry.io/ https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://*.gstatic.com https://api.mixpanel.com https://*.cloudfront.net https://maxcdn.bootstrapcdn.com https://fonts.googleapis.com/ https://cdnjs.cloudflare.com/ https://cdn.jsdelivr.net/ https://js.stripe.com/ https://api.keen.io/ https://*.appcues.com https://*.appcues.net wss://*.appcues.net wss://*.appcues.com; img-src * 'self' res.cloudinary.com twemoji.maxcdn.com data:; worker-src blob: metlife-prod.indico.domains
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 09 Feb 2024 04:13:06 GMT
etag
"65c5a652-25f4"
x-frame-options
DENY
content-type
font/woff2
feature-policy
geolocation none;midi none;notifications none;push none;sync-xhr none;microphone none;camera none;magnetometer none;gyroscope none;speaker self;vibrate none;fullscreen self;payment none;
accept-ranges
bytes
content-length
9716

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| indico object| ref function| parcelRequiredc43 object| regeneratorRuntime object| __SENTRY__

1 Cookies

Domain/Path Name / Value
metlife-prod.indico.domains/ Name: _xsrf
Value: 2|bf197ee2|2f91288c484afbd59d1c1fb72e2a5d51|1723351437

15 Console Messages

Source Level URL
Text
security warning
Message:
Error with Feature-Policy header: Unrecognized origin: 'none'.
security warning
Message:
Error with Feature-Policy header: Unrecognized origin: 'none'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'notifications'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'push'.
security warning
Message:
Error with Feature-Policy header: Unrecognized origin: 'none'.
security warning
Message:
Error with Feature-Policy header: Unrecognized origin: 'none'.
security warning
Message:
Error with Feature-Policy header: Unrecognized origin: 'none'.
security warning
Message:
Error with Feature-Policy header: Unrecognized origin: 'none'.
security warning
Message:
Error with Feature-Policy header: Unrecognized origin: 'none'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'speaker'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'vibrate'.
security warning
Message:
Error with Feature-Policy header: Unrecognized origin: 'self'.
security warning
Message:
Error with Feature-Policy header: Unrecognized origin: 'none'.
network error URL: https://metlife-prod.indico.domains/auth/users/details
Message:
Failed to load resource: the server responded with a status of 401 ()
recommendation verbose URL: https://metlife-prod.indico.domains/auth
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' 'unsafe-eval' 'unsafe-inline' https://sentry.io/ https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://*.gstatic.com https://api.mixpanel.com https://*.cloudfront.net https://maxcdn.bootstrapcdn.com https://fonts.googleapis.com/ https://cdnjs.cloudflare.com/ https://cdn.jsdelivr.net/ https://js.stripe.com/ https://api.keen.io/ https://*.appcues.com https://*.appcues.net wss://*.appcues.net wss://*.appcues.com; img-src * 'self' res.cloudinary.com twemoji.maxcdn.com data:; worker-src blob: metlife-prod.indico.domains
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY