b2b-login-admin.mvstg.com Open in urlscan Pro
34.150.137.202 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://b2b-login-admin.mvstg.com/
Submission: On August 09 via automatic, source certstream-suspicious (August 9th 2024, 9:42:51 am UTC) — Scanned from US

Summary HTTP 13 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 13 HTTP transactions. The main IP is 34.150.137.202, located in Washington, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is b2b-login-admin.mvstg.com.
TLS certificate: Issued by R10 on August 9th 2024. Valid for: 3 months.

This is the only time b2b-login-admin.mvstg.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	34.150.137.202 34.150.137.202	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2600:1408:540... 2600:1408:5400:4b4::523	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
13	3

8 34.150.137.202 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 202.137.150.34.bc.googleusercontent.com

b2b-login-admin.mvstg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1408:5400:4b4::523 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)

res.cloudinary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	mvstg.com b2b-login-admin.mvstg.com	32 KB
3	cloudinary.com res.cloudinary.com — Cisco Umbrella Rank: 4280	431 KB
13	2

	Domain	Requested by
8	b2b-login-admin.mvstg.com	b2b-login-admin.mvstg.com
3	res.cloudinary.com	b2b-login-admin.mvstg.com
13	2

This site contains links to these domains. Also see Links.

Domain
www.getworkway.com

Subject Issuer	Validity	Valid
b2b-login.mvstg.com R10	`2024-08-09` - `2024-11-07`	3 months	crt.sh
*.cloudinary.com Go Daddy Secure Certificate Authority - G2	`2023-12-18` - `2025-01-13`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://b2b-login-admin.mvstg.com/
Frame ID: 6944478C91763972F51A0B1E5D574ABD
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login | Workway Admin Panel

Detected technologies

Cloudinary (CDN) Expand

Overall confidence: 80%
Detected patterns

<img[^>]+\.cloudinary\.com

Page Statistics

13
Requests

85 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

462 kB
Transfer

466 kB
Size

1
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.getworkway.com/terms-of-use
Title: terms of services

Search URL Search Domain Scan URL

URL: https://www.getworkway.com/privacy-policy
Title: privacy policy

Search URL Search Domain Scan URL

URL: https://www.getworkway.com/
Title: Learn more

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
b2b-login-admin.mvstg.com/ 6 KB
8 KB 256ms
64ms Document
text/html 34.150.137.202
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://b2b-login-admin.mvstg.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.150.137.202 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

202.137.150.34.bc.googleusercontent.com

Software

Resource Hash

20cd1b08272599c0d7c75e699e7930c027cd33fe6282343ce8d5696dc4dfe1d5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' osiris.mvstg.com fonts.googleapis.com; connect-src 'self' https://res.cdn.office.net https://.mindvalley.com https://.mvstg.com https://mvstg.auth0.com https://mindvalley.auth0.com; font-src 'self' fonts.gstatic.com https://.mindvalley.com https://.mvstg.com data:; frame-src 'self' https://mvstg.auth0.com https://mindvalley.auth0.com;img-src 'self' https://.mvstg.com https://.mindvalley.com https://.swagger.io s3.amazonaws.com storage.googleapis.com https://res.cloudinary.com/mindvalley/ data:; manifest-src 'self'; media-src 'self'; frame-ancestors 'self' https://.mvstg.com https://.mindvalley.com https://b2b-login.mvstg.com https://b2b-admin.mvstg.com https://b2b-login.mindvalley.com; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' osiris.mvstg.com fonts.googleapis.com; connect-src 'self' .auth0.com .mvstg.com .mindvalley.com; font-src 'self' fonts.gstatic.com .mindvalley.com .mvstg.com data:; frame-src 'self'; img-src 'self' .mvstg.com .swagger.io s3.amazonaws.com storage.googleapis.com *.cloudinary.com data:; manifest-src 'self'; media-src 'self'; frame-ancestors 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control: max-age=0, private, must-revalidate
content-length: 6279
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' osiris.mvstg.com fonts.googleapis.com; connect-src 'self' https://res.cdn.office.net https://*.mindvalley.com https://*.mvstg.com https://mvstg.auth0.com https://mindvalley.auth0.com; font-src 'self' fonts.gstatic.com https://*.mindvalley.com https://*.mvstg.com data:; frame-src 'self' https://mvstg.auth0.com https://mindvalley.auth0.com;img-src 'self' https://*.mvstg.com https://*.mindvalley.com https://*.swagger.io s3.amazonaws.com storage.googleapis.com https://res.cloudinary.com/mindvalley/ data:; manifest-src 'self'; media-src 'self'; frame-ancestors 'self' https://*.mvstg.com https://*.mindvalley.com https://b2b-login.mvstg.com https://b2b-admin.mvstg.com https://b2b-login.mindvalley.com; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' osiris.mvstg.com fonts.googleapis.com; connect-src 'self' *.auth0.com *.mvstg.com *.mindvalley.com; font-src 'self' fonts.gstatic.com *.mindvalley.com *.mvstg.com data:; frame-src 'self'; img-src 'self' *.mvstg.com *.swagger.io s3.amazonaws.com storage.googleapis.com *.cloudinary.com data:; manifest-src 'self'; media-src 'self'; frame-ancestors 'none';
content-type: text/html; charset=utf-8
cross-origin-window-policy: deny
date: Fri, 09 Aug 2024 09:42:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: b7afb2c5e081357bdbd6af70f6d35dfd
x-xss-protection: 1; mode=block

GET tailwind-4084f056e0c7234b12e025a8ca003920.css
b2b-login-admin.mvstg.com/css/ 0
0

GET workway_login-63083d269133435a8d36a90e6f59e8b2.css
b2b-login-admin.mvstg.com/css/ 0
0

GET
H2 200 workway-logo-c69015821f2ef19b1d0e408a429fa98b.svg
b2b-login-admin.mvstg.com/images/b2b_login/ 3 KB
3 KB 106ms
104ms Image
text/html 34.150.137.202
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b2b-login-admin.mvstg.com/images/b2b_login/workway-logo-c69015821f2ef19b1d0e408a429fa98b.svg?vsn=d

Requested by

Host: b2b-login-admin.mvstg.com
URL: https://b2b-login-admin.mvstg.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.150.137.202 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

202.137.150.34.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' osiris.mvstg.com fonts.googleapis.com; connect-src 'self' https://res.cdn.office.net https://.mindvalley.com https://.mvstg.com https://mvstg.auth0.com https://mindvalley.auth0.com; font-src 'self' fonts.gstatic.com https://.mindvalley.com https://.mvstg.com data:; frame-src 'self' https://mvstg.auth0.com https://mindvalley.auth0.com;img-src 'self' https://.mvstg.com https://.mindvalley.com https://.swagger.io s3.amazonaws.com storage.googleapis.com https://res.cloudinary.com/mindvalley/ data:; manifest-src 'self'; media-src 'self'; frame-ancestors 'self' https://.mvstg.com https://.mindvalley.com https://b2b-login.mvstg.com https://b2b-admin.mvstg.com https://b2b-login.mindvalley.com;, default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' osiris.mvstg.com fonts.googleapis.com; connect-src 'self' .auth0.com .mvstg.com .mindvalley.com; font-src 'self' fonts.gstatic.com .mindvalley.com .mvstg.com data:; frame-src 'self'; img-src 'self' .mvstg.com .swagger.io s3.amazonaws.com storage.googleapis.com *.cloudinary.com data:; manifest-src 'self'; media-src 'self'; frame-ancestors 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://b2b-login-admin.mvstg.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 09:42:47 GMT
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' osiris.mvstg.com fonts.googleapis.com; connect-src 'self' https://res.cdn.office.net https://*.mindvalley.com https://*.mvstg.com https://mvstg.auth0.com https://mindvalley.auth0.com; font-src 'self' fonts.gstatic.com https://*.mindvalley.com https://*.mvstg.com data:; frame-src 'self' https://mvstg.auth0.com https://mindvalley.auth0.com;img-src 'self' https://*.mvstg.com https://*.mindvalley.com https://*.swagger.io s3.amazonaws.com storage.googleapis.com https://res.cloudinary.com/mindvalley/ data:; manifest-src 'self'; media-src 'self'; frame-ancestors 'self' https://*.mvstg.com https://*.mindvalley.com https://b2b-login.mvstg.com https://b2b-admin.mvstg.com https://b2b-login.mindvalley.com;, default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' osiris.mvstg.com fonts.googleapis.com; connect-src 'self' *.auth0.com *.mvstg.com *.mindvalley.com; font-src 'self' fonts.gstatic.com *.mindvalley.com *.mvstg.com data:; frame-src 'self'; img-src 'self' *.mvstg.com *.swagger.io s3.amazonaws.com storage.googleapis.com *.cloudinary.com data:; manifest-src 'self'; media-src 'self'; frame-ancestors 'none';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: none
cross-origin-window-policy: deny
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: max-age=0, private, must-revalidate
content-length: 6279
x-xss-protection: 1; mode=block
x-request-id: fec1c0c826ad62a2c941cfb0d6c7dc6d

GET
H2 200 eye-2f6f8764e3e73d3f1173eff353a2f5e8.svg
b2b-login-admin.mvstg.com/images/b2b_login/ 3 KB
3 KB 113ms
111ms Image
text/html 34.150.137.202
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b2b-login-admin.mvstg.com/images/b2b_login/eye-2f6f8764e3e73d3f1173eff353a2f5e8.svg?vsn=d

Requested by

Host: b2b-login-admin.mvstg.com
URL: https://b2b-login-admin.mvstg.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.150.137.202 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

202.137.150.34.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' osiris.mvstg.com fonts.googleapis.com; connect-src 'self' https://res.cdn.office.net https://.mindvalley.com https://.mvstg.com https://mvstg.auth0.com https://mindvalley.auth0.com; font-src 'self' fonts.gstatic.com https://.mindvalley.com https://.mvstg.com data:; frame-src 'self' https://mvstg.auth0.com https://mindvalley.auth0.com;img-src 'self' https://.mvstg.com https://.mindvalley.com https://.swagger.io s3.amazonaws.com storage.googleapis.com https://res.cloudinary.com/mindvalley/ data:; manifest-src 'self'; media-src 'self'; frame-ancestors 'self' https://.mvstg.com https://.mindvalley.com https://b2b-login.mvstg.com https://b2b-admin.mvstg.com https://b2b-login.mindvalley.com;, default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' osiris.mvstg.com fonts.googleapis.com; connect-src 'self' .auth0.com .mvstg.com .mindvalley.com; font-src 'self' fonts.gstatic.com .mindvalley.com .mvstg.com data:; frame-src 'self'; img-src 'self' .mvstg.com .swagger.io s3.amazonaws.com storage.googleapis.com *.cloudinary.com data:; manifest-src 'self'; media-src 'self'; frame-ancestors 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://b2b-login-admin.mvstg.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 09:42:47 GMT
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' osiris.mvstg.com fonts.googleapis.com; connect-src 'self' https://res.cdn.office.net https://*.mindvalley.com https://*.mvstg.com https://mvstg.auth0.com https://mindvalley.auth0.com; font-src 'self' fonts.gstatic.com https://*.mindvalley.com https://*.mvstg.com data:; frame-src 'self' https://mvstg.auth0.com https://mindvalley.auth0.com;img-src 'self' https://*.mvstg.com https://*.mindvalley.com https://*.swagger.io s3.amazonaws.com storage.googleapis.com https://res.cloudinary.com/mindvalley/ data:; manifest-src 'self'; media-src 'self'; frame-ancestors 'self' https://*.mvstg.com https://*.mindvalley.com https://b2b-login.mvstg.com https://b2b-admin.mvstg.com https://b2b-login.mindvalley.com;, default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' osiris.mvstg.com fonts.googleapis.com; connect-src 'self' *.auth0.com *.mvstg.com *.mindvalley.com; font-src 'self' fonts.gstatic.com *.mindvalley.com *.mvstg.com data:; frame-src 'self'; img-src 'self' *.mvstg.com *.swagger.io s3.amazonaws.com storage.googleapis.com *.cloudinary.com data:; manifest-src 'self'; media-src 'self'; frame-ancestors 'none';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: none
cross-origin-window-policy: deny
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: max-age=0, private, must-revalidate
content-length: 6279
x-xss-protection: 1; mode=block
x-request-id: 2a0aafca131691cb439d16eb9c5e5f24

GET
H2 200 google-logo-0d44295fe8364ca18d52d434f85b3132.svg
b2b-login-admin.mvstg.com/images/b2b_login/ 3 KB
3 KB 123ms
122ms Image
text/html 34.150.137.202
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b2b-login-admin.mvstg.com/images/b2b_login/google-logo-0d44295fe8364ca18d52d434f85b3132.svg?vsn=d

Requested by

Host: b2b-login-admin.mvstg.com
URL: https://b2b-login-admin.mvstg.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.150.137.202 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

202.137.150.34.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' osiris.mvstg.com fonts.googleapis.com; connect-src 'self' https://res.cdn.office.net https://.mindvalley.com https://.mvstg.com https://mvstg.auth0.com https://mindvalley.auth0.com; font-src 'self' fonts.gstatic.com https://.mindvalley.com https://.mvstg.com data:; frame-src 'self' https://mvstg.auth0.com https://mindvalley.auth0.com;img-src 'self' https://.mvstg.com https://.mindvalley.com https://.swagger.io s3.amazonaws.com storage.googleapis.com https://res.cloudinary.com/mindvalley/ data:; manifest-src 'self'; media-src 'self'; frame-ancestors 'self' https://.mvstg.com https://.mindvalley.com https://b2b-login.mvstg.com https://b2b-admin.mvstg.com https://b2b-login.mindvalley.com;, default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' osiris.mvstg.com fonts.googleapis.com; connect-src 'self' .auth0.com .mvstg.com .mindvalley.com; font-src 'self' fonts.gstatic.com .mindvalley.com .mvstg.com data:; frame-src 'self'; img-src 'self' .mvstg.com .swagger.io s3.amazonaws.com storage.googleapis.com *.cloudinary.com data:; manifest-src 'self'; media-src 'self'; frame-ancestors 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://b2b-login-admin.mvstg.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 09:42:47 GMT
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' osiris.mvstg.com fonts.googleapis.com; connect-src 'self' https://res.cdn.office.net https://*.mindvalley.com https://*.mvstg.com https://mvstg.auth0.com https://mindvalley.auth0.com; font-src 'self' fonts.gstatic.com https://*.mindvalley.com https://*.mvstg.com data:; frame-src 'self' https://mvstg.auth0.com https://mindvalley.auth0.com;img-src 'self' https://*.mvstg.com https://*.mindvalley.com https://*.swagger.io s3.amazonaws.com storage.googleapis.com https://res.cloudinary.com/mindvalley/ data:; manifest-src 'self'; media-src 'self'; frame-ancestors 'self' https://*.mvstg.com https://*.mindvalley.com https://b2b-login.mvstg.com https://b2b-admin.mvstg.com https://b2b-login.mindvalley.com;, default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' osiris.mvstg.com fonts.googleapis.com; connect-src 'self' *.auth0.com *.mvstg.com *.mindvalley.com; font-src 'self' fonts.gstatic.com *.mindvalley.com *.mvstg.com data:; frame-src 'self'; img-src 'self' *.mvstg.com *.swagger.io s3.amazonaws.com storage.googleapis.com *.cloudinary.com data:; manifest-src 'self'; media-src 'self'; frame-ancestors 'none';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: none
cross-origin-window-policy: deny
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: max-age=0, private, must-revalidate
content-length: 6279
x-xss-protection: 1; mode=block
x-request-id: 0421c76247fa3ff1435a491b3a36ef81

GET
H2 200 apple-logo-16c737517be887dc550034187afd5a42.svg
b2b-login-admin.mvstg.com/images/b2b_login/ 3 KB
3 KB 118ms
117ms Image
text/html 34.150.137.202
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b2b-login-admin.mvstg.com/images/b2b_login/apple-logo-16c737517be887dc550034187afd5a42.svg?vsn=d

Requested by

Host: b2b-login-admin.mvstg.com
URL: https://b2b-login-admin.mvstg.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.150.137.202 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

202.137.150.34.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' osiris.mvstg.com fonts.googleapis.com; connect-src 'self' https://res.cdn.office.net https://.mindvalley.com https://.mvstg.com https://mvstg.auth0.com https://mindvalley.auth0.com; font-src 'self' fonts.gstatic.com https://.mindvalley.com https://.mvstg.com data:; frame-src 'self' https://mvstg.auth0.com https://mindvalley.auth0.com;img-src 'self' https://.mvstg.com https://.mindvalley.com https://.swagger.io s3.amazonaws.com storage.googleapis.com https://res.cloudinary.com/mindvalley/ data:; manifest-src 'self'; media-src 'self'; frame-ancestors 'self' https://.mvstg.com https://.mindvalley.com https://b2b-login.mvstg.com https://b2b-admin.mvstg.com https://b2b-login.mindvalley.com;, default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' osiris.mvstg.com fonts.googleapis.com; connect-src 'self' .auth0.com .mvstg.com .mindvalley.com; font-src 'self' fonts.gstatic.com .mindvalley.com .mvstg.com data:; frame-src 'self'; img-src 'self' .mvstg.com .swagger.io s3.amazonaws.com storage.googleapis.com *.cloudinary.com data:; manifest-src 'self'; media-src 'self'; frame-ancestors 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://b2b-login-admin.mvstg.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 09:42:47 GMT
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' osiris.mvstg.com fonts.googleapis.com; connect-src 'self' https://res.cdn.office.net https://*.mindvalley.com https://*.mvstg.com https://mvstg.auth0.com https://mindvalley.auth0.com; font-src 'self' fonts.gstatic.com https://*.mindvalley.com https://*.mvstg.com data:; frame-src 'self' https://mvstg.auth0.com https://mindvalley.auth0.com;img-src 'self' https://*.mvstg.com https://*.mindvalley.com https://*.swagger.io s3.amazonaws.com storage.googleapis.com https://res.cloudinary.com/mindvalley/ data:; manifest-src 'self'; media-src 'self'; frame-ancestors 'self' https://*.mvstg.com https://*.mindvalley.com https://b2b-login.mvstg.com https://b2b-admin.mvstg.com https://b2b-login.mindvalley.com;, default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' osiris.mvstg.com fonts.googleapis.com; connect-src 'self' *.auth0.com *.mvstg.com *.mindvalley.com; font-src 'self' fonts.gstatic.com *.mindvalley.com *.mvstg.com data:; frame-src 'self'; img-src 'self' *.mvstg.com *.swagger.io s3.amazonaws.com storage.googleapis.com *.cloudinary.com data:; manifest-src 'self'; media-src 'self'; frame-ancestors 'none';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: none
cross-origin-window-policy: deny
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: max-age=0, private, must-revalidate
content-length: 6279
x-xss-protection: 1; mode=block
x-request-id: 1fff778193470e84d8d87ee72f7b24fe

GET
H2 200 microsoft-logo-6f6912812e82abcf2078c8d1a39b8d6b.svg
b2b-login-admin.mvstg.com/images/b2b_login/ 3 KB
3 KB 152ms
151ms Image
text/html 34.150.137.202
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b2b-login-admin.mvstg.com/images/b2b_login/microsoft-logo-6f6912812e82abcf2078c8d1a39b8d6b.svg?vsn=d

Requested by

Host: b2b-login-admin.mvstg.com
URL: https://b2b-login-admin.mvstg.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.150.137.202 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

202.137.150.34.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' osiris.mvstg.com fonts.googleapis.com; connect-src 'self' https://res.cdn.office.net https://.mindvalley.com https://.mvstg.com https://mvstg.auth0.com https://mindvalley.auth0.com; font-src 'self' fonts.gstatic.com https://.mindvalley.com https://.mvstg.com data:; frame-src 'self' https://mvstg.auth0.com https://mindvalley.auth0.com;img-src 'self' https://.mvstg.com https://.mindvalley.com https://.swagger.io s3.amazonaws.com storage.googleapis.com https://res.cloudinary.com/mindvalley/ data:; manifest-src 'self'; media-src 'self'; frame-ancestors 'self' https://.mvstg.com https://.mindvalley.com https://b2b-login.mvstg.com https://b2b-admin.mvstg.com https://b2b-login.mindvalley.com;, default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' osiris.mvstg.com fonts.googleapis.com; connect-src 'self' .auth0.com .mvstg.com .mindvalley.com; font-src 'self' fonts.gstatic.com .mindvalley.com .mvstg.com data:; frame-src 'self'; img-src 'self' .mvstg.com .swagger.io s3.amazonaws.com storage.googleapis.com *.cloudinary.com data:; manifest-src 'self'; media-src 'self'; frame-ancestors 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://b2b-login-admin.mvstg.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 09:42:47 GMT
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' osiris.mvstg.com fonts.googleapis.com; connect-src 'self' https://res.cdn.office.net https://*.mindvalley.com https://*.mvstg.com https://mvstg.auth0.com https://mindvalley.auth0.com; font-src 'self' fonts.gstatic.com https://*.mindvalley.com https://*.mvstg.com data:; frame-src 'self' https://mvstg.auth0.com https://mindvalley.auth0.com;img-src 'self' https://*.mvstg.com https://*.mindvalley.com https://*.swagger.io s3.amazonaws.com storage.googleapis.com https://res.cloudinary.com/mindvalley/ data:; manifest-src 'self'; media-src 'self'; frame-ancestors 'self' https://*.mvstg.com https://*.mindvalley.com https://b2b-login.mvstg.com https://b2b-admin.mvstg.com https://b2b-login.mindvalley.com;, default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' osiris.mvstg.com fonts.googleapis.com; connect-src 'self' *.auth0.com *.mvstg.com *.mindvalley.com; font-src 'self' fonts.gstatic.com *.mindvalley.com *.mvstg.com data:; frame-src 'self'; img-src 'self' *.mvstg.com *.swagger.io s3.amazonaws.com storage.googleapis.com *.cloudinary.com data:; manifest-src 'self'; media-src 'self'; frame-ancestors 'none';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: none
cross-origin-window-policy: deny
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: max-age=0, private, must-revalidate
content-length: 6279
x-xss-protection: 1; mode=block
x-request-id: 9a09940e07a4dad1d3175137c504c3e0

GET
H2 200 login-admin.png
res.cloudinary.com/mindvalley/image/upload/v1723003833/workway/Login/ 427 KB
428 KB 513ms
245ms Image
image/png 2600:1408:5400:4b4::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/mindvalley/image/upload/v1723003833/workway/Login/login-admin.png

Requested by

Host: b2b-login-admin.mvstg.com
URL: https://b2b-login-admin.mvstg.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2600:1408:5400:4b4::523 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

2d4741df89c42850b6f8b562853f644f749229d39b3119378fad4d16895122b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://b2b-login-admin.mvstg.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 09:42:48 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Wed, 07 Aug 2024 04:10:35 GMT
server: Cloudinary
etag: "c653e8b666be1cb699b58534ca075515"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: cld-akam;dur=185;cpu=41;start=2024-08-09T09:42:48.088Z;desc=miss,rtt;dur=57,content-info;desc="width=1176,height=1424,bytes=437234,o=1,ef=(17)",cloudinary;dur=125;start=2024-08-09T09:42:48.126Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 437234
x-request-id: 63c78368cadc5101f32357664373b869

GET
H2 200 workway_login-92547ecbf315fe4bf626e5b1fe1346a6.js Show response
b2b-login-admin.mvstg.com/js/ 6 KB
7 KB 97ms
96ms Script
text/html 34.150.137.202
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://b2b-login-admin.mvstg.com/js/workway_login-92547ecbf315fe4bf626e5b1fe1346a6.js?vsn=d

Requested by

Host: b2b-login-admin.mvstg.com
URL: https://b2b-login-admin.mvstg.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.150.137.202 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

202.137.150.34.bc.googleusercontent.com

Software

Resource Hash

ec5bb79cc3ae625732f788e2a4ed672d601fad243c46853b920bf58998a423f2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' osiris.mvstg.com fonts.googleapis.com; connect-src 'self' https://res.cdn.office.net https://.mindvalley.com https://.mvstg.com https://mvstg.auth0.com https://mindvalley.auth0.com; font-src 'self' fonts.gstatic.com https://.mindvalley.com https://.mvstg.com data:; frame-src 'self' https://mvstg.auth0.com https://mindvalley.auth0.com;img-src 'self' https://.mvstg.com https://.mindvalley.com https://.swagger.io s3.amazonaws.com storage.googleapis.com https://res.cloudinary.com/mindvalley/ data:; manifest-src 'self'; media-src 'self'; frame-ancestors 'self' https://.mvstg.com https://.mindvalley.com https://b2b-login.mvstg.com https://b2b-admin.mvstg.com https://b2b-login.mindvalley.com;, default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' osiris.mvstg.com fonts.googleapis.com; connect-src 'self' .auth0.com .mvstg.com .mindvalley.com; font-src 'self' fonts.gstatic.com .mindvalley.com .mvstg.com data:; frame-src 'self'; img-src 'self' .mvstg.com .swagger.io s3.amazonaws.com storage.googleapis.com *.cloudinary.com data:; manifest-src 'self'; media-src 'self'; frame-ancestors 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://b2b-login-admin.mvstg.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 09:42:47 GMT
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' osiris.mvstg.com fonts.googleapis.com; connect-src 'self' https://res.cdn.office.net https://*.mindvalley.com https://*.mvstg.com https://mvstg.auth0.com https://mindvalley.auth0.com; font-src 'self' fonts.gstatic.com https://*.mindvalley.com https://*.mvstg.com data:; frame-src 'self' https://mvstg.auth0.com https://mindvalley.auth0.com;img-src 'self' https://*.mvstg.com https://*.mindvalley.com https://*.swagger.io s3.amazonaws.com storage.googleapis.com https://res.cloudinary.com/mindvalley/ data:; manifest-src 'self'; media-src 'self'; frame-ancestors 'self' https://*.mvstg.com https://*.mindvalley.com https://b2b-login.mvstg.com https://b2b-admin.mvstg.com https://b2b-login.mindvalley.com;, default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' osiris.mvstg.com fonts.googleapis.com; connect-src 'self' *.auth0.com *.mvstg.com *.mindvalley.com; font-src 'self' fonts.gstatic.com *.mindvalley.com *.mvstg.com data:; frame-src 'self'; img-src 'self' *.mvstg.com *.swagger.io s3.amazonaws.com storage.googleapis.com *.cloudinary.com data:; manifest-src 'self'; media-src 'self'; frame-ancestors 'none';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: none
cross-origin-window-policy: deny
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: max-age=0, private, must-revalidate
content-length: 6279
x-xss-protection: 1; mode=block
x-request-id: 9e2471f3dbedf8a1d283160ea19ff6f1

GET
H2 200 b2b-bg-7207856426c35df1b0ea08df7486700e.png
b2b-login-admin.mvstg.com/images/ 3 KB
3 KB 102ms
102ms Image
text/html 34.150.137.202
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b2b-login-admin.mvstg.com/images/b2b-bg-7207856426c35df1b0ea08df7486700e.png?vsn=d

Requested by

Host: b2b-login-admin.mvstg.com
URL: https://b2b-login-admin.mvstg.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.150.137.202 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

202.137.150.34.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' osiris.mvstg.com fonts.googleapis.com; connect-src 'self' https://res.cdn.office.net https://.mindvalley.com https://.mvstg.com https://mvstg.auth0.com https://mindvalley.auth0.com; font-src 'self' fonts.gstatic.com https://.mindvalley.com https://.mvstg.com data:; frame-src 'self' https://mvstg.auth0.com https://mindvalley.auth0.com;img-src 'self' https://.mvstg.com https://.mindvalley.com https://.swagger.io s3.amazonaws.com storage.googleapis.com https://res.cloudinary.com/mindvalley/ data:; manifest-src 'self'; media-src 'self'; frame-ancestors 'self' https://.mvstg.com https://.mindvalley.com https://b2b-login.mvstg.com https://b2b-admin.mvstg.com https://b2b-login.mindvalley.com;, default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' osiris.mvstg.com fonts.googleapis.com; connect-src 'self' .auth0.com .mvstg.com .mindvalley.com; font-src 'self' fonts.gstatic.com .mindvalley.com .mvstg.com data:; frame-src 'self'; img-src 'self' .mvstg.com .swagger.io s3.amazonaws.com storage.googleapis.com *.cloudinary.com data:; manifest-src 'self'; media-src 'self'; frame-ancestors 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://b2b-login-admin.mvstg.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 09:42:47 GMT
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' osiris.mvstg.com fonts.googleapis.com; connect-src 'self' https://res.cdn.office.net https://*.mindvalley.com https://*.mvstg.com https://mvstg.auth0.com https://mindvalley.auth0.com; font-src 'self' fonts.gstatic.com https://*.mindvalley.com https://*.mvstg.com data:; frame-src 'self' https://mvstg.auth0.com https://mindvalley.auth0.com;img-src 'self' https://*.mvstg.com https://*.mindvalley.com https://*.swagger.io s3.amazonaws.com storage.googleapis.com https://res.cloudinary.com/mindvalley/ data:; manifest-src 'self'; media-src 'self'; frame-ancestors 'self' https://*.mvstg.com https://*.mindvalley.com https://b2b-login.mvstg.com https://b2b-admin.mvstg.com https://b2b-login.mindvalley.com;, default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' osiris.mvstg.com fonts.googleapis.com; connect-src 'self' *.auth0.com *.mvstg.com *.mindvalley.com; font-src 'self' fonts.gstatic.com *.mindvalley.com *.mvstg.com data:; frame-src 'self'; img-src 'self' *.mvstg.com *.swagger.io s3.amazonaws.com storage.googleapis.com *.cloudinary.com data:; manifest-src 'self'; media-src 'self'; frame-ancestors 'none';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: none
cross-origin-window-policy: deny
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: max-age=0, private, must-revalidate
content-length: 6279
x-xss-protection: 1; mode=block
x-request-id: 05afcfa58723f2cdd7af2264435b0ece

GET
H2 200 favicon.ico
res.cloudinary.com/mindvalley/image/upload/v1723003627/workway/Favicons/Admin%20Panel/ 9 KB
1 KB 214ms
214ms Other
image/x-icon 2600:1408:5400:4b4::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://res.cloudinary.com/mindvalley/image/upload/v1723003627/workway/Favicons/Admin%20Panel/favicon.ico

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2600:1408:5400:4b4::523 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

6478a43ad8af9480c056d8e4086393aa2132c1ef70349e45aa8a5dddfbdd4068

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://b2b-login-admin.mvstg.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 09:42:48 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=604800
server-timing: cld-akam;dur=153;cpu=48;start=2024-08-09T09:42:48.609Z;desc=miss,rtt;dur=59,content-info;desc="width=48,height=48,bytes=9662,o=1,ef=(17)",cloudinary;dur=86;start=2024-08-09T09:42:48.653Z
content-length: 960
x-request-id: 78371df6c03b6cd17ae1862795666280
last-modified: Wed, 07 Aug 2024 04:07:08 GMT
server: Cloudinary
etag: W/"9be3f1ff883e178e5b898d82cac7bbf7"
vary: Accept-Encoding
content-type: image/x-icon
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 favicon-32x32.png
res.cloudinary.com/mindvalley/image/upload/v1723003624/workway/Favicons/Admin%20Panel/ 823 B
1 KB 173ms
172ms Other
image/png 2600:1408:5400:4b4::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://res.cloudinary.com/mindvalley/image/upload/v1723003624/workway/Favicons/Admin%20Panel/favicon-32x32.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2600:1408:5400:4b4::523 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

1bac9b48bf6956f6ce56caece0950b2ce239097bd0e8202f37f9e958cc38583f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://b2b-login-admin.mvstg.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 09:42:48 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Wed, 07 Aug 2024 04:07:05 GMT
server: Cloudinary
etag: "c6dc9549d5bf1e44d56164c5961cdbf9"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: cld-akam;dur=113;cpu=41;start=2024-08-09T09:42:48.827Z;desc=miss,rtt;dur=59,content-info;desc="width=32,height=32,bytes=823,o=1,ef=(17)",cloudinary;dur=52;start=2024-08-09T09:42:48.866Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 823
x-request-id: f8dbd56ddb5b66f22a24151ecb6fcb27

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: b2b-login-admin.mvstg.com
URL: https://b2b-login-admin.mvstg.com/css/tailwind-4084f056e0c7234b12e025a8ca003920.css?vsn=d

Domain: b2b-login-admin.mvstg.com
URL: https://b2b-login-admin.mvstg.com/css/workway_login-63083d269133435a8d36a90e6f59e8b2.css?vsn=d

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			b2b-login-admin.mvstg.com/	1969-12-31 23:59:59	Name: _mvj_key Value: SFMyNTY.g3QAAAABbQAAAAtfY3NyZl90b2tlbm0AAAAYNndCY0hQdkxLSXd1elYyR1l6SExsYTNo.CLVIVFs6YH0iYuYjUKRFBN67sYsIReTr0_kRw-Gg8j4

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://b2b-login-admin.mvstg.com/ Message: Refused to apply style from 'https://b2b-login-admin.mvstg.com/css/tailwind-4084f056e0c7234b12e025a8ca003920.css?vsn=d' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security	error	URL: https://b2b-login-admin.mvstg.com/ Message: Refused to apply style from 'https://b2b-login-admin.mvstg.com/css/workway_login-63083d269133435a8d36a90e6f59e8b2.css?vsn=d' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security	error	URL: https://b2b-login-admin.mvstg.com/ Message: Refused to execute script from 'https://b2b-login-admin.mvstg.com/js/workway_login-92547ecbf315fe4bf626e5b1fe1346a6.js?vsn=d' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
recommendation	verbose	URL: https://b2b-login-admin.mvstg.com/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' osiris.mvstg.com fonts.googleapis.com; connect-src 'self' https://res.cdn.office.net https://.mindvalley.com https://.mvstg.com https://mvstg.auth0.com https://mindvalley.auth0.com; font-src 'self' fonts.gstatic.com https://.mindvalley.com https://.mvstg.com data:; frame-src 'self' https://mvstg.auth0.com https://mindvalley.auth0.com;img-src 'self' https://.mvstg.com https://.mindvalley.com https://.swagger.io s3.amazonaws.com storage.googleapis.com https://res.cloudinary.com/mindvalley/ data:; manifest-src 'self'; media-src 'self'; frame-ancestors 'self' https://.mvstg.com https://.mindvalley.com https://b2b-login.mvstg.com https://b2b-admin.mvstg.com https://b2b-login.mindvalley.com; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' osiris.mvstg.com fonts.googleapis.com; connect-src 'self' .auth0.com .mvstg.com .mindvalley.com; font-src 'self' fonts.gstatic.com .mindvalley.com .mvstg.com data:; frame-src 'self'; img-src 'self' .mvstg.com .swagger.io s3.amazonaws.com storage.googleapis.com *.cloudinary.com data:; manifest-src 'self'; media-src 'self'; frame-ancestors 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b2b-login-admin.mvstg.com
res.cloudinary.com
b2b-login-admin.mvstg.com
2600:1408:5400:4b4::523
34.150.137.202
1bac9b48bf6956f6ce56caece0950b2ce239097bd0e8202f37f9e958cc38583f
20cd1b08272599c0d7c75e699e7930c027cd33fe6282343ce8d5696dc4dfe1d5
2d4741df89c42850b6f8b562853f644f749229d39b3119378fad4d16895122b8
6478a43ad8af9480c056d8e4086393aa2132c1ef70349e45aa8a5dddfbdd4068
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec5bb79cc3ae625732f788e2a4ed672d601fad243c46853b920bf58998a423f2

b2b-login-admin.mvstg.com Open in urlscan Pro 34.150.137.202 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

13 Requests

85 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

3 IPs

1 Countries

462 kBTransfer

466 kBSize

1 Cookies

3 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

1 Cookies

4 Console Messages

Security Headers

Indicators

b2b-login-admin.mvstg.com Open in urlscan Pro
34.150.137.202 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

85 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

462 kB
Transfer

466 kB
Size

1
Cookies

13 HTTP transactions
0 data transactions