urlscan.io logo urlscan.io
SecurityTrails logo

mf.stoxbox.staging.securemetasys.com Open in urlscan Pro
116.74.77.251  Public Scan

Go To Rescan Add Verdict Report
URL: https://mf.stoxbox.staging.securemetasys.com/
Submission: On July 09 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 20 HTTP transactions. The main IP is 116.74.77.251, located in Surat, India and belongs to HATHWAY-NET-AP Hathway IP Over Cable Internet, IN. The main domain is mf.stoxbox.staging.securemetasys.com.
TLS certificate: Issued by E6 on July 8th 2024. Valid for: 3 months.
This is the only time mf.stoxbox.staging.securemetasys.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
12 116.74.77.251 17488 (HATHWAY-N...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 16.12.36.2 16509 (AMAZON-02)
2 180.179.105.173 17439 (NETMAGIC-...)
20 7
12    116.74.77.251 (Surat, India)

ASN17488 (HATHWAY-NET-AP Hathway IP Over Cable Internet, IN)
mf.stoxbox.staging.securemetasys.com
1    2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    16.12.36.2 (Mumbai, India)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.ap-south-1.amazonaws.com
stoxbox.s3.ap-south-1.amazonaws.com
2    180.179.105.173 (India)

ASN17439 (NETMAGIC-AP Netmagic Datacenter Mumbai, IN)
activity1.stoxbox.in
Domain Requested by
12 mf.stoxbox.staging.securemetasys.com mf.stoxbox.staging.securemetasys.com
2 activity1.stoxbox.in mf.stoxbox.staging.securemetasys.com
2 stoxbox.s3.ap-south-1.amazonaws.com mf.stoxbox.staging.securemetasys.com
2 fonts.googleapis.com mf.stoxbox.staging.securemetasys.com
1 fonts.gstatic.com fonts.googleapis.com
1 www.googletagmanager.com mf.stoxbox.staging.securemetasys.com
20 6

This site contains no links.

Subject Issuer Validity Valid
mf.stoxbox.staging.securemetasys.com
E6		 2024-07-08 -
2024-10-06		 3 months crt.sh
*.google-analytics.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
upload.video.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.s3.ap-south-1.amazonaws.com
Amazon RSA 2048 M01		 2024-05-13 -
2025-04-24		 a year crt.sh
*.stoxbox.in
RapidSSL TLS RSA CA G1		 2024-05-08 -
2025-06-08		 a year crt.sh

This page contains 1 frames:

Primary Page: https://mf.stoxbox.staging.securemetasys.com/
Frame ID: 516E0E00054A7576196C6F7D00B14736
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

StoxBox

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

20
Requests

100 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

7
IPs

2
Countries

1574 kB
Transfer

4550 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
mf.stoxbox.staging.securemetasys.com/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mf.stoxbox.staging.securemetasys.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
116.74.77.251 Surat, India, ASN17488 (HATHWAY-NET-AP Hathway IP Over Cable Internet, IN),
Reverse DNS
Software
nginx/1.26.1 /
Resource Hash
97808ab1f702c8f1da8db5c036b93e11259ea79ae49a9441d09f257e774d9ca6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html
date
Tue, 09 Jul 2024 08:38:15 GMT
etag
W/"107f-61aaeffe39300"
last-modified
Wed, 12 Jun 2024 10:39:40 GMT
server
nginx/1.26.1
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-cache
HIT from Backend
x-content-type-options
nosniff
x-xss-protection
1; mode=block
tailwind-base.css
mf.stoxbox.staging.securemetasys.com/assets/ 		7 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mf.stoxbox.staging.securemetasys.com/assets/tailwind-base.css
Requested by
Host: mf.stoxbox.staging.securemetasys.com
URL: https://mf.stoxbox.staging.securemetasys.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
116.74.77.251 Surat, India, ASN17488 (HATHWAY-NET-AP Hathway IP Over Cable Internet, IN),
Reverse DNS
Software
nginx/1.26.1 /
Resource Hash
cb89b1ba11a453750cad628fb25411078111ece90b684c929dec2af61dbd8103
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mf.stoxbox.staging.securemetasys.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 08:38:15 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 12 Jun 2024 10:38:27 GMT
server
nginx/1.26.1
content-encoding
gzip
etag
W/"66697aa3-1b0b"
vary
Accept-Encoding
x-cache
HIT from Backend
content-type
text/css
cache-control
max-age=315360000
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
js
www.googletagmanager.com/gtag/ 		271 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-6DF6T4DX41
Requested by
Host: mf.stoxbox.staging.securemetasys.com
URL: https://mf.stoxbox.staging.securemetasys.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
34dcf5ad3124b2bdfbeb8b8d7186cf4eae3905b397390778933a8f01d8821f7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://mf.stoxbox.staging.securemetasys.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 08:38:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
96082
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 09 Jul 2024 08:38:16 GMT
MaterialIconsOutlined.css
mf.stoxbox.staging.securemetasys.com/assets/fonts/material-design-icons/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mf.stoxbox.staging.securemetasys.com/assets/fonts/material-design-icons/MaterialIconsOutlined.css
Requested by
Host: mf.stoxbox.staging.securemetasys.com
URL: https://mf.stoxbox.staging.securemetasys.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
116.74.77.251 Surat, India, ASN17488 (HATHWAY-NET-AP Hathway IP Over Cable Internet, IN),
Reverse DNS
Software
nginx/1.26.1 /
Resource Hash
97808ab1f702c8f1da8db5c036b93e11259ea79ae49a9441d09f257e774d9ca6

Request headers

Referer
https://mf.stoxbox.staging.securemetasys.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 08:38:16 GMT
content-encoding
gzip
last-modified
Wed, 12 Jun 2024 10:39:40 GMT
server
nginx/1.26.1
etag
W/"107f-61aaeffe39300"
vary
Accept-Encoding
content-type
text/html
global.css
mf.stoxbox.staging.securemetasys.com/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mf.stoxbox.staging.securemetasys.com/global.css
Requested by
Host: mf.stoxbox.staging.securemetasys.com
URL: https://mf.stoxbox.staging.securemetasys.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
116.74.77.251 Surat, India, ASN17488 (HATHWAY-NET-AP Hathway IP Over Cable Internet, IN),
Reverse DNS
Software
nginx/1.26.1 /
Resource Hash
97808ab1f702c8f1da8db5c036b93e11259ea79ae49a9441d09f257e774d9ca6

Request headers

Referer
https://mf.stoxbox.staging.securemetasys.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 08:38:16 GMT
content-encoding
gzip
last-modified
Wed, 12 Jun 2024 10:39:40 GMT
server
nginx/1.26.1
etag
W/"107f-61aaeffe39300"
vary
Accept-Encoding
content-type
text/html
css2
fonts.googleapis.com/ 		32 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: mf.stoxbox.staging.securemetasys.com
URL: https://mf.stoxbox.staging.securemetasys.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
51698055502813cd29205292dfcb7517bd803cf9deb22e21d06bd24fb3bcdf4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://mf.stoxbox.staging.securemetasys.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 09 Jul 2024 08:38:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 09 Jul 2024 07:14:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 09 Jul 2024 08:38:16 GMT
main.791363e5.js
mf.stoxbox.staging.securemetasys.com/static/js/ 		4 MB
1021 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mf.stoxbox.staging.securemetasys.com/static/js/main.791363e5.js
Requested by
Host: mf.stoxbox.staging.securemetasys.com
URL: https://mf.stoxbox.staging.securemetasys.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
116.74.77.251 Surat, India, ASN17488 (HATHWAY-NET-AP Hathway IP Over Cable Internet, IN),
Reverse DNS
Software
nginx/1.26.1 /
Resource Hash
9edf3c69893e192dee88bfc31424eba700d799c6f91d980fbee98a5bb26cdbac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mf.stoxbox.staging.securemetasys.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 08:38:16 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 12 Jun 2024 10:39:40 GMT
server
nginx/1.26.1
content-encoding
gzip
etag
W/"66697aec-38cea6"
vary
Accept-Encoding
x-cache
HIT from Backend
content-type
application/javascript
cache-control
max-age=315360000
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
main.d5ceadb0.css
mf.stoxbox.staging.securemetasys.com/static/css/ 		136 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mf.stoxbox.staging.securemetasys.com/static/css/main.d5ceadb0.css
Requested by
Host: mf.stoxbox.staging.securemetasys.com
URL: https://mf.stoxbox.staging.securemetasys.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
116.74.77.251 Surat, India, ASN17488 (HATHWAY-NET-AP Hathway IP Over Cable Internet, IN),
Reverse DNS
Software
nginx/1.26.1 /
Resource Hash
262d2b0fc2b27834240222c16db786645d59b867ead1311a65e7270f908ce0d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mf.stoxbox.staging.securemetasys.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 08:38:15 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 12 Jun 2024 10:39:40 GMT
server
nginx/1.26.1
content-encoding
gzip
etag
W/"66697aec-21fe4"
vary
Accept-Encoding
x-cache
HIT from Backend
content-type
text/css
cache-control
max-age=315360000
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
css2
fonts.googleapis.com/ 		32 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: mf.stoxbox.staging.securemetasys.com
URL: https://mf.stoxbox.staging.securemetasys.com/static/css/main.d5ceadb0.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
51698055502813cd29205292dfcb7517bd803cf9deb22e21d06bd24fb3bcdf4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://mf.stoxbox.staging.securemetasys.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 08:38:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 09 Jul 2024 07:14:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 09 Jul 2024 08:38:16 GMT
fuse.svg
mf.stoxbox.staging.securemetasys.com/assets/images/logos/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mf.stoxbox.staging.securemetasys.com/assets/images/logos/fuse.svg
Requested by
Host: mf.stoxbox.staging.securemetasys.com
URL: https://mf.stoxbox.staging.securemetasys.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
116.74.77.251 Surat, India, ASN17488 (HATHWAY-NET-AP Hathway IP Over Cable Internet, IN),
Reverse DNS
Software
nginx/1.26.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mf.stoxbox.staging.securemetasys.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 08:38:18 GMT
content-encoding
gzip
last-modified
Wed, 12 Jun 2024 10:39:40 GMT
server
nginx/1.26.1
etag
W/"107f-61aaeffe39300"
vary
Accept-Encoding
content-type
text/html
StoxBoxLogo_Desktop.7bed61a2a1bdf8b01ad0b80488bb1e4f.svg
mf.stoxbox.staging.securemetasys.com/static/media/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mf.stoxbox.staging.securemetasys.com/static/media/StoxBoxLogo_Desktop.7bed61a2a1bdf8b01ad0b80488bb1e4f.svg
Requested by
Host: mf.stoxbox.staging.securemetasys.com
URL: https://mf.stoxbox.staging.securemetasys.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
116.74.77.251 Surat, India, ASN17488 (HATHWAY-NET-AP Hathway IP Over Cable Internet, IN),
Reverse DNS
Software
nginx/1.26.1 /
Resource Hash
2c7ce3ec9676d2892baf65f02cdcf7618c7847396f8ce8ee23ac962334c56a00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mf.stoxbox.staging.securemetasys.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 08:38:18 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 12 Jun 2024 10:39:40 GMT
server
nginx/1.26.1
content-encoding
gzip
etag
W/"66697aec-97d"
vary
Accept-Encoding
x-cache
HIT from Backend
content-type
image/svg+xml
cache-control
max-age=315360000
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mf.stoxbox.staging.securemetasys.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 02 Jul 2024 15:27:45 GMT
x-content-type-options
nosniff
age
580233
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Jul 2025 15:27:45 GMT
mf_configdata_prd.json
stoxbox.s3.ap-south-1.amazonaws.com/appv2comp/ 		4 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stoxbox.s3.ap-south-1.amazonaws.com/appv2comp/mf_configdata_prd.json
Requested by
Host: mf.stoxbox.staging.securemetasys.com
URL: https://mf.stoxbox.staging.securemetasys.com/static/js/main.791363e5.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
16.12.36.2 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.ap-south-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
04e25370af727aab494046a2013dedce815711588969e6993c5d3cc9a3e8e6f8

Request headers

Accept
application/json, text/plain, */*
Referer
https://mf.stoxbox.staging.securemetasys.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

Date
Tue, 09 Jul 2024 08:38:20 GMT
x-amz-version-id
SaA2fEna0ixbDpimTyD8u76X6QMsgkdg
Last-Modified
Fri, 01 Mar 2024 07:02:26 GMT
Server
AmazonS3
x-amz-request-id
A50KGHENVEBF60GG
ETag
"8719cbbb59ffb857aa16b4f55c6a5312"
x-amz-server-side-encryption
AES256
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Access-Control-Allow-Origin
Accept-Ranges
bytes
Content-Length
4193
x-amz-id-2
beNbki1/+EvU4cChLE3qQO2ZHDQ3YCkKZjFqcDaTWENSfOBUtyParqO1oHzJbbRaJCJx5ZQwK48=
mf_configdata_prd.json
stoxbox.s3.ap-south-1.amazonaws.com/appv2comp/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://stoxbox.s3.ap-south-1.amazonaws.com/appv2comp/mf_configdata_prd.json
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
16.12.36.2 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.ap-south-1.amazonaws.com
Software
AmazonS3 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://mf.stoxbox.staging.securemetasys.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Access-Control-Allow-Origin
Content-Length
0
Date
Tue, 09 Jul 2024 08:38:19 GMT
Server
AmazonS3
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-id-2
WgfydaHkzsfjTD0vH1oAoSdgfvzGALRSkaBUN4LG6ehpaBw/gFOeKfIvBFNXDt1uH2qAUDuluoQ=
x-amz-request-id
G1TDJ0HBNK3WAE2R
Website_Favicon.png
mf.stoxbox.staging.securemetasys.com/ 		425 B
707 B 		Other
General
Check archive.org
Download Go to
Full URL
https://mf.stoxbox.staging.securemetasys.com/Website_Favicon.png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
116.74.77.251 Surat, India, ASN17488 (HATHWAY-NET-AP Hathway IP Over Cable Internet, IN),
Reverse DNS
Software
nginx/1.26.1 /
Resource Hash
7642818e663027fd8a180f300f512e17fa005c888cc46c7c55dbb1a0a1ac4ea3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mf.stoxbox.staging.securemetasys.com/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 08:38:18 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 12 Jun 2024 10:38:27 GMT
server
nginx/1.26.1
etag
"66697aa3-1a9"
x-cache
HIT from Backend
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
425
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
authorizereq
activity1.stoxbox.in/api/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://activity1.stoxbox.in:9015/api/authorizereq
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
180.179.105.173 , India, ASN17439 (NETMAGIC-AP Netmagic Datacenter Mumbai, IN),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://mf.stoxbox.staging.securemetasys.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
https://mf.stoxbox.staging.securemetasys.com
Content-Length
0
Date
Tue, 09 Jul 2024 08:38:19 GMT
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
authorizereq
activity1.stoxbox.in/api/ 		195 B
987 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://activity1.stoxbox.in:9015/api/authorizereq
Requested by
Host: mf.stoxbox.staging.securemetasys.com
URL: https://mf.stoxbox.staging.securemetasys.com/static/js/main.791363e5.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
180.179.105.173 , India, ASN17439 (NETMAGIC-AP Netmagic Datacenter Mumbai, IN),
Reverse DNS
Software
/
Resource Hash
592deaa9c35568ea2256639b198bfc3aa8e74727c3e4760b18f316c14f9aba96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://mf.stoxbox.staging.securemetasys.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Date
Tue, 09 Jul 2024 08:38:19 GMT
X-Content-Type-Options
nosniff
Authorization
Bearer eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJicGRhc2hib2FyZCIsImF1dGgiOiIiLCJleHAiOjE3MjA2MDA2OTl9._ditNe482yesARULVFgZirmx45_CXJtQ0yUwOgKL_4SJBtL4115i5kOZ-MQq3-7J_FkKRhWAbtcoOOlYPfWnog
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Frame-Options
SAMEORIGIN
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
https://mf.stoxbox.staging.securemetasys.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
Expires
0
BackgroundWithBGColor.92107ec25b9f490e27e4.png
mf.stoxbox.staging.securemetasys.com/static/media/ 		229 KB
230 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mf.stoxbox.staging.securemetasys.com/static/media/BackgroundWithBGColor.92107ec25b9f490e27e4.png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
116.74.77.251 Surat, India, ASN17488 (HATHWAY-NET-AP Hathway IP Over Cable Internet, IN),
Reverse DNS
Software
nginx/1.26.1 /
Resource Hash
cb88d817e2038e6d5d4941c067ed8f2b136850fa59bed99f27c916a2acac7dcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mf.stoxbox.staging.securemetasys.com/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 08:38:19 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 12 Jun 2024 10:39:40 GMT
server
nginx/1.26.1
content-encoding
gzip
etag
W/"66697aec-3948f"
vary
Accept-Encoding
x-cache
HIT from Backend
content-type
image/png
cache-control
max-age=315360000
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
HandWithPhone.75e376d7dbfc2b297330.png
mf.stoxbox.staging.securemetasys.com/static/media/ 		135 KB
135 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mf.stoxbox.staging.securemetasys.com/static/media/HandWithPhone.75e376d7dbfc2b297330.png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
116.74.77.251 Surat, India, ASN17488 (HATHWAY-NET-AP Hathway IP Over Cable Internet, IN),
Reverse DNS
Software
nginx/1.26.1 /
Resource Hash
08238b576f530c472cbb393ccd77673c6990a8c0b185d1e2a5baeb6c209bfe86
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mf.stoxbox.staging.securemetasys.com/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 08:38:19 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 12 Jun 2024 10:39:40 GMT
server
nginx/1.26.1
content-encoding
gzip
etag
W/"66697aec-21b49"
vary
Accept-Encoding
x-cache
HIT from Backend
content-type
image/png
cache-control
max-age=315360000
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
People.a23ad9158514c4909130.png
mf.stoxbox.staging.securemetasys.com/static/media/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mf.stoxbox.staging.securemetasys.com/static/media/People.a23ad9158514c4909130.png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
116.74.77.251 Surat, India, ASN17488 (HATHWAY-NET-AP Hathway IP Over Cable Internet, IN),
Reverse DNS
Software
nginx/1.26.1 /
Resource Hash
8a739da3d038e8bcbb661ebfaf66de54e5566453e724391e6ba578f621c8fcb4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mf.stoxbox.staging.securemetasys.com/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 08:38:19 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 12 Jun 2024 10:39:40 GMT
server
nginx/1.26.1
content-encoding
gzip
etag
W/"66697aec-3354"
vary
Accept-Encoding
x-cache
HIT from Backend
content-type
image/png
cache-control
max-age=315360000
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2546f38f37e38cfe637daa3d918093f2519261bc054ed5f89e8950097bdaa8a

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| google_tag_manager object| google_tag_data object| dataLayer function| onYouTubeIframeAPIReady object| webpackChunkfuse_react_app function| _ object| regeneratorRuntime object| Auth0 number| 2f1acc6c3a606b082e5eef5e54414ffb

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block