metconnect.metcash.com
Open in
urlscan Pro
85.222.140.13
Public Scan
Submission: On October 14 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by Trusted Secure Certificate Authority 5 on August 12th 2022. Valid for: a year.
This is the only time metconnect.metcash.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
10 | 85.222.140.13 85.222.140.13 | 14340 (SALESFORCE) (SALESFORCE) | |
1 | 136.146.47.62 136.146.47.62 | 14340 (SALESFORCE) (SALESFORCE) | |
11 | 2 |
ASN14340 (SALESFORCE, US)
PTR: sledge1-fra.slb.sfdcsvc.net
metconnect.metcash.com |
ASN14340 (SALESFORCE, US)
PTR: dcl16-ncg1-c8-iad5.cs252-ia7.force.com
metcash--msa--c.documentforce.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
metcash.com
metconnect.metcash.com |
1 MB |
1 |
documentforce.com
metcash--msa--c.documentforce.com |
9 KB |
11 | 2 |
Domain | Requested by | |
---|---|---|
10 | metconnect.metcash.com |
metconnect.metcash.com
|
1 | metcash--msa--c.documentforce.com | |
11 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
metconnect.metcash.com Trusted Secure Certificate Authority 5 |
2022-08-12 - 2023-09-12 |
a year | crt.sh |
*.cs252.force.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-09-13 - 2023-09-12 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://metconnect.metcash.com/survey/runtimeApp.app?invitationId=0Ki5Y000000qSn6&surveyName=modern_slavery_act_shorter&UUID=749d032c-afa6-469f-91b6-571ec6c2b19c
Frame ID: C9792F016FF2FC0FCD87F95626D625CC
Requests: 11 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
runtimeApp.app
metconnect.metcash.com/survey/ |
125 KB 39 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.css
metconnect.metcash.com/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22survey%3AruntimeApp%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsurvey%3AruntimeApp%22%3A%22bVLmro6ZjqAzahHFsQLOSA%22... |
1 MB 131 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
aura_prod.js
metconnect.metcash.com/auraFW/javascript/QPQi8lbYE8YujG6og6Dqgw/ |
776 KB 244 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
appcore.js
metconnect.metcash.com/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22survey%3AruntimeApp%22%2C%22serializationVersion%22%3A%221-2.11.8-238.4-b%22%2C%22parts%22%3A%22t%22%2C%22loaded%22%3A%7B%22APPL... |
870 KB 136 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.js
metconnect.metcash.com/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22survey%3AruntimeApp%22%2C%22serializationVersion%22%3A%221-2.11.8-238.4-b%22%2C%22parts%22%3A%22t%22%2C%22loaded%22%3A%7B%22APPL... |
4 MB 796 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
resources.js
metconnect.metcash.com/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22survey%3AruntimeApp%22%2C%22fwuid%22%3A%22QPQi8lbYE8YujG6og6Dqgw%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsurvey%3... |
9 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
aura
metconnect.metcash.com/ |
78 KB 23 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
aura
metconnect.metcash.com/ |
8 KB 5 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
aura
metconnect.metcash.com/ |
14 KB 6 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Metcash_logo_no_boarder_resized_fin
metcash--msa--c.documentforce.com/file-asset-public/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
aura
metconnect.metcash.com/ |
2 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
18 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation number| pageStartTime object| Aura object| AuraLocker object| AuraLockerDisabled object| $A object| aura function| DOMPurify function| Router object| picassoSPA3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
metconnect.metcash.com/ | Name: CookieConsentPolicy Value: 0:1 |
|
metconnect.metcash.com/ | Name: LSKey-c$CookieConsentPolicy Value: 0:1 |
|
metconnect.metcash.com/ | Name: sfdc-stream Value: !W4aWeZPw1dhtM4pZleZP5K7Z49/oz5xy0cZ7imD/PpQ/omQFW3OhzG3MJWuhjT0KOBmvbO0BJ78RSg== |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | upgrade-insecure-requests default-src 'self'; script-src 'self' 'nonce-WS0fSMVRnBzn9SObvqmYLyArsSDGYVJE' chrome-extension: 'unsafe-inline' 'unsafe-eval' *.canary.lwc.dev *.visualforce.com blob: https://ssl.gstatic.com/accessibility/; object-src 'self'; style-src 'self' blob: chrome-extension: 'unsafe-inline' https://api.mixpanel.com https://*.springcm.com https://*.clmfed.docusign.com https://*.clm.docusign.mil https://online.flippingbook.com *.visualforce.com; img-src 'self' http: https: data: blob: https://api.mixpanel.com https://*.springcm.com https://app.powerbi.com https://*.clmfed.docusign.com https://*.clm.docusign.mil https://online.flippingbook.com *.visualforce.com; media-src 'self' https://api.mixpanel.com https://*.springcm.com https://*.clmfed.docusign.com https://*.clm.docusign.mil https://online.flippingbook.com *.visualforce.com; frame-ancestors 'self'; frame-src blob: https: mailto: https://api.mixpanel.com https://*.springcm.com https://app.powerbi.com https://*.clmfed.docusign.com https://*.clm.docusign.mil https://online.flippingbook.com *.visualforce.com; font-src 'self' https: data: https://api.mixpanel.com https://*.springcm.com https://*.clmfed.docusign.com https://*.clm.docusign.mil https://online.flippingbook.com *.visualforce.com; connect-src 'self' https://api.bluetail.salesforce.com https://staging.bluetail.salesforce.com https://preprod.bluetail.salesforce.com https://api.mixpanel.com https://*.springcm.com https://app.powerbi.com https://*.clmfed.docusign.com https://*.clm.docusign.mil https://online.flippingbook.com blob: *.visualforce.com; base-uri 'self' |
Strict-Transport-Security | max-age=63072000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
metcash--msa--c.documentforce.com
metconnect.metcash.com
136.146.47.62
85.222.140.13
011ef2773b967c4a4033b9c8244a7b8c63212c7bb3f09b67f304d1efd3652c8d
0700e9090ef63d913f6aaa55e6ad900099aa5704493a86e8543d8c163c9660f4
32b921953b34b3deeee6a587a6bb12b07982fc0e6ce620db226193a817d646cd
687b6396bd5faf852f950e621f01c5d083219980f0f22104519878a98b628fc9
79bf45a60cca05460aac9feb05e81657c30b227801ec697170e826ec270178d3
85154142af3256bc15868e4198db43be69c5186eab288d79d8107d983f27df67
8b3f5d1376c1d1bfa6fc256df109fa5bc2f0576231df3ebb9aae2e5d01cb216f
c0bdc370569fa9ab1234068fb658f9e2a850df5a8172540ceba656d9fe90723e
ca96fe5a3638b6a7194860100c78338773992006cedc2b83824a79365ee78a91
dd19cc116e088bb0f61d374db27439e44c76883858ec8c04d9721e3b98117748
e6209c45dd4776a7ae97b1fb0de36d96167c761973dc654e002c3c5a724d74dc