![](/screenshots/76e91985-372b-43f9-aac5-52798fb35a41.png)
metconnect.metcash.com
Open in
urlscan Pro
161.71.144.11
Public Scan
Submission: On April 12 via manual from AU — Scanned from AU
Summary
TLS certificate: Issued by Trusted Secure Certificate Authority 5 on August 12th 2022. Valid for: a year.
This is the only time metconnect.metcash.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
11 | 161.71.144.11 161.71.144.11 | 14340 (SALESFORCE) (SALESFORCE) | |
13 | 2 |
ASN14340 (SALESFORCE, US)
PTR: sledge3-hnd.slb.sfdcsvc.net
metconnect.metcash.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
metcash.com
metconnect.metcash.com |
2 MB |
0 |
documentforce.com
Failed
metcash--dev2--c.documentforce.com Failed |
|
13 | 2 |
Domain | Requested by | |
---|---|---|
11 | metconnect.metcash.com |
metconnect.metcash.com
|
0 | metcash--dev2--c.documentforce.com Failed | |
13 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
metconnect.metcash.com Trusted Secure Certificate Authority 5 |
2022-08-12 - 2023-09-12 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://metconnect.metcash.com/survey/runtimeApp.app?invitationId=0Ki5Y000000mgAE&surveyName=supplier_activity_log&UUID=586b411e-e127-4322-9ebb-b35038d706b8
Frame ID: 5F015018E1309B4A3D1C76C501797AD9
Requests: 13 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
runtimeApp.app
metconnect.metcash.com/survey/ |
177 KB 54 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.css
metconnect.metcash.com/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22survey%3AruntimeApp%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsurvey%3AruntimeApp%22%3A%22kMx97zp9v4Gw3PCDHQxw6w%22... |
1 MB 135 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aura_prod.js
metconnect.metcash.com/auraFW/javascript/2kszAdlijI-L2tQGa5JU9w/ |
819 KB 257 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
appcore.js
metconnect.metcash.com/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22survey%3AruntimeApp%22%2C%22serializationVersion%22%3A%221-242.20.4-2.31.8-b%22%2C%22parts%22%3A%22t%22%2C%22loaded%22%3A%7B%22A... |
939 KB 142 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.js
metconnect.metcash.com/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22survey%3AruntimeApp%22%2C%22serializationVersion%22%3A%221-242.20.4-2.31.8-b%22%2C%22parts%22%3A%22t%22%2C%22loaded%22%3A%7B%22A... |
5 MB 1 MB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
resources.js
metconnect.metcash.com/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22survey%3AruntimeApp%22%2C%22fwuid%22%3A%222kszAdlijI-L2tQGa5JU9w%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsurvey%3... |
10 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
aura
metconnect.metcash.com/ |
83 KB 25 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
aura
metconnect.metcash.com/ |
9 KB 5 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
aura
metconnect.metcash.com/ |
15 KB 6 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
aura
metconnect.metcash.com/ |
1 MB 277 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
asterisk.svg
metconnect.metcash.com/_sfdc/surveyAssets/icons/surveySvgs/ |
453 B 689 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
Email_Metcash_Letterhead_21
metcash--dev2--c.documentforce.com/file-asset-public/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
aura
metconnect.metcash.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- metcash--dev2--c.documentforce.com
- URL
- https://metcash--dev2--c.documentforce.com/file-asset-public/Email_Metcash_Letterhead_21?oid=00D010000008ayS&v=1
- Domain
- metconnect.metcash.com
- URL
- https://metconnect.metcash.com/aura?r=4&ui-instrumentation-components-beacon.InstrumentationBeacon.sendData=1
Verdicts & Comments Add Verdict or Comment
10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless number| pageStartTime object| Aura object| AuraLocker object| AuraLockerDisabled object| $A object| aura function| DOMPurify function| Router object| picassoSPA3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
metconnect.metcash.com/ | Name: CookieConsentPolicy Value: 0:1 |
|
metconnect.metcash.com/ | Name: LSKey-c$CookieConsentPolicy Value: 0:1 |
|
metconnect.metcash.com/ | Name: sfdc-stream Value: !wMtLdfILU9AoOmiVcU/3jnGF/R97Yz+3/WohGug+2RlnnDrKGG4gzXBTxGhqezyiItEr1QPxwGCHPyM= |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | upgrade-insecure-requests default-src 'self'; script-src 'self' 'nonce-ctxnGHBtaZl8pGzlKHFv2QsOnkm0iR8D' chrome-extension: 'unsafe-inline' 'unsafe-eval' *.canary.lwc.dev *.visualforce.com blob: https://ssl.gstatic.com/accessibility/; object-src 'self'; style-src 'self' blob: chrome-extension: 'unsafe-inline' https://api.mixpanel.com https://*.springcm.com https://*.clmfed.docusign.com https://*.clm.docusign.mil https://online.flippingbook.com *.visualforce.com; img-src 'self' http: https: data: blob: https://api.mixpanel.com https://*.springcm.com https://app.powerbi.com https://*.clmfed.docusign.com https://*.clm.docusign.mil https://online.flippingbook.com *.visualforce.com; media-src 'self' https://api.mixpanel.com https://*.springcm.com https://*.clmfed.docusign.com https://*.clm.docusign.mil https://online.flippingbook.com *.visualforce.com; frame-ancestors 'self'; frame-src blob: https: mailto: https://api.mixpanel.com https://*.springcm.com https://app.powerbi.com https://*.clmfed.docusign.com https://*.clm.docusign.mil https://online.flippingbook.com *.visualforce.com; font-src 'self' https: data: https://api.mixpanel.com https://*.springcm.com https://*.clmfed.docusign.com https://*.clm.docusign.mil https://online.flippingbook.com *.visualforce.com; connect-src 'self' https://api.bluetail.salesforce.com https://staging.bluetail.salesforce.com https://preprod.bluetail.salesforce.com https://api.mixpanel.com https://*.springcm.com https://app.powerbi.com https://*.clmfed.docusign.com https://*.clm.docusign.mil https://online.flippingbook.com blob: *.visualforce.com; base-uri 'self' |
Strict-Transport-Security | max-age=63072000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
metcash--dev2--c.documentforce.com
metconnect.metcash.com
metcash--dev2--c.documentforce.com
metconnect.metcash.com
161.71.144.11
08f4ae9359c03f9a484ee22b74cb031fab5c09b0acbd2dc392c132e6a4fa42b5
0d6ed404e5d24e899e9f863d64267661360881f89870121892ffb6b61381fc19
43c3796696528c01ce914001d8362c5081ca726af9226ac3f177c62203915381
4d13faebf1b4113e24e2292e68424119a0c9027185f118fdcb929900069e6686
61360962b1ff7628ed6cc2977db4e5295c1e8eb6320bab9ed53c9a80d07040e3
701a2e7b828e181e9722b6cc804889e4d89c5e8f2661eb4a6ac8481c6b6be664
78cc8b3e09dcf88be76e5d2e61de1fe83ac31b1ea4af0b25e7f5bb5a30466bd2
7bdfba2ca73e1b47c8f2b9e020a11b4621bb82cef9e595924a5266349cb2519d
8e37df894b9ebe0bf48f82893dd92ff62ac12935eeb93cf6b1d59d70c69b9c49
b8cd3437a3ac187f1f05895486b4f743e82148a040d4900960876e9c9544288e
c9085af3674404dd3ef6c9ec99c83f5d1d9d2e5eeb36bb0b575ca6d49fb66537