documentation technical

technology software

adult content

phishing scam

e-commerce shopping

English

JSESSIONID

The domain name 'dellservices.file.force.com' uses the commercial generic top-level domain (.com), featuring subdomain 'dellservices.file'. Count 5 characters in 'force' with 2 vowels and 3 consonants. Segmentation suggests one word: force. No strong language cues emerged from the frequency lists.

identifier

rememberMe

html/94/25/94256df8-c1b1-408e-a139-57ebd8decd63.html.gz

default-src 'self'; script-src 'self' *.salesforce.com 'report-sample'; style-src 'unsafe-inline' 'self' *.file.force.com *.salesforce.com *.visualforce.com:*; img-src *.force.com slack-mil-dev.com slack-imgs-mil-dev.com 'self' *.slack.com *.amazonaws.com blob: *.slack-imgs.com slack-imgs-gov.com *.slack-edge.mil *.salesforce-experience.com slack-imgs.com slack-gov-dev.com *.sfdcstatic.com *.slack-edge-gov.com *.salesforce.com *.twimg.com *.my-salesforce.com slack-imgs-gov-dev.com *.slack-edge.com slack-imgs.mil *.cloudinary.com data:; media-src 'self' *.salesforce.com; frame-src *.force.com *.quip.com *.arkoselabs.com 'self' *.youtube-nocookie.com *.youtube.co.uk *.cybersource.com *.youtube.com.br *.youtube.es *.salesforce-experience.com *.salesforceliveagent.com *.adis.ws *.sfdcfc.net *.youtube.ca *.youtube.ie *.cloudinary.com *.vidyard.com *.vimeo.com *.youtube.jp bcove.video *.youtube.fr *.forceusercontent.com *.youtube.com *.brightcove.net *.wistia.net *.salesforce.com *.youtube.nl *.youtube.pl; font-src *.force.com 'self' *.salesforce.com blob: data:; connect-src 'self' *.amazonaws.com *.salesforce.com api.salesforce.com *.api.salesforce.com wss://*.slack.com; report-to sfdc-csp-ep; report-uri https://csp-report.force.com/_/ContentDomainCSPNoAuth?type=mydomain

frame-ancestors 'self' https://dell.sharepoint.com https://app-nl-power-engine-gui-prod.does-p2.kob.dell.com https://dtc.dell.com https://app.ucspi.kob.dell.com https://us.flow-prod.boomi.com https://dell.service-now.com https://flow.boomi.com https://flow.manywho.com https://*.dell.com https://goas.gopo.dell.com https://baxter.dell.com https://dellservices.lightning.force.com https://flow-us.manywho.com https://dellservices.my.salesforce.com

default-src 'self' dell.okta.com myaccess.dell.com *.oktacdn.com https://login.microsoftonline.com https://myaccess.dell.com; connect-src 'self' dell.okta.com dell-admin.okta.com myaccess.dell.com *.oktacdn.com *.mixpanel.com *.mapbox.com dell.kerberos.okta.com dell.mtls.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: https://login.microsoftonline.com https://myaccess.dell.com *.ingest.sentry.io; script-src 'unsafe-inline' 'unsafe-eval' 'self' 'report-sample' dell.okta.com myaccess.dell.com *.oktacdn.com https://login.microsoftonline.com https://myaccess.dell.com; style-src 'unsafe-inline' 'self' 'report-sample' dell.okta.com myaccess.dell.com *.oktacdn.com https://login.microsoftonline.com https://myaccess.dell.com; frame-src 'self' dell.okta.com dell-admin.okta.com myaccess.dell.com login.okta.com *.vidyard.com com-okta-authenticator: https://login.microsoftonline.com https://myaccess.dell.com; img-src 'self' dell.okta.com myaccess.dell.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com *.vidyard.com data: https://login.microsoftonline.com https://myaccess.dell.com blob:; font-src 'self' dell.okta.com myaccess.dell.com data: *.oktacdn.com fonts.gstatic.com https://login.microsoftonline.com https://myaccess.dell.com; frame-ancestors 'self' https://dell.sharepoint.com https://app-nl-power-engine-gui-prod.does-p2.kob.dell.com https://dtc.dell.com https://app.ucspi.kob.dell.com https://us.flow-prod.boomi.com https://dell.service-now.com https://flow.boomi.com https://flow.manywho.com https://*.dell.com https://goas.gopo.dell.com https://baxter.dell.com https://dellservices.lightning.force.com https://flow-us.manywho.com https://dellservices.my.salesforce.com

default-src 'self' dell.okta.com myaccess.dell.com *.oktacdn.com; connect-src 'self' dell.okta.com dell-admin.okta.com myaccess.dell.com *.oktacdn.com *.mixpanel.com *.mapbox.com dell.kerberos.okta.com dell.mtls.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: *.ingest.sentry.io; script-src 'unsafe-inline' 'self' 'report-sample' dell.okta.com myaccess.dell.com *.oktacdn.com; style-src 'unsafe-inline' 'self' 'report-sample' dell.okta.com myaccess.dell.com *.oktacdn.com; frame-src 'self' dell.okta.com dell-admin.okta.com myaccess.dell.com login.okta.com *.vidyard.com com-okta-authenticator:; img-src 'self' dell.okta.com myaccess.dell.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com *.vidyard.com data: blob:; font-src 'self' dell.okta.com myaccess.dell.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'

default-src 'none'; img-src 'self'; require-trusted-types-for 'script'; report-uri  https://oktacsp.report-uri.com/r/t/csp/enforce

default-src 'self' dell.okta.com myaccess.dell.com *.oktacdn.com; connect-src 'self' dell.okta.com dell-admin.okta.com myaccess.dell.com *.oktacdn.com *.mixpanel.com *.mapbox.com dell.kerberos.okta.com dell.mtls.okta.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: *.ingest.sentry.io; script-src 'unsafe-inline' 'nonce-XOmHCjfI1chdd_biE6ICfA' 'self' 'report-sample' dell.okta.com myaccess.dell.com *.oktacdn.com; style-src 'unsafe-inline' 'nonce-XOmHCjfI1chdd_biE6ICfA' 'self' 'report-sample' dell.okta.com myaccess.dell.com *.oktacdn.com; frame-src 'self' dell.okta.com dell-admin.okta.com myaccess.dell.com login.okta.com *.vidyard.com com-okta-authenticator:; img-src 'self' dell.okta.com myaccess.dell.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com *.vidyard.com data: blob:; font-src 'self' dell.okta.com myaccess.dell.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self' https://dell.sharepoint.com https://app-nl-power-engine-gui-prod.does-p2.kob.dell.com https://dtc.dell.com https://app.ucspi.kob.dell.com https://us.flow-prod.boomi.com https://dell.service-now.com https://flow.boomi.com https://flow.manywho.com https://*.dell.com https://goas.gopo.dell.com https://baxter.dell.com https://dellservices.lightning.force.com https://flow-us.manywho.com https://dellservices.my.salesforce.com

object-src 'none'; base-uri 'self'; script-src 'self' 'nonce-c-5loSZWBeB1zFEuysST2A' 'unsafe-inline' 'unsafe-eval' https://*.msauth.net https://*.msftauth.net https://*.msftauthimages.net https://*.msauthimages.net https://*.msidentity.com https://*.microsoftonline-p.com https://*.microsoftazuread-sso.com https://*.azureedge.net https://*.outlook.com https://*.office.com https://*.office365.com https://*.microsoft.com https://*.bing.com 'report-sample'; report-uri https://csp.microsoft.com/report/ESTS-UX-All

object-src 'none'; base-uri 'self'; script-src 'self' 'nonce-dvJWhPrFaCRJW67BCIbymg' 'unsafe-inline' 'unsafe-eval' https://*.msauth.net https://*.msftauth.net https://*.msftauthimages.net https://*.msauthimages.net https://*.msidentity.com https://*.microsoftonline-p.com https://*.microsoftazuread-sso.com https://*.azureedge.net https://*.outlook.com https://*.office.com https://*.office365.com https://*.microsoft.com https://*.bing.com 'report-sample'; report-uri https://csp.microsoft.com/report/ESTS-UX-All

e332d68c22ede78461e202b0887b92ab46a170c22a4b9c5f0e8cdf4d000f821f

23583495475e88f40e41ea5ea16b7e1770c3dd33d201a4a7e2a58d3d4a87439f

ba5c5832ac2c55e09f357db165fc99c684162b4b81fabd728c35da5b93497b3f

596e801f6bb83bda72dcc4494e6aaab7011a0378060766253a9cdb012d3cbafa

dd32c3ac97bdd32d2384f9d23574aa7fefee13ab59b3e99deb787041ec17a777

b5ae63d45bcc72aa17ded8f186dfcb353b4aa4d7d085a739c5626d641f05775e

43ab09c9e90dd5ff1432c75f3976a5ec4779fd2d225970539e7b6721ce35ec67

viewport

robots

html/94/25/94256df8-c1b1-408e-a139-57ebd8decd63_nodriver.html.gz

myaccess.dell.com - Sign In

SafeNames Ltd.

DELL.COM

Microsoft Abuse Contact

IPHostmaster IPHostmaster

Microsoft Corporation

Somesh Chaturmohta

Prachi Singh

Microsoft Routing, Peering, and DNS

Dawn Bedard

MSFT


  var signInSuccessCallBackFunction;
  var oktaData = {"redirectUri":"\x2Fapp\x2Fdell_connsfdc_1\x2Fexk1e37uzhyKjsLKS0x8\x2Fsso\x2Fsaml","isMobileSso":false,"orgSyncToAccountChooserEnabled":true,"fromUri":"","isMobileClientLogin":false,"requestContext":{"app":{"type":"object","value":{"name":"dell_connsfdc_1","label":"Conn_SFDC","id":"0oa1e37uzhzNAziHD0x8"}},"authentication":{"request":{},"protocol":{},"client":{"name":"dell_connsfdc_1","label":"Conn_SFDC","id":"0oa1e37uzhzNAziHD0x8"},"type":"object","value":{"request":{},"protocol":{}}},"target":{"clientId":"0oa1e37uzhzNAziHD0x8","name":"dell_connsfdc_1","label":"Conn_SFDC"}},"countryIso":"DE","inactiveTab":{"elementId":"inactive\x2Dtab\x2Dmain\x2Ddiv","avoidPageRefresh":true,"enabled":true},"signIn":{"logoText":"myaccess.dell.com\x20logo","brandName":"myaccess.dell.com","language":"en","consent":{"cancel":function(){window.location.href='https\x3A\x2F\x2Fmyaccess.dell.com\x2Flogin\x2Fstep\x2Dup\x2Fredirect\x3FstateToken\x3D02.id.DaInuEYzJE1bFt\x2DGyzq4A7SYHx1_gXS4sqxvh3xg';}},"i18n":{"en":{"mfa.challenge.password.placeholder":"Password","help":"Help","password.forgot.email.or.username.tooltip":"Email\x20or\x20Username","needhelp":"Need\x20help\x20signing\x20in\x3F","primaryauth.username.placeholder":"Email","password.forgot.email.or.username.placeholder":"Email\x20or\x20Username","account.unlock.email.or.username.tooltip":"Email\x20or\x20Username","unlockaccount":"Unlock\x20account\x3F","account.unlock.email.or.username.placeholder":"Email\x20or\x20Username","primaryauth.password.placeholder":"Password","primaryauth.title":"Sign\x20In","forgotpassword":"Forgot\x20password\x3F"}},"features":{"isBotProtectionEnabled":false,"hideSignOutLinkInMFA":false,"emailRecovery":true,"deviceFingerprinting":true,"showIdentifier":true,"consent":true,"useDeviceFingerprintForSecurityImage":true,"customExpiredPassword":true,"router":true,"showPasswordToggleOnSignInPage":true,"securityImage":true,"autoPush":true,"smsRecovery":false,"idpDiscovery":false,"selfServiceUnlock":false,"webauthn":true,"passwordlessAuth":true,"showPasswordRequirementsAsHtmlList":true,"registration":false,"rememberMe":true,"callRecovery":false,"multiOptionalFactorEnroll":true},"baseUrl":"https\x3A\x2F\x2Fmyaccess.dell.com","assets":{"baseUrl":"https\x3A\x2F\x2Fmyaccess.dell.com\x2Fassets\x2Fjs\x2Fsdk\x2Fokta\x2Dsignin\x2Dwidget\x2F7.39.2"},"customButtons":[],"idpDiscovery":{"requestContext":""},"logo":"https\x3A\x2F\x2Fmyaccess.dell.com\x2Ffs\x2Fbco\x2F1\x2Ffs01ap75crlXC4vJA0x8","stateToken":"02.id.DaInuEYzJE1bFt\x2DGyzq4A7SYHx1_gXS4sqxvh3xg","helpLinks":{"help":"","forgotPassword":"https\x3A\x2F\x2Fdell.identitynow.com\x2Fr\x2Fdefault\x2Fpassword\x2Dmanagement","unlock":"","custom":[]},"piv":{}},"accountChooserDiscoveryUrl":"https\x3A\x2F\x2Flogin.okta.com\x2Fdiscovery\x2Fiframe.html"};

  var runLoginPage = function(fn) {
    var mainScript = document.createElement('script');
    mainScript.src = "https://myaccess.dell.com/assets/js/mvc/loginpage/initLoginPage.pack.e1e7930824833f9ea2fd541f78dd54a6.js";
    mainScript.integrity = "sha384-axkHs7zz0AKFIZDQ5tAg2B9795eiZDSxhPciNksHPfi+A48NqjMHl8CCRlTUND6z";
    mainScript.crossOrigin = "anonymous";
    document.getElementsByTagName('head')[0].appendChild(mainScript);
    fn && mainScript.addEventListener('load', function () { setTimeout(fn, 1) });
  };

  var OktaUtil = {
    _addClass: function(el, className) {
      if(el) {
        var elementClasses = el.className.split(" ");
        if (elementClasses.indexOf(className) == -1) {
          el.className += " " + className;
        }
      }
    },

    _removeElement: function(el) {
      if(el) {
        el.parentNode.removeChild(el);
      }
    },

    _hideElement: function(el) {
      if(el) {
        el.style.display = 'none';
      }
    },

    _isDocumentVisible: function() {
      return document.visibilityState === 'visible';
    },

    addLoginContainerClass: function () {
      this._addClass(document.getElementById('okta-login-container'), 'login-container');
    },

    showUnsupportedCookieWarning: function () {
      document.getElementById('okta-sign-in').removeAttribute('style');
      document.getElementById('unsupported-cookie').removeAttribute('style');
    },

    removeUnsupportedCookieWarning: function () {
      this._removeElement(document.getElementById('okta-sign-in'));
    },

    hideOktaLoginContainer: function () {
      this._hideElement(document.getElementById('okta-login-container'));
    },

    isChromeOs:  function () {
      return /\bCrOS\b/.test(navigator.userAgent);
    },

    addChromeOSScript: function() {
      var chromeOSScript = document.createElement('script');
      chromeOSScript.src = "/js/google/users-1.0.js";
      document.getElementsByTagName('head')[0].appendChild(chromeOSScript);
    },

    getSignInWidgetConfig: function () {
        if (oktaData.inactiveTab && oktaData.inactiveTab.enabled && !this._isDocumentVisible() && !oktaData.inactiveTab.avoidPageRefresh) {
            // Show a loading state and wait for the visibility event
            this.hideOktaLoginContainer();
            // remove stateToken so SIW does not attempt a login flow
            oktaData.signIn.stateToken = undefined;
        }
        return oktaData.signIn;
    },

    completeLogin: function (res) {
      signInSuccessCallBackFunction(res);
    },

    getRequestContext: function () {
      return oktaData.requestContext;
    },

    setRedirectUri: function (uri) {
      oktaData.redirectUri = uri;
    },

    init: function () {
      if (!navigator.cookieEnabled) {
        this.showUnsupportedCookieWarning();
        this.hideOktaLoginContainer();
      } else {
        this.removeUnsupportedCookieWarning();

        if (oktaData.inactiveTab && oktaData.inactiveTab.enabled && !this._isDocumentVisible()) {
          try {
            oktaData.inactiveTab.renderFnBackup = OktaSignIn.prototype.renderEl;
          } catch (err) {
            // no op - graceful handling OktaSignIn undefined case
          }

          // pause render sign-in widget when browser tab is inactive
          if (!oktaData.inactiveTab.renderFnBackup) {
            // for older SIW, renderFnBackup is undefined, fallback to full page reload
            oktaData.inactiveTab.fallbackFullPageReload = true;
            // Show a loading state and wait for the visibility event
            this.hideOktaLoginContainer();
            // remove stateToken so SIW does not attempt a login flow
            oktaData.signIn.stateToken = undefined;
          } else {
            // for newer SIW, override renderEl function so SIW does not attempt a login flow
            OktaSignIn.prototype.renderEl = function () {
              oktaData.inactiveTab.renderArgsBackup = arguments;
              oktaData.inactiveTab.signInInstance = this;
              try {
                return new Promise(function (resolve, reject) {
                  oktaData.inactiveTab.renderResolve = resolve;
                  oktaData.inactiveTab.renderReject = reject;
                });
              } catch (err) {
                // return nothing if promise is not supported, since promise chaining won't work anyway
              }
            }
          }

          // event handler to resume render sign-in widget
          document.addEventListener('visibilitychange', function checkVisibilityAndCallSuccess() {
            if (document.visibilityState === 'visible') {
              try {
                document.removeEventListener('visibilitychange', checkVisibilityAndCallSuccess);
                const inactiveTabDiv = document.getElementById(oktaData.inactiveTab.elementId);
                inactiveTabDiv.style.display = 'none';

                // resume render sign-in widget
                if (oktaData.inactiveTab.renderFnBackup && oktaData.inactiveTab.renderArgsBackup) {
                  OktaSignIn.prototype.renderEl = oktaData.inactiveTab.renderFnBackup;
                  var result = oktaData.inactiveTab.signInInstance.renderEl.apply(oktaData.inactiveTab.signInInstance, oktaData.inactiveTab.renderArgsBackup);
                  if (result && result.then) {
                    result.then(oktaData.inactiveTab.renderResolve, oktaData.inactiveTab.renderReject);
                  }
                }
              } catch (err) {
                oktaData.inactiveTab.fallbackFullPageReload = true;
              }
              if (oktaData.inactiveTab.fallbackFullPageReload) {
                location.reload();
              }
            }
          });
        }

        // add class if app login banner is present
        if (oktaData.isAppBannerVisible) {
          this.addLoginContainerClass();
        }

        oktaData.isCustomSignIn = true;
        oktaData.hasChromeOSFeature = this.isChromeOs();
        if (oktaData.hasChromeOSFeature) {
          this.addChromeOSScript();
        }
        runLoginPage(function () {
          var res = OktaLogin.initLoginPage(oktaData);
          oktaData.signIn = res.signIn;
          signInSuccessCallBackFunction = res.signInSuccessCallbackFn;

        });
      }
    }
  };
  OktaUtil.init();
  //# sourceURL=OktaUtil.js




            // Default widget configuration
            var config = OktaUtil.getSignInWidgetConfig();

            // Current Domain
            const oktaTenantDomain = window.location.origin;

            // Use this IdP to "Probe" Entra
            /////////// Change this to your Entra IdP ID ///////////
             const idpId = '0oa1d8uo1wbFzoggd0x8'; // Prod - 0oa1d8uo1wbFzoggd0x8
            ///////////////////////////////////////////////////////
            var iframeSrcUrl = oktaTenantDomain + '/sso/idps/' + idpId; // The URL to load in the iframe for IdP redirection


            var probeEntra = true; // set to false to disable the iframe probing logic
            var widgetRendering = false; // track if widget is rendering in (this window)
            var cspViolationDetected = false; // track if CSP violation occurred

            // Start the initialization of Widget... so we can use functions
            var oktaSignIn = new OktaSignIn(config);

            // Add CSP violation listener
            // document.addEventListener('securitypolicyviolation', function(e) {
            //     console.warn('CSP Violation detected:', e.violatedDirective, 'blocked URI:', e.blockedURI);
            //     if (e.blockedURI && e.blockedURI.includes('/sso/idps/')) {
            //         console.log('CSP violation for iframe probe detected, falling back to sign-in widget.');
            //         cspViolationDetected = true;
            //         my_renderWidget(original_stateToken);
            //     }
            // });

            // Ensure stateToken is preserved and accessible when probing is complete
            var original_stateToken = (typeof oktaData !== 'undefined' && oktaData.signIn && oktaData.signIn.stateToken)
                ? oktaData.signIn.stateToken
                : null;

            // Function to POST stateToken to the IdP URL in an iframe ()
            function postStateTokenToIframe(url, stateToken, iframe) {
                var form = document.createElement('form');
                form.method = 'POST';
                form.action = url;
                form.target = iframe.name;
                form.style.display = 'none';

                var input = document.createElement('input');
                input.type = 'hidden';
                input.name = 'stateToken';
                input.value = stateToken;
                form.appendChild(input);

                document.body.appendChild(form);
                form.submit();
                form.remove();
            }

            // Function to check for IE Compatibility Mode - "Compatibility mode" in IE refers to a mode where the browser emulates an older version of Internet Explorer, which can affect rendering and JavaScript behavior.
            function isIEInCompatibilityMode() {
                // Only IE has document.documentMode
                if (typeof document.documentMode === "number") {
                    let actualIEVersion = null;
                    const ua = navigator.userAgent;

                    const msieMatch = /MSIE (\d+)/.exec(ua);
                    if (msieMatch) { // IE <= 10
                        actualIEVersion = parseInt(msieMatch[1], 10);
                    } else if (/Trident\/7\.0/.test(ua)) { // IE 11 always reports Trident/7.0
                        actualIEVersion = 11;
                    } else { // Fallback: trust documentMode if nothing else matched
                        actualIEVersion = document.documentMode;
                    }

                    // Compatibility mode check:
                    return (typeof actualIEVersion === "number" && !isNaN(actualIEVersion)) 
                        ? document.documentMode < actualIEVersion 
                        : false;
                }

                // Non-IE browsers will just return false
                return false;
            }

            // Function to Remove the "notification-container" message
            function removeNotificationContainer() {
                const notificationContainer = document.getElementById('notification-container');
                if (notificationContainer) {
                    notificationContainer.innerHTML = '';
                }
            }

            // Function to render the widget (with/without stateToken)
            function my_renderWidget(stateToken) {
                if (widgetRendering) {
                    console.log('Widget is already rendering, skipping duplicate call.');
                    return;
                }
                widgetRendering = true; // Set flag to indicate rendering has started prevent multiple 
                removeNotificationContainer();

                if (stateToken) {
                    console.log('Rendering widget with stateToken.');
                    oktaSignIn.renderEl(
                        { el: '#okta-login-container', stateToken: stateToken },
                        OktaUtil.completeLogin,
                        function (error) {
                            console.log(error.message, error);
                        }
                    );
                } else {
                    console.log('Rendering widget without stateToken.');
                    oktaSignIn.renderEl(
                        { el: '#okta-login-container' },
                        OktaUtil.completeLogin,
                        function (error) {
                            console.log(error.message, error);
                        }
                    );
                }
            }

            // Check if there is already a session... if so, no need to probe & load the widget directly (Faster)
            oktaSignIn.authClient.session.exists()
            .then(function (exists) {
                if (exists) {
                    console.log('User has an active session.');
                    my_renderWidget(); // Render widget directly
                } else {} // No active session continue with probing logic
            });

            // Check if this page is loaded in an iframe with id 'entraframeid'
            let isInEntraIframe = false;
            try {
                if (window.self !== window.top && window.frameElement && window.frameElement.id === 'entraframeid') {
                    isInEntraIframe = true;
                }
            } catch (e) { } // Cross-origin, cannot access frameElement

            // regex to detect Condition of "inbound SAML" (i.e. //sso/saml2/ 
            const saml2FlowRegex = new RegExp( '^' + window.location.origin.replace(/[.*+?^${}()|[\]\\]/g, '\\$&') +
                '/sso/saml2/[^/]+/?$' );

            // regex to detect Condition of "Activation Flow" Condition (i.e. {currentDomain}/tokens/{AlphaNumeric}/verify)
            const domainTokensVerifyRegex = new RegExp( '^' + window.location.origin.replace(/[.*+?^${}()|[\]\\]/g, '\\$&') +
                '/tokens/[^/]+/verify/?$' );

            // Check for Pass-through conditions... These cases do not require probing/SiW intervention
            const passThroughConditions = [
                domainTokensVerifyRegex.test(window.location.href),  // Activation Flow
                window.location.href.includes("agentlessDsso/auth"),  // AD Agent Flow
                window.location.href.includes("login/agentlessDsso/idx"),  // AD Agent Flow
                window.location.href.includes("/reset_password/"),  // Password Reset Flow
                window.location.href.includes("/activate"),  // Activation Flow
                saml2FlowRegex.test(window.location.href)  // Inbound SAML Flow
            ];

            if (passThroughConditions.some(Boolean)) { 
                // no need to invoke custom probing logic, just Load the widget
                my_renderWidget(original_stateToken);

            } else if (window.location.href.includes("/callback")) { // this is the inbound federation (OIDC) callback
                // Callback: Decide if we are going to leave the widget rendering to the parent window that initiated the OIDC request
                if (isInEntraIframe) {
                    console.log('Callback Inside Entra iframe.');
                    // Remove the background image (in iframe)
                    document.body.style.backgroundImage = 'none';
                } else { // noiframe... Load the widget
                    my_renderWidget();
                }

            } else if (probeEntra) { // Normal Sign-In Flow - we will probe Entra via iframe
                // Check for IE Compatibility Mode, append the form to body if true
                // NOTE: this will likely be the long-term UX when this is productized (remove all path conditions)
                if ( isIEInCompatibilityMode()) {
                    console.log('Internet Explorer is running in Compatibility Mode.');
                    // post stateToken to self (no iframe), create a form and submit it
                    let hiddenForm = document.createElement('form');
                    hiddenForm.method = 'POST';
                    hiddenForm.action = iframeSrcUrl;

                    let stateTokenInput = document.createElement('input');
                    stateTokenInput.type = 'hidden';
                    stateTokenInput.name = 'stateToken';
                    stateTokenInput.value = original_stateToken;
                    hiddenForm.appendChild(stateTokenInput);
                    document.body.appendChild(hiddenForm);
                    hiddenForm.submit();

                } else {
                    // not in compatibility mode/Any other browser, proceed with iframe probing
                    window.onload = function () {
                        console.log('Loading Entra probe in iframe.');
                        
                        // Set timeout fallback in case iframe fails to load due to CSP or other issues
                        let iframeTimeout = setTimeout(function() {
                            if (!cspViolationDetected && !widgetRendering) {
                                console.log('Iframe probe timeout reached, falling back to sign-in widget.');
                                my_renderWidget(original_stateToken);
                            }
                        }, 5000); // 5 second timeout
                        
                        // Create iframe Debug
                        let iframe = document.createElement('iframe');
                        iframe.id = 'entraframeid';
                        iframe.name = 'entraframeid';
                        iframe.style.width = '1px';
                        iframe.style.height = '1px';
                        
                        // Add error handler for iframe
                        iframe.onerror = function(error) {
                            console.warn('Iframe error detected:', error);
                            clearTimeout(iframeTimeout);
                            if (!cspViolationDetected && !widgetRendering) {
                                console.log('Iframe failed to load, falling back to sign-in widget.');
                                my_renderWidget(original_stateToken);
                            }
                        };
                        
                        document.body.appendChild(iframe);

                        // POST stateToken to iframe - to ensure the auth flow persists.
                        try {
                            postStateTokenToIframe(iframeSrcUrl, original_stateToken, iframe);
                        } catch (e) {
                            console.warn('Error posting to iframe:', e);
                            clearTimeout(iframeTimeout);
                            if (!cspViolationDetected && !widgetRendering) {
                                console.log('Failed to post to iframe, falling back to sign-in widget.');
                                my_renderWidget(original_stateToken);
                            }
                        }

                        // Track and log iframe URI changes
                        let lastIframeSrc = null;
                        iframe.onload = function () {
                            // Clear timeout since iframe loaded successfully
                            clearTimeout(iframeTimeout);
                            
                            try {
                                const newIframeSrc = iframe.contentWindow.location.href;
                                if (newIframeSrc !== lastIframeSrc) { // Detecting changes
                                    console.log('Iframe URI changed:', newIframeSrc);
                                    lastIframeSrc = newIframeSrc;
                                }
                                // If we can access, check for OIDC callback
                                const urlParams = new URLSearchParams(new URL(newIframeSrc).search);
                                // Device Check SUCCESS/FAIL... show status
                                if ( newIframeSrc.includes('/oauth2/v1/authorize/callback') && urlParams.get('code')) {
                                    console.log('OIDC callback detected in iframe, continue the authflow.');
                                    my_renderWidget(original_stateToken);
                                } else if ( newIframeSrc.includes('/oauth2/v1/authorize/callback') && urlParams.get('error')) {
                                    const error = urlParams.get('error');
                                    console.log('OIDC callback detected in iframe - ' + (error || '') + ', continue the authflow.');
                                    my_renderWidget(original_stateToken);
                                }

                            } catch (e) {
                                // Cross-origin, cannot access - this is expected behavior
                                console.warn('Could not access iframe contentWindow:', e);
                                // If we can't access after a reasonable time, fall back to widget
                                if (!cspViolationDetected && !widgetRendering) {
                                    setTimeout(function() {
                                        if (!widgetRendering) {
                                            console.log('Cross-origin iframe access timeout, falling back to sign-in widget.');
                                            my_renderWidget(original_stateToken);
                                        }
                                    }, 3000); // 3 second delay for cross-origin fallback
                                }
                            }
                        };

                        // Attach a load event to the iframe to detect error pages
                        function onIframeLoad() {
                            try {
                                // Try to access the iframe's document
                                var doc = iframe.contentDocument || iframe.contentWindow.document;
                                
                                // Enhanced  error detection for 400 Bad Request
                                if (doc && doc.body) {
                                    var bodyText = doc.body.innerText || doc.body.textContent || '';
                                    var hasErrorCode = doc.querySelector('.error-code') && doc.querySelector('.error-code').textContent === '400';
                                    var hasBadRequest = /400|Bad Request/i.test(bodyText);
                                    
                                    if (hasErrorCode || hasBadRequest ) {
                                        console.warn('POST to iframe returned a 400 Bad Request');
                                        
                                        // Clear any existing timeouts
                                        if (typeof iframeTimeout !== 'undefined') {
                                            clearTimeout(iframeTimeout);
                                        }
                                        
                                        // Fallback to sign-in widget without stateToken since the current one is invalid
                                            my_renderWidget(null); // Pass null instead of original_stateToken
                                    }
                                }
                            } catch (e) {
                                // Cross-origin, cannot access - this is expected behavior
                                console.log('Cannot access iframe document (cross-origin):', e.message);
                            }
                            iframe.removeEventListener('load', onIframeLoad);
                        }
                        iframe.addEventListener('load', onIframeLoad);
                    };

                    // now we need to wait to see if we get message from iframe
                    const myIframeElement = document.getElementById('entraframeid'); // Get a reference to the iframe element
                    let currentUrl = window.location.href;

                    // Get the current URL's query string
                    const queryString = window.location.search;

                    // Create a URLSearchParams object from the query string
                    const urlParams = new URLSearchParams(queryString);
                }
            } else { //end the probing condition
                // New Condition found... 
                console.log('Potential New Condition Discovered in URL...');
                console.log(window.location.href);
                // TODO: append h2 with id "notification-container-message"
            }
        

HSTS

✅ Low Risk - https://dellservices.file.force.com

Requests	IP Address	Location	AS Autonomous System
10	108.138.7.107	Sweden	AS8075
8	35.158.127.51	Sweden	AS16509
8	35.71.168.214	Seattle, Washington, United States	AS16509Amazon.com, Inc.
8	40.126.32.140	Sweden	Unknown
34	4	-	-

Security Scan Report: dellservices.file.force.com

Summary

AI Security Verdict

Safe Website

Safety Factors

Details

Screenshot

Page Load Overview

Language Analysis

Primary Language

Detection Details

Website Classification

Primary Category

All Detected Categories

Detected Features

Domain & IP Information

Detected Technologies1

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

ssdeep (Context Triggered Piecewise Hashing)

sdhash (Similarity Digest Hashing)

Image Hashes

Perceptual Hashes

Other Hashes

Scan History