urlscan.io logo urlscan.io
SecurityTrails logo

portal.merzusa.com Open in urlscan Pro
35.158.127.53  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://portal.merzusa.com/
Effective URL: https://portal.merzusa.com/s/login/?language=en_US&ec=302&startURL=%2Fs%2F
Submission: On October 14 via manual from NL — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 5 domains to perform 30 HTTP transactions. The main IP is 35.158.127.53, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is portal.merzusa.com.
TLS certificate: Issued by Trusted Secure Certificate Authority DV on February 5th 2024. Valid for: a year.
This is the only time portal.merzusa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 20 35.158.127.53 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 92.123.148.55 16625 (AKAMAI-AS)
2 2600:9000:266... 16509 (AMAZON-02)
1 2600:9000:266... 16509 (AMAZON-02)
2 18.245.31.100 16509 (AMAZON-02)
1 76.223.2.241 16509 (AMAZON-02)
30 8
20    35.158.127.53 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-127-53.eu-central-1.compute.amazonaws.com
portal.merzusa.com
2    2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    92.123.148.55 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-148-55.deploy.static.akamaitechnologies.com
cdn.walkme.com
2    2600:9000:266e:4e00:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.osano.com
1    2600:9000:266e:8e00:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.osano.com
2    18.245.31.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-100.fra56.r.cloudfront.net
cmp.osano.com
1    76.223.2.241 (United States)

ASN16509 (AMAZON-02, US)
PTR: a9eb9e878755d69b5.awsglobalaccelerator.com
merz-public.okta-emea.com
Apex Domain
Subdomains		 Transfer
20 merzusa.com
portal.merzusa.com
3 MB
5 osano.com
cmp.osano.com — Cisco Umbrella Rank: 5278
62 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
157 KB
1 okta-emea.com
merz-public.okta-emea.com
1 walkme.com
cdn.walkme.com — Cisco Umbrella Rank: 1644
9 KB
30 5
Domain Requested by
20 portal.merzusa.com 3 redirects portal.merzusa.com
cmp.osano.com
5 cmp.osano.com portal.merzusa.com
cmp.osano.com
2 www.googletagmanager.com portal.merzusa.com
cmp.osano.com
1 merz-public.okta-emea.com portal.merzusa.com
1 cdn.walkme.com portal.merzusa.com
30 5

This site contains links to these domains. Also see Links.

Domain
www.merzusa.com
Subject Issuer Validity Valid
portal.merzusa.com
Trusted Secure Certificate Authority DV		 2024-02-05 -
2025-02-04		 a year crt.sh
*.google-analytics.com
WR2		 2024-09-24 -
2024-12-17		 3 months crt.sh
walkme.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-04 -
2024-12-03		 a year crt.sh
*.osano.com
Amazon RSA 2048 M02		 2024-09-17 -
2025-10-16		 a year crt.sh
*.okta-emea.com
DigiCert SHA2 High Assurance Server CA		 2024-03-13 -
2025-04-13		 a year crt.sh

This page contains 2 frames:

Primary Page: https://portal.merzusa.com/s/login/?language=en_US&ec=302&startURL=%2Fs%2F
Frame ID: 8379F3E7CD8BB515613F342DED6C63FD
Requests: 28 HTTP requests in this frame

Frame: https://cmp.osano.com/
Frame ID: 5E7D039741BEBF14566DE9DC8B8CDCF0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login

Page URL History Show full URLs

  1. https://portal.merzusa.com/ HTTP 301
    https://portal.merzusa.com/s/ Page URL
  2. https://portal.merzusa.com/s/login?ec=302&startURL=%2Fs%2F HTTP 302
    https://portal.merzusa.com/s/login/?ec=302&startURL=%2Fs%2F HTTP 301
    https://portal.merzusa.com/s/login/?language=en_US&ec=302&startURL=%2Fs%2F Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtag/js

Page Statistics

30
Requests

87 %
HTTPS

43 %
IPv6

5
Domains

5
Subdomains

8
IPs

2
Countries

3189 kB
Transfer

9942 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://portal.merzusa.com/ HTTP 301
    https://portal.merzusa.com/s/ Page URL
  2. https://portal.merzusa.com/s/login?ec=302&startURL=%2Fs%2F HTTP 302
    https://portal.merzusa.com/s/login/?ec=302&startURL=%2Fs%2F HTTP 301
    https://portal.merzusa.com/s/login/?language=en_US&ec=302&startURL=%2Fs%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://portal.merzusa.com/ HTTP 301
  • https://portal.merzusa.com/s/

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
portal.merzusa.com/s/
Redirect Chain
  • https://portal.merzusa.com/
  • https://portal.merzusa.com/s/
1 KB
868 B 		Document
General
Check archive.org
Download Go to
Full URL
https://portal.merzusa.com/s/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.158.127.53 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-127-53.eu-central-1.compute.amazonaws.com
Software
sfdcedge /
Resource Hash
aa4890472116138af42ba619c2141a255eafb4673665b594f00bdaf1eb59f5c2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
must-revalidate,no-cache,no-store
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Mon, 14 Oct 2024 10:44:17 GMT
referrer-policy
origin-when-cross-origin
server
sfdcedge
strict-transport-security
max-age=63072000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-request-id
dac12f0790cdbcf30601fddf90d42931
x-sfdc-request-id
dac12f0790cdbcf30601fddf90d42931

Redirect headers

cache-control
no-cache,must-revalidate,max-age=0,no-store,private
content-length
0
content-security-policy
upgrade-insecure-requests
date
Mon, 14 Oct 2024 10:44:17 GMT
location
https://portal.merzusa.com/s/
referrer-policy
origin-when-cross-origin
server
sfdcedge
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
x-request-id
2098c3109205f1802e216445a2abface
x-sfdc-request-id
2098c3109205f1802e216445a2abface
Primary Request /
portal.merzusa.com/s/login/
Redirect Chain
  • https://portal.merzusa.com/s/login?ec=302&startURL=%2Fs%2F
  • https://portal.merzusa.com/s/login/?ec=302&startURL=%2Fs%2F
  • https://portal.merzusa.com/s/login/?language=en_US&ec=302&startURL=%2Fs%2F
250 KB
58 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://portal.merzusa.com/s/login/?language=en_US&ec=302&startURL=%2Fs%2F
Requested by
Host: portal.merzusa.com
URL: https://portal.merzusa.com/s/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.158.127.53 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-127-53.eu-central-1.compute.amazonaws.com
Software
sfdcedge /
Resource Hash
c3491b9489b8e21481e991fdae29e7d582f754960308cc9d01285bca649607bd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://portal.merzusa.com/s/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
no-cache,must-revalidate,max-age=0,no-store,private
content-encoding
gzip
content-security-policy
upgrade-insecure-requests frame-ancestors 'self'
content-type
text/html;charset=UTF-8
date
Mon, 14 Oct 2024 10:44:18 GMT
expires
Sun, 15 Oct 2023 10:44:18 GMT
last-modified
Sun, 15 Oct 2023 10:44:18 GMT
link
</s/sfsites/auraFW/javascript/ZzhjQmRxMXdrdzhvS0RJMG5qQVdxQTdEcXI0cnRHWU0zd2xrUnFaakQxNXc5LjMyMC4y/aura_prod.js>;rel=preload;as=script;nopush,</s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22dfs%22%3A%228%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22fwuid%22%3A%22ZzhjQmRxMXdrdzhvS0RJMG5qQVdxQTdEcXI0cnRHWU0zd2xrUnFaakQxNXc5LjMyMC4y%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AloginApp2%22%3A%221098_KsFSF1QPNxnBTzjlZGhuhA%22%7D%2C%22apce%22%3A1%2C%22apck%22%3A%22JHt0aW1lc3RhbXB9MDAwMDAwMDAwMDBlbl9VUw%22%2C%22mlr%22%3A1%2C%22pathPrefix%22%3A%22%22%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%22-386269907%22%7D/resources.js?pu=1&pv=17288688980001445203969&rv=1728679992000>;rel=preload;as=script;nopush,</s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22dfs%22%3A%228%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22serializationVersion%22%3A%221-9.320.2-b%22%2C%22parts%22%3A%22f%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AloginApp2%22%3A%221098_KsFSF1QPNxnBTzjlZGhuhA%22%7D%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%22-386269907%22%7D/app.js?3=>;rel=preload;as=script;nopush
referrer-policy
origin-when-cross-origin
server
sfdcedge
server-timing
Total;dur=219
strict-transport-security
max-age=63072000; includeSubDomains
timing-allow-origin
*
vary
Origin, Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-request-id
e421fd6b6117ade38d02f085efd1ee74
x-sfdc-request-id
e421fd6b6117ade38d02f085efd1ee74

Redirect headers

cache-control
no-cache,must-revalidate,max-age=0,no-store,private
content-security-policy
upgrade-insecure-requests
date
Mon, 14 Oct 2024 10:44:18 GMT
location
https://portal.merzusa.com/s/login/?language=en_US&ec=302&startURL=%2Fs%2F
referrer-policy
origin-when-cross-origin
server
sfdcedge
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
x-request-id
b95ceb2efa728177768605a28ea4fbc3
x-sfdc-request-id
b95ceb2efa728177768605a28ea4fbc3
aura_prod.js
portal.merzusa.com/s/sfsites/auraFW/javascript/ZzhjQmRxMXdrdzhvS0RJMG5qQVdxQTdEcXI0cnRHWU0zd2xrUnFaakQxNXc5LjMyMC4y/ 		859 KB
270 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.merzusa.com/s/sfsites/auraFW/javascript/ZzhjQmRxMXdrdzhvS0RJMG5qQVdxQTdEcXI0cnRHWU0zd2xrUnFaakQxNXc5LjMyMC4y/aura_prod.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.158.127.53 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-127-53.eu-central-1.compute.amazonaws.com
Software
sfdcedge /
Resource Hash
f9e558d323a71485b99bd6b49708a9b4475d6ec63ae5b883235c9be6f2ae4153
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://portal.merzusa.com/s/login/?language=en_US&ec=302&startURL=%2Fs%2F

Response headers

x-request-id
4f00881653710fe535ea66b444e7d202
access-control-expose-headers
Server-Timing
content-encoding
gzip
x-content-type-options
nosniff
server-timing
Total;dur=36
date
Mon, 14 Oct 2024 10:44:18 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Sun, 13 Oct 2024 10:44:18 GMT
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains
cache-control
public,max-age=31536000,immutable
x-sfdc-request-id
4f00881653710fe535ea66b444e7d202
timing-allow-origin
*
referrer-policy
origin-when-cross-origin
access-control-allow-origin
*
server
sfdcedge
resources.js
portal.merzusa.com/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22dfs%22%3A%228%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22fwuid%22%3A%22ZzhjQmRxMXdrdzhvS0RJMG5qQVdxQTdEcXI0cnRHWU0zd2xrUnFaakQx... 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.merzusa.com/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22dfs%22%3A%228%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22fwuid%22%3A%22ZzhjQmRxMXdrdzhvS0RJMG5qQVdxQTdEcXI0cnRHWU0zd2xrUnFaakQxNXc5LjMyMC4y%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AloginApp2%22%3A%221098_KsFSF1QPNxnBTzjlZGhuhA%22%7D%2C%22apce%22%3A1%2C%22apck%22%3A%22JHt0aW1lc3RhbXB9MDAwMDAwMDAwMDBlbl9VUw%22%2C%22mlr%22%3A1%2C%22pathPrefix%22%3A%22%22%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%22-386269907%22%7D/resources.js?pu=1&pv=17288688980001445203969&rv=1728679992000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.158.127.53 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-127-53.eu-central-1.compute.amazonaws.com
Software
sfdcedge /
Resource Hash
7a1df057eed61257893ccc816cf86442c077e325c3fb3ae52c13975b54c0f969
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://portal.merzusa.com/s/login/?language=en_US&ec=302&startURL=%2Fs%2F

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
x-request-id
c8a7666dd4d1260afacc22168fd07631
cache-control
public,max-age=31536000,immutable
x-sfdc-request-id
c8a7666dd4d1260afacc22168fd07631
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
access-control-allow-origin
*
date
Mon, 14 Oct 2024 10:44:18 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Sun, 13 Oct 2024 10:44:18 GMT
vary
Accept-Encoding
server
sfdcedge
app.js
portal.merzusa.com/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22dfs%22%3A%228%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22serializationVersion%22%3A%221-9.320.2-b%22%2C%22parts%22%3A%22f%22%2C... 		3 MB
599 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.merzusa.com/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22dfs%22%3A%228%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22serializationVersion%22%3A%221-9.320.2-b%22%2C%22parts%22%3A%22f%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AloginApp2%22%3A%221098_KsFSF1QPNxnBTzjlZGhuhA%22%7D%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%22-386269907%22%7D/app.js?3=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.158.127.53 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-127-53.eu-central-1.compute.amazonaws.com
Software
sfdcedge /
Resource Hash
f9dda1f2465082bc902a02dba548dbe7cfcc14655ebf36da12a5bc195a05eb5c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://portal.merzusa.com/s/login/?language=en_US&ec=302&startURL=%2Fs%2F

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
x-request-id
7a1ee704f80358024db326661b6417a6
cache-control
public,max-age=31536000,immutable
x-sfdc-request-id
7a1ee704f80358024db326661b6417a6
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
access-control-allow-origin
*
date
Mon, 14 Oct 2024 10:44:18 GMT
content-type
text/javascript;charset=UTF-8
vary
Accept-Encoding
server
sfdcedge
last-modified
Sun, 13 Oct 2024 10:44:18 GMT
js
www.googletagmanager.com/gtag/ 		316 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-0VBP00WSLZ
Requested by
Host: portal.merzusa.com
URL: https://portal.merzusa.com/s/login/?language=en_US&ec=302&startURL=%2Fs%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f5a204d933b9d3a70d04e4d8f06c373cd3ea895994dafd85ca3443f467029ade
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://portal.merzusa.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 14 Oct 2024 10:44:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 14 Oct 2024 10:44:18 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
107858
x-xss-protection
0
server
Google Tag Manager
walkme_1244b6dc8317464195c770b37a35434e_https.js
cdn.walkme.com/users/1244b6dc8317464195c770b37a35434e/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/users/1244b6dc8317464195c770b37a35434e/walkme_1244b6dc8317464195c770b37a35434e_https.js
Requested by
Host: portal.merzusa.com
URL: https://portal.merzusa.com/s/login/?language=en_US&ec=302&startURL=%2Fs%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.148.55 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-148-55.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0b10daae82d53b5c137cb53daf2b323b658be8e5c755611ceb3ad81dffc93b7f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://portal.merzusa.com/

Response headers

access-control-allow-private-network
true
content-encoding
gzip
etag
"979bb8d0ce4a24d1265822aa2f3bd8f7"
x-amz-version-id
PPCUT1ZBg6L4MbLjowVcV9k.0ilcLnlA
x-content-type-options
nosniff
date
Mon, 14 Oct 2024 10:44:18 GMT
last-modified
Fri, 10 May 2024 17:00:54 GMT
content-type
application/javascript
vary
Accept-Encoding
x-amz-id-2
EZGlB+648+j6uSf8O3iI3kQlbrh5JqQdFKj0Qjg2a5yJMXHO7Mef+hKccnNbcXdqR2ynPKAxLcE=
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
content-security-policy
upgrade-insecure-requests;
cache-control
max-age=86390
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
no-referrer-when-downgrade
x-amz-request-id
70RMQY3QNAZ19R33
accept-ranges
bytes
access-control-allow-origin
*
content-length
8806
x-xss-protection
1; mode=block
x-amz-server-side-encryption
AES256
osano.js
cmp.osano.com/16BiGsTigs3Z0CI52/3b8dee7f-d566-4d30-960e-0025c673a786/ 		128 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.osano.com/16BiGsTigs3Z0CI52/3b8dee7f-d566-4d30-960e-0025c673a786/osano.js
Requested by
Host: portal.merzusa.com
URL: https://portal.merzusa.com/s/login/?language=en_US&ec=302&startURL=%2Fs%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:4e00:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
90c3f8660363144263d7dca74e1239aadcecc7c1807dde2599ca5ff3cb3554f4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://portal.merzusa.com/

Response headers

content-encoding
br
etag
"9feb19f669518d3d2d3ac287af1a3224"
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
A_jAj28yRuLUd3Achbtr1-Vzj9L3N5obGj1PtkUrsVcIQZbthlu2sg==
date
Mon, 14 Oct 2024 10:44:18 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 07 Nov 2023 16:44:11 GMT
vary
Origin
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 b7c8b552077b93dc0acaa0b82d11fa62.cloudfront.net (CloudFront)
content-length
36096
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA56-P8
server
CloudFront
bootstrap.js
portal.merzusa.com/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22dfs%22%3A%228%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22fwuid%22%3A%22ZzhjQmRxMXdrdzhvS0RJMG5qQVdxQTdEcXI0cnRHWU0zd2xrUnFaakQx... 		651 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.merzusa.com/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22dfs%22%3A%228%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22fwuid%22%3A%22ZzhjQmRxMXdrdzhvS0RJMG5qQVdxQTdEcXI0cnRHWU0zd2xrUnFaakQxNXc5LjMyMC4y%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AloginApp2%22%3A%221098_KsFSF1QPNxnBTzjlZGhuhA%22%7D%2C%22apce%22%3A1%2C%22apck%22%3A%22JHt0aW1lc3RhbXB9MDAwMDAwMDAwMDBlbl9VUw%22%2C%22mlr%22%3A1%2C%22pathPrefix%22%3A%22%22%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%22-386269907%22%7D/bootstrap.js?aura.attributes=%7B%22ac%22%3A%22%22%2C%22authenticated%22%3A%22false%22%2C%22brandingSetId%22%3A%226b330e31-76ac-4d34-a87a-c8b5ac041437%22%2C%22formFactor%22%3A%22LARGE%22%2C%22isHybrid%22%3A%22false%22%2C%22language%22%3A%22en_US%22%2C%22pageId%22%3A%22e9ec8ddf-46d2-4263-b5e4-2ea3f416051f%22%2C%22publishedChangelistNum%22%3A%22252%22%2C%22schema%22%3A%22Published%22%2C%22themeLayoutType%22%3A%22yhaS1sNN5hzUk6QHeN9rwjrhN5AnvE%22%2C%22uds%22%3A%22false%22%2C%22viewType%22%3A%22Published%22%7D
Requested by
Host: portal.merzusa.com
URL: https://portal.merzusa.com/s/login/?language=en_US&ec=302&startURL=%2Fs%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.158.127.53 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-127-53.eu-central-1.compute.amazonaws.com
Software
sfdcedge /
Resource Hash
28448f8565ad5a553cd62d4becd2ff372fd8caa786bbe8d6ee0f867a94d48ec0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://portal.merzusa.com/s/login/?language=en_US&ec=302&startURL=%2Fs%2F

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
x-request-id
faf962bbe7b3fc3ed396baae6af0f0bb
cache-control
no-cache,must-revalidate,max-age=0,no-store,private
x-sfdc-request-id
faf962bbe7b3fc3ed396baae6af0f0bb
content-encoding
gzip
referrer-policy
origin-when-cross-origin
x-content-type-options
nosniff
expires
Sun, 15 Oct 2023 10:44:18 GMT
access-control-allow-origin
*
date
Mon, 14 Oct 2024 10:44:18 GMT
content-type
text/javascript;charset=UTF-8
vary
Accept-Encoding
server
sfdcedge
last-modified
Sun, 15 Oct 2023 10:44:18 GMT
382c85af-7b2c-42ac-be9a-bb8ad045f1f0
https://portal.merzusa.com/ Frame 		0
0
fonts.css
portal.merzusa.com/s/sfsites/runtimedownload/ 		140 KB
101 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.merzusa.com/s/sfsites/runtimedownload/fonts.css?lastMod=1636659932000&brandSet=6b330e31-76ac-4d34-a87a-c8b5ac041437
Requested by
Host: portal.merzusa.com
URL: https://portal.merzusa.com/s/login/?language=en_US&ec=302&startURL=%2Fs%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.158.127.53 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-127-53.eu-central-1.compute.amazonaws.com
Software
sfdcedge /
Resource Hash
c736890ff5524a5db3c3a5f7462f00f95dce7631868d4f66be9c91579b272df4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://portal.merzusa.com/s/login/?language=en_US&ec=302&startURL=%2Fs%2F

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
x-request-id
d31950c6de555ed3ea907bc7522dde15
cache-control
public,max-age=31536000
x-sfdc-request-id
d31950c6de555ed3ea907bc7522dde15
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
expires
Tue, 14 Oct 2025 10:44:18 GMT
date
Mon, 14 Oct 2024 10:44:18 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
server
sfdcedge
last-modified
Thu, 11 Nov 2021 19:45:32 GMT
0a1d95be-ced9-4227-881f-0ba1a16852d7
https://portal.merzusa.com/ Frame 		0
0
app.css
portal.merzusa.com/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22dfs%22%3A%228%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AloginApp2%2... 		1 MB
134 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.merzusa.com/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22dfs%22%3A%228%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AloginApp2%22%3A%221098_KsFSF1QPNxnBTzjlZGhuhA%22%7D%2C%22styleContext%22%3A%7B%22c%22%3A%22webkit%22%2C%22x%22%3A%5B%223%22%2C%22SLDS%22%2C%22isDesktop%22%5D%2C%22tokens%22%3A%5B%22markup%3A%2F%2Fforce%3AsldsTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AnapiliAuraTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AneutralTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AserializedTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AcommunityTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AauraDynamicTokens%22%5D%2C%22tuid%22%3A%22jR63CIe2NyhRxdB_mThLfw%22%2C%22cuid%22%3A1501576484%7D%2C%22pathPrefix%22%3A%22%22%7D/app.css?3=&aura.attributes=%7B%22ac%22%3A%22%22%2C%22authenticated%22%3A%22false%22%2C%22brandingSetId%22%3A%226b330e31-76ac-4d34-a87a-c8b5ac041437%22%2C%22formFactor%22%3A%22LARGE%22%2C%22isHybrid%22%3A%22false%22%2C%22language%22%3A%22en_US%22%2C%22pageId%22%3A%22e9ec8ddf-46d2-4263-b5e4-2ea3f416051f%22%2C%22publishedChangelistNum%22%3A%22252%22%2C%22schema%22%3A%22Published%22%2C%22themeLayoutType%22%3A%22yhaS1sNN5hzUk6QHeN9rwjrhN5AnvE%22%2C%22uds%22%3A%22false%22%2C%22viewType%22%3A%22Published%22%7D
Requested by
Host: portal.merzusa.com
URL: https://portal.merzusa.com/s/login/?language=en_US&ec=302&startURL=%2Fs%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.158.127.53 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-127-53.eu-central-1.compute.amazonaws.com
Software
sfdcedge /
Resource Hash
a6cffa9aeb9ee6b53cf9a22c3c8964756d1f9fe5832efbe2929c2c8ac2c5a5c6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://portal.merzusa.com/s/login/?language=en_US&ec=302&startURL=%2Fs%2F

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
x-request-id
6b779010051ada93535046cf7e854fe5
cache-control
public,max-age=31536000,immutable
x-sfdc-request-id
6b779010051ada93535046cf7e854fe5
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
access-control-allow-origin
*
date
Mon, 14 Oct 2024 10:44:19 GMT
content-type
text/css;charset=UTF-8
last-modified
Sun, 13 Oct 2024 10:44:19 GMT
vary
Accept-Encoding
server
sfdcedge
b3023c71-eb81-40a4-a404-7c60de6af2c5
https://portal.merzusa.com/ Frame 		0
0
b34377d3-af32-466a-82a2-cf2d68476495
https://portal.merzusa.com/ Frame 		0
0
/
cmp.osano.com/ Frame 5E7D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cmp.osano.com/
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16BiGsTigs3Z0CI52/3b8dee7f-d566-4d30-960e-0025c673a786/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:8e00:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://portal.merzusa.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age
72877
alt-svc
h3=":443"; ma=86400
content-encoding
gzip
content-type
text/html
date
Mon, 14 Oct 2024 01:35:06 GMT
etag
W/"a0cbc82c3c7bce3b368e2118b3cb29d3"
last-modified
Mon, 19 Aug 2024 22:15:10 GMT
referrer-policy
strict-origin-when-cross-origin
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding Origin
via
1.1 67cd7fbfa7b3b35b6217719b3f0167d2.cloudfront.net (CloudFront)
x-amz-cf-id
j_0AagGFE-OvaEszpiEVxIugwtZXxKiRtgB3IfJChJqrwXCvi17gGA==
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
x-amz-version-id
IV.sz0dqhMjQD06H4vRdCjcmpoMDLZ8n
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block
osano-ui.js
cmp.osano.com/16BiGsTigs3Z0CI52/3b8dee7f-d566-4d30-960e-0025c673a786/ 		98 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.osano.com/16BiGsTigs3Z0CI52/3b8dee7f-d566-4d30-960e-0025c673a786/osano-ui.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16BiGsTigs3Z0CI52/3b8dee7f-d566-4d30-960e-0025c673a786/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:4e00:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d56b11dec738d63faa1c437d1d773f326a3b29857356f0330bf874511de170c7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://portal.merzusa.com/

Response headers

content-encoding
br
x-amz-version-id
2DwRZvp_FK7Q_5gveCmc_3esP5NABnd9
etag
W/"dc566dfd1a288c7fb674c74de3978081"
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
YXRDBzPitgBwXoAp0JjItd8ph5D0y74NPceSqmjYxH5BZj0SQUC-FQ==
date
Mon, 14 Oct 2024 10:44:20 GMT
content-type
application/javascript
vary
Accept-Encoding, Origin
last-modified
Tue, 07 Nov 2023 16:44:04 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=86400, no-transform, public
referrer-policy
strict-origin-when-cross-origin
via
1.1 b7c8b552077b93dc0acaa0b82d11fa62.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA56-P8
server
AmazonS3
x-amz-server-side-encryption
AES256
nl.json
cmp.osano.com/16BiGsTigs3Z0CI52/3b8dee7f-d566-4d30-960e-0025c673a786/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.osano.com/16BiGsTigs3Z0CI52/3b8dee7f-d566-4d30-960e-0025c673a786/nl.json
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16BiGsTigs3Z0CI52/3b8dee7f-d566-4d30-960e-0025c673a786/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.245.31.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-100.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
104d118378f7b319f3d538d39805fb329b1c489209712464f687afcb7433eb12
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://portal.merzusa.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/json

Response headers

access-control-max-age
86400
content-encoding
br
etag
W/"0c1bdccae86a4c65a7b9a75713b01f44"
x-amz-version-id
2lFZLa45umeVIh88Q3_tEzjOW_rTI23z
access-control-allow-methods
GET
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
2HL_YPgUxMxEaxkp1F6aw00D4FkAjcPL4uu1u8hvZkN-E0CrphGaDQ==
date
Mon, 14 Oct 2024 10:44:20 GMT
content-type
application/json
vary
Accept-Encoding
last-modified
Tue, 07 Nov 2023 16:44:04 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=86400, no-transform, public
referrer-policy
strict-origin-when-cross-origin
via
1.1 04d30d89cfeb7f513dc1f5b2d3c605d2.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA56-P8
server
AmazonS3
x-amz-server-side-encryption
AES256
nl.json
cmp.osano.com/16BiGsTigs3Z0CI52/3b8dee7f-d566-4d30-960e-0025c673a786/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cmp.osano.com/16BiGsTigs3Z0CI52/3b8dee7f-d566-4d30-960e-0025c673a786/nl.json
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.245.31.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-100.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://portal.merzusa.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
content-length
0
date
Mon, 14 Oct 2024 10:44:20 GMT
referrer-policy
strict-origin-when-cross-origin
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
via
1.1 04d30d89cfeb7f513dc1f5b2d3c605d2.cloudfront.net (CloudFront)
x-amz-cf-id
20XGZfX84vAhF5MvWVa1GhBTRFyK6AG7Io96ZjtHm-x-2OSGIGv94g==
x-amz-cf-pop
FRA56-P8
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block
aura
portal.merzusa.com/s/sfsites/ 		551 KB
121 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://portal.merzusa.com/s/sfsites/aura?message=%7B%22actions%22%3A%5B%7B%22descriptor%22%3A%22serviceComponent%3A%2F%2Fui.comm.runtime.components.aura.components.siteforce.controller.PubliclyCacheableComponentLoaderController%2FACTION%24getPageComponent%22%2C%22callingDescriptor%22%3A%22UNKNOWN%22%2C%22params%22%3A%7B%22attributes%22%3A%7B%22viewId%22%3A%22dd22fc5c-a33b-495f-b1eb-3e717de7d8aa%22%2C%22routeType%22%3A%22login-home%22%2C%22themeLayoutType%22%3A%22yhaS1sNN5hzUk6QHeN9rwjrhN5AnvE%22%2C%22params%22%3A%7B%22language%22%3A%22%22%2C%22ec%22%3A%22%22%2C%22startURL%22%3A%22%22%2C%22viewid%22%3A%22ab35a552-023f-48ed-8519-64055e82cf3d%22%2C%22view_uddid%22%3A%22%22%2C%22entity_name%22%3A%22%22%2C%22audience_name%22%3A%22%22%2C%22picasso_id%22%3A%22%22%2C%22routeId%22%3A%22%22%7D%2C%22hasAttrVaringCmps%22%3Afalse%2C%22pageLoadType%22%3A%22STANDARD_PAGE_CONTENT%22%2C%22includeLayout%22%3Atrue%2C%22priority%22%3A%220%22%7D%2C%22publishedChangelistNum%22%3A252%2C%22brandingSetId%22%3A%226b330e31-76ac-4d34-a87a-c8b5ac041437%22%7D%7D%5D%7D&aura.context=%7B%22mode%22%3A%22PROD%22%2C%22fwuid%22%3A%22ZzhjQmRxMXdrdzhvS0RJMG5qQVdxQTdEcXI0cnRHWU0zd2xrUnFaakQxNXc5LjMyMC4y%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AloginApp2%22%3A%221098_KsFSF1QPNxnBTzjlZGhuhA%22%7D%2C%22apck%22%3A%22JHt0aW1lc3RhbXB9MDAwMDAwMDAwMDBlbl9VUw%22%2C%22uad%22%3Afalse%7D&aura.isAction=true
Requested by
Host: portal.merzusa.com
URL: https://portal.merzusa.com/s/sfsites/auraFW/javascript/ZzhjQmRxMXdrdzhvS0RJMG5qQVdxQTdEcXI0cnRHWU0zd2xrUnFaakQxNXc5LjMyMC4y/aura_prod.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.158.127.53 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-127-53.eu-central-1.compute.amazonaws.com
Software
sfdcedge /
Resource Hash
90d34e0acfb09e714a25d80b6f0d6ee7a321189b51ebecde95a6fa88e64166de
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

X-SFDC-Page-Scope-Id
03ddd38b-fafd-4ddf-8980-2b9d70b246dd
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://portal.merzusa.com/s/login/?language=en_US&ec=302&startURL=%2Fs%2F

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
x-request-id
a627bc36151c928dc71066ca3b5a2251
cache-control
public,max-age=1800
x-sfdc-request-id
a627bc36151c928dc71066ca3b5a2251
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
expires
Sun, 15 Oct 2023 10:44:19 GMT
access-control-allow-origin
*
date
Mon, 14 Oct 2024 10:44:19 GMT
content-type
application/json
last-modified
Sun, 13 Oct 2024 10:44:19 GMT
vary
Accept-Encoding
server
sfdcedge
HCP_Main.css
portal.merzusa.com/resource/1709793315000/HCP_Theme/ 		17 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.merzusa.com/resource/1709793315000/HCP_Theme/HCP_Main.css
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16BiGsTigs3Z0CI52/3b8dee7f-d566-4d30-960e-0025c673a786/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.158.127.53 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-127-53.eu-central-1.compute.amazonaws.com
Software
sfdcedge /
Resource Hash
18db511e0bca3b7612a94454d75f5a36d93812706cd0a6504bc58c6f6d076737
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://portal.merzusa.com/s/login/?language=en_US&ec=302&startURL=%2Fs%2F

Response headers

x-request-id
dd66c5f665868a196ca5474cf6d72884
content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 28 Nov 2024 10:44:19 GMT
p3p
CP="CUR OTR STA"
date
Mon, 14 Oct 2024 10:44:19 GMT
content-type
text/css
vary
Accept-Encoding
last-modified
Thu, 7 Mar 2024 06:35:15 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains
cache-control
public,max-age=3888000,immutable
x-sfdc-request-id
dd66c5f665868a196ca5474cf6d72884
referrer-policy
origin-when-cross-origin
content-length
3142
server
sfdcedge
js
www.googletagmanager.com/gtag/ 		135 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=373352313
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/16BiGsTigs3Z0CI52/3b8dee7f-d566-4d30-960e-0025c673a786/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6180951f62ce338e0ccf559e1f04c3a31e48f29cd6c9a17387b00dfda6e39439
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://portal.merzusa.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 14 Oct 2024 10:44:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 14 Oct 2024 10:44:19 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 14 Oct 2024 09:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
52506
x-xss-protection
0
server
Google Tag Manager
aura
portal.merzusa.com/s/sfsites/ 		1 MB
294 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://portal.merzusa.com/s/sfsites/aura?r=1&aura.Component.getComponentDef=1
Requested by
Host: portal.merzusa.com
URL: https://portal.merzusa.com/s/sfsites/auraFW/javascript/ZzhjQmRxMXdrdzhvS0RJMG5qQVdxQTdEcXI0cnRHWU0zd2xrUnFaakQxNXc5LjMyMC4y/aura_prod.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.158.127.53 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-127-53.eu-central-1.compute.amazonaws.com
Software
sfdcedge /
Resource Hash
84ee524b5a7c20eb39e5fcabb50d66dfbb3201c98da3d026a4d3713d3fda7906
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://portal.merzusa.com/s/login/?language=en_US&ec=302&startURL=%2Fs%2F
X-SFDC-Page-Scope-Id
03ddd38b-fafd-4ddf-8980-2b9d70b246dd
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
x-request-id
0ad49e042c8cbdc05666a15c4024b6cc
cache-control
no-cache,must-revalidate,max-age=0,no-store,private
x-sfdc-request-id
0ad49e042c8cbdc05666a15c4024b6cc
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
expires
Sun, 15 Oct 2023 10:44:19 GMT
date
Mon, 14 Oct 2024 10:44:19 GMT
content-type
application/json
last-modified
Sun, 15 Oct 2023 10:44:19 GMT
vary
Origin, Accept-Encoding
server
sfdcedge
merz_logo.png
portal.merzusa.com/resource/1709793315000/HCP_Theme/img/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.merzusa.com/resource/1709793315000/HCP_Theme/img/merz_logo.png
Requested by
Host: portal.merzusa.com
URL: https://portal.merzusa.com/s/login/?language=en_US&ec=302&startURL=%2Fs%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.158.127.53 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-127-53.eu-central-1.compute.amazonaws.com
Software
sfdcedge /
Resource Hash
e82615829fce24f3a484b4831be09c51192c21076b3988215e01de003db4fb77
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://portal.merzusa.com/s/login/?language=en_US&ec=302&startURL=%2Fs%2F

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
x-request-id
dec594d1719d1ce83abbca7f4fea3995
cache-control
public,max-age=3888000,immutable
x-sfdc-request-id
dec594d1719d1ce83abbca7f4fea3995
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
expires
Thu, 28 Nov 2024 10:44:19 GMT
content-length
25551
p3p
CP="CUR OTR STA"
date
Mon, 14 Oct 2024 10:44:19 GMT
content-type
image/png
last-modified
Thu, 7 Mar 2024 06:35:15 GMT
server
sfdcedge
x-frame-options
SAMEORIGIN
aura
portal.merzusa.com/s/sfsites/ 		13 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://portal.merzusa.com/s/sfsites/aura?r=2&other.HCP_Base.getLearningCommunity=1&other.HCP_Footer.getFooterSettings=1&ui-force-components-controllers-hostConfig.HostConfig.getConfigData=1
Requested by
Host: portal.merzusa.com
URL: https://portal.merzusa.com/s/sfsites/auraFW/javascript/ZzhjQmRxMXdrdzhvS0RJMG5qQVdxQTdEcXI0cnRHWU0zd2xrUnFaakQxNXc5LjMyMC4y/aura_prod.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.158.127.53 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-127-53.eu-central-1.compute.amazonaws.com
Software
sfdcedge /
Resource Hash
2e6d0e7f9bb4774ac273f3894f6201d96dd08977a06964640e8f73a7d73b3ca8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://portal.merzusa.com/s/login/?language=en_US&ec=302&startURL=%2Fs%2F
X-SFDC-Page-Scope-Id
03ddd38b-fafd-4ddf-8980-2b9d70b246dd
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
x-request-id
8b3cb8a18658dd5be21a730f3479e2b3
cache-control
no-cache,must-revalidate,max-age=0,no-store,private
timing-allow-origin
*
content-encoding
gzip
x-sfdc-request-id
8b3cb8a18658dd5be21a730f3479e2b3
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
expires
Sun, 15 Oct 2023 10:44:19 GMT
server-timing
Total;dur=98
date
Mon, 14 Oct 2024 10:44:19 GMT
content-type
application/json
last-modified
Sun, 15 Oct 2023 10:44:19 GMT
vary
Origin, Accept-Encoding
server
sfdcedge
login_body_background_image
portal.merzusa.com/resource/1617022234000/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.merzusa.com/resource/1617022234000/login_body_background_image
Requested by
Host: portal.merzusa.com
URL: https://portal.merzusa.com/s/login/?language=en_US&ec=302&startURL=%2Fs%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.158.127.53 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-127-53.eu-central-1.compute.amazonaws.com
Software
sfdcedge /
Resource Hash
659e72b0df7b1ff2fe6e124965f88d2da530b0dff646a32912b054b103faa922
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://portal.merzusa.com/s/login/?language=en_US&ec=302&startURL=%2Fs%2F

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
x-request-id
85a2abe46b9d12c96b9735818c7cbd9d
cache-control
public,max-age=3888000,immutable
x-sfdc-request-id
85a2abe46b9d12c96b9735818c7cbd9d
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
expires
Thu, 28 Nov 2024 10:44:19 GMT
p3p
CP="CUR OTR STA"
content-length
1098616
date
Mon, 14 Oct 2024 10:44:20 GMT
content-type
image/png
last-modified
Mon, 29 Mar 2021 12:50:34 GMT
server
sfdcedge
x-frame-options
SAMEORIGIN
truncated
/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2a354649f57a81405daccfd6b5785da5f73ba638f2db591992cb7b739dac3135

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://portal.merzusa.com
Referer
https://portal.merzusa.com/

Response headers

Content-Type
application/x-font-woff
truncated
/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a6a5d7cbfec632fa7463ebca7babf4b1971b785cd1a26b596d58b8a831001136

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://portal.merzusa.com
Referer
https://portal.merzusa.com/

Response headers

Content-Type
application/x-font-woff
truncated
/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
df7de1f609f36bc4f0b8c56c23ffd2dfaa78f3341e479b0a3a8a4c802f6acc80

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://portal.merzusa.com
Referer
https://portal.merzusa.com/

Response headers

Content-Type
application/x-font-woff
portal-logo.svg
portal.merzusa.com/resource/1709793315000/HCP_Theme/img/ 		40 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.merzusa.com/resource/1709793315000/HCP_Theme/img/portal-logo.svg
Requested by
Host: portal.merzusa.com
URL: https://portal.merzusa.com/s/login/?language=en_US&ec=302&startURL=%2Fs%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.158.127.53 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-127-53.eu-central-1.compute.amazonaws.com
Software
sfdcedge /
Resource Hash
2ad9a5860e833e603c600bd115763b7866ae01f4c05201e351b47df004f27c10
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://portal.merzusa.com/s/login/?language=en_US&ec=302&startURL=%2Fs%2F

Response headers

x-request-id
599b8a08c1e698a00b7e3fb6b71afd0c
content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 28 Nov 2024 10:44:19 GMT
p3p
CP="CUR OTR STA"
date
Mon, 14 Oct 2024 10:44:19 GMT
content-type
image/svg+xml
vary
Accept-Encoding
last-modified
Thu, 7 Mar 2024 06:35:15 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains
cache-control
public,max-age=3888000,immutable
x-sfdc-request-id
599b8a08c1e698a00b7e3fb6b71afd0c
referrer-policy
origin-when-cross-origin
content-length
28942
server
sfdcedge
me
merz-public.okta-emea.com/api/v1/sessions/ 		167 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://merz-public.okta-emea.com/api/v1/sessions/me
Requested by
Host: portal.merzusa.com
URL: https://portal.merzusa.com/s/sfsites/auraFW/javascript/ZzhjQmRxMXdrdzhvS0RJMG5qQVdxQTdEcXI0cnRHWU0zd2xrUnFaakQxNXc5LjMyMC4y/aura_prod.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.2.241 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a9eb9e878755d69b5.awsglobalaccelerator.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' merz-public.okta-emea.com *.oktacdn.com; connect-src 'self' merz-public.okta-emea.com merz-public-admin.okta-emea.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta-emea.com merz-public.kerberos.okta-emea.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' merz-public.okta-emea.com *.oktacdn.com; style-src 'unsafe-inline' 'self' merz-public.okta-emea.com *.oktacdn.com; frame-src 'self' merz-public.okta-emea.com merz-public-admin.okta-emea.com login.okta.com com-okta-authenticator:; img-src 'self' merz-public.okta-emea.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' merz-public.okta-emea.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://portal.merzusa.com/

Response headers

content-encoding
gzip
x-rate-limit-limit
750
x-content-type-options
nosniff
expires
0
p3p
CP="HONK"
date
Mon, 14 Oct 2024 10:44:20 GMT
x-rate-limit-remaining
749
content-type
application/json
vary
Accept-Encoding, Origin
x-okta-request-id
21a0516a208ad673ed2583ae40834ecd
strict-transport-security
max-age=315360000; includeSubDomains
content-security-policy
default-src 'self' merz-public.okta-emea.com *.oktacdn.com; connect-src 'self' merz-public.okta-emea.com merz-public-admin.okta-emea.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta-emea.com merz-public.kerberos.okta-emea.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' merz-public.okta-emea.com *.oktacdn.com; style-src 'unsafe-inline' 'self' merz-public.okta-emea.com *.oktacdn.com; frame-src 'self' merz-public.okta-emea.com merz-public-admin.okta-emea.com login.okta.com com-okta-authenticator:; img-src 'self' merz-public.okta-emea.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' merz-public.okta-emea.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
cache-control
no-cache, no-store
x-rate-limit-reset
1728902720
pragma
no-cache
accept-ch
Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
access-control-allow-origin
https://portal.merzusa.com
x-xss-protection
0
server
nginx
aura
portal.merzusa.com/s/sfsites/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://portal.merzusa.com/s/sfsites/aura?r=3&other.HCP_Login.retrieveAnnouncementMessage=2&ui-communities-components-aura-components-forceCommunity-richText.RichText.getParsedRichTextValue=1
Requested by
Host: portal.merzusa.com
URL: https://portal.merzusa.com/s/sfsites/auraFW/javascript/ZzhjQmRxMXdrdzhvS0RJMG5qQVdxQTdEcXI0cnRHWU0zd2xrUnFaakQxNXc5LjMyMC4y/aura_prod.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.158.127.53 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-127-53.eu-central-1.compute.amazonaws.com
Software
sfdcedge /
Resource Hash
6b787e4b5cb2d5d86d500fa36201ac2695202c7eae8577f50b9e6e183bdad33d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://portal.merzusa.com/s/login/?language=en_US&ec=302&startURL=%2Fs%2F
X-SFDC-Page-Scope-Id
03ddd38b-fafd-4ddf-8980-2b9d70b246dd
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
x-request-id
71ae1b9afe0008087236a07a528e44e4
cache-control
no-cache,must-revalidate,max-age=0,no-store,private
timing-allow-origin
*
content-encoding
gzip
x-sfdc-request-id
71ae1b9afe0008087236a07a528e44e4
referrer-policy
origin-when-cross-origin
x-content-type-options
nosniff
expires
Sun, 15 Oct 2023 10:44:20 GMT
server-timing
Total;dur=79
date
Mon, 14 Oct 2024 10:44:20 GMT
content-type
application/json
last-modified
Sun, 15 Oct 2023 10:44:20 GMT
vary
Origin, Accept-Encoding
server
sfdcedge
truncated
/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7321676b42f78a15ae4f423ec222b5f8d8e433000d2ae4b97804f8e60d9d51aa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://portal.merzusa.com
Referer
https://portal.merzusa.com/

Response headers

Content-Type
application/x-font-woff
favicon
portal.merzusa.com/file-asset/ 		8 KB
9 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://portal.merzusa.com/file-asset/favicon?v=1.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.158.127.53 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-127-53.eu-central-1.compute.amazonaws.com
Software
sfdcedge /
Resource Hash
84509d6cf8fbfa7c47c41e4c0956c51877c01e7a18035dc32bfcd42b5735e058
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://portal.merzusa.com/s/login/?language=en_US&ec=302&startURL=%2Fs%2F

Response headers

x-request-id
91ae1bb04f0b9fbbf274c21fa92a498d
x-content-type-options
nosniff
expires
Thu, 28 Nov 2024 10:44:20 GMT
p3p
CP="CUR OTR STA"
date
Mon, 14 Oct 2024 10:44:20 GMT
content-type
image/png
last-modified
Sat, 15 Apr 2023 02:02:38 GMT
content-disposition
attachment; filename="favicon.png"; filename*=utf-8''favicon.png
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains
cache-control
public,max-age=3888000
x-sfdc-request-id
91ae1bb04f0b9fbbf274c21fa92a498d
referrer-policy
origin-when-cross-origin
access-control-allow-origin
*
content-length
8474
server
sfdcedge

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
portal.merzusa.com
URL
blob:https://portal.merzusa.com/382c85af-7b2c-42ac-be9a-bb8ad045f1f0
Domain
portal.merzusa.com
URL
blob:https://portal.merzusa.com/0a1d95be-ced9-4227-881f-0ba1a16852d7
Domain
portal.merzusa.com
URL
blob:https://portal.merzusa.com/b3023c71-eb81-40a4-a404-7c60de6af2c5
Domain
portal.merzusa.com
URL
blob:https://portal.merzusa.com/b34377d3-af32-466a-82a2-cf2d68476495

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| gtag object| dataLayer object| _walkmeConfig object| webpackChunk_osano_cmp_consent_manager function| Osano function| __uspapi object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| picassoSPA string| comm__attrVariationKey number| pageStartTime object| Aura object| AuraLocker object| AuraLockerDisabled object| $A object| aura object| _walkmeInternals object| wmSnippet function| fixedCallback function| DOMPurify function| Router object| litHtmlVersions

4 Cookies

Domain/Path Name / Value
portal.merzusa.com/s Name: renderCtx
Value: %7B%22pageId%22%3A%22e9ec8ddf-46d2-4263-b5e4-2ea3f416051f%22%2C%22schema%22%3A%22Published%22%2C%22viewType%22%3A%22Published%22%2C%22brandingSetId%22%3A%226b330e31-76ac-4d34-a87a-c8b5ac041437%22%2C%22audienceIds%22%3A%22%22%7D
portal.merzusa.com/ Name: CookieConsentPolicy
Value: 1:1
portal.merzusa.com/ Name: LSKey-c$CookieConsentPolicy
Value: 1:1
portal.merzusa.com/ Name: sfdc-stream
Value: !LTsKakYeeydGWGiP+NBshN2o08oVToin8piwzepSo3SE1FIMRrz1ldmbpIWv+AefdEdhcnIKZYgoQ/A=

3 Console Messages

Source Level URL
Text
recommendation verbose URL: https://portal.merzusa.com/s/login/?language=en_US&ec=302&startURL=%2Fs%2F
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
recommendation verbose URL: https://portal.merzusa.com/s/login/?language=en_US&ec=302&startURL=%2Fs%2F
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network error URL: https://merz-public.okta-emea.com/api/v1/sessions/me
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.walkme.com
cmp.osano.com
merz-public.okta-emea.com
portal.merzusa.com
www.googletagmanager.com
portal.merzusa.com
18.245.31.100
2600:9000:266e:4e00:3:b7e:8940:93a1
2600:9000:266e:8e00:3:b7e:8940:93a1
2a00:1450:4001:829::2008
35.158.127.53
76.223.2.241
92.123.148.55
0b10daae82d53b5c137cb53daf2b323b658be8e5c755611ceb3ad81dffc93b7f
104d118378f7b319f3d538d39805fb329b1c489209712464f687afcb7433eb12
18db511e0bca3b7612a94454d75f5a36d93812706cd0a6504bc58c6f6d076737
28448f8565ad5a553cd62d4becd2ff372fd8caa786bbe8d6ee0f867a94d48ec0
2a354649f57a81405daccfd6b5785da5f73ba638f2db591992cb7b739dac3135
2ad9a5860e833e603c600bd115763b7866ae01f4c05201e351b47df004f27c10
2e6d0e7f9bb4774ac273f3894f6201d96dd08977a06964640e8f73a7d73b3ca8
6180951f62ce338e0ccf559e1f04c3a31e48f29cd6c9a17387b00dfda6e39439
659e72b0df7b1ff2fe6e124965f88d2da530b0dff646a32912b054b103faa922
6b787e4b5cb2d5d86d500fa36201ac2695202c7eae8577f50b9e6e183bdad33d
7321676b42f78a15ae4f423ec222b5f8d8e433000d2ae4b97804f8e60d9d51aa
7a1df057eed61257893ccc816cf86442c077e325c3fb3ae52c13975b54c0f969
84509d6cf8fbfa7c47c41e4c0956c51877c01e7a18035dc32bfcd42b5735e058
84ee524b5a7c20eb39e5fcabb50d66dfbb3201c98da3d026a4d3713d3fda7906
90c3f8660363144263d7dca74e1239aadcecc7c1807dde2599ca5ff3cb3554f4
90d34e0acfb09e714a25d80b6f0d6ee7a321189b51ebecde95a6fa88e64166de
a6a5d7cbfec632fa7463ebca7babf4b1971b785cd1a26b596d58b8a831001136
a6cffa9aeb9ee6b53cf9a22c3c8964756d1f9fe5832efbe2929c2c8ac2c5a5c6
aa4890472116138af42ba619c2141a255eafb4673665b594f00bdaf1eb59f5c2
c3491b9489b8e21481e991fdae29e7d582f754960308cc9d01285bca649607bd
c736890ff5524a5db3c3a5f7462f00f95dce7631868d4f66be9c91579b272df4
d56b11dec738d63faa1c437d1d773f326a3b29857356f0330bf874511de170c7
df7de1f609f36bc4f0b8c56c23ffd2dfaa78f3341e479b0a3a8a4c802f6acc80
e82615829fce24f3a484b4831be09c51192c21076b3988215e01de003db4fb77
f5a204d933b9d3a70d04e4d8f06c373cd3ea895994dafd85ca3443f467029ade
f9dda1f2465082bc902a02dba548dbe7cfcc14655ebf36da12a5bc195a05eb5c
f9e558d323a71485b99bd6b49708a9b4475d6ec63ae5b883235c9be6f2ae4153