kirms.my.salesforce.com
Open in
urlscan Pro
18.170.191.71
Public Scan
URL:
https://kirms.my.salesforce.com//secur/login_portal.jsp?orgId=00D20000000CJHa&portalId=06020000000QE3o
Submission: On January 31 via manual from MX — Scanned from GB
Submission: On January 31 via manual from MX — Scanned from GB
Summary
This website contacted 1 IPs
in 1 countries
across 1 domains to perform 8 HTTP transactions.
The main IP is 18.170.191.71, located in
London, United Kingdom and
belongs to AMAZON-02, US.
The main domain is kirms.my.salesforce.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on August 14th 2023. Valid for: a year.
This is the only time kirms.my.salesforce.com was scanned on urlscan.io!
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on August 14th 2023. Valid for: a year.
This is the only time kirms.my.salesforce.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 8 | 18.170.191.71 18.170.191.71 | 16509 (AMAZON-02) (AMAZON-02) | |
| 8 | 1 |
8
18.170.191.71
(London, United Kingdom)
ASN16509 (AMAZON-02, US)
PTR: ec2-18-170-191-71.eu-west-2.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-18-170-191-71.eu-west-2.compute.amazonaws.com
| kirms.my.salesforce.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 8 |
salesforce.com
kirms.my.salesforce.com |
47 KB |
| 8 | 1 |
| Domain | Requested by | |
|---|---|---|
| 8 | kirms.my.salesforce.com |
kirms.my.salesforce.com
|
| 8 | 1 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| gbr86.sfdc-5pakla.salesforce.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-08-14 - 2024-08-13 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://kirms.my.salesforce.com//secur/login_portal.jsp?orgId=00D20000000CJHa&portalId=06020000000QE3o
Frame ID: 5071B9DC9C87F161BED50F6010F773B3
Requests: 8 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
8 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
login_portal.jsp
kirms.my.salesforce.com//secur/ |
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
elements.css
kirms.my.salesforce.com/sCSS/59.0/sprites/1698322264000/PortalDefault/default/gc/ |
21 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
common.css
kirms.my.salesforce.com/sCSS/59.0/sprites/1698322264000/PortalDefault/default/gc/ |
192 KB 35 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
extended.css
kirms.my.salesforce.com/sCSS/59.0/sprites/1698322264000/PortalDefault/default/gc/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
portal.css
kirms.my.salesforce.com/sCSS/59.0/1357691430000/PortalDefault/00D20000000CJHa/06020000000QE3o/gc/ |
18 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
login.js
kirms.my.salesforce.com/static/111213/js/ |
2 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
s.gif
kirms.my.salesforce.com/ |
43 B 112 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bgButton.gif
kirms.my.salesforce.com/img/ |
88 B 149 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| curPopupWindow function| loader function| handleLogin function| closePopup function| openPopupFocus function| checkCaps4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| kirms.my.salesforce.com/ | Name: CookieConsentPolicy Value: 0:1 |
|
| kirms.my.salesforce.com/ | Name: LSKey-c$CookieConsentPolicy Value: 0:1 |
|
| .salesforce.com/ | Name: BrowserId Value: BKRJosBWEe6_eQcfgmHqeQ |
|
| .salesforce.com/ | Name: BrowserId_sec Value: BKRJosBWEe6_eQcfgmHqeQ |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Content-Security-Policy | upgrade-insecure-requests |
| Strict-Transport-Security | max-age=63072000; includeSubDomains |
| X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
kirms.my.salesforce.com
18.170.191.71
158022929dacdff0ba76330038779f7a2084ce3d9a85784b1593aa4c8fd44a46
22977162244c7d5907f423e882e0b1d9e9eff9f56a1ea36ae563d3cad4cc1ed7
2d06786c844e812828859f64bfbfe42c854347a9b6aabccaa81aeb33289bd6bb
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
47172bc62269d68cd8351e0a70141b1069711c671330e6fd8be7921615543c16
6308d91387bb5cd67726746e748b450c965505dfed6c31c14877c35ba4326fc5
6f6126893efe012ca46e6e4f0fb1a1b318dbe49b74836ff9406822dc66667e61
eb77f2c31d23d23a2644aeee9ab267fa02c42d9c1701ff0142042a4871fece11