wktaaeu.my.site.com
Open in
urlscan Pro
2a02:26f0:480:d::210:f161
Public Scan
Submission: On March 15 via manual from GB — Scanned from GB
Summary
TLS certificate: Issued by DigiCert TLS Hybrid ECC SHA384 2020 CA1 on April 3rd 2022. Valid for: a year.
This is the only time wktaaeu.my.site.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
11 | 2a02:26f0:480... 2a02:26f0:480:d::210:f161 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
11 | 1 |
ASN20940 (AKAMAI-ASN1, NL)
wktaaeu.my.site.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
site.com
wktaaeu.my.site.com |
2 MB |
11 | 1 |
Domain | Requested by | |
---|---|---|
11 | wktaaeu.my.site.com |
wktaaeu.my.site.com
|
11 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
prod.cdn.salesforce-experience.com DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-04-03 - 2023-04-04 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://wktaaeu.my.site.com/survey/survey/runtimeApp.app?invitationId=0Ki07000001Ahud&surveyName=uk_support_survey&UUID=a0625182-d82b-4339-bea2-9c5b3383ad6a
Frame ID: B37241DCBE854493CFFCEE6AF4BDC504
Requests: 11 HTTP requests in this frame
Screenshot
Page Title
Survey: uk_support_surveyDetected technologies
Akamai Bot Manager (Security) ExpandDetected patterns
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
runtimeApp.app
wktaaeu.my.site.com/survey/survey/ |
215 KB 62 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.css
wktaaeu.my.site.com/survey/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22survey%3AruntimeApp%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsurvey%3AruntimeApp%22%3A%224vp9m0Fb7UJuZSWULV7Kn... |
1 MB 135 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aura_prod.js
wktaaeu.my.site.com/survey/auraFW/javascript/z4LqYTyTnZhjB9bF-v-J2w/ |
814 KB 258 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
appcore.js
wktaaeu.my.site.com/survey/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22survey%3AruntimeApp%22%2C%22serializationVersion%22%3A%221-242.20.3-2.31.7-b%22%2C%22parts%22%3A%22t%22%2C%22loaded%22%3A%7B... |
939 KB 142 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.js
wktaaeu.my.site.com/survey/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22survey%3AruntimeApp%22%2C%22serializationVersion%22%3A%221-242.20.3-2.31.7-b%22%2C%22parts%22%3A%22t%22%2C%22loaded%22%3A%7B... |
5 MB 1 MB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
resources.js
wktaaeu.my.site.com/survey/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22survey%3AruntimeApp%22%2C%22fwuid%22%3A%22z4LqYTyTnZhjB9bF-v-J2w%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsurv... |
31 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
aura
wktaaeu.my.site.com/survey/ |
83 KB 25 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
aura
wktaaeu.my.site.com/survey/ |
7 KB 5 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pebbles.jpg
wktaaeu.my.site.com/_sfdc/surveyAssets/images/ |
221 KB 222 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
aura
wktaaeu.my.site.com/survey/ |
13 KB 6 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
aura
wktaaeu.my.site.com/survey/ |
2 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless number| pageStartTime object| Aura object| AuraLocker object| AuraLockerDisabled object| $A object| aura function| DOMPurify function| Router object| picassoSPA7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
wktaaeu.my.site.com/ | Name: CookieConsentPolicy Value: 0:1 |
|
wktaaeu.my.site.com/ | Name: LSKey-c$CookieConsentPolicy Value: 0:1 |
|
wktaaeu.my.site.com/ | Name: BrowserId Value: lhqrLcMLEe2rmeMh2AHXdg |
|
wktaaeu.my.site.com/ | Name: BrowserId_sec Value: lhqrLcMLEe2rmeMh2AHXdg |
|
wktaaeu.my.site.com/ | Name: sfdc-stream Value: !eGRJUYsP0CvmllnJDW2KM3sLWYu+TqnVGNPTQWkjhZHT9bZ6ohu7Dd2O2Na+1YHjjeK4MM2euTKCLy4= |
|
.my.site.com/ | Name: ak_bmsc Value: 2E281266AE0A26546DF3508271F9C2EB~000000000000000000000000000000~YAAQIfAQAp3EyuOGAQAADQNk5BODmm1u7wV/K8cEKGkFWH+HmGQJjI9YJTjb62XCtYuWUN6kSEel6Nv+wiUBvsyVIPd9E9s79FyasGydcfMRCNLGCPQOp2gLYbqA4o+8a8AULEdzvXDB/L5slK7ewuPkXxXM78guncz4Q1i8avEXIYiYSJbE7ucOUtIH3cDEkmYBwn0gQiaSj9g4/MCJ2pag1tgZlbnWKY3R3vZWrSVq+t1foKWV9t/A19erh8FTB1XBbqYgB0/fHhwAPAAkDRceFxWu+esC5qmE6AkCrdpA73UCdDKKw1xuR8tBQxo0MYzjfEM9yKd3amTo1oVRh2MEdK4opbeEUhM27AEQ8zIZLyf6HTXGvwALNKWDKL/uJCjZKA3xxgB0fMby |
|
.my.site.com/ | Name: bm_sv Value: B78B012051D2AB1E8DCFE45B0AC5D90F~YAAQIfAQAqLEyuOGAQAAzxJk5BN+UAfz24dMh9x3k4uEgJZ1ArzVbMzQ9+tEDvfu/nx8tyzgZPmVcS2awVjakPhNVStpM1zLdJAyIHRC5ItS1tMUJBLC4D93ygS+J+boKeNlUYwY4KGsLmK55IRjRB0sAu8gz/Iz9ddgLmUqtPHFN6W8JTlqgnMWBkr7MIvFDr2RlfItWHf0iGRF/rt6U5cE/VSau7NHRrgNzuIWKMwlHs8/VN+LVfeycSgKdW3P8g==~1 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | upgrade-insecure-requests default-src 'self'; script-src 'self' 'nonce-9ahJesBNgFp26Dldtu6rgOOLEsYoBwjd' chrome-extension: 'unsafe-inline' 'unsafe-eval' *.canary.lwc.dev *.vf.force.com blob: https://ssl.gstatic.com/accessibility/; object-src 'self'; style-src 'self' blob: chrome-extension: 'unsafe-inline' https://*.clmfed.docusign.com https://*.clm.docusign.mil https://api.mixpanel.com https://*.springcm.com https://*.coveo.com https://platform.cloud.coveo.com https://fonts.googleapis.com https://cdn.wolterskluwer.io *.vf.force.com; img-src 'self' http: https: data: blob: https://www.wolterskluwer.com https://*.clmfed.docusign.com https://*.clm.docusign.mil https://api.mixpanel.com https://*.springcm.com https://*.coveo.com https://platform.cloud.coveo.com https://static.cloud.coveo.com https://search.cloud.coveo.com https://www.wolterskluwer.es https://cdn.wolterskluwer.io *.vf.force.com; media-src 'self' https://*.clmfed.docusign.com https://*.clm.docusign.mil https://api.mixpanel.com https://*.springcm.com https://*.coveo.com https://platform.cloud.coveo.com https://cdn.wolterskluwer.io *.vf.force.com; frame-ancestors 'self'; frame-src blob: https: mailto: https://*.clmfed.docusign.com https://*.clm.docusign.mil https://api.mixpanel.com https://*.springcm.com https://*.coveo.com https://platform.cloud.coveo.com https://static.cloud.coveo.com https://search.cloud.coveo.com https://cdn.wolterskluwer.io *.vf.force.com; font-src 'self' https: data: https://*.clmfed.docusign.com https://*.clm.docusign.mil https://api.mixpanel.com https://*.springcm.com https://*.coveo.com https://platform.cloud.coveo.com https://fonts.gstatic.com https://fonts.googleapis.com https://cdn.wolterskluwer.io *.vf.force.com; connect-src 'self' https://api.bluetail.salesforce.com https://staging.bluetail.salesforce.com https://preprod.bluetail.salesforce.com https://*.clmfed.docusign.com https://*.clm.docusign.mil https://api.mixpanel.com https://*.springcm.com https://*.coveo.com https://globalplatform.cloud.coveo.com https://cloudplatform.coveo.com https://platform.cloud.coveo.com https://usageanalytics.coveo.com https://cdn.wolterskluwer.io blob: *.vf.force.com; base-uri 'self' |
Strict-Transport-Security | max-age=63072000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
wktaaeu.my.site.com
2a02:26f0:480:d::210:f161
0447365037d6d298095b7a8df6c1c73cb33a2963e05bc14ec4442d0f59ab0fb2
169db10170e9d5cf476308dc2750f5220af9d7dbcc10f27ba4e7b276be313c74
4dd24db4535b4e5d2657ef44014bf38f42ae62386d807928260bf6bad5b7e939
552adde70ea519fe017b87fb9882bcbe90174e960ce2e9c49d989ef74ce50415
70185f1b0a6e7690251f692f67acdf6d35f9d364f56827fe320a1397dcbcb1bb
701a2e7b828e181e9722b6cc804889e4d89c5e8f2661eb4a6ac8481c6b6be664
8e37df894b9ebe0bf48f82893dd92ff62ac12935eeb93cf6b1d59d70c69b9c49
a0ced7712d4c4521dd6fb868b6ac5aa4434648925afff78f0ab36a04e29a4800
afbb6ddf592c3858cb95f8bfe0c08e1ffa557f36b7c3b34e500144d9d5bae1e3
c3c9fd05565dbeb3a31cdfd03f2ff2667883888b26ef318d4260e05097bda0fa
d3e1a2b420433fbfbb7872cdca06b919ef4be2e0d0f2dad981dee5271d709abd