bankatfirst.my.site.com Open in urlscan Pro
2600:1400:d::1721:ee51 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bankatfirst.force.com/
Effective URL:
https://bankatfirst.my.site.com/FFBAuth/s/login/?ec=302&startURL=%2FFFBAuth%2Fs%2F
Submission: On January 20 via api (January 20th 2023, 2:48:54 pm UTC) from US — Scanned from US

Summary HTTP 16 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 16 HTTP transactions. The main IP is 2600:1400:d::1721:ee51, located in New York, United States and belongs to AKAMAI-ASN1, NL. The main domain is bankatfirst.my.site.com.
TLS certificate: Issued by DigiCert TLS Hybrid ECC SHA384 2020 CA1 on April 3rd 2022. Valid for: a year.

This is the only time bankatfirst.my.site.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.110.35.81 13.110.35.81	14340 (SALESFORCE) (SALESFORCE)
3 18	2600:1400:d::... 2600:1400:d::1721:ee51	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	13.109.180.7 13.109.180.7	14340 (SALESFORCE) (SALESFORCE)
16	3

1 13.110.35.81 (United States) 1 redirects

ASN14340 (SALESFORCE, US)
PTR: dcl7-ncg0-iad3.na113-ia2.force.com

bankatfirst.force.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2600:1400:d::1721:ee51 (New York, United States) 3 redirects

ASN20940 (AKAMAI-ASN1, NL)

bankatfirst.my.site.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.109.180.7 (United States)

ASN14340 (SALESFORCE, US)
PTR: sledge1-ia4.slb.sfdcsvc.net

bankatfirst.my.salesforce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	site.com 3 redirects bankatfirst.my.site.com	1 MB
1	salesforce.com bankatfirst.my.salesforce.com — Cisco Umbrella Rank: 227440	3 KB
1	force.com 1 redirects bankatfirst.force.com	518 B
16	3

	Domain	Requested by
18	bankatfirst.my.site.com	3 redirects bankatfirst.my.site.com
1	bankatfirst.my.salesforce.com
1	bankatfirst.force.com	1 redirects
16	3

This site contains links to these domains. Also see Links.

Domain
bankatfirst.my.salesforce.com

Subject Issuer	Validity	Valid
prod.cdn.salesforce-experience.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-03` - `2023-04-04`	a year	crt.sh
ia4.edge.my.salesforce.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-24` - `2023-06-22`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://bankatfirst.my.site.com/FFBAuth/s/login/?ec=302&startURL=%2FFFBAuth%2Fs%2F
Frame ID: CCA18A0129CCB3959633B094AC1D3E5E
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login

Page URL History Show full URLs

http://bankatfirst.force.com/ HTTP 307
https://bankatfirst.force.com/ HTTP 301
https://bankatfirst.my.site.com/ HTTP 301
https://bankatfirst.my.site.com/FFBAuth/ HTTP 301
https://bankatfirst.my.site.com/FFBAuth/s/ Page URL
https://bankatfirst.my.site.com/FFBAuth/s/login?ec=302&startURL=%2FFFBAuth%2Fs%2F HTTP 302
https://bankatfirst.my.site.com/FFBAuth/s/login/?ec=302&startURL=%2FFFBAuth%2Fs%2F Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

Page Statistics

16
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

1563 kB
Transfer

6018 kB
Size

11
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://bankatfirst.my.salesforce.com//servlet/networks/session/create?url=%2FFFBAuth%2Fs%2F&site=0DM3j000000g9wn&inst=3j
Title: Are you an employee? Login here

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bankatfirst.force.com/ HTTP 307
https://bankatfirst.force.com/ HTTP 301
https://bankatfirst.my.site.com/ HTTP 301
https://bankatfirst.my.site.com/FFBAuth/ HTTP 301
https://bankatfirst.my.site.com/FFBAuth/s/ Page URL
https://bankatfirst.my.site.com/FFBAuth/s/login?ec=302&startURL=%2FFFBAuth%2Fs%2F HTTP 302
https://bankatfirst.my.site.com/FFBAuth/s/login/?ec=302&startURL=%2FFFBAuth%2Fs%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://bankatfirst.force.com/ HTTP 307
https://bankatfirst.force.com/ HTTP 301
https://bankatfirst.my.site.com/ HTTP 301
https://bankatfirst.my.site.com/FFBAuth/ HTTP 301
https://bankatfirst.my.site.com/FFBAuth/s/

16 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/
bankatfirst.my.site.com/FFBAuth/s/
Redirect Chain

http://bankatfirst.force.com/
https://bankatfirst.force.com/
https://bankatfirst.my.site.com/
https://bankatfirst.my.site.com/FFBAuth/
https://bankatfirst.my.site.com/FFBAuth/s/

1 KB
1 KB

303ms
303ms

Document
text/html

2600:1400:d::1721:ee51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://bankatfirst.my.site.com/FFBAuth/s/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d::1721:ee51 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

sfdcedge /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

akamai-grn: 0.4dee2117.1674226126.d6f04d
cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 512
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Fri, 20 Jan 2023 14:48:47 GMT
expires: Fri, 20 Jan 2023 14:48:47 GMT
pragma: no-cache
referrer-policy: origin-when-cross-origin
server: sfdcedge
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-cache-status: M
x-content-type-options: nosniff
x-origin-cache-control: must-revalidate,no-cache,no-store
x-sfdc-request-id: 36f08fefef0fe1c9a8a68d94d1045d31
x-xss-protection: 1; mode=block

Redirect headers

akamai-grn: 0.4dee2117.1674226126.d6f010
cache-control: no-cache,must-revalidate,max-age=0,no-store,private
content-length: 0
content-security-policy: upgrade-insecure-requests
date: Fri, 20 Jan 2023 14:48:46 GMT
location: https://bankatfirst.my.site.com/FFBAuth/s/
server: sfdcedge
strict-transport-security: max-age=63072000; includeSubDomains
x-cache-status: M
x-content-type-options: nosniff
x-origin-cache-control: no-cache,must-revalidate,max-age=0,no-store,private
x-sfdc-request-id: 053875778bb5f41544fdda594b89a755

GET
H2

200

Primary Request / Show response
bankatfirst.my.site.com/FFBAuth/s/login/
Redirect Chain

https://bankatfirst.my.site.com/FFBAuth/s/login?ec=302&startURL=%2FFFBAuth%2Fs%2F
https://bankatfirst.my.site.com/FFBAuth/s/login/?ec=302&startURL=%2FFFBAuth%2Fs%2F

225 KB
50 KB

374ms
373ms

Document
text/html

2600:1400:d::1721:ee51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://bankatfirst.my.site.com/FFBAuth/s/login/?ec=302&startURL=%2FFFBAuth%2Fs%2F

Requested by

Host: bankatfirst.my.site.com
URL: https://bankatfirst.my.site.com/FFBAuth/s/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d::1721:ee51 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

sfdcedge /

Resource Hash

a2e662d6b670d3a50875c8b51b42137a617148d5d66ff58ec6a7cdf61228ca40

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://service.force.com/embeddedservice/ import: blob: https://uip.canary.lwc.dev https://d.la1-c1cs-ph2.salesforceliveagent.com/chat/rest/Visitor/Settings.jsonp https://d.la1-c1cs-ph2.salesforceliveagent.com/chat/rest/EmbeddedService/EmbeddedServiceConfig.jsonp https://d.la1-c1cs-ph2.salesforceliveagent.com/chat/rest/Visitor/Availability.jsonp https://bankatfirst.force.com/ http://www.getfeedback.com; object-src 'self' www.google.com; style-src 'self' 'unsafe-inline' https://service.force.com/embeddedservice/ https://fonts.googleapis.com/css2 https://fonts.googleapis.com/css blob: https://demo.q2software.com https://www.getfeedback.com https://secure10.onlineaccess1.com https://www.bankatfirst.com bankatfirst.force.com https://bankatfirst.force.com payments.blackthorn.io https://bankatfirst.my.site.com; img-src 'self' data: blob: https://bankatfirst.my.salesforce.com https://bankatfirst.file.force.com https://img.youtube.com https://i.ytimg.com https://i.vimeocdn.com https://login.salesforce.com/icons/ https://na113.salesforce.com/icons/ https://demo.q2software.com https://www.getfeedback.com https://secure10.onlineaccess1.com https://www.bankatfirst.com bankatfirst.force.com https://bankatfirst.force.com payments.blackthorn.io https://bankatfirst.my.site.com bankatfirst.my.site.com; media-src 'self' blob: https://demo.q2software.com https://www.getfeedback.com https://secure10.onlineaccess1.com https://www.bankatfirst.com bankatfirst.force.com https://bankatfirst.force.com payments.blackthorn.io https://bankatfirst.my.site.com; frame-ancestors 'self'; frame-src 'self' https://service.force.com/embeddedservice/ https://na113.salesforce.com https://sfdc-link-preview-staging.sfdc.sh https://sfdc-link-preview.hk.salesforce.com https://cdn.embedly.com https://www.youtube.com https://player.vimeo.com https://play.vidyard.com https://player.cloudinary.com https://fast.wistia.net https://players.brightcove.net https://s1.adis.ws https://scormanywhere.secure.force.com https://appiniummastertrial.secure.force.com https://*.a.forceusercontent.com/lightningmaps/ https://location.force.com https://demo.q2software.com https://www.getfeedback.com https://secure10.onlineaccess1.com https://www.bankatfirst.com bankatfirst.force.com https://bankatfirst.force.com payments.blackthorn.io https://bankatfirst.my.site.com; font-src 'self' data: https://fonts.gstatic.com/ https://demo.q2software.com https://www.getfeedback.com https://secure10.onlineaccess1.com https://www.bankatfirst.com bankatfirst.force.com https://bankatfirst.force.com payments.blackthorn.io https://bankatfirst.my.site.com; connect-src 'self' https://demo.q2software.com https://www.getfeedback.com https://secure10.onlineaccess1.com https://www.bankatfirst.com bankatfirst.force.com https://bankatfirst.force.com payments.blackthorn.io https://bankatfirst.my.site.com
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bankatfirst.my.site.com/FFBAuth/s/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

akamai-grn: 0.4dee2117.1674226127.d6f0e9
cache-control: no-cache,must-revalidate,max-age=0,no-store,private
content-encoding: gzip
content-length: 47927
content-security-policy: upgrade-insecure-requests default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://service.force.com/embeddedservice/ import: blob: https://uip.canary.lwc.dev https://d.la1-c1cs-ph2.salesforceliveagent.com/chat/rest/Visitor/Settings.jsonp https://d.la1-c1cs-ph2.salesforceliveagent.com/chat/rest/EmbeddedService/EmbeddedServiceConfig.jsonp https://d.la1-c1cs-ph2.salesforceliveagent.com/chat/rest/Visitor/Availability.jsonp https://bankatfirst.force.com/ http://www.getfeedback.com; object-src 'self' www.google.com; style-src 'self' 'unsafe-inline' https://service.force.com/embeddedservice/ https://fonts.googleapis.com/css2 https://fonts.googleapis.com/css blob: https://demo.q2software.com https://www.getfeedback.com https://secure10.onlineaccess1.com https://www.bankatfirst.com bankatfirst.force.com https://bankatfirst.force.com payments.blackthorn.io https://bankatfirst.my.site.com; img-src 'self' data: blob: https://bankatfirst.my.salesforce.com https://bankatfirst.file.force.com https://img.youtube.com https://i.ytimg.com https://i.vimeocdn.com https://login.salesforce.com/icons/ https://na113.salesforce.com/icons/ https://demo.q2software.com https://www.getfeedback.com https://secure10.onlineaccess1.com https://www.bankatfirst.com bankatfirst.force.com https://bankatfirst.force.com payments.blackthorn.io https://bankatfirst.my.site.com bankatfirst.my.site.com; media-src 'self' blob: https://demo.q2software.com https://www.getfeedback.com https://secure10.onlineaccess1.com https://www.bankatfirst.com bankatfirst.force.com https://bankatfirst.force.com payments.blackthorn.io https://bankatfirst.my.site.com; frame-ancestors 'self'; frame-src 'self' https://service.force.com/embeddedservice/ https://na113.salesforce.com https://sfdc-link-preview-staging.sfdc.sh https://sfdc-link-preview.hk.salesforce.com https://cdn.embedly.com https://www.youtube.com https://player.vimeo.com https://play.vidyard.com https://player.cloudinary.com https://fast.wistia.net https://players.brightcove.net https://s1.adis.ws https://scormanywhere.secure.force.com https://appiniummastertrial.secure.force.com https://*.a.forceusercontent.com/lightningmaps/ https://location.force.com https://demo.q2software.com https://www.getfeedback.com https://secure10.onlineaccess1.com https://www.bankatfirst.com bankatfirst.force.com https://bankatfirst.force.com payments.blackthorn.io https://bankatfirst.my.site.com; font-src 'self' data: https://fonts.gstatic.com/ https://demo.q2software.com https://www.getfeedback.com https://secure10.onlineaccess1.com https://www.bankatfirst.com bankatfirst.force.com https://bankatfirst.force.com payments.blackthorn.io https://bankatfirst.my.site.com; connect-src 'self' https://demo.q2software.com https://www.getfeedback.com https://secure10.onlineaccess1.com https://www.bankatfirst.com bankatfirst.force.com https://bankatfirst.force.com payments.blackthorn.io https://bankatfirst.my.site.com
content-type: text/html;charset=UTF-8
date: Fri, 20 Jan 2023 14:48:47 GMT
expires: Thu, 20 Jan 2022 14:48:47 GMT
last-modified: Thu, 20 Jan 2022 14:48:47 GMT
link: </FFBAuth/s/sfsites/auraFW/javascript/Vo_clYDmAijdWOzW3-3Mow/aura_prod.js>;rel=preload;as=script;nopush,</FFBAuth/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22serializationVersion%22%3A%221-240.1.10-2.20.7-b%22%2C%22parts%22%3A%22f%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AloginApp2%22%3A%226cWl6r2qy15opsI7zKnxIA%22%7D%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%22601638718%22%7D/app.js?2=>;rel=preload;as=script;nopush
referrer-policy: origin-when-cross-origin
server: sfdcedge
server-timing: Total;dur=155
strict-transport-security: max-age=63072000; includeSubDomains
timing-allow-origin: *
vary: Origin, Accept-Encoding
x-cache-status: M
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-origin-cache-control: no-cache,must-revalidate,max-age=0,no-store,private
x-sfdc-request-id: 65391c33de7c348c23bd2d4e1a74f1de
x-xss-protection: 1; mode=block

Redirect headers

akamai-grn: 0.4dee2117.1674226127.d6f0ad
cache-control: no-cache,must-revalidate,max-age=0,no-store,private
content-length: 0
content-security-policy: upgrade-insecure-requests
date: Fri, 20 Jan 2023 14:48:47 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://bankatfirst.my.site.com/FFBAuth/s/login/?ec=302&startURL=%2FFFBAuth%2Fs%2F
referrer-policy: origin-when-cross-origin
server: sfdcedge
strict-transport-security: max-age=63072000; includeSubDomains
x-cache-status: M
x-content-type-options: nosniff
x-origin-cache-control: no-cache,must-revalidate,max-age=0,no-store,private
x-sfdc-request-id: 4a2c3ea49481e8d54cc8a6e06119322d
x-xss-protection: 1; mode=block

GET
H2 200 aura_prod.js Show response
bankatfirst.my.site.com/FFBAuth/s/sfsites/auraFW/javascript/Vo_clYDmAijdWOzW3-3Mow/ 798 KB
251 KB 184ms
183ms Script
text/javascript 2600:1400:d::1721:ee51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://bankatfirst.my.site.com/FFBAuth/s/sfsites/auraFW/javascript/Vo_clYDmAijdWOzW3-3Mow/aura_prod.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d::1721:ee51 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

sfdcedge /

Resource Hash

35a384aea0322a276ebdc1ea927fad564e9f427ca1408d5b31e367347db53f49

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bankatfirst.my.site.com/FFBAuth/s/login/?ec=302&startURL=%2FFFBAuth%2Fs%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 20 Jan 2023 14:48:47 GMT
akamai-grn: , 0.4dee2117.1674226127.d6f1b3
x-cache-status: M
server-timing: Total;dur=42
content-length: 255996
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Wed, 18 Jan 2023 21:19:35 GMT
server: sfdcedge
x-sfdc-request-id: 86f03ccd025e0bf04bcbf9da6cf073c2
x-origin-cache-control: max-age=31536000,public,immutable
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=31472970
timing-allow-origin: *

GET
H2 200 app.js Show response
bankatfirst.my.site.com/FFBAuth/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22serializationVersion%22%3A%221-240.1.10-2.20.7-b%22%2C%22parts%22%3A%22f%22%2C%... 2 MB
486 KB 149ms
149ms Script
text/javascript 2600:1400:d::1721:ee51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://bankatfirst.my.site.com/FFBAuth/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22serializationVersion%22%3A%221-240.1.10-2.20.7-b%22%2C%22parts%22%3A%22f%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AloginApp2%22%3A%226cWl6r2qy15opsI7zKnxIA%22%7D%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%22601638718%22%7D/app.js?2=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d::1721:ee51 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

sfdcedge /

Resource Hash

929cdec7f75893144e7ae7f74dc8d4af649247d3748fc0df1d06ad4c5e02d826

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bankatfirst.my.site.com/FFBAuth/s/login/?ec=302&startURL=%2FFFBAuth%2Fs%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 20 Jan 2023 14:48:47 GMT
akamai-grn: 0.4dee2117.1674226127.d6f1b5
x-cache-status: M
content-length: 496423
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 12 Jan 2023 10:22:46 GMT
server: sfdcedge
x-sfdc-request-id: 5bad7e888ceb0a135943da52a9ad12d3
x-origin-cache-control: max-age=31536000,public,immutable
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=30915225

GET
H2 200 fonts.css
bankatfirst.my.site.com/FFBAuth/s/sfsites/runtimedownload/ 336 KB
242 KB 307ms
307ms Stylesheet
text/css 2600:1400:d::1721:ee51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://bankatfirst.my.site.com/FFBAuth/s/sfsites/runtimedownload/fonts.css?lastMod=1629482253000&brandSet=c3656618-6b39-42a0-aa2e-f9d91f00fb00

Requested by

Host: bankatfirst.my.site.com
URL: https://bankatfirst.my.site.com/FFBAuth/s/login/?ec=302&startURL=%2FFFBAuth%2Fs%2F

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d::1721:ee51 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

sfdcedge /

Resource Hash

0088ad02f7d752b5d5d810e712568a017ecbfe0a0837aa2d508c4e6d2f3ed2cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bankatfirst.my.site.com/FFBAuth/s/login/?ec=302&startURL=%2FFFBAuth%2Fs%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 20 Jan 2023 14:48:48 GMT
akamai-grn: 0.4dee2117.1674226128.d6f1cf
x-cache-status: H
content-length: 246623
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Fri, 20 Aug 2021 17:57:33 GMT
server: sfdcedge
x-sfdc-request-id: 3ff618887c63ada7ebb7ec868e713db1
x-origin-cache-control: public,max-age=31536000
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=29815658
expires: Sun, 31 Dec 2023 16:56:26 GMT

GET
H2 200 resources.js Show response
bankatfirst.my.site.com/FFBAuth/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22fwuid%22%3A%22Vo_clYDmAijdWOzW3-3Mow%22%2C%22loaded%22%3A%7B%22APPLICATION%40ma... 48 KB
12 KB 398ms
396ms Script
text/javascript 2600:1400:d::1721:ee51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: bankatfirst.my.site.com
URL: https://bankatfirst.my.site.com/FFBAuth/s/login/?ec=302&startURL=%2FFFBAuth%2Fs%2F

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d::1721:ee51 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

sfdcedge /

Resource Hash

d8d2bc6fb886faf17e387392161bc2ed74dfa31eebbe626b9d674ad08c6df08b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bankatfirst.my.site.com/FFBAuth/s/login/?ec=302&startURL=%2FFFBAuth%2Fs%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 20 Jan 2023 14:48:48 GMT
akamai-grn: 0.4dee2117.1674226128.d6f1d3
x-cache-status: M
content-length: 11975
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 19 Jan 2023 14:48:48 GMT
server: sfdcedge
x-sfdc-request-id: 820b7cc2f70bcd10fee8dba699d58069
x-origin-cache-control: max-age=31536000,private,immutable
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000,private,immutable

GET
H2 200 bootstrap.js Show response
bankatfirst.my.site.com/FFBAuth/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22fwuid%22%3A%22Vo_clYDmAijdWOzW3-3Mow%22%2C%22loaded%22%3A%7B%22APPLICATION%40ma... 54 KB
17 KB 399ms
397ms Script
text/javascript 2600:1400:d::1721:ee51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://bankatfirst.my.site.com/FFBAuth/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22fwuid%22%3A%22Vo_clYDmAijdWOzW3-3Mow%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AloginApp2%22%3A%226cWl6r2qy15opsI7zKnxIA%22%7D%2C%22apce%22%3A1%2C%22apck%22%3A%224qX9l8uwEFNBuuttAlPcGg%22%2C%22mlr%22%3A1%2C%22pathPrefix%22%3A%22%2FFFBAuth%22%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%22601638718%22%7D/bootstrap.js?aura.attributes=%7B%22ac%22%3A%22%22%2C%22authenticated%22%3A%22false%22%2C%22brandingSetId%22%3A%22c3656618-6b39-42a0-aa2e-f9d91f00fb00%22%2C%22formFactor%22%3A%22LARGE%22%2C%22isHybrid%22%3A%22false%22%2C%22language%22%3A%22en_US%22%2C%22pageId%22%3A%22efb7f4a6-dd59-4f72-8d04-538819c1fef5%22%2C%22publishedChangelistNum%22%3A%224%22%2C%22schema%22%3A%22Published%22%2C%22themeLayoutType%22%3A%22Login%22%2C%22viewType%22%3A%22Published%22%7D

Requested by

Host: bankatfirst.my.site.com
URL: https://bankatfirst.my.site.com/FFBAuth/s/login/?ec=302&startURL=%2FFFBAuth%2Fs%2F

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d::1721:ee51 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

sfdcedge /

Resource Hash

934173121c2e1622d3d32ff34d23df8a7b41b94546da25d2b8261643b90cd23d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bankatfirst.my.site.com/FFBAuth/s/login/?ec=302&startURL=%2FFFBAuth%2Fs%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 20 Jan 2023 14:48:48 GMT
akamai-grn: 0.4dee2117.1674226128.d6f1d6
x-cache-status: M
content-length: 16371
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 20 Jan 2022 14:48:48 GMT
server: sfdcedge
x-sfdc-request-id: fedc58b8cf4914a1ac8655f6c53d731b
x-origin-cache-control: no-cache,must-revalidate,max-age=0,no-store,private
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache,must-revalidate,max-age=0,no-store,private
expires: Thu, 20 Jan 2022 14:48:48 GMT

GET
H2 200 app.css
bankatfirst.my.site.com/FFBAuth/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AloginApp2%22%3A%226c... 974 KB
121 KB 151ms
151ms Stylesheet
text/css 2600:1400:d::1721:ee51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://bankatfirst.my.site.com/FFBAuth/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AloginApp2%22%3A%226cWl6r2qy15opsI7zKnxIA%22%7D%2C%22styleContext%22%3A%7B%22c%22%3A%22webkit%22%2C%22x%22%3A%5B%22isDesktop%22%5D%2C%22tokens%22%3A%5B%22markup%3A%2F%2Fforce%3AsldsTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AnapiliAuraTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AneutralTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AserializedTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AcommunityTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AauraDynamicTokens%22%5D%2C%22tuid%22%3A%22nlYdQVLonPr9e4UL_BfIUA%22%2C%22cuid%22%3A188866637%7D%2C%22pathPrefix%22%3A%22%2FFFBAuth%22%7D/app.css?2=&aura.attributes=%7B%22ac%22%3A%22%22%2C%22authenticated%22%3A%22false%22%2C%22brandingSetId%22%3A%22c3656618-6b39-42a0-aa2e-f9d91f00fb00%22%2C%22formFactor%22%3A%22LARGE%22%2C%22isHybrid%22%3A%22false%22%2C%22language%22%3A%22en_US%22%2C%22pageId%22%3A%22efb7f4a6-dd59-4f72-8d04-538819c1fef5%22%2C%22publishedChangelistNum%22%3A%224%22%2C%22schema%22%3A%22Published%22%2C%22themeLayoutType%22%3A%22Login%22%2C%22viewType%22%3A%22Published%22%7D

Requested by

Host: bankatfirst.my.site.com
URL: https://bankatfirst.my.site.com/FFBAuth/s/login/?ec=302&startURL=%2FFFBAuth%2Fs%2F

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d::1721:ee51 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

sfdcedge /

Resource Hash

ea302bb586a95c764c3e97b9d34a218e315886d38a44feff34cce20b3734cecf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bankatfirst.my.site.com/FFBAuth/s/login/?ec=302&startURL=%2FFFBAuth%2Fs%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 20 Jan 2023 14:48:48 GMT
akamai-grn: , , 0.4dee2117.1674226128.d6f23d
x-cache-status: M
content-length: 123104
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 12 Jan 2023 15:05:42 GMT
server: sfdcedge
x-sfdc-request-id: 50f1d6823c49c93f37017550a5a7d943
x-origin-cache-control: max-age=31536000,public,immutable
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=30932155

GET
H2 200 aura Show response
bankatfirst.my.site.com/FFBAuth/s/sfsites/ 91 KB
17 KB 537ms
537ms XHR
application/json 2600:1400:d::1721:ee51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://bankatfirst.my.site.com/FFBAuth/s/sfsites/aura?message=%7B%22actions%22%3A%5B%7B%22descriptor%22%3A%22serviceComponent%3A%2F%2Fui.comm.runtime.components.aura.components.siteforce.controller.PubliclyCacheableComponentLoaderController%2FACTION%24getPageComponent%22%2C%22callingDescriptor%22%3A%22UNKNOWN%22%2C%22params%22%3A%7B%22attributes%22%3A%7B%22viewId%22%3A%22e3720c88-8a6e-4fd2-9859-500a4ff404ee%22%2C%22routeType%22%3A%22login-home%22%2C%22themeLayoutType%22%3A%22Login%22%2C%22params%22%3A%7B%22ec%22%3A%22%22%2C%22startURL%22%3A%22%22%2C%22viewid%22%3A%2298541a24-0ed2-4b31-8062-4b6d951e0278%22%2C%22view_uddid%22%3A%22%22%2C%22entity_name%22%3A%22%22%2C%22audience_name%22%3A%22%22%2C%22picasso_id%22%3A%22%22%2C%22routeId%22%3A%22%22%7D%2C%22hasAttrVaringCmps%22%3Afalse%2C%22pageLoadType%22%3A%22STANDARD_PAGE_CONTENT%22%2C%22includeLayout%22%3Atrue%7D%2C%22publishedChangelistNum%22%3A4%2C%22brandingSetId%22%3A%22c3656618-6b39-42a0-aa2e-f9d91f00fb00%22%7D%7D%5D%7D&aura.context=%7B%22mode%22%3A%22PROD%22%2C%22fwuid%22%3A%22Vo_clYDmAijdWOzW3-3Mow%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AloginApp2%22%3A%226cWl6r2qy15opsI7zKnxIA%22%7D%2C%22apck%22%3A%224qX9l8uwEFNBuuttAlPcGg%22%2C%22uad%22%3Afalse%7D&aura.isAction=true

Requested by

Host: bankatfirst.my.site.com
URL: https://bankatfirst.my.site.com/FFBAuth/s/sfsites/auraFW/javascript/Vo_clYDmAijdWOzW3-3Mow/aura_prod.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d::1721:ee51 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

sfdcedge /

Resource Hash

278d1172cd17e2e0bd8789c53c78bbe231d6f760079007e8909f66d0064a236a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bankatfirst.my.site.com/FFBAuth/s/login/?ec=302&startURL=%2FFFBAuth%2Fs%2F
accept-language: en-US,en;q=0.9
X-SFDC-Page-Scope-Id: 70a3621f-1892-4738-8120-c04cbeb2d05d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 20 Jan 2023 14:48:49 GMT
akamai-grn: 0.4dee2117.1674226128.d6f28a
x-cache-status: M
content-length: 16983
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 19 Jan 2023 14:48:49 GMT
server: sfdcedge
x-sfdc-request-id: 959a002b3c8f35a991f39791d9ad553f
x-origin-cache-control: max-age=1800,public
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=1800
expires: Fri, 20 Jan 2023 15:18:49 GMT

GET
H2 200 background.jpg
bankatfirst.my.site.com/sfsites/picasso/core/external/salesforceIdentity/images/ 2 KB
3 KB 389ms
389ms Image
image/webp 2600:1400:d::1721:ee51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bankatfirst.my.site.com/sfsites/picasso/core/external/salesforceIdentity/images/background.jpg?v=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d::1721:ee51 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: e9cae90265db0cc36309929d4ff1d4ae23be7f8c91209c22505217d8c9685a51

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bankatfirst.my.site.com/FFBAuth/s/login/?ec=302&startURL=%2FFFBAuth%2Fs%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 14:48:49 GMT
x-check-cacheable: YES
x-serial: 1051
server: Akamai Image Manager
last-modified: Tue, 15 Nov 2022 20:30:45 GMT
akamai-grn: , 0.4dee2117.1674226128.d6f29d
x-origin-cache-control: no-transform, max-age=315359670
x-cache-status: M
content-type: image/webp
cache-control: private, no-transform, max-age=23404
content-length: 2416
expires: Fri, 20 Jan 2023 21:18:53 GMT

POST
H2 200 aura Show response
bankatfirst.my.site.com/FFBAuth/s/sfsites/ 8 KB
4 KB 376ms
376ms XHR
application/json 2600:1400:d::1721:ee51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://bankatfirst.my.site.com/FFBAuth/s/sfsites/aura?r=1&ui-force-components-controllers-hostConfig.HostConfig.getConfigData=1

Requested by

Host: bankatfirst.my.site.com
URL: https://bankatfirst.my.site.com/FFBAuth/s/sfsites/auraFW/javascript/Vo_clYDmAijdWOzW3-3Mow/aura_prod.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d::1721:ee51 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

sfdcedge /

Resource Hash

a6cd58e1fe84bac821ac0f4885117c1f1a1b615ec6bf4779aff463d14e7fcd6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bankatfirst.my.site.com/FFBAuth/s/login/?ec=302&startURL=%2FFFBAuth%2Fs%2F
accept-language: en-US,en;q=0.9
X-SFDC-Page-Scope-Id: 70a3621f-1892-4738-8120-c04cbeb2d05d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 20 Jan 2023 14:48:49 GMT
akamai-grn: 0.4dee2117.1674226128.d6f29e
x-cache-status: M
server-timing: Total;dur=157
content-length: 2968
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 20 Jan 2022 14:48:48 GMT
server: sfdcedge
x-sfdc-request-id: fa0f6d3ebbe0377fd9ab1c9f720c59d4
x-origin-cache-control: no-cache,must-revalidate,max-age=0,no-store,private
vary: Origin, Accept-Encoding
content-type: application/json
cache-control: no-cache,must-revalidate,max-age=0,no-store,private
timing-allow-origin: *
expires: Thu, 20 Jan 2022 14:48:48 GMT

POST
H2 200 aura Show response
bankatfirst.my.site.com/FFBAuth/s/sfsites/ 3 KB
2 KB 436ms
436ms XHR
application/json 2600:1400:d::1721:ee51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://bankatfirst.my.site.com/FFBAuth/s/sfsites/aura?r=2&applauncher.CommunityLogo.getCommunityName=1&applauncher.CommunityLogo.getLogoURL=1&applauncher.EmployeeLoginLink.getEmployeeLoginUrl=1&applauncher.EmployeeLoginLink.getIsAllowInternalUserLoginEnabled=1&applauncher.LoginForm.getForgotPasswordUrl=1&applauncher.LoginForm.getSelfRegistrationUrl=1&applauncher.LoginForm.getUsernamePasswordSelfRegEnabled=1&applauncher.SocialLogin.getAuthProviders=1&applauncher.SocialLogin.getSamlProviders=1&applauncher.SocialLogin.handleIdp=1

Requested by

Host: bankatfirst.my.site.com
URL: https://bankatfirst.my.site.com/FFBAuth/s/sfsites/auraFW/javascript/Vo_clYDmAijdWOzW3-3Mow/aura_prod.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d::1721:ee51 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

sfdcedge /

Resource Hash

f2fc7be71878293d4cda6a322c10e4abb7041e51105d718756c7830d4b1d859e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bankatfirst.my.site.com/FFBAuth/s/login/?ec=302&startURL=%2FFFBAuth%2Fs%2F
accept-language: en-US,en;q=0.9
X-SFDC-Page-Scope-Id: 70a3621f-1892-4738-8120-c04cbeb2d05d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 20 Jan 2023 14:48:49 GMT
akamai-grn: 0.4dee2117.1674226129.d6f325
x-cache-status: M
server-timing: Total;dur=271
content-length: 1025
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 20 Jan 2022 14:48:49 GMT
server: sfdcedge
x-sfdc-request-id: ff4c4fde3f1a995a4734fe0689993ce2
x-origin-cache-control: no-cache,must-revalidate,max-age=0,no-store,private
vary: Origin, Accept-Encoding
content-type: application/json
cache-control: no-cache,must-revalidate,max-age=0,no-store,private
timing-allow-origin: *
expires: Thu, 20 Jan 2022 14:48:49 GMT

POST
H2 200 aura Show response
bankatfirst.my.site.com/FFBAuth/s/sfsites/ 1 KB
2 KB 262ms
262ms XHR
application/json 2600:1400:d::1721:ee51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://bankatfirst.my.site.com/FFBAuth/s/sfsites/aura?r=3&applauncher.LoginForm.getLoginRightFrameUrl=1

Requested by

Host: bankatfirst.my.site.com
URL: https://bankatfirst.my.site.com/FFBAuth/s/sfsites/auraFW/javascript/Vo_clYDmAijdWOzW3-3Mow/aura_prod.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d::1721:ee51 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

sfdcedge /

Resource Hash

17903527e7ce6cc95554671394a4a2b4775cb8219a49e484509d5c3d6f1c7259

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bankatfirst.my.site.com/FFBAuth/s/login/?ec=302&startURL=%2FFFBAuth%2Fs%2F
accept-language: en-US,en;q=0.9
X-SFDC-Page-Scope-Id: 70a3621f-1892-4738-8120-c04cbeb2d05d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 20 Jan 2023 14:48:49 GMT
akamai-grn: 0.4dee2117.1674226129.d6f329
x-cache-status: M
server-timing: Total;dur=58
content-length: 745
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 20 Jan 2022 14:48:49 GMT
server: sfdcedge
x-sfdc-request-id: e9b7ca1364f6c343819dab9af5e4f129
x-origin-cache-control: no-cache,must-revalidate,max-age=0,no-store,private
vary: Origin, Accept-Encoding
content-type: application/json
cache-control: no-cache,must-revalidate,max-age=0,no-store,private
timing-allow-origin: *
expires: Thu, 20 Jan 2022 14:48:49 GMT

GET
DATA 200
OK truncated
/ 45 KB
45 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 336e47855a2634b17ab1e87428f96b51e21a434dca8c8327b47dc0fd2e0d3b51

Request headers

Referer: https://bankatfirst.my.site.com/
Origin: https://bankatfirst.my.site.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: application/x-font-woff

POST
H2 200 aura Show response
bankatfirst.my.site.com/FFBAuth/s/sfsites/ 2 KB
2 KB 243ms
242ms XHR
application/json 2600:1400:d::1721:ee51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://bankatfirst.my.site.com/FFBAuth/s/sfsites/aura?r=4&applauncher.EmployeeLoginLink.getEmployeeLoginUrl=1

Requested by

Host: bankatfirst.my.site.com
URL: https://bankatfirst.my.site.com/FFBAuth/s/sfsites/auraFW/javascript/Vo_clYDmAijdWOzW3-3Mow/aura_prod.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d::1721:ee51 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

sfdcedge /

Resource Hash

1f719b7516ce70860edbb7326e2f81593c281dacd1246bc7c7a17f1e8ca898db

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bankatfirst.my.site.com/FFBAuth/s/login/?ec=302&startURL=%2FFFBAuth%2Fs%2F
accept-language: en-US,en;q=0.9
X-SFDC-Page-Scope-Id: 70a3621f-1892-4738-8120-c04cbeb2d05d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 20 Jan 2023 14:48:49 GMT
akamai-grn: 0.4dee2117.1674226129.d6f32a
x-cache-status: M
server-timing: Total;dur=39
content-length: 819
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 20 Jan 2022 14:48:49 GMT
server: sfdcedge
x-sfdc-request-id: bc7fa2bd5db6981a6ce8c572f62026d6
x-origin-cache-control: no-cache,must-revalidate,max-age=0,no-store,private
vary: Origin, Accept-Encoding
content-type: application/json
cache-control: no-cache,must-revalidate,max-age=0,no-store,private
timing-allow-origin: *
expires: Thu, 20 Jan 2022 14:48:49 GMT

POST
H2 200 aura Show response
bankatfirst.my.site.com/FFBAuth/s/sfsites/ 1 MB
260 KB 252ms
251ms XHR
application/json 2600:1400:d::1721:ee51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://bankatfirst.my.site.com/FFBAuth/s/sfsites/aura?r=5&aura.Component.getComponentDef=1

Requested by

Host: bankatfirst.my.site.com
URL: https://bankatfirst.my.site.com/FFBAuth/s/sfsites/auraFW/javascript/Vo_clYDmAijdWOzW3-3Mow/aura_prod.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d::1721:ee51 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

sfdcedge /

Resource Hash

b4693d048bb8f4044d3ad3486ffffde09389e06780f23515690a3150b120a5e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bankatfirst.my.site.com/FFBAuth/s/login/?ec=302&startURL=%2FFFBAuth%2Fs%2F
accept-language: en-US,en;q=0.9
X-SFDC-Page-Scope-Id: 70a3621f-1892-4738-8120-c04cbeb2d05d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 20 Jan 2023 14:48:49 GMT
akamai-grn: 0.4dee2117.1674226129.d6f386
x-cache-status: M
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Thu, 20 Jan 2022 14:48:49 GMT
server: sfdcedge
x-sfdc-request-id: 185599e8820771dc949603de5fef90f9
x-origin-cache-control: no-cache,must-revalidate,max-age=0,no-store,private
vary: Origin, Accept-Encoding
content-type: application/json
cache-control: no-cache,must-revalidate,max-age=0,no-store,private
expires: Thu, 20 Jan 2022 14:48:49 GMT

GET
H2 200 logo214.svg
bankatfirst.my.salesforce.com/img/ 7 KB
3 KB 178ms
47ms Image
image/svg+xml 13.109.180.7
SALESFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bankatfirst.my.salesforce.com/img/logo214.svg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.109.180.7 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

sledge1-ia4.slb.sfdcsvc.net

Software

sfdcedge /

Resource Hash

a48f997fa23140662c20f7a46e93cefcef071fbf81ce038067582f2d822d86d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bankatfirst.my.site.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 14:48:49 GMT
strict-transport-security: max-age=63072000; includeSubDomains
referrer-policy: origin-when-cross-origin
last-modified: Thu, 22 Mar 2018 19:27:56 GMT
server: sfdcedge
content-encoding: gzip
x-sfdc-request-id: 47774095d44c2a2d809b880b5686b12e
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public,max-age=10368000
x-robots-tag: none
x-xss-protection: 1; mode=block
expires: Sat, 20 May 2023 14:48:49 GMT

GET
DATA 200
OK truncated
/ 45 KB
45 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 718b98352fcff4165da6f7df4efb9231c835d9fe5ffb7c38744993adb282c145

Request headers

Referer: https://bankatfirst.my.site.com/
Origin: https://bankatfirst.my.site.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: application/x-font-woff

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
bankatfirst.my.site.com/FFBAuth/s	1969-12-31 23:59:59	Name: renderCtx Value: %7B%22pageId%22%3A%22efb7f4a6-dd59-4f72-8d04-538819c1fef5%22%2C%22schema%22%3A%22Published%22%2C%22viewType%22%3A%22Published%22%2C%22brandingSetId%22%3A%22c3656618-6b39-42a0-aa2e-f9d91f00fb00%22%2C%22audienceIds%22%3A%22%22%7D
bankatfirst.force.com/	1970-01-20 17:49:22	Name: CookieConsentPolicy Value: 0:1
bankatfirst.force.com/	1970-01-20 17:49:22	Name: LSKey-c$CookieConsentPolicy Value: 0:1
bankatfirst.my.site.com/	1970-01-20 17:49:22	Name: CookieConsentPolicy Value: 0:1
bankatfirst.my.site.com/	1970-01-20 17:49:22	Name: LSKey-c$CookieConsentPolicy Value: 0:1
bankatfirst.my.site.com/	1970-01-20 17:49:22	Name: BrowserId Value: ixxVjZjREe2Ijs-GQ7JQQA
bankatfirst.my.site.com/	1970-01-20 17:49:22	Name: BrowserId_sec Value: ixxVjZjREe2Ijs-GQ7JQQA
.my.site.com/	1970-01-20 09:03:53	Name: ak_bmsc Value: 4732B1A634381F9864854356C0833F8C~000000000000000000000000000000~YAAQTe4hF+9oL82FAQAAS1GnzxJoYllGLZJRtWPNNVRpSRQTto9opj6TdLW6gnIvBsGN3Kd1XoLzVxV2hYu7V8Kbi97hKBxQTkTYY3OBSulbFIZ/6vYY4kyGYpcEqTo/KJBIgVABROO9lLVlbyXqDFtr8Cp7rGDW2paqANr/ZaLvBEWsODaGdJmPG7MapoEeYyUjfhjPkt1pKkp+hLTZIMFYC62JJUyzbEiwlwrhwn3Uvn1oBUCeZVj7bh616vfPfnZCwu/wP5nruUla8Bk5fUEWHDW6szY1Vx05m7QDXWjbPDbGw0RSx9c2jo3kEv9Bs+pUtA4fYopBFoo7Ajz5hcR2KWUDr3/AmsRiBJh5okZR6SspPdMn/N46iB+OsL7PSMEB/teFiyc7EXx7nV4=
bankatfirst.my.site.com/	1970-01-20 09:03:56	Name: sfdc-stream Value: !mqARKTIKzLIDGr4YiIfvrrQC/ce1827A58wm9goeinUaT6gDGIPy7uNM/NTP0XC88NOeBSBfPtONpPo=
.salesforce.com/	1970-01-20 17:49:22	Name: BrowserId_sec Value: jPZsfZjREe2FQdfr1t6oZg
.my.site.com/	1970-01-20 09:03:53	Name: bm_sv Value: 091C81119D14CFE2C33028A30616206A~YAAQTe4hF/doL82FAQAAJlynzxL9+yyFX1HyXczPhaytEAbZrM3VOQUa9AvGLa6EbRr8Ab0evQVRLpagveNP7BgcGNgtF7Me1Vyscb2BZJQUNnuzv7aAKT1BhrPpiwJ0h7zPJDw/NrPggWzQ0SXi46bh+kr/RmcW5yvnk98xqeTfi+UBRywNOtPCmvzmeR/8HLFE9uhCsupIxEkZDKCm4jO4aNrAYJqvoAckewf+gWSbj6g5fAqJFBBjYlZjzeI0lQ==~1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bankatfirst.force.com
bankatfirst.my.salesforce.com
bankatfirst.my.site.com
13.109.180.7
13.110.35.81
2600:1400:d::1721:ee51
0088ad02f7d752b5d5d810e712568a017ecbfe0a0837aa2d508c4e6d2f3ed2cb
17903527e7ce6cc95554671394a4a2b4775cb8219a49e484509d5c3d6f1c7259
1f719b7516ce70860edbb7326e2f81593c281dacd1246bc7c7a17f1e8ca898db
278d1172cd17e2e0bd8789c53c78bbe231d6f760079007e8909f66d0064a236a
336e47855a2634b17ab1e87428f96b51e21a434dca8c8327b47dc0fd2e0d3b51
35a384aea0322a276ebdc1ea927fad564e9f427ca1408d5b31e367347db53f49
718b98352fcff4165da6f7df4efb9231c835d9fe5ffb7c38744993adb282c145
929cdec7f75893144e7ae7f74dc8d4af649247d3748fc0df1d06ad4c5e02d826
934173121c2e1622d3d32ff34d23df8a7b41b94546da25d2b8261643b90cd23d
a2e662d6b670d3a50875c8b51b42137a617148d5d66ff58ec6a7cdf61228ca40
a48f997fa23140662c20f7a46e93cefcef071fbf81ce038067582f2d822d86d5
a6cd58e1fe84bac821ac0f4885117c1f1a1b615ec6bf4779aff463d14e7fcd6e
b4693d048bb8f4044d3ad3486ffffde09389e06780f23515690a3150b120a5e8
d8d2bc6fb886faf17e387392161bc2ed74dfa31eebbe626b9d674ad08c6df08b
e9cae90265db0cc36309929d4ff1d4ae23be7f8c91209c22505217d8c9685a51
ea302bb586a95c764c3e97b9d34a218e315886d38a44feff34cce20b3734cecf
f2fc7be71878293d4cda6a322c10e4abb7041e51105d718756c7830d4b1d859e

bankatfirst.my.site.com Open in urlscan Pro 2600:1400:d::1721:ee51 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

16 Requests

100 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

3 IPs

1 Countries

1563 kBTransfer

6018 kBSize

11 Cookies

1 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

11 Cookies

Security Headers

Indicators

bankatfirst.my.site.com Open in urlscan Pro
2600:1400:d::1721:ee51 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

1563 kB
Transfer

6018 kB
Size

11
Cookies

16 HTTP transactions
2 data transactions