main.sbm-demo.xyz Open in urlscan Pro
35.176.253.34  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

42 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request address-bar-phishing Show response main.sbm-demo.xyz/	8 KB 8 KB	68ms 20ms	Document text/html	35.176.253.34 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://main.sbm-demo.xyz/address-bar-phishing Protocol HTTP/1.1 Server 35.176.253.34 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-176-253-34.eu-west-2.compute.amazonaws.com Software / Express Resource Hash 7d75858633a552dfd2f6639eda9d4af43d6a761dcb8c5b85f79bc74bdd0d8812 Request headers Host main.sbm-demo.xyz Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Accept-Ranges bytes Cache-Control public, max-age=0 Content-Type text/html; charset=UTF-8 Date Tue, 13 Apr 2021 12:04:12 GMT ETag W/"1fb4-177b4aa9c40" Last-Modified Thu, 18 Feb 2021 10:23:36 GMT X-Powered-By Express Content-Length 8116 Connection keep-alive
GET H/1.1	200 OK	app.css main.sbm-demo.xyz/css/	17 KB 18 KB	20ms 20ms	Stylesheet text/css	35.176.253.34 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://main.sbm-demo.xyz/css/app.css Requested by Host: main.sbm-demo.xyz URL: http://main.sbm-demo.xyz/address-bar-phishing Protocol HTTP/1.1 Server 35.176.253.34 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-176-253-34.eu-west-2.compute.amazonaws.com Software / Express Resource Hash 9447214182838eec16dd9a6c6ab921b5e83c93a1b2ef0ee3abcd2745090033eb Request headers Referer http://main.sbm-demo.xyz/address-bar-phishing User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 13 Apr 2021 12:04:12 GMT Last-Modified Thu, 18 Feb 2021 10:23:36 GMT X-Powered-By Express ETag W/"4526-177b4aa9c40" Content-Type text/css; charset=UTF-8 Cache-Control public, max-age=0 Connection keep-alive Accept-Ranges bytes Content-Length 17702
GET H/1.1	200 OK	logo214.svg main.sbm-demo.xyz/img/	7 KB 7 KB	42ms 23ms	Image image/svg+xml	35.176.253.34 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL http://main.sbm-demo.xyz/img/logo214.svg Requested by Host: main.sbm-demo.xyz URL: http://main.sbm-demo.xyz/address-bar-phishing Protocol HTTP/1.1 Server 35.176.253.34 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-176-253-34.eu-west-2.compute.amazonaws.com Software / Express Resource Hash a48f997fa23140662c20f7a46e93cefcef071fbf81ce038067582f2d822d86d5 Request headers Referer http://main.sbm-demo.xyz/address-bar-phishing User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 13 Apr 2021 12:04:12 GMT Last-Modified Thu, 18 Feb 2021 10:23:36 GMT X-Powered-By Express ETag W/"1a28-177b4aa9c40" Content-Type image/svg+xml Cache-Control public, max-age=0 Connection keep-alive Accept-Ranges bytes Content-Length 6696
GET H/1.1	200 OK	hacked-2127635_640.png main.sbm-demo.xyz/img/	206 KB 206 KB	42ms 23ms	Image image/png	35.176.253.34 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL http://main.sbm-demo.xyz/img/hacked-2127635_640.png Requested by Host: main.sbm-demo.xyz URL: http://main.sbm-demo.xyz/address-bar-phishing Protocol HTTP/1.1 Server 35.176.253.34 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-176-253-34.eu-west-2.compute.amazonaws.com Software / Express Resource Hash 64a589b66d30f94bfa107a61d9185eca42aed2bf995c59eadb6a9ee7491b4a86 Request headers Referer http://main.sbm-demo.xyz/address-bar-phishing User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 13 Apr 2021 12:04:12 GMT Last-Modified Thu, 18 Feb 2021 10:23:36 GMT X-Powered-By Express ETag W/"33831-177b4aa9c40" Content-Type image/png Cache-Control public, max-age=0 Connection keep-alive Accept-Ranges bytes Content-Length 210993
GET H/1.1	200 OK	bar_left.png main.sbm-demo.xyz/img/	12 KB 12 KB	42ms 23ms	Image image/png	35.176.253.34 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL http://main.sbm-demo.xyz/img/bar_left.png Requested by Host: main.sbm-demo.xyz URL: http://main.sbm-demo.xyz/address-bar-phishing Protocol HTTP/1.1 Server 35.176.253.34 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-176-253-34.eu-west-2.compute.amazonaws.com Software / Express Resource Hash 4b29482f6fdd63b877c1a0019ecc4ed7d4f1750e03ff28144a390fed86d6947c Request headers Referer http://main.sbm-demo.xyz/address-bar-phishing User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 13 Apr 2021 12:04:12 GMT Last-Modified Thu, 18 Feb 2021 10:23:36 GMT X-Powered-By Express ETag W/"2f26-177b4aa9c40" Content-Type image/png Cache-Control public, max-age=0 Connection keep-alive Accept-Ranges bytes Content-Length 12070
GET H2	200	bar_right.png d33wubrfki0l68.cloudfront.net/91e6aa57c56f24f26ddc72cac39a8ccbd4982e38/93698/assets/2019-04-27/	4 KB 5 KB	50ms 16ms	Image image/png	13.226.156.169 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d33wubrfki0l68.cloudfront.net/91e6aa57c56f24f26ddc72cac39a8ccbd4982e38/93698/assets/2019-04-27/bar_right.png Requested by Host: main.sbm-demo.xyz URL: http://main.sbm-demo.xyz/address-bar-phishing Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.226.156.169 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-226-156-169.dus51.r.cloudfront.net Software Netlify / Resource Hash 81f6c614514d5aa972aa14f3fe7e40ac00e1f5d02cbb88a99d4091119231ca9b Request headers Referer http://main.sbm-demo.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-nf-request-id 06c53da0-eea0-4a3b-b5a9-27ab2a774dbb-20802644 date Sat, 10 Apr 2021 20:04:20 GMT via 1.1 3b811cf25a4fdc818f7cfcb16b38d622.cloudfront.net (CloudFront) server Netlify age 230392 etag 0326fd0280ee67998851f35bca409d9350a3b57a x-cache Hit from cloudfront content-type image/png access-control-allow-origin * cache-control public, max-age=31556926 x-amz-cf-pop DUS51-C1 accept-ranges bytes content-length 4411 x-amz-cf-id 27IwOrjCQQz6974l0X-YByV48Fo5-Qr7876tF6hY2brCuH8n3zpIMg==
GET H2	200	promos.html Show response c.salesforce.com/login-messages/ Frame 60D1	19 KB 4 KB	37ms 10ms	Document text/html	104.109.94.147 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://c.salesforce.com/login-messages/promos.html Requested by Host: main.sbm-demo.xyz URL: http://main.sbm-demo.xyz/address-bar-phishing Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.109.94.147 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-109-94-147.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 9e9d0a8e3a4948e956bab087da190f154b965206c593b1284e1fee96e9fd1aab Security Headers Name Value Strict-Transport-Security maxage=16070400; includeSubdomains; preload X-Content-Type-Options nosniff Request headers :method GET :authority c.salesforce.com :scheme https :path /login-messages/promos.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://main.sbm-demo.xyz/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer http://main.sbm-demo.xyz/ Response headers server Apache last-modified Mon, 12 Apr 2021 15:57:02 GMT accept-ranges bytes vary Accept-Encoding content-encoding gzip x-content-type-options nosniff referrer-policy no-referrer-when-downgrade x-ua-compatible IE=9; IE=8; IE=7; IE=EDGE content-type text/html content-length 3932 strict-transport-security maxage=16070400; includeSubdomains; preload cache-control max-age=15689, s-maxage=10 date Tue, 13 Apr 2021 12:04:12 GMT
GET H/1.1	200 OK	SalesforceSans-Regular.woff2 main.sbm-demo.xyz/css/fonts/	27 KB 27 KB	20ms 20ms	Font application/font-woff2	35.176.253.34 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://main.sbm-demo.xyz/css/fonts/SalesforceSans-Regular.woff2 Requested by Host: main.sbm-demo.xyz URL: http://main.sbm-demo.xyz/css/app.css Protocol HTTP/1.1 Server 35.176.253.34 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-176-253-34.eu-west-2.compute.amazonaws.com Software / Express Resource Hash 1f1752651aca663f40e45c60e182172fc426a40df042098f6e68a56db2c459f3 Request headers Origin http://main.sbm-demo.xyz Referer http://main.sbm-demo.xyz/css/app.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 13 Apr 2021 12:04:12 GMT Last-Modified Thu, 18 Feb 2021 10:23:36 GMT X-Powered-By Express ETag W/"6bbc-177b4aa9c40" Content-Type application/font-woff2 Cache-Control public, max-age=0 Connection keep-alive Accept-Ranges bytes Content-Length 27580
GET H/1.1	200 OK	SalesforceSans-Light.woff2 main.sbm-demo.xyz/css/fonts/	27 KB 27 KB	20ms 20ms	Font application/font-woff2	35.176.253.34 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://main.sbm-demo.xyz/css/fonts/SalesforceSans-Light.woff2 Requested by Host: main.sbm-demo.xyz URL: http://main.sbm-demo.xyz/css/app.css Protocol HTTP/1.1 Server 35.176.253.34 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-176-253-34.eu-west-2.compute.amazonaws.com Software / Express Resource Hash b7df2d6cb9d0ecda707a1de1302b3c9d9bda16247dc382e696579a8308d49771 Request headers Origin http://main.sbm-demo.xyz Referer http://main.sbm-demo.xyz/css/app.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 13 Apr 2021 12:04:12 GMT Last-Modified Thu, 18 Feb 2021 10:23:36 GMT X-Powered-By Express ETag W/"6c58-177b4aa9c40" Content-Type application/font-woff2 Cache-Control public, max-age=0 Connection keep-alive Accept-Ranges bytes Content-Length 27736
GET H2	200	jquery.min.8e23e5ad8c1b5c588cca8d71df0aef0b.js Show response www.salesforce.com/etc.clientlibs/clientlibs/granite/ Frame 60D1	111 KB 38 KB	88ms 64ms	Script application/javascript	2a02:26f0:7100::687e:24e1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.salesforce.com/etc.clientlibs/clientlibs/granite/jquery.min.8e23e5ad8c1b5c588cca8d71df0aef0b.js Requested by Host: c.salesforce.com URL: https://c.salesforce.com/login-messages/promos.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:7100::687e:24e1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Apache / Resource Hash 6068e194fbcc63e770a21498d0c7a8bf6ac91c75aea4325772d2b71aadd46ff8 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://c.salesforce.com/login-messages/promos.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Apr 2021 12:04:12 GMT content-encoding gzip referrer-policy no-referrer-when-downgrade last-modified Mon, 12 Apr 2021 11:50:25 GMT server Apache x-frame-options SAMEORIGIN content-type application/javascript cache-control max-age=1209600, s-maxage=10 server-timing cdn-cache; desc=HIT, edge; dur=1 strict-transport-security max-age=86400 accept-ranges bytes vary Accept-Encoding content-length 38316 x-content-type-options nosniff expires Tue, 27 Apr 2021 12:04:12 GMT
GET H2	200	utils.min.308082b4c347f4fec37ffef277d39d0e.js Show response www.salesforce.com/etc.clientlibs/clientlibs/granite/ Frame 60D1	10 KB 4 KB	263ms 239ms	Script application/javascript	2a02:26f0:7100::687e:24e1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.salesforce.com/etc.clientlibs/clientlibs/granite/utils.min.308082b4c347f4fec37ffef277d39d0e.js Requested by Host: c.salesforce.com URL: https://c.salesforce.com/login-messages/promos.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:7100::687e:24e1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Apache / Resource Hash 799cb15a25ed2fa78bdba496d1afbc68f033a3a5dd9ead12f4eaac4e0a93236d Security Headers Name Value Strict-Transport-Security max-age=86400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://c.salesforce.com/login-messages/promos.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Apr 2021 12:04:12 GMT content-encoding gzip referrer-policy no-referrer-when-downgrade last-modified Mon, 12 Apr 2021 05:44:39 GMT server Apache x-frame-options SAMEORIGIN content-type application/javascript cache-control max-age=1209600, s-maxage=10 server-timing cdn-cache; desc=HIT, edge; dur=160 strict-transport-security max-age=86400 accept-ranges bytes vary Accept-Encoding content-length 3706 x-content-type-options nosniff expires Tue, 27 Apr 2021 12:04:12 GMT
GET H2	200	granite.min.e67470fde615e2d442e08aad300a8905.js Show response www.salesforce.com/etc.clientlibs/clientlibs/granite/jquery/ Frame 60D1	4 KB 2 KB	198ms 176ms	Script application/javascript	2a02:26f0:7100::687e:24e1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.salesforce.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.e67470fde615e2d442e08aad300a8905.js Requested by Host: c.salesforce.com URL: https://c.salesforce.com/login-messages/promos.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:7100::687e:24e1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Apache / Resource Hash 0c004a8bc2e2b97498e70c2e4cd25caac120fd9b9dc75446d5e3867e741b661c Security Headers Name Value Strict-Transport-Security max-age=86400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://c.salesforce.com/login-messages/promos.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Apr 2021 12:04:12 GMT content-encoding gzip referrer-policy no-referrer-when-downgrade last-modified Mon, 12 Apr 2021 13:16:18 GMT server Apache x-frame-options SAMEORIGIN content-type application/javascript cache-control max-age=1209600, s-maxage=10 server-timing cdn-cache; desc=HIT, edge; dur=1 strict-transport-security max-age=86400 accept-ranges bytes vary Accept-Encoding content-length 1748 x-content-type-options nosniff expires Tue, 27 Apr 2021 12:04:12 GMT
GET H2	200	jquery.min.dd9b395c741ce2784096e26619e14910.js Show response www.salesforce.com/etc.clientlibs/foundation/clientlibs/ Frame 60D1	16 B 326 B	117ms 95ms	Script application/javascript	2a02:26f0:7100::687e:24e1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.salesforce.com/etc.clientlibs/foundation/clientlibs/jquery.min.dd9b395c741ce2784096e26619e14910.js Requested by Host: c.salesforce.com URL: https://c.salesforce.com/login-messages/promos.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:7100::687e:24e1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Apache / Resource Hash c084b47104c493fb377b6d35d8c08df67d773f6dcf8294c0a7360710cd8cacbd Security Headers Name Value Strict-Transport-Security max-age=86400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://c.salesforce.com/login-messages/promos.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Apr 2021 12:04:12 GMT referrer-policy no-referrer-when-downgrade last-modified Sun, 11 Apr 2021 16:51:23 GMT server Apache x-frame-options SAMEORIGIN strict-transport-security max-age=86400 content-type application/javascript cache-control max-age=1209600, s-maxage=10 server-timing cdn-cache; desc=HIT, edge; dur=1 accept-ranges bytes content-length 16 x-content-type-options nosniff expires Tue, 27 Apr 2021 12:04:12 GMT
GET H2	200	modern.min.3a0ad4c7614495b1cae264dfcb9b9813.js Show response www.salesforce.com/etc/clientlibs/granite/lodash/ Frame 60D1	34 KB 12 KB	197ms 175ms	Script application/javascript	2a02:26f0:7100::687e:24e1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.salesforce.com/etc/clientlibs/granite/lodash/modern.min.3a0ad4c7614495b1cae264dfcb9b9813.js Requested by Host: c.salesforce.com URL: https://c.salesforce.com/login-messages/promos.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:7100::687e:24e1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Apache / Resource Hash 355604a949ef95ceffcd21a7e9b5ed27c95d847f95127e0ddad5aa1793f1bb74 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://c.salesforce.com/login-messages/promos.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Apr 2021 12:04:12 GMT content-encoding gzip referrer-policy no-referrer-when-downgrade last-modified Sun, 11 Apr 2021 16:52:12 GMT server Apache x-frame-options SAMEORIGIN content-type application/javascript cache-control max-age=1209600, s-maxage=10 server-timing cdn-cache; desc=HIT, edge; dur=1 strict-transport-security max-age=86400 accept-ranges bytes vary Accept-Encoding content-length 11784 x-content-type-options nosniff expires Tue, 27 Apr 2021 12:04:12 GMT
GET H2	200	clientlibs_analytics_login_top.min.8a963051768f1ee0be822df84a226fe2.js Show response www.salesforce.com/etc/clientlibs/sfdc-aem-master/ Frame 60D1	26 KB 9 KB	246ms 225ms	Script application/javascript	2a02:26f0:7100::687e:24e1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.salesforce.com/etc/clientlibs/sfdc-aem-master/clientlibs_analytics_login_top.min.8a963051768f1ee0be822df84a226fe2.js Requested by Host: c.salesforce.com URL: https://c.salesforce.com/login-messages/promos.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:7100::687e:24e1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Apache / Resource Hash d4d5be5c2a7d58433177e3fcc9e8553eb1da447d9093f4c63780efb6c6fa7015 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://c.salesforce.com/login-messages/promos.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Apr 2021 12:04:12 GMT content-encoding gzip referrer-policy no-referrer-when-downgrade last-modified Mon, 12 Apr 2021 13:38:55 GMT server Apache x-frame-options SAMEORIGIN content-type application/javascript cache-control max-age=1209600, s-maxage=10 server-timing cdn-cache; desc=HIT, edge; dur=1 strict-transport-security max-age=86400 accept-ranges bytes vary Accept-Encoding content-length 8552 x-content-type-options nosniff expires Tue, 27 Apr 2021 12:04:12 GMT
GET H2	200	otSDKStub.js Show response a.sfdcstatic.com/enterprise/salesforce/prod/6140/oneTrust/scripttemplates/ Frame 60D1	16 KB 5 KB	34ms 8ms	Script application/x-javascript	104.126.36.41 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://a.sfdcstatic.com/enterprise/salesforce/prod/6140/oneTrust/scripttemplates/otSDKStub.js Requested by Host: c.salesforce.com URL: https://c.salesforce.com/login-messages/promos.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.126.36.41 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-126-36-41.deploy.static.akamaitechnologies.com Software Akamai Resource Optimizer / Resource Hash d98430b79bd481c608eb50058778fc3a919b996494f209c1546d11280d7bc14f Request headers Referer https://c.salesforce.com/login-messages/promos.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Apr 2021 12:04:12 GMT content-encoding br last-modified Wed, 07 Apr 2021 20:46:49 GMT server Akamai Resource Optimizer etag "137ad123a8ab346dbad666d4d19e9486:1617231488.365041" vary Accept-Encoding content-type application/x-javascript cache-control max-age=2104958 accept-ranges bytes content-length 4954 expires Fri, 07 May 2021 20:46:50 GMT
GET H2	200	clientlibs_onetrust.min.358b0d1795da39e5232e8e0836a61fdb.css www.salesforce.com/etc/clientlibs/sfdc-aem-master/ Frame 60D1	26 KB 4 KB	33ms 14ms	Stylesheet text/css	2a02:26f0:7100::687e:24e1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.salesforce.com/etc/clientlibs/sfdc-aem-master/clientlibs_onetrust.min.358b0d1795da39e5232e8e0836a61fdb.css Requested by Host: c.salesforce.com URL: https://c.salesforce.com/login-messages/promos.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:7100::687e:24e1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Apache / Resource Hash d657451845dab76a4e4f8d19611888106a4ec6139b7bc48984abd6c8f863389d Security Headers Name Value Strict-Transport-Security max-age=86400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://c.salesforce.com/login-messages/promos.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Apr 2021 12:04:12 GMT content-encoding gzip referrer-policy no-referrer-when-downgrade last-modified Mon, 12 Apr 2021 03:34:35 GMT server Apache x-frame-options SAMEORIGIN content-type text/css cache-control max-age=1209600, s-maxage=10 server-timing cdn-cache; desc=HIT, edge; dur=1 strict-transport-security max-age=86400 accept-ranges bytes vary Accept-Encoding content-length 3482 x-content-type-options nosniff expires Tue, 27 Apr 2021 12:04:12 GMT
GET H2	200	all.bundle.dd82450162c004c06b55.css www.salesforce.com/etc.bundles/sfdc-www/bundles/ Frame 60D1	632 KB 84 KB	56ms 37ms	Stylesheet text/css	2a02:26f0:7100::687e:24e1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.salesforce.com/etc.bundles/sfdc-www/bundles/all.bundle.dd82450162c004c06b55.css Requested by Host: c.salesforce.com URL: https://c.salesforce.com/login-messages/promos.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:7100::687e:24e1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Apache / Resource Hash a043c1cd8070a5e550f975bd65f449a8a565d20054b1221fa9f17bd7ddc29ee9 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://c.salesforce.com/login-messages/promos.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Apr 2021 12:04:12 GMT content-encoding gzip referrer-policy no-referrer-when-downgrade last-modified Mon, 12 Apr 2021 05:48:41 GMT server Apache x-frame-options SAMEORIGIN content-type text/css cache-control max-age=1209600, s-maxage=10 server-timing cdn-cache; desc=HIT, edge; dur=14 strict-transport-security max-age=86400 accept-ranges bytes vary Accept-Encoding content-length 85272 x-content-type-options nosniff expires Tue, 27 Apr 2021 12:04:12 GMT
GET H2	200	sfdc-liveChat.bundle.dd82450162c004c06b55.css www.salesforce.com/etc.bundles/sfdc-www/bundles/ Frame 60D1	9 KB 2 KB	55ms 36ms	Stylesheet text/css	2a02:26f0:7100::687e:24e1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.salesforce.com/etc.bundles/sfdc-www/bundles/sfdc-liveChat.bundle.dd82450162c004c06b55.css Requested by Host: c.salesforce.com URL: https://c.salesforce.com/login-messages/promos.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:7100::687e:24e1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Apache / Resource Hash a585ce7410a54b3f6e9379a057927a0151ffeb14465799bb20dc2b29986e1eb2 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://c.salesforce.com/login-messages/promos.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Apr 2021 12:04:12 GMT content-encoding gzip referrer-policy no-referrer-when-downgrade last-modified Mon, 12 Apr 2021 16:08:23 GMT server Apache x-frame-options SAMEORIGIN content-type text/css cache-control max-age=1209600, s-maxage=10 server-timing cdn-cache; desc=HIT, edge; dur=1 strict-transport-security max-age=86400 accept-ranges bytes vary Accept-Encoding content-length 2085 x-content-type-options nosniff expires Tue, 27 Apr 2021 12:04:12 GMT
GET H2	200	clientlibs_www_tags.min.49c634c0df8e725801cecc00b8a87f20.js Show response www.salesforce.com/etc/clientlibs/sfdc-aem-master/ Frame 60D1	1 KB 898 B	458ms 440ms	Script application/javascript	2a02:26f0:7100::687e:24e1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.salesforce.com/etc/clientlibs/sfdc-aem-master/clientlibs_www_tags.min.49c634c0df8e725801cecc00b8a87f20.js Requested by Host: c.salesforce.com URL: https://c.salesforce.com/login-messages/promos.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:7100::687e:24e1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Apache / Resource Hash 776e011700a430a8fd3cda23ce96ef30c6da4a54c308abec4c0ec2f8d6941a49 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://c.salesforce.com/login-messages/promos.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Apr 2021 12:04:12 GMT content-encoding gzip referrer-policy no-referrer-when-downgrade last-modified Mon, 12 Apr 2021 07:18:28 GMT server Apache x-frame-options SAMEORIGIN content-type application/javascript cache-control max-age=1209600, s-maxage=10 server-timing cdn-cache; desc=HIT, edge; dur=323 strict-transport-security max-age=86400 accept-ranges bytes vary Accept-Encoding content-length 566 x-content-type-options nosniff expires Tue, 27 Apr 2021 12:04:12 GMT
GET H2	200	green-checkmark.png www.salesforce.com/content/dam/web/en_us/www/images/login-promos/ Frame 60D1	442 B 751 B	14ms 13ms	Image image/png	2a02:26f0:7100::687e:24e1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.salesforce.com/content/dam/web/en_us/www/images/login-promos/green-checkmark.png Requested by Host: c.salesforce.com URL: https://c.salesforce.com/login-messages/promos.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:7100::687e:24e1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Apache / Resource Hash be48eb77224cd798f343705ee369ae4c051525f46ab07c7ac123c23beabe6d2a Security Headers Name Value Strict-Transport-Security max-age=86400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://c.salesforce.com/login-messages/promos.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Apr 2021 12:04:12 GMT referrer-policy no-referrer-when-downgrade last-modified Sun, 11 Apr 2021 16:51:00 GMT server Apache x-frame-options SAMEORIGIN strict-transport-security max-age=86400 content-type image/png cache-control private, max-age=5035575, s-maxage=10 server-timing cdn-cache; desc=HIT, edge; dur=1 accept-ranges bytes content-length 442 x-content-type-options nosniff expires Thu, 10 Jun 2021 18:50:27 GMT
GET H2	200	spacer.gif www.salesforce.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/imgs/ Frame 60D1	43 B 351 B	15ms 15ms	Image image/gif	2a02:26f0:7100::687e:24e1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.salesforce.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/imgs/spacer.gif Requested by Host: c.salesforce.com URL: https://c.salesforce.com/login-messages/promos.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:7100::687e:24e1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Apache / Resource Hash 281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://c.salesforce.com/login-messages/promos.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Apr 2021 12:04:12 GMT referrer-policy no-referrer-when-downgrade last-modified Sun, 11 Apr 2021 16:50:44 GMT server Apache x-frame-options SAMEORIGIN strict-transport-security max-age=86400 content-type image/gif cache-control private, max-age=5035564, s-maxage=10 server-timing cdn-cache; desc=HIT, edge; dur=1 accept-ranges bytes content-length 43 x-content-type-options nosniff expires Thu, 10 Jun 2021 18:50:16 GMT
GET H2	200	vendors~scriptloader~utils.bundle.ce37e288e003c66bd083.js Show response www.salesforce.com/etc.bundles/sfdc-www/bundles/ Frame 60D1	13 KB 5 KB	14ms 14ms	Script application/javascript	2a02:26f0:7100::687e:24e1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.salesforce.com/etc.bundles/sfdc-www/bundles/vendors~scriptloader~utils.bundle.ce37e288e003c66bd083.js Requested by Host: c.salesforce.com URL: https://c.salesforce.com/login-messages/promos.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:7100::687e:24e1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Apache / Resource Hash f7becd483ffb6036db37eb140255c414bf9ec9e37572194d9111351cbd7fb888 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://c.salesforce.com/login-messages/promos.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Apr 2021 12:04:12 GMT content-encoding gzip referrer-policy no-referrer-when-downgrade last-modified Mon, 12 Apr 2021 02:31:04 GMT server Apache x-frame-options SAMEORIGIN content-type application/javascript cache-control max-age=1209600, s-maxage=10 server-timing cdn-cache; desc=HIT, edge; dur=1 strict-transport-security max-age=86400 accept-ranges bytes vary Accept-Encoding content-length 4821 x-content-type-options nosniff expires Tue, 27 Apr 2021 12:04:12 GMT
GET H2	200	vendors~scriptloader.bundle.ce37e288e003c66bd083.js Show response www.salesforce.com/etc.bundles/sfdc-www/bundles/ Frame 60D1	13 KB 6 KB	19ms 19ms	Script application/javascript	2a02:26f0:7100::687e:24e1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.salesforce.com/etc.bundles/sfdc-www/bundles/vendors~scriptloader.bundle.ce37e288e003c66bd083.js Requested by Host: c.salesforce.com URL: https://c.salesforce.com/login-messages/promos.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:7100::687e:24e1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Apache / Resource Hash 6f314f1aecfb61e6b432122d56179b012347cf87c1a6e26e020373d194ee6c67 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://c.salesforce.com/login-messages/promos.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Apr 2021 12:04:12 GMT content-encoding gzip referrer-policy no-referrer-when-downgrade last-modified Mon, 12 Apr 2021 01:38:34 GMT server Apache x-frame-options SAMEORIGIN content-type application/javascript cache-control max-age=1209600, s-maxage=10 server-timing cdn-cache; desc=HIT, edge; dur=5 strict-transport-security max-age=86400 accept-ranges bytes vary Accept-Encoding content-length 5393 x-content-type-options nosniff expires Tue, 27 Apr 2021 12:04:12 GMT
GET H2	200	scriptloader.bundle.ce37e288e003c66bd083.js Show response www.salesforce.com/etc.bundles/sfdc-www/bundles/ Frame 60D1	26 KB 5 KB	15ms 14ms	Script application/javascript	2a02:26f0:7100::687e:24e1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.salesforce.com/etc.bundles/sfdc-www/bundles/scriptloader.bundle.ce37e288e003c66bd083.js Requested by Host: c.salesforce.com URL: https://c.salesforce.com/login-messages/promos.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:7100::687e:24e1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Apache / Resource Hash a3edcce1f41c41bbeccad58ca237ad44dbdea65a71683dcce62a0bf2aa337c74 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://c.salesforce.com/login-messages/promos.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Apr 2021 12:04:12 GMT content-encoding gzip referrer-policy no-referrer-when-downgrade last-modified Mon, 12 Apr 2021 08:02:34 GMT server Apache x-frame-options SAMEORIGIN content-type application/javascript cache-control max-age=1209600, s-maxage=10 server-timing cdn-cache; desc=HIT, edge; dur=1 strict-transport-security max-age=86400 accept-ranges bytes vary Accept-Encoding content-length 5099 x-content-type-options nosniff expires Tue, 27 Apr 2021 12:04:12 GMT
GET H2	200	vendors~utils~webpack-script-manifest-SfdcWwwBaseCnc-js~webpack-script-manifest-commonlyUsed-js~webp~8dbeef75.bundle.ce37e288e003c66bd083.js Show response www.salesforce.com/etc.bundles/sfdc-www/bundles/ Frame 60D1	16 KB 6 KB	16ms 16ms	Script application/javascript	2a02:26f0:7100::687e:24e1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.salesforce.com/etc.bundles/sfdc-www/bundles/vendors~utils~webpack-script-manifest-SfdcWwwBaseCnc-js~webpack-script-manifest-commonlyUsed-js~webp~8dbeef75.bundle.ce37e288e003c66bd083.js Requested by Host: c.salesforce.com URL: https://c.salesforce.com/login-messages/promos.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:7100::687e:24e1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Apache / Resource Hash 970dbe7e1823cd7bd5ffb344458c1fc6c484bb85fdd7adbc29d6abc5d9caee5b Security Headers Name Value Strict-Transport-Security max-age=86400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://c.salesforce.com/login-messages/promos.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Apr 2021 12:04:12 GMT content-encoding gzip referrer-policy no-referrer-when-downgrade last-modified Mon, 12 Apr 2021 02:09:45 GMT server Apache x-frame-options SAMEORIGIN content-type application/javascript cache-control max-age=1209600, s-maxage=10 server-timing cdn-cache; desc=HIT, edge; dur=1 strict-transport-security max-age=86400 accept-ranges bytes vary Accept-Encoding content-length 6037 x-content-type-options nosniff expires Tue, 27 Apr 2021 12:04:12 GMT
GET H2	200	utils.bundle.ce37e288e003c66bd083.js Show response www.salesforce.com/etc.bundles/sfdc-www/bundles/ Frame 60D1	16 KB 6 KB	14ms 14ms	Script application/javascript	2a02:26f0:7100::687e:24e1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.salesforce.com/etc.bundles/sfdc-www/bundles/utils.bundle.ce37e288e003c66bd083.js Requested by Host: c.salesforce.com URL: https://c.salesforce.com/login-messages/promos.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:7100::687e:24e1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Apache / Resource Hash 9b8dc734c64cdee08c1432f7a097c44988d9d76afe879f32a9f1e1f1e7e092a5 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://c.salesforce.com/login-messages/promos.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Apr 2021 12:04:12 GMT content-encoding gzip referrer-policy no-referrer-when-downgrade last-modified Mon, 12 Apr 2021 11:03:15 GMT server Apache x-frame-options SAMEORIGIN content-type application/javascript cache-control max-age=1209600, s-maxage=10 server-timing cdn-cache; desc=HIT, edge; dur=1 strict-transport-security max-age=86400 accept-ranges bytes vary Accept-Encoding content-length 5410 x-content-type-options nosniff expires Tue, 27 Apr 2021 12:04:12 GMT
GET H2	200	clientlibs_analytics_login_bottom.min.61b23575e0f268adc39dc82bdc0857d5.js Show response www.salesforce.com/etc/clientlibs/sfdc-aem-master/ Frame 60D1	216 KB 66 KB	19ms 19ms	Script application/javascript	2a02:26f0:7100::687e:24e1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.salesforce.com/etc/clientlibs/sfdc-aem-master/clientlibs_analytics_login_bottom.min.61b23575e0f268adc39dc82bdc0857d5.js Requested by Host: c.salesforce.com URL: https://c.salesforce.com/login-messages/promos.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:7100::687e:24e1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Apache / Resource Hash 6207a69699be5b887809e71b6be0102e65a132dc8419dab88a0bd6b782531721 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://c.salesforce.com/login-messages/promos.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Apr 2021 12:04:12 GMT content-encoding gzip referrer-policy no-referrer-when-downgrade last-modified Mon, 12 Apr 2021 08:14:52 GMT server Apache x-frame-options SAMEORIGIN content-type application/javascript cache-control max-age=1209600, s-maxage=10 server-timing cdn-cache; desc=HIT, edge; dur=3 strict-transport-security max-age=86400 accept-ranges bytes vary Accept-Encoding content-length 67586 x-content-type-options nosniff expires Tue, 27 Apr 2021 12:04:12 GMT
GET H2	200	742a15b9-6aa4-4c2f-99c1-ad4ca220cf96.json Show response a.sfdcstatic.com/enterprise/salesforce/prod/6140/oneTrust/consent/742a15b9-6aa4-4c2f-99c1-ad4ca220cf96/ Frame 60D1	5 KB 5 KB	22ms 7ms	XHR application/json	104.126.36.41 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://a.sfdcstatic.com/enterprise/salesforce/prod/6140/oneTrust/consent/742a15b9-6aa4-4c2f-99c1-ad4ca220cf96/742a15b9-6aa4-4c2f-99c1-ad4ca220cf96.json Requested by Host: a.sfdcstatic.com URL: https://a.sfdcstatic.com/enterprise/salesforce/prod/6140/oneTrust/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.126.36.41 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-126-36-41.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash 2c33f507c2317fa9f058880f3fa48ad1c07d983fc461fc3686ed6000c6c4b14b Request headers Referer https://c.salesforce.com/login-messages/promos.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Apr 2021 12:04:12 GMT last-modified Wed, 31 Mar 2021 22:58:11 GMT server AkamaiNetStorage etag "3306a29f8a2a8532fe2b3d8775bf9809:1617231491.927266" content-type application/json; charset=utf-8 access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes content-length 4802 expires Tue, 13 Apr 2021 13:04:12 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/ Frame 60D1	358 KB 87 KB	15ms 15ms	Script application/javascript	2a00:1450:4001:82a::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-WRXS6TH Requested by Host: c.salesforce.com URL: https://c.salesforce.com/login-messages/promos.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 8ab5722cddc32b16fe294cbb01257852275b653485007fc5c473311275b00830 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://c.salesforce.com/login-messages/promos.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Apr 2021 12:04:12 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 88584 x-xss-protection 0 expires Tue, 13 Apr 2021 12:04:12 GMT
GET H2	200	location Show response geolocation.onetrust.com/cookieconsentpub/v1/geo/ Frame 60D1	164 B 521 B	33ms 17ms	Script text/javascript	2606:4700:10::6814:b844 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location Requested by Host: a.sfdcstatic.com URL: https://a.sfdcstatic.com/enterprise/salesforce/prod/6140/oneTrust/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1b94f9074fc2ef1b63132fc70fe244cc5d5322e5982a80b6273a45a935ae335f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://c.salesforce.com/login-messages/promos.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Apr 2021 12:04:12 GMT content-encoding gzip server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript strict-transport-security max-age=31536000; includeSubDomains; preload cf-ray 63f48e3b6bbc05ed-FRA cf-request-id 096cb73926000005ed40b07000000001
GET H2	200	_jcr_content.personalization.pagemetadata.json Show response www.salesforce.com/login-messages/promos/ Frame 60D1	96 B 488 B	128ms 113ms	XHR application/json	2a02:26f0:7100::687e:24e1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.salesforce.com/login-messages/promos/_jcr_content.personalization.pagemetadata.json Requested by Host: www.salesforce.com URL: https://www.salesforce.com/etc/clientlibs/sfdc-aem-master/clientlibs_www_tags.min.49c634c0df8e725801cecc00b8a87f20.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:7100::687e:24e1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Apache / Resource Hash 1f47512db9887497acb137043b311a1218bf9f688b9bdf16469a758e70622a2e Security Headers Name Value Strict-Transport-Security max-age=86400 X-Content-Type-Options nosniff, nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://c.salesforce.com/login-messages/promos.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Apr 2021 12:04:12 GMT content-encoding gzip x-content-type-options nosniff, nosniff x-original-content-length 96 server-timing cdn-cache; desc=HIT, edge; dur=100 content-length 103 referrer-policy no-referrer-when-downgrade last-modified Tue, 13 Apr 2021 04:40:47 GMT server Apache x-frame-options SAMEORIGIN etag W/"PSA-MkITWxguqH" vary Accept-Encoding strict-transport-security max-age=86400 content-type application/json access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes expires Tue, 13 Apr 2021 13:04:12 GMT
GET H2	200	SalesforceSans-Regular.woff2 www.salesforce.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/ Frame 60D1	27 KB 27 KB	19ms 18ms	Font font/woff2	2a02:26f0:7100::687e:24e1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.salesforce.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff2 Requested by Host: www.salesforce.com URL: https://www.salesforce.com/etc.bundles/sfdc-www/bundles/all.bundle.dd82450162c004c06b55.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:7100::687e:24e1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Apache / Resource Hash 6f2251079db9fde7d456ba66a9294899f3024dac928bec71b3ce42e1568f304f Security Headers Name Value Strict-Transport-Security max-age=86400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Origin https://c.salesforce.com Referer https://www.salesforce.com/etc.bundles/sfdc-www/bundles/all.bundle.dd82450162c004c06b55.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Apr 2021 12:04:12 GMT referrer-policy no-referrer-when-downgrade last-modified Sun, 11 Apr 2021 16:50:53 GMT server Apache x-frame-options SAMEORIGIN strict-transport-security max-age=86400 content-type font/woff2 access-control-allow-origin * cache-control max-age=2592000 server-timing cdn-cache; desc=HIT, edge; dur=1 accept-ranges bytes content-length 27684 x-content-type-options nosniff expires Thu, 13 May 2021 12:04:12 GMT
GET H2	200	webpack-script-manifest-config-js.bundle.ce37e288e003c66bd083.js Show response www.salesforce.com/etc.bundles/sfdc-www/bundles/ Frame 60D1	2 KB 1 KB	56ms 54ms	Script application/javascript	2a02:26f0:7100::687e:24e1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.salesforce.com/etc.bundles/sfdc-www/bundles/webpack-script-manifest-config-js.bundle.ce37e288e003c66bd083.js Requested by Host: www.salesforce.com URL: https://www.salesforce.com/etc.bundles/sfdc-www/bundles/scriptloader.bundle.ce37e288e003c66bd083.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:7100::687e:24e1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Apache / Resource Hash 1f28a176d797a079288f5b2459a513eecb6f7953ecd7f6359dd9e8ca3a48bbae Security Headers Name Value Strict-Transport-Security max-age=86400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://c.salesforce.com/login-messages/promos.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Apr 2021 12:04:12 GMT content-encoding gzip referrer-policy no-referrer-when-downgrade last-modified Mon, 12 Apr 2021 04:18:06 GMT server Apache x-frame-options SAMEORIGIN content-type application/javascript cache-control max-age=1209600, s-maxage=10 server-timing cdn-cache; desc=REVALIDATE, edge; dur=32, origin; dur=6 strict-transport-security max-age=86400 accept-ranges bytes vary Accept-Encoding content-length 1161 x-content-type-options nosniff expires Tue, 27 Apr 2021 12:04:12 GMT
GET H2	200	vendors~webpack-script-manifest-SfdcWwwBaseCnc-js~webpack-script-manifest-commonlyUsed-js.bundle.ce37e288e003c66bd083.js Show response www.salesforce.com/etc.bundles/sfdc-www/bundles/ Frame 60D1	141 KB 42 KB	38ms 36ms	Script application/javascript	2a02:26f0:7100::687e:24e1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.salesforce.com/etc.bundles/sfdc-www/bundles/vendors~webpack-script-manifest-SfdcWwwBaseCnc-js~webpack-script-manifest-commonlyUsed-js.bundle.ce37e288e003c66bd083.js Requested by Host: www.salesforce.com URL: https://www.salesforce.com/etc.bundles/sfdc-www/bundles/scriptloader.bundle.ce37e288e003c66bd083.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:7100::687e:24e1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Apache / Resource Hash 708615b9e9c30cae15058f9e574222089486620a84f5ad87466c72cb14b3df5b Security Headers Name Value Strict-Transport-Security max-age=86400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://c.salesforce.com/login-messages/promos.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Apr 2021 12:04:12 GMT content-encoding gzip referrer-policy no-referrer-when-downgrade last-modified Sun, 11 Apr 2021 17:58:22 GMT server Apache x-frame-options SAMEORIGIN content-type application/javascript cache-control max-age=1209600, s-maxage=10 server-timing cdn-cache; desc=HIT, edge; dur=1 strict-transport-security max-age=86400 accept-ranges bytes vary Accept-Encoding content-length 42157 x-content-type-options nosniff expires Tue, 27 Apr 2021 12:04:12 GMT
GET H2	200	webpack-script-manifest-SfdcWwwBaseCnc-js~webpack-script-manifest-commonlyUsed-js~webpack-script-man~30a1d5be.bundle.ce37e288e003c66bd083.js Show response www.salesforce.com/etc.bundles/sfdc-www/bundles/ Frame 60D1	16 KB 5 KB	44ms 42ms	Script application/javascript	2a02:26f0:7100::687e:24e1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.salesforce.com/etc.bundles/sfdc-www/bundles/webpack-script-manifest-SfdcWwwBaseCnc-js~webpack-script-manifest-commonlyUsed-js~webpack-script-man~30a1d5be.bundle.ce37e288e003c66bd083.js Requested by Host: www.salesforce.com URL: https://www.salesforce.com/etc.bundles/sfdc-www/bundles/scriptloader.bundle.ce37e288e003c66bd083.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:7100::687e:24e1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Apache / Resource Hash 85b2446757ca1d6ac289ae8e8f0a500960d6e6d59932089fbe9f35fe91eab7a6 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://c.salesforce.com/login-messages/promos.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Apr 2021 12:04:12 GMT content-encoding gzip referrer-policy no-referrer-when-downgrade last-modified Sun, 11 Apr 2021 17:00:19 GMT server Apache x-frame-options SAMEORIGIN content-type application/javascript cache-control max-age=1209600, s-maxage=10 server-timing cdn-cache; desc=HIT, edge; dur=1 strict-transport-security max-age=86400 accept-ranges bytes vary Accept-Encoding content-length 4596 x-content-type-options nosniff expires Tue, 27 Apr 2021 12:04:12 GMT
GET H2	200	webpack-script-manifest-commonlyUsed-js.bundle.ce37e288e003c66bd083.js Show response www.salesforce.com/etc.bundles/sfdc-www/bundles/ Frame 60D1	40 KB 14 KB	59ms 58ms	Script application/javascript	2a02:26f0:7100::687e:24e1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.salesforce.com/etc.bundles/sfdc-www/bundles/webpack-script-manifest-commonlyUsed-js.bundle.ce37e288e003c66bd083.js Requested by Host: www.salesforce.com URL: https://www.salesforce.com/etc.bundles/sfdc-www/bundles/scriptloader.bundle.ce37e288e003c66bd083.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:7100::687e:24e1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Apache / Resource Hash 6e83fadec6902c1b3a22ec0ef06c05fa2b73bb4479fd83a8b4312a126409d898 Security Headers Name Value Strict-Transport-Security max-age=86400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://c.salesforce.com/login-messages/promos.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Apr 2021 12:04:12 GMT content-encoding gzip referrer-policy no-referrer-when-downgrade last-modified Sun, 11 Apr 2021 16:52:14 GMT server Apache x-frame-options SAMEORIGIN content-type application/javascript cache-control max-age=1209600, s-maxage=10 server-timing cdn-cache; desc=HIT, edge; dur=13 strict-transport-security max-age=86400 accept-ranges bytes vary Accept-Encoding content-length 13847 x-content-type-options nosniff expires Tue, 27 Apr 2021 12:04:12 GMT
GET H2	200	otBannerSdk.js Show response a.sfdcstatic.com/enterprise/salesforce/prod/6140/oneTrust/scripttemplates/6.14.0/ Frame 60D1	369 KB 62 KB	10ms 9ms	Script application/x-javascript	104.126.36.41 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://a.sfdcstatic.com/enterprise/salesforce/prod/6140/oneTrust/scripttemplates/6.14.0/otBannerSdk.js Requested by Host: a.sfdcstatic.com URL: https://a.sfdcstatic.com/enterprise/salesforce/prod/6140/oneTrust/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.126.36.41 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-126-36-41.deploy.static.akamaitechnologies.com Software Akamai Resource Optimizer / Resource Hash e7c129ee5de51a2692632d98e0e18cbc092fb758635921e4ecc404293495fafa Request headers Referer https://c.salesforce.com/login-messages/promos.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Apr 2021 12:04:12 GMT content-encoding br last-modified Wed, 31 Mar 2021 23:01:35 GMT server Akamai Resource Optimizer etag "4b732508f22f3022356407b9457e4c86:1617231490.261816" vary Accept-Encoding content-type application/x-javascript cache-control max-age=2104897 accept-ranges bytes content-length 62968 expires Fri, 07 May 2021 20:45:49 GMT
GET H2	200	en.json Show response a.sfdcstatic.com/enterprise/salesforce/prod/6140/oneTrust/consent/742a15b9-6aa4-4c2f-99c1-ad4ca220cf96/9271b9d0-7992-4364-9721-eac93d9415b0/ Frame 60D1	90 KB 90 KB	8ms 7ms	Fetch application/json	104.126.36.41 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://a.sfdcstatic.com/enterprise/salesforce/prod/6140/oneTrust/consent/742a15b9-6aa4-4c2f-99c1-ad4ca220cf96/9271b9d0-7992-4364-9721-eac93d9415b0/en.json Requested by Host: a.sfdcstatic.com URL: https://a.sfdcstatic.com/enterprise/salesforce/prod/6140/oneTrust/scripttemplates/6.14.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.126.36.41 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-126-36-41.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash db47e54a1905a665f8cfeae2bc05ebc0f5dee26d91c66bce05c63ede3d173599 Request headers Referer https://c.salesforce.com/login-messages/promos.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Apr 2021 12:04:12 GMT last-modified Wed, 31 Mar 2021 22:58:32 GMT server AkamaiNetStorage etag "bd83c8e0b51d8e6c643af99b9411b0de:1617231512.118119" content-type application/json; charset=utf-8 access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes content-length 91841 expires Tue, 13 Apr 2021 13:04:12 GMT
GET H2	200	otCenterRounded.json Show response a.sfdcstatic.com/enterprise/salesforce/prod/6140/oneTrust/scripttemplates/6.14.0/assets/ Frame 60D1	9 KB 9 KB	8ms 8ms	Fetch application/json	104.126.36.41 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://a.sfdcstatic.com/enterprise/salesforce/prod/6140/oneTrust/scripttemplates/6.14.0/assets/otCenterRounded.json Requested by Host: a.sfdcstatic.com URL: https://a.sfdcstatic.com/enterprise/salesforce/prod/6140/oneTrust/scripttemplates/6.14.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.126.36.41 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-126-36-41.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash b7a670a3463f433a06da18a8739714e618e67806edd249431d6f2ad0e8adbd9b Request headers Referer https://c.salesforce.com/login-messages/promos.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Apr 2021 12:04:13 GMT last-modified Wed, 31 Mar 2021 22:58:15 GMT server AkamaiNetStorage etag "d8f9da41ed42ebfb3da388bd66e417ff:1617231495.798034" content-type application/json; charset=utf-8 access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes content-length 8880 expires Tue, 13 Apr 2021 13:04:13 GMT
GET H2	200	otPcTab.json Show response a.sfdcstatic.com/enterprise/salesforce/prod/6140/oneTrust/scripttemplates/6.14.0/assets/v2/ Frame 60D1	45 KB 46 KB	9ms 9ms	Fetch application/json	104.126.36.41 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://a.sfdcstatic.com/enterprise/salesforce/prod/6140/oneTrust/scripttemplates/6.14.0/assets/v2/otPcTab.json Requested by Host: a.sfdcstatic.com URL: https://a.sfdcstatic.com/enterprise/salesforce/prod/6140/oneTrust/scripttemplates/6.14.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.126.36.41 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-126-36-41.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash 05a454de7973bd660bb24eff530adc58fc08d4f5394b15c1992a02ae8f7bfa34 Request headers Referer https://c.salesforce.com/login-messages/promos.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Apr 2021 12:04:13 GMT last-modified Wed, 31 Mar 2021 22:59:30 GMT server AkamaiNetStorage etag "46d67210ff5a9bbe25d497cd57da8c9f:1617231569.935613" content-type application/json; charset=utf-8 access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes content-length 46467 expires Tue, 13 Apr 2021 13:04:13 GMT
GET H2	200	SalesforceSans-Bold.woff2 www.salesforce.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/ Frame 60D1	27 KB 27 KB	21ms 20ms	Font font/woff2	2a02:26f0:7100::687e:24e1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.salesforce.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Bold.woff2 Requested by Host: www.salesforce.com URL: https://www.salesforce.com/etc.bundles/sfdc-www/bundles/all.bundle.dd82450162c004c06b55.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:7100::687e:24e1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Apache / Resource Hash 13873c462325bd5d2b2bbb385fe971e1ced14d0d698e2eabb917fdf7a4af438a Security Headers Name Value Strict-Transport-Security max-age=86400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Origin https://c.salesforce.com Referer https://www.salesforce.com/etc.bundles/sfdc-www/bundles/all.bundle.dd82450162c004c06b55.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Apr 2021 12:04:13 GMT referrer-policy no-referrer-when-downgrade last-modified Sun, 11 Apr 2021 16:51:00 GMT server Apache x-frame-options SAMEORIGIN strict-transport-security max-age=86400 content-type font/woff2 access-control-allow-origin * cache-control max-age=2592000, s-maxage=10 server-timing cdn-cache; desc=HIT, edge; dur=1 accept-ranges bytes content-length 27648 x-content-type-options nosniff expires Thu, 13 May 2021 12:04:13 GMT

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated function| displayHahcked

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://www.salesforce.com/etc.bundles/sfdc-www/bundles/scriptloader.bundle.ce37e288e003c66bd083.js(Line 1) Message: TypeError: Cannot read property 'util' of undefined

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.sfdcstatic.com
c.salesforce.com
d33wubrfki0l68.cloudfront.net
geolocation.onetrust.com
main.sbm-demo.xyz
www.googletagmanager.com
www.salesforce.com
104.109.94.147
104.126.36.41
13.226.156.169
2606:4700:10::6814:b844
2a00:1450:4001:82a::2008
2a02:26f0:7100::687e:24e1
35.176.253.34
05a454de7973bd660bb24eff530adc58fc08d4f5394b15c1992a02ae8f7bfa34
0c004a8bc2e2b97498e70c2e4cd25caac120fd9b9dc75446d5e3867e741b661c
13873c462325bd5d2b2bbb385fe971e1ced14d0d698e2eabb917fdf7a4af438a
1b94f9074fc2ef1b63132fc70fe244cc5d5322e5982a80b6273a45a935ae335f
1f1752651aca663f40e45c60e182172fc426a40df042098f6e68a56db2c459f3
1f28a176d797a079288f5b2459a513eecb6f7953ecd7f6359dd9e8ca3a48bbae
1f47512db9887497acb137043b311a1218bf9f688b9bdf16469a758e70622a2e
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
2c33f507c2317fa9f058880f3fa48ad1c07d983fc461fc3686ed6000c6c4b14b
355604a949ef95ceffcd21a7e9b5ed27c95d847f95127e0ddad5aa1793f1bb74
4b29482f6fdd63b877c1a0019ecc4ed7d4f1750e03ff28144a390fed86d6947c
6068e194fbcc63e770a21498d0c7a8bf6ac91c75aea4325772d2b71aadd46ff8
6207a69699be5b887809e71b6be0102e65a132dc8419dab88a0bd6b782531721
64a589b66d30f94bfa107a61d9185eca42aed2bf995c59eadb6a9ee7491b4a86
6e83fadec6902c1b3a22ec0ef06c05fa2b73bb4479fd83a8b4312a126409d898
6f2251079db9fde7d456ba66a9294899f3024dac928bec71b3ce42e1568f304f
6f314f1aecfb61e6b432122d56179b012347cf87c1a6e26e020373d194ee6c67
708615b9e9c30cae15058f9e574222089486620a84f5ad87466c72cb14b3df5b
776e011700a430a8fd3cda23ce96ef30c6da4a54c308abec4c0ec2f8d6941a49
799cb15a25ed2fa78bdba496d1afbc68f033a3a5dd9ead12f4eaac4e0a93236d
7d75858633a552dfd2f6639eda9d4af43d6a761dcb8c5b85f79bc74bdd0d8812
81f6c614514d5aa972aa14f3fe7e40ac00e1f5d02cbb88a99d4091119231ca9b
85b2446757ca1d6ac289ae8e8f0a500960d6e6d59932089fbe9f35fe91eab7a6
8ab5722cddc32b16fe294cbb01257852275b653485007fc5c473311275b00830
9447214182838eec16dd9a6c6ab921b5e83c93a1b2ef0ee3abcd2745090033eb
970dbe7e1823cd7bd5ffb344458c1fc6c484bb85fdd7adbc29d6abc5d9caee5b
9b8dc734c64cdee08c1432f7a097c44988d9d76afe879f32a9f1e1f1e7e092a5
9e9d0a8e3a4948e956bab087da190f154b965206c593b1284e1fee96e9fd1aab
a043c1cd8070a5e550f975bd65f449a8a565d20054b1221fa9f17bd7ddc29ee9
a3edcce1f41c41bbeccad58ca237ad44dbdea65a71683dcce62a0bf2aa337c74
a48f997fa23140662c20f7a46e93cefcef071fbf81ce038067582f2d822d86d5
a585ce7410a54b3f6e9379a057927a0151ffeb14465799bb20dc2b29986e1eb2
b7a670a3463f433a06da18a8739714e618e67806edd249431d6f2ad0e8adbd9b
b7df2d6cb9d0ecda707a1de1302b3c9d9bda16247dc382e696579a8308d49771
be48eb77224cd798f343705ee369ae4c051525f46ab07c7ac123c23beabe6d2a
c084b47104c493fb377b6d35d8c08df67d773f6dcf8294c0a7360710cd8cacbd
d4d5be5c2a7d58433177e3fcc9e8553eb1da447d9093f4c63780efb6c6fa7015
d657451845dab76a4e4f8d19611888106a4ec6139b7bc48984abd6c8f863389d
d98430b79bd481c608eb50058778fc3a919b996494f209c1546d11280d7bc14f
db47e54a1905a665f8cfeae2bc05ebc0f5dee26d91c66bce05c63ede3d173599
e7c129ee5de51a2692632d98e0e18cbc092fb758635921e4ecc404293495fafa
f7becd483ffb6036db37eb140255c414bf9ec9e37572194d9111351cbd7fb888