playful-bear-i5i7m6-dev-ed.my.salesforce.com Open in urlscan Pro
13.110.0.212 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://playful-bear-i5i7m6-dev-ed--th-con-app.visualforce.com/
Effective URL:
https://playful-bear-i5i7m6-dev-ed.my.salesforce.com/
Submission: On January 30 via manual (January 30th 2020, 11:29:16 pm UTC) from US

Summary HTTP 50 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 4 countries across 7 domains to perform 50 HTTP transactions. The main IP is 13.110.0.212, located in United States and belongs to SALESFORCE, US. The main domain is playful-bear-i5i7m6-dev-ed.my.salesforce.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on December 3rd 2017. Valid for: 3 years.

This is the only time playful-bear-i5i7m6-dev-ed.my.salesforce.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.110.3.85 13.110.3.85	14340 (SALESFORCE) (SALESFORCE)
1 14	13.110.0.212 13.110.0.212	14340 (SALESFORCE) (SALESFORCE)
9	184.31.87.156 184.31.87.156	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
21	184.31.82.92 184.31.82.92	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700:10:... 2606:4700:10::6814:b844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:814::2008	15169 (GOOGLE) (GOOGLE)
2	151.101.112.175 151.101.112.175	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:820::200a	15169 (GOOGLE) (GOOGLE)
1	34.254.119.250 34.254.119.250	16509 (AMAZON-02) (AMAZON-02)
1	151.101.12.175 151.101.12.175	54113 (FASTLY) (FASTLY)
50	9

1 13.110.3.85 (United States) 1 redirects

ASN14340 (SALESFORCE, US)
PTR: dcl7-ncg0-phx3.na85-ph2.force.com

playful-bear-i5i7m6-dev-ed--th-con-app.visualforce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 13.110.0.212 (United States) 1 redirects

ASN14340 (SALESFORCE, US)
PTR: dcl2-ncg0-phx3.na85-ph2.my.salesforce.com

playful-bear-i5i7m6-dev-ed.my.salesforce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 184.31.87.156 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a184-31-87-156.deploy.static.akamaitechnologies.com

c.salesforce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 184.31.82.92 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a184-31-82-92.deploy.static.akamaitechnologies.com

c1.sfdcstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.sfdcstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.112.175 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.254.119.250 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-119-250.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.175 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

consumer.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	salesforce.com 1 redirects playful-bear-i5i7m6-dev-ed.my.salesforce.com c.salesforce.com	216 KB
21	sfdcstatic.com c1.sfdcstatic.com a.sfdcstatic.com	405 KB
4	krxd.net cdn.krxd.net beacon.krxd.net consumer.krxd.net	86 KB
1	googleapis.com fonts.googleapis.com	504 B
1	googletagmanager.com www.googletagmanager.com	24 KB
1	onetrust.com geolocation.onetrust.com	513 B
1	visualforce.com 1 redirects playful-bear-i5i7m6-dev-ed--th-con-app.visualforce.com	550 B
50	7

	Domain	Requested by
19	c1.sfdcstatic.com	c.salesforce.com c1.sfdcstatic.com a.sfdcstatic.com
14	playful-bear-i5i7m6-dev-ed.my.salesforce.com	1 redirects playful-bear-i5i7m6-dev-ed.my.salesforce.com
9	c.salesforce.com	playful-bear-i5i7m6-dev-ed.my.salesforce.com c1.sfdcstatic.com
2	cdn.krxd.net	c.salesforce.com cdn.krxd.net
2	a.sfdcstatic.com	c.salesforce.com a.sfdcstatic.com
1	consumer.krxd.net	cdn.krxd.net
1	beacon.krxd.net	cdn.krxd.net
1	fonts.googleapis.com	c.salesforce.com
1	www.googletagmanager.com	c.salesforce.com
1	geolocation.onetrust.com	a.sfdcstatic.com
1	playful-bear-i5i7m6-dev-ed--th-con-app.visualforce.com	1 redirects
50	11

This site contains no links.

Subject Issuer	Validity	Valid
*.my.salesforce.com DigiCert SHA2 Secure Server CA	`2017-12-03` - `2020-12-02`	3 years	crt.sh
c.salesforce.com GeoTrust RSA CA 2018	`2019-03-26` - `2020-06-24`	a year	crt.sh
*.sfdcstatic.com DigiCert SHA2 Secure Server CA	`2019-04-22` - `2020-07-21`	a year	crt.sh
*.onetrust.com DigiCert SHA2 Secure Server CA	`2018-03-12` - `2020-06-14`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-01-14` - `2020-04-07`	3 months	crt.sh
*.c.ssl.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-08-23` - `2020-08-23`	a year	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-01-07` - `2020-03-31`	3 months	crt.sh
beacon.krxd.net DigiCert SHA2 Secure Server CA	`2020-01-27` - `2021-01-27`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://playful-bear-i5i7m6-dev-ed.my.salesforce.com/
Frame ID: CE544F60F5D2A494440996783C1BCB8D
Requests: 12 HTTP requests in this frame

Frame: https://c.salesforce.com/login-messages/promos.html
Frame ID: 6A8301A2DC0B82AF1B8B55DFC1B5EB3D
Requests: 38 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://playful-bear-i5i7m6-dev-ed--th-con-app.visualforce.com/ HTTP 302
http://playful-bear-i5i7m6-dev-ed.my.salesforce.com/ HTTP 302
https://playful-bear-i5i7m6-dev-ed.my.salesforce.com/ Page URL

Page Statistics

50
Requests

100 %
HTTPS

30 %
IPv6

7
Domains

11
Subdomains

9
IPs

4
Countries

730 kB
Transfer

3054 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://playful-bear-i5i7m6-dev-ed--th-con-app.visualforce.com/ HTTP 302
http://playful-bear-i5i7m6-dev-ed.my.salesforce.com/ HTTP 302
https://playful-bear-i5i7m6-dev-ed.my.salesforce.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

50 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
playful-bear-i5i7m6-dev-ed.my.salesforce.com/
Redirect Chain

http://playful-bear-i5i7m6-dev-ed--th-con-app.visualforce.com/
http://playful-bear-i5i7m6-dev-ed.my.salesforce.com/
https://playful-bear-i5i7m6-dev-ed.my.salesforce.com/

8 KB
4 KB

749ms
249ms

Document
text/html

13.110.0.212
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://playful-bear-i5i7m6-dev-ed.my.salesforce.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.0.212 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-phx3.na85-ph2.my.salesforce.com

Software

Resource Hash

6076272185827d2f66ae38b24213502c9813285d70466c4ef4721167c8cb947d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536002; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Host: playful-bear-i5i7m6-dev-ed.my.salesforce.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Accept-Encoding: gzip, deflate, br
Cookie: BrowserId=Sgmh-UO4EeqPoiOnTI11Iw; QCQQ=dfNeLRxCfZn
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Thu, 30 Jan 2020 23:28:59 GMT
Strict-Transport-Security: max-age=31536002; includeSubDomains
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/00D1U000000zP6Em";
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/00D1U000000zP6Em"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: upgrade-insecure-requests
X-Robots-Tag: none
Referrer-Policy: origin-when-cross-origin
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Content-Type: text/html; charset=UTF-8
Set-Cookie: QCQQ=5gIQm0wjVsL;Path=/
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-FRAME-OPTIONS: DENY
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked

Redirect headers

Date: Thu, 30 Jan 2020 23:28:58 GMT
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/00D1U000000zP6Em";
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/00D1U000000zP6Em"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: upgrade-insecure-requests
X-Robots-Tag: none
Referrer-Policy: origin-when-cross-origin
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Set-Cookie: BrowserId=Sgmh-UO4EeqPoiOnTI11Iw;Path=/;Domain=.salesforce.com;Expires=Mon, 30-Mar-2020 23:28:58 GMT;Max-Age=5184000 QCQQ=dfNeLRxCfZn;Path=/
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Security-Policy-Report-Only: frame-ancestors 'self' *.salesforce.com *.force.com *.visualforce.com *.documentforce.com; report-uri https://csp-report.force.com/_/ContentDomainCSPNoAuth?type=mydomain
Content-Type: text/html; charset=UTF-8
Location: https://playful-bear-i5i7m6-dev-ed.my.salesforce.com/
Content-Length: 0

GET
H/1.1 200
OK sfdc_210.css
playful-bear-i5i7m6-dev-ed.my.salesforce.com/css/ 15 KB
5 KB 174ms
174ms Stylesheet
text/css 13.110.0.212
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://playful-bear-i5i7m6-dev-ed.my.salesforce.com/css/sfdc_210.css

Requested by

Host: playful-bear-i5i7m6-dev-ed.my.salesforce.com
URL: https://playful-bear-i5i7m6-dev-ed.my.salesforce.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.0.212 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-phx3.na85-ph2.my.salesforce.com

Software

Resource Hash

6effaae73ce83316d1356ea984e417519743bce7a23982f053b1b8ec82135dae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536002; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://playful-bear-i5i7m6-dev-ed.my.salesforce.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Thu, 30 Jan 2020 23:28:59 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 23 May 2017 21:11:38 GMT
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/00D1U000000zP6Em"
Strict-Transport-Security: max-age=31536002; includeSubDomains
Content-Type: text/css
Cache-Control: public,max-age=10368000
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/00D1U000000zP6Em";
Accept-Ranges: bytes
X-Robots-Tag: none
Expires: Fri, 29 May 2020 23:28:59 GMT

GET
H/1.1 200
OK SfdcSessionBase208.js Show response
playful-bear-i5i7m6-dev-ed.my.salesforce.com/jslibrary/ 15 KB
6 KB 344ms
168ms Script
application/x-javascript 13.110.0.212
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://playful-bear-i5i7m6-dev-ed.my.salesforce.com/jslibrary/SfdcSessionBase208.js

Requested by

Host: playful-bear-i5i7m6-dev-ed.my.salesforce.com
URL: https://playful-bear-i5i7m6-dev-ed.my.salesforce.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.0.212 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-phx3.na85-ph2.my.salesforce.com

Software

Resource Hash

300e55807abd80f68daecd8d76d2deb5aa283c2a047c593dbf1e907c7aedd5ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536002; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://playful-bear-i5i7m6-dev-ed.my.salesforce.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Thu, 30 Jan 2020 23:28:59 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Last-Modified: Wed, 29 Jan 2020 22:37:52 GMT
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/00D1U000000zP6Em"
Strict-Transport-Security: max-age=31536002; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=10368000
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/00D1U000000zP6Em";
Accept-Ranges: bytes
X-Robots-Tag: none
Expires: Fri, 29 May 2020 23:28:59 GMT

GET
H/1.1 200
OK LoginHint208.js Show response
playful-bear-i5i7m6-dev-ed.my.salesforce.com/jslibrary/ 19 KB
7 KB 511ms
188ms Script
application/x-javascript 13.110.0.212
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://playful-bear-i5i7m6-dev-ed.my.salesforce.com/jslibrary/LoginHint208.js

Requested by

Host: playful-bear-i5i7m6-dev-ed.my.salesforce.com
URL: https://playful-bear-i5i7m6-dev-ed.my.salesforce.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.0.212 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-phx3.na85-ph2.my.salesforce.com

Software

Resource Hash

8746f284dea8dd876a19ff1ff2f7808bb6eefb427ae3d0d63f6765cd4201f1af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536002; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://playful-bear-i5i7m6-dev-ed.my.salesforce.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Thu, 30 Jan 2020 23:28:59 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Last-Modified: Wed, 29 Jan 2020 22:37:52 GMT
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/00D1U000000zP6Em"
Strict-Transport-Security: max-age=31536002; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=10368000
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/00D1U000000zP6Em";
Accept-Ranges: bytes
X-Robots-Tag: none
Expires: Fri, 29 May 2020 23:28:59 GMT

GET
H/1.1 200
OK logo214.svg
playful-bear-i5i7m6-dev-ed.my.salesforce.com/img/ 7 KB
3 KB 491ms
166ms Image
image/svg+xml 13.110.0.212
SALESFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://playful-bear-i5i7m6-dev-ed.my.salesforce.com/img/logo214.svg

Requested by

Host: playful-bear-i5i7m6-dev-ed.my.salesforce.com
URL: https://playful-bear-i5i7m6-dev-ed.my.salesforce.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.0.212 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-phx3.na85-ph2.my.salesforce.com

Software

Resource Hash

a48f997fa23140662c20f7a46e93cefcef071fbf81ce038067582f2d822d86d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536002; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://playful-bear-i5i7m6-dev-ed.my.salesforce.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Thu, 30 Jan 2020 23:28:59 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 22 Mar 2018 19:27:56 GMT
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/00D1U000000zP6Em"
Strict-Transport-Security: max-age=31536002; includeSubDomains
Content-Type: image/svg+xml
Cache-Control: public,max-age=10368000
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/00D1U000000zP6Em";
Accept-Ranges: bytes
X-Robots-Tag: none
Expires: Fri, 29 May 2020 23:28:59 GMT

GET
H/1.1 200
OK clear.png
playful-bear-i5i7m6-dev-ed.my.salesforce.com/img/ 477 B
1 KB 493ms
166ms Image
image/png 13.110.0.212
SALESFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://playful-bear-i5i7m6-dev-ed.my.salesforce.com/img/clear.png

Requested by

Host: playful-bear-i5i7m6-dev-ed.my.salesforce.com
URL: https://playful-bear-i5i7m6-dev-ed.my.salesforce.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.0.212 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-phx3.na85-ph2.my.salesforce.com

Software

Resource Hash

dd464055be78eadee2d5d3ecc5380600b788883e462d9e77372877dc04110e6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536002; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://playful-bear-i5i7m6-dev-ed.my.salesforce.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Thu, 30 Jan 2020 23:28:59 GMT
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 21 May 2015 20:40:36 GMT
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/00D1U000000zP6Em"
Strict-Transport-Security: max-age=31536002; includeSubDomains
Content-Type: image/png
X-XSS-Protection: 1; mode=block
Cache-Control: public,max-age=10368000
Transfer-Encoding: chunked
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/00D1U000000zP6Em";
Accept-Ranges: bytes
X-Robots-Tag: none
X-Content-Type-Options: nosniff
Expires: Fri, 29 May 2020 23:28:59 GMT

GET
H/1.1 200
OK baselogin.js Show response
playful-bear-i5i7m6-dev-ed.my.salesforce.com/jslibrary/ 640 B
1 KB 170ms
170ms Script
application/x-javascript 13.110.0.212
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://playful-bear-i5i7m6-dev-ed.my.salesforce.com/jslibrary/baselogin.js

Requested by

Host: playful-bear-i5i7m6-dev-ed.my.salesforce.com
URL: https://playful-bear-i5i7m6-dev-ed.my.salesforce.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.0.212 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-phx3.na85-ph2.my.salesforce.com

Software

Resource Hash

5c53039e1b0f4e4d1fbf70af77b7b1b24596e117bff0f38efc2a5171b2ddee9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536002; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://playful-bear-i5i7m6-dev-ed.my.salesforce.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Thu, 30 Jan 2020 23:28:59 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Last-Modified: Wed, 29 Jan 2020 22:37:52 GMT
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/00D1U000000zP6Em"
Strict-Transport-Security: max-age=31536002; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=10368000
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/00D1U000000zP6Em";
Accept-Ranges: bytes
X-Robots-Tag: none
Expires: Fri, 29 May 2020 23:28:59 GMT

GET
H/1.1 200
OK 1384 Show response
playful-bear-i5i7m6-dev-ed.my.salesforce.com/marketing/survey/survey1/ 5 KB
3 KB 171ms
171ms Script
application/javascript 13.110.0.212
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://playful-bear-i5i7m6-dev-ed.my.salesforce.com/marketing/survey/survey1/1384

Requested by

Host: playful-bear-i5i7m6-dev-ed.my.salesforce.com
URL: https://playful-bear-i5i7m6-dev-ed.my.salesforce.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.0.212 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-phx3.na85-ph2.my.salesforce.com

Software

Resource Hash

42a531dce996297d2a03cb33044b36408821072ad24b9477a237bd8a3ed6ebf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536002; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://playful-bear-i5i7m6-dev-ed.my.salesforce.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Thu, 30 Jan 2020 23:28:59 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/00D1U000000zP6Em"
Strict-Transport-Security: max-age=31536002; includeSubDomains
Content-Type: application/javascript
X-XSS-Protection: 1; mode=block
Cache-Control: public,max-age=10368000
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/00D1U000000zP6Em";
X-Robots-Tag: none
Vary: Accept-Encoding
Content-Length: 1979
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK 1384 Show response
playful-bear-i5i7m6-dev-ed.my.salesforce.com/marketing/survey/survey4/ 18 KB
8 KB 170ms
170ms Script
application/javascript 13.110.0.212
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://playful-bear-i5i7m6-dev-ed.my.salesforce.com/marketing/survey/survey4/1384

Requested by

Host: playful-bear-i5i7m6-dev-ed.my.salesforce.com
URL: https://playful-bear-i5i7m6-dev-ed.my.salesforce.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.0.212 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-phx3.na85-ph2.my.salesforce.com

Software

Resource Hash

fcbfcc1886467917ad6333d95a59fd92ad22c69b1509c75ebc6b2d7a10e14cf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536002; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://playful-bear-i5i7m6-dev-ed.my.salesforce.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Thu, 30 Jan 2020 23:28:59 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/00D1U000000zP6Em"
Strict-Transport-Security: max-age=31536002; includeSubDomains
Content-Type: application/javascript
X-XSS-Protection: 1; mode=block
Cache-Control: public,max-age=10368000
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/00D1U000000zP6Em";
X-Robots-Tag: none
Vary: Accept-Encoding
Content-Length: 6963
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK s.gif Show response
playful-bear-i5i7m6-dev-ed.my.salesforce.com/ Frame 6A83 43 B
922 B 172ms
172ms Document
image/gif 13.110.0.212
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://playful-bear-i5i7m6-dev-ed.my.salesforce.com/s.gif

Requested by

Host: playful-bear-i5i7m6-dev-ed.my.salesforce.com
URL: https://playful-bear-i5i7m6-dev-ed.my.salesforce.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.0.212 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-phx3.na85-ph2.my.salesforce.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536002; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: playful-bear-i5i7m6-dev-ed.my.salesforce.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: nested-navigate
Referer: https://playful-bear-i5i7m6-dev-ed.my.salesforce.com/
Accept-Encoding: gzip, deflate, br
Cookie: BrowserId=Sgmh-UO4EeqPoiOnTI11Iw; QCQQ=5gIQm0wjVsL
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://playful-bear-i5i7m6-dev-ed.my.salesforce.com/

Response headers

Date: Thu, 30 Jan 2020 23:28:59 GMT
Strict-Transport-Security: max-age=31536002; includeSubDomains
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/00D1U000000zP6Em";
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/00D1U000000zP6Em"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Robots-Tag: none
Referrer-Policy: origin-when-cross-origin
Cache-Control: public,max-age=10368000
Expires: Fri, 29 May 2020 23:28:59 GMT
Last-Modified: Tue, 27 May 2003 18:28:08 GMT
Content-Type: image/gif
Accept-Ranges: bytes
Transfer-Encoding: chunked

GET
H/1.1 200
OK SalesforceSans-Regular.woff2
playful-bear-i5i7m6-dev-ed.my.salesforce.com/login/assets/fonts/SalesforceSans/ 27 KB
28 KB 192ms
191ms Font
font/woff2 13.110.0.212
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://playful-bear-i5i7m6-dev-ed.my.salesforce.com/login/assets/fonts/SalesforceSans/SalesforceSans-Regular.woff2

Requested by

Host: playful-bear-i5i7m6-dev-ed.my.salesforce.com
URL: https://playful-bear-i5i7m6-dev-ed.my.salesforce.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.0.212 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-phx3.na85-ph2.my.salesforce.com

Software

Resource Hash

1f1752651aca663f40e45c60e182172fc426a40df042098f6e68a56db2c459f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536002; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://playful-bear-i5i7m6-dev-ed.my.salesforce.com/css/sfdc_210.css
Origin: https://playful-bear-i5i7m6-dev-ed.my.salesforce.com

Response headers

Date: Thu, 30 Jan 2020 23:28:59 GMT
Referrer-Policy: origin-when-cross-origin
Last-Modified: Fri, 24 Jul 2015 20:32:56 GMT
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/00D1U000000zP6Em"
Strict-Transport-Security: max-age=31536002; includeSubDomains
Content-Type: font/woff2
X-XSS-Protection: 1; mode=block
Cache-Control: public,max-age=10368000
Transfer-Encoding: chunked
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/00D1U000000zP6Em";
Accept-Ranges: bytes
X-Robots-Tag: none
X-Content-Type-Options: nosniff
Expires: Fri, 29 May 2020 23:28:59 GMT

GET
H/1.1 200
OK SalesforceSans-Light.woff2
playful-bear-i5i7m6-dev-ed.my.salesforce.com/login/assets/fonts/SalesforceSans/ 27 KB
28 KB 327ms
184ms Font
font/woff2 13.110.0.212
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://playful-bear-i5i7m6-dev-ed.my.salesforce.com/login/assets/fonts/SalesforceSans/SalesforceSans-Light.woff2

Requested by

Host: playful-bear-i5i7m6-dev-ed.my.salesforce.com
URL: https://playful-bear-i5i7m6-dev-ed.my.salesforce.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.0.212 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-phx3.na85-ph2.my.salesforce.com

Software

Resource Hash

b7df2d6cb9d0ecda707a1de1302b3c9d9bda16247dc382e696579a8308d49771

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536002; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://playful-bear-i5i7m6-dev-ed.my.salesforce.com/css/sfdc_210.css
Origin: https://playful-bear-i5i7m6-dev-ed.my.salesforce.com

Response headers

Date: Thu, 30 Jan 2020 23:28:59 GMT
Referrer-Policy: origin-when-cross-origin
Last-Modified: Fri, 24 Jul 2015 20:32:54 GMT
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/00D1U000000zP6Em"
Strict-Transport-Security: max-age=31536002; includeSubDomains
Content-Type: font/woff2
X-XSS-Protection: 1; mode=block
Cache-Control: public,max-age=10368000
Transfer-Encoding: chunked
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/00D1U000000zP6Em";
Accept-Ranges: bytes
X-Robots-Tag: none
X-Content-Type-Options: nosniff
Expires: Fri, 29 May 2020 23:28:59 GMT

GET
H/1.1 200
OK promos.html Show response
c.salesforce.com/login-messages/ Frame 6A83 22 KB
4 KB 102ms
27ms Document
text/html 184.31.87.156
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c.salesforce.com/login-messages/promos.html

Requested by

Host: playful-bear-i5i7m6-dev-ed.my.salesforce.com
URL: https://playful-bear-i5i7m6-dev-ed.my.salesforce.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.31.87.156 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-31-87-156.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

bd3f59df28947a3a88739102b78ad756bfaacc2bdd689a77dab6cbc132150bc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Host: c.salesforce.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: nested-navigate
Referer: https://playful-bear-i5i7m6-dev-ed.my.salesforce.com/
Accept-Encoding: gzip, deflate, br
Cookie: BrowserId=Sgmh-UO4EeqPoiOnTI11Iw
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://playful-bear-i5i7m6-dev-ed.my.salesforce.com/

Response headers

Server: Apache
Accept-Ranges: bytes
X-Mod-Pagespeed: active
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
X-UA-Compatible: IE=9; IE=8; IE=7; IE=EDGE
Content-Type: text/html
Content-Length: 3974
Cache-Control: no-cache, s-maxage=10
Date: Thu, 30 Jan 2020 23:29:00 GMT
Connection: keep-alive

GET
H/1.1 200
OK capslock_blue.png
playful-bear-i5i7m6-dev-ed.my.salesforce.com/img/icon/ 559 B
1 KB 189ms
189ms Image
image/png 13.110.0.212
SALESFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://playful-bear-i5i7m6-dev-ed.my.salesforce.com/img/icon/capslock_blue.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.0.212 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl2-ncg0-phx3.na85-ph2.my.salesforce.com

Software

Resource Hash

02c47d1fb4a92fd6eca59ed828b0d0d7a8ef8285688bd27f36b1e003ffa9a52c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536002; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://playful-bear-i5i7m6-dev-ed.my.salesforce.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Thu, 30 Jan 2020 23:29:00 GMT
Referrer-Policy: origin-when-cross-origin
Last-Modified: Sun, 30 Jun 2019 10:26:54 GMT
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/00D1U000000zP6Em"
Strict-Transport-Security: max-age=31536002; includeSubDomains
Content-Type: image/png
X-XSS-Protection: 1; mode=block
Cache-Control: public,max-age=10368000
Transfer-Encoding: chunked
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/00D1U000000zP6Em";
Accept-Ranges: bytes
X-Robots-Tag: none
X-Content-Type-Options: nosniff
Expires: Fri, 29 May 2020 23:29:00 GMT

GET
H2 200 jquery.min.772fb04d4ce536dfb06c17e789ad4dbd.js Show response
c1.sfdcstatic.com/etc.clientlibs/clientlibs/granite/ Frame 6A83 111 KB
33 KB 130ms
70ms Script
text/javascript 184.31.82.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.sfdcstatic.com/etc.clientlibs/clientlibs/granite/jquery.min.772fb04d4ce536dfb06c17e789ad4dbd.js

Requested by

Host: c.salesforce.com
URL: https://c.salesforce.com/login-messages/promos.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.31.82.92 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-31-82-92.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

b397476bcbcf8c9eae3f82007cc4f9495661b367e02e6d3dea6e15f0610ef20a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://c.salesforce.com/login-messages/promos.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
content-encoding: br
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 30 Jan 2020 16:33:15 GMT
server: Akamai Resource Optimizer
date: Thu, 30 Jan 2020 23:29:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/javascript
status: 200
cache-control: max-age=1209600, s-maxage=10
accept-ranges: bytes
vary: Accept-Encoding
content-length: 33831
x-content-type-options: nosniff
expires: Thu, 13 Feb 2020 23:29:00 GMT

GET
H2 200 utils.min.a53a609d64abb59ba4017351854c46d0.js Show response
c1.sfdcstatic.com/etc.clientlibs/clientlibs/granite/ Frame 6A83 10 KB
4 KB 137ms
77ms Script
text/javascript 184.31.82.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.sfdcstatic.com/etc.clientlibs/clientlibs/granite/utils.min.a53a609d64abb59ba4017351854c46d0.js

Requested by

Host: c.salesforce.com
URL: https://c.salesforce.com/login-messages/promos.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.31.82.92 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-31-82-92.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

c3f71d542656fa0835d15106408ec065d630c8bc05078915d8b58202ba28956e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://c.salesforce.com/login-messages/promos.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
content-encoding: br
vary: Accept-Encoding
x-original-content-length: 9915
status: 200
date: Thu, 30 Jan 2020 23:29:00 GMT
content-length: 3258
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 30 Jan 2020 11:23:31 GMT
server: Akamai Resource Optimizer
etag: W/"PSA-pTpgnWSrtZ"
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=1209600
accept-ranges: bytes
x-content-type-options: nosniff
expires: Thu, 13 Feb 2020 23:29:00 GMT

GET
H2 200 granite.min.e67470fde615e2d442e08aad300a8905.js Show response
c1.sfdcstatic.com/etc.clientlibs/clientlibs/granite/jquery/ Frame 6A83 4 KB
2 KB 138ms
78ms Script
text/javascript 184.31.82.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.sfdcstatic.com/etc.clientlibs/clientlibs/granite/jquery/granite.min.e67470fde615e2d442e08aad300a8905.js

Requested by

Host: c.salesforce.com
URL: https://c.salesforce.com/login-messages/promos.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.31.82.92 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-31-82-92.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

0c004a8bc2e2b97498e70c2e4cd25caac120fd9b9dc75446d5e3867e741b661c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://c.salesforce.com/login-messages/promos.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
content-encoding: br
vary: Accept-Encoding
x-original-content-length: 4071
status: 200
date: Thu, 30 Jan 2020 23:29:00 GMT
content-length: 1458
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 28 Jan 2020 17:52:43 GMT
server: Akamai Resource Optimizer
etag: W/"PSA-5nRw_eYV4t"
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=1209600, s-maxage=10
accept-ranges: bytes
x-content-type-options: nosniff
expires: Thu, 13 Feb 2020 23:29:00 GMT

GET
H2 200 jquery.min.dd9b395c741ce2784096e26619e14910.js Show response
c1.sfdcstatic.com/etc.clientlibs/foundation/clientlibs/ Frame 6A83 16 B
395 B 143ms
83ms Script
text/javascript 184.31.82.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.sfdcstatic.com/etc.clientlibs/foundation/clientlibs/jquery.min.dd9b395c741ce2784096e26619e14910.js

Requested by

Host: c.salesforce.com
URL: https://c.salesforce.com/login-messages/promos.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.31.82.92 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-31-82-92.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

c084b47104c493fb377b6d35d8c08df67d773f6dcf8294c0a7360710cd8cacbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://c.salesforce.com/login-messages/promos.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
content-encoding: br
vary: Accept-Encoding
x-original-content-length: 16
status: 200
date: Thu, 30 Jan 2020 23:29:00 GMT
content-length: 20
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 30 Jan 2020 18:01:51 GMT
server: Akamai Resource Optimizer
etag: W/"PSA-3Zs5XHQc4n"
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=1209600, s-maxage=10
accept-ranges: bytes
x-content-type-options: nosniff
expires: Thu, 13 Feb 2020 23:29:00 GMT

GET
H2 200 modern.min.3a0ad4c7614495b1cae264dfcb9b9813.js Show response
c1.sfdcstatic.com/etc.clientlibs/clientlibs/granite/lodash/ Frame 6A83 34 KB
11 KB 138ms
79ms Script
text/javascript 184.31.82.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.sfdcstatic.com/etc.clientlibs/clientlibs/granite/lodash/modern.min.3a0ad4c7614495b1cae264dfcb9b9813.js

Requested by

Host: c.salesforce.com
URL: https://c.salesforce.com/login-messages/promos.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.31.82.92 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-31-82-92.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

355604a949ef95ceffcd21a7e9b5ed27c95d847f95127e0ddad5aa1793f1bb74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://c.salesforce.com/login-messages/promos.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
content-encoding: br
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 30 Jan 2020 09:21:47 GMT
server: Akamai Resource Optimizer
date: Thu, 30 Jan 2020 23:29:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/javascript
status: 200
cache-control: max-age=1209600, s-maxage=10
accept-ranges: bytes
vary: Accept-Encoding
content-length: 10446
x-content-type-options: nosniff
expires: Thu, 13 Feb 2020 23:29:00 GMT

GET
H2 200 clientlibs_analytics_login_top.min.dd1b09bbee9c30e96f88e08e0ada67c3.js Show response
c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/ Frame 6A83 117 KB
29 KB 139ms
80ms Script
text/javascript 184.31.82.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_analytics_login_top.min.dd1b09bbee9c30e96f88e08e0ada67c3.js

Requested by

Host: c.salesforce.com
URL: https://c.salesforce.com/login-messages/promos.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.31.82.92 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-31-82-92.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

4bd5b50720035d13e9797b3f6b5d3eac62d1024a09d502a3431b10f5777bffe9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://c.salesforce.com/login-messages/promos.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
content-encoding: br
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 30 Jan 2020 13:02:55 GMT
server: Akamai Resource Optimizer
date: Thu, 30 Jan 2020 23:29:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/javascript
status: 200
cache-control: max-age=1209600, s-maxage=10
accept-ranges: bytes
vary: Accept-Encoding
content-length: 29707
x-content-type-options: nosniff
expires: Thu, 13 Feb 2020 23:29:00 GMT

GET
H/1.1 200
OK 742a15b9-6aa4-4c2f-99c1-ad4ca220cf96.js Show response
a.sfdcstatic.com/www/prod/oneTrustV3/ Frame 6A83 375 KB
55 KB 104ms
46ms Script
application/x-javascript 184.31.82.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://a.sfdcstatic.com/www/prod/oneTrustV3/742a15b9-6aa4-4c2f-99c1-ad4ca220cf96.js
Requested by: Host: c.salesforce.com
URL: https://c.salesforce.com/login-messages/promos.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.82.92 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a184-31-82-92.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: 5641e10c8e69db39dfe833c5b4ccb69adad22192227b2bdde03b5b1126768d78

Request headers

Referer: https://c.salesforce.com/login-messages/promos.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Thu, 30 Jan 2020 23:29:00 GMT
Content-Encoding: br
Last-Modified: Wed, 22 Jan 2020 20:29:45 GMT
Server: Akamai Resource Optimizer
ETag: "d32914d7002079cfcd2c06d7a86e7b2a:1578598545"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=2555108
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 55682
Expires: Sat, 29 Feb 2020 13:14:08 GMT

GET
H2 200 clientlibs_onetrust.min.8805d53f6f7bc062e14e354f8939c1cb.css
c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/ Frame 6A83 14 KB
2 KB 80ms
21ms Stylesheet
text/css 184.31.82.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_onetrust.min.8805d53f6f7bc062e14e354f8939c1cb.css

Requested by

Host: c.salesforce.com
URL: https://c.salesforce.com/login-messages/promos.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.31.82.92 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-31-82-92.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

33377a72c1b60b33c72ec1802610b7ff1f2fd5df6739d814460b5b82281b02f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://c.salesforce.com/login-messages/promos.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
content-encoding: br
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 28 Jan 2020 17:36:29 GMT
server: Akamai Resource Optimizer
date: Thu, 30 Jan 2020 23:29:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css
status: 200
cache-control: max-age=1209600, s-maxage=10
accept-ranges: bytes
vary: Accept-Encoding
content-length: 1718
x-content-type-options: nosniff
expires: Thu, 13 Feb 2020 23:29:00 GMT

GET
H2 200 all~sfdc-forms.bundle.6b3e6f486ea44af3271b.css
c1.sfdcstatic.com/etc.bundles/sfdc-www/bundles/ Frame 6A83 76 KB
7 KB 82ms
24ms Stylesheet
text/css 184.31.82.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.sfdcstatic.com/etc.bundles/sfdc-www/bundles/all~sfdc-forms.bundle.6b3e6f486ea44af3271b.css

Requested by

Host: c.salesforce.com
URL: https://c.salesforce.com/login-messages/promos.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.31.82.92 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-31-82-92.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

ea687e0d8350e99dad8ed0008793847fe5d81cb57e4fd6b18b65d087a04ccc0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://c.salesforce.com/login-messages/promos.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
content-encoding: br
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 28 Jan 2020 17:36:36 GMT
server: Akamai Resource Optimizer
date: Thu, 30 Jan 2020 23:29:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css
status: 200
cache-control: max-age=1209600, s-maxage=10
accept-ranges: bytes
vary: Accept-Encoding
content-length: 6983
x-content-type-options: nosniff
expires: Thu, 13 Feb 2020 23:29:00 GMT

GET
H2 200 all.bundle.6b3e6f486ea44af3271b.css
c1.sfdcstatic.com/etc.bundles/sfdc-www/bundles/ Frame 6A83 1 MB
105 KB 83ms
25ms Stylesheet
text/css 184.31.82.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.sfdcstatic.com/etc.bundles/sfdc-www/bundles/all.bundle.6b3e6f486ea44af3271b.css

Requested by

Host: c.salesforce.com
URL: https://c.salesforce.com/login-messages/promos.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.31.82.92 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-31-82-92.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

59c294268f29672a378e2fbbfd08e22d4dd24989d56226e43d66d51cdfbe466a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://c.salesforce.com/login-messages/promos.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
content-encoding: br
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 27 Jan 2020 19:20:05 GMT
server: Akamai Resource Optimizer
date: Thu, 30 Jan 2020 23:29:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css
status: 200
cache-control: max-age=1209600, s-maxage=10
accept-ranges: bytes
vary: Accept-Encoding
content-length: 107280
x-content-type-options: nosniff
expires: Thu, 13 Feb 2020 23:29:00 GMT

GET
H2 200 green-checkmark.png
c1.sfdcstatic.com/content/dam/web/en_us/www/images/login-promos/ Frame 6A83 442 B
761 B 65ms
64ms Image
image/png 184.31.82.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.sfdcstatic.com/content/dam/web/en_us/www/images/login-promos/green-checkmark.png

Requested by

Host: c.salesforce.com
URL: https://c.salesforce.com/login-messages/promos.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.31.82.92 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-31-82-92.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

be48eb77224cd798f343705ee369ae4c051525f46ab07c7ac123c23beabe6d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://c.salesforce.com/login-messages/promos.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Thu, 30 Jan 2020 23:29:00 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 30 Jan 2020 13:01:58 GMT
server: Apache
etag: W/"PSA-KeG-fFS3X6"
x-frame-options: SAMEORIGIN
content-type: image/png
status: 200
cache-control: private, max-age=5147129, s-maxage=10
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
content-length: 442
x-content-type-options: nosniff, nosniff
expires: Mon, 30 Mar 2020 13:14:29 GMT

GET
H2 200 vendors~polyfills~scriptloader.bundle.6b3e6f486ea44af3271b.js Show response
c1.sfdcstatic.com/etc.bundles/sfdc-www/bundles/ Frame 6A83 13 KB
5 KB 62ms
62ms Script
text/javascript 184.31.82.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.sfdcstatic.com/etc.bundles/sfdc-www/bundles/vendors~polyfills~scriptloader.bundle.6b3e6f486ea44af3271b.js

Requested by

Host: c.salesforce.com
URL: https://c.salesforce.com/login-messages/promos.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.31.82.92 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-31-82-92.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

41615ee17d1db9d15b79208983db94a7668b1b97057fbdaf91f5c98d0b560006

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://c.salesforce.com/login-messages/promos.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
content-encoding: br
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 29 Jan 2020 15:30:32 GMT
server: Akamai Resource Optimizer
date: Thu, 30 Jan 2020 23:29:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/javascript
status: 200
cache-control: max-age=1209600, s-maxage=10
accept-ranges: bytes
vary: Accept-Encoding
content-length: 4442
x-content-type-options: nosniff
expires: Thu, 13 Feb 2020 23:29:00 GMT

GET
H2 200 polyfills.bundle.6b3e6f486ea44af3271b.js Show response
c1.sfdcstatic.com/etc.bundles/sfdc-www/bundles/ Frame 6A83 4 KB
2 KB 29ms
29ms Script
text/javascript 184.31.82.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.sfdcstatic.com/etc.bundles/sfdc-www/bundles/polyfills.bundle.6b3e6f486ea44af3271b.js

Requested by

Host: c.salesforce.com
URL: https://c.salesforce.com/login-messages/promos.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.31.82.92 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-31-82-92.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

b5ead2d5984b5d33928c86253797aff57837306c0e6b6ba526284f27a6ec0b3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://c.salesforce.com/login-messages/promos.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
content-encoding: br
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 28 Jan 2020 06:37:13 GMT
server: Akamai Resource Optimizer
date: Thu, 30 Jan 2020 23:29:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/javascript
status: 200
cache-control: max-age=1209600, s-maxage=10
accept-ranges: bytes
vary: Accept-Encoding
content-length: 1716
x-content-type-options: nosniff
expires: Thu, 13 Feb 2020 23:29:00 GMT

GET
H2 200 scriptloader.bundle.6b3e6f486ea44af3271b.js Show response
c1.sfdcstatic.com/etc.bundles/sfdc-www/bundles/ Frame 6A83 23 KB
7 KB 36ms
36ms Script
text/javascript 184.31.82.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.sfdcstatic.com/etc.bundles/sfdc-www/bundles/scriptloader.bundle.6b3e6f486ea44af3271b.js

Requested by

Host: c.salesforce.com
URL: https://c.salesforce.com/login-messages/promos.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.31.82.92 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-31-82-92.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

cb63fc8dcc9a4b094cfdd118d9bc46a8ed61ad1d07faafd635e435f284508224

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://c.salesforce.com/login-messages/promos.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
content-encoding: br
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 30 Jan 2020 09:11:22 GMT
server: Akamai Resource Optimizer
date: Thu, 30 Jan 2020 23:29:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/javascript
status: 200
cache-control: max-age=1209600, s-maxage=10
accept-ranges: bytes
vary: Accept-Encoding
content-length: 6522
x-content-type-options: nosniff
expires: Thu, 13 Feb 2020 23:29:00 GMT

GET
H2 200 all~sfdc-forms.bundle.6b3e6f486ea44af3271b.js Show response
c1.sfdcstatic.com/etc.bundles/sfdc-www/bundles/ Frame 6A83 129 B
424 B 29ms
28ms Script
text/javascript 184.31.82.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.sfdcstatic.com/etc.bundles/sfdc-www/bundles/all~sfdc-forms.bundle.6b3e6f486ea44af3271b.js

Requested by

Host: c.salesforce.com
URL: https://c.salesforce.com/login-messages/promos.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.31.82.92 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-31-82-92.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

91133ba9cca109325d8ac00d413535d05170ee6aa49c80c3d4432fa94505f999

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://c.salesforce.com/login-messages/promos.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
content-encoding: br
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 30 Jan 2020 10:39:02 GMT
server: Akamai Resource Optimizer
date: Thu, 30 Jan 2020 23:29:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/javascript
status: 200
cache-control: max-age=1209600, s-maxage=10
accept-ranges: bytes
vary: Accept-Encoding
content-length: 91
x-content-type-options: nosniff
expires: Thu, 13 Feb 2020 23:29:00 GMT

GET
H2 200 all.bundle.6b3e6f486ea44af3271b.js Show response
c1.sfdcstatic.com/etc.bundles/sfdc-www/bundles/ Frame 6A83 3 KB
1 KB 32ms
32ms Script
text/javascript 184.31.82.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.sfdcstatic.com/etc.bundles/sfdc-www/bundles/all.bundle.6b3e6f486ea44af3271b.js

Requested by

Host: c.salesforce.com
URL: https://c.salesforce.com/login-messages/promos.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.31.82.92 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-31-82-92.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

2f5e1732103b7b4ce4950f2d3886018d91e7490b74dc2bb078f38edb333f1904

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://c.salesforce.com/login-messages/promos.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
content-encoding: br
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 29 Jan 2020 02:56:25 GMT
server: Akamai Resource Optimizer
date: Thu, 30 Jan 2020 23:29:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/javascript
status: 200
cache-control: max-age=1209600, s-maxage=10
accept-ranges: bytes
vary: Accept-Encoding
content-length: 880
x-content-type-options: nosniff
expires: Thu, 13 Feb 2020 23:29:00 GMT

GET
H2 200 sfdc-forms.bundle.6b3e6f486ea44af3271b.js Show response
c1.sfdcstatic.com/etc.bundles/sfdc-www/bundles/ Frame 6A83 2 KB
1 KB 33ms
32ms Script
text/javascript 184.31.82.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.sfdcstatic.com/etc.bundles/sfdc-www/bundles/sfdc-forms.bundle.6b3e6f486ea44af3271b.js

Requested by

Host: c.salesforce.com
URL: https://c.salesforce.com/login-messages/promos.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.31.82.92 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-31-82-92.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

ec034f017bcb4492890201b4e6daf9a4fd6977be9ba9b97ee5e41bc2c8e801cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://c.salesforce.com/login-messages/promos.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
content-encoding: br
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 30 Jan 2020 11:08:49 GMT
server: Akamai Resource Optimizer
date: Thu, 30 Jan 2020 23:29:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/javascript
status: 200
cache-control: max-age=1209600, s-maxage=10
accept-ranges: bytes
vary: Accept-Encoding
content-length: 707
x-content-type-options: nosniff
expires: Thu, 13 Feb 2020 23:29:00 GMT

GET
H2 200 clientlibs_analytics_login_bottom.min.f93466a8bd6050457f38e7f49b903ca1.js Show response
c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/ Frame 6A83 87 KB
25 KB 33ms
32ms Script
text/javascript 184.31.82.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_analytics_login_bottom.min.f93466a8bd6050457f38e7f49b903ca1.js

Requested by

Host: c.salesforce.com
URL: https://c.salesforce.com/login-messages/promos.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.31.82.92 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-31-82-92.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

6ea37511c37a9624f7eb558d3a1c5a238c34086c07b0e38776f7ea0990081867

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://c.salesforce.com/login-messages/promos.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
content-encoding: br
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 30 Jan 2020 13:28:22 GMT
server: Akamai Resource Optimizer
date: Thu, 30 Jan 2020 23:29:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/javascript
status: 200
cache-control: max-age=1209600, s-maxage=10
accept-ranges: bytes
vary: Accept-Encoding
content-length: 25615
x-content-type-options: nosniff
expires: Thu, 13 Feb 2020 23:29:00 GMT

GET
H/1.1 200
OK en.json Show response
a.sfdcstatic.com/www/prod/oneTrustV3/742a15b9-6aa4-4c2f-99c1-ad4ca220cf96/ Frame 6A83 59 KB
60 KB 68ms
26ms XHR
application/json 184.31.82.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://a.sfdcstatic.com/www/prod/oneTrustV3/742a15b9-6aa4-4c2f-99c1-ad4ca220cf96/en.json
Requested by: Host: a.sfdcstatic.com
URL: https://a.sfdcstatic.com/www/prod/oneTrustV3/742a15b9-6aa4-4c2f-99c1-ad4ca220cf96.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.82.92 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a184-31-82-92.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: be87ef3e6e7c03df05a6e3fc16622a3f9de6b43d908040e13ac8177c2be5cf4d

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://c.salesforce.com/login-messages/promos.html
Origin: https://c.salesforce.com

Response headers

Date: Thu, 30 Jan 2020 23:29:00 GMT
Last-Modified: Thu, 09 Jan 2020 19:35:46 GMT
Server: Apache
ETag: "4fb34ffb5c14d71e5d281036e8ca76bc:1578598547"
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 60622
Expires: Fri, 31 Jan 2020 00:29:00 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ Frame 6A83 197 B
513 B 35ms
20ms Script
text/javascript 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: a.sfdcstatic.com
URL: https://a.sfdcstatic.com/www/prod/oneTrustV3/742a15b9-6aa4-4c2f-99c1-ad4ca220cf96.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3fc31f7ff4e172cf230a99559537672d43115f6b69e5c0900c625ecfaac8e6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://c.salesforce.com/login-messages/promos.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Thu, 30 Jan 2020 23:29:00 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 55d739b95dcabef6-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 6A83 71 KB
24 KB 14ms
14ms Script
application/javascript 2a00:1450:4001:814::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WRXS6TH

Requested by

Host: c.salesforce.com
URL: https://c.salesforce.com/login-messages/promos.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

665f068c50b68959f44c294630262275c0cbfa70c9ad65c64628bdf49ffdd353

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://c.salesforce.com/login-messages/promos.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Thu, 30 Jan 2020 23:29:00 GMT
content-encoding: br
last-modified: Thu, 30 Jan 2020 21:00:00 GMT
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 24335
x-xss-protection: 0
expires: Thu, 30 Jan 2020 23:29:00 GMT

GET
H/1.1 200
OK rxr05acqt.js Show response
cdn.krxd.net/controltag/ Frame 6A83 26 KB
5 KB 63ms
20ms Script
text/javascript 151.101.112.175
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/rxr05acqt.js
Requested by: Host: c.salesforce.com
URL: https://c.salesforce.com/login-messages/promos.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.175 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: eaad55e191dfa47c16e93c2ff6ad4f7bd663979f044984e7ad3c9b67b2d430f8

Request headers

Referer: https://c.salesforce.com/login-messages/promos.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-CDN-Backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
Date: Thu, 30 Jan 2020 23:29:00 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 599
X-Cache: MISS, HIT, HIT
X-App-Cache: HIT
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 4886
X-Served-By: config-service-a002-ash-prod.krxd.net, cache-iad2144-IAD, cache-hhn4032-HHN
X-Response-Time: 1
X-Do-Esi: esi
X-Timer: S1580426940.411953,VS0,VE0
ETag: "c2accc48755195b6e1a642401998986c8bf0fffa"
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, max-age=1200
Accept-Ranges: bytes
X-Age: 0
X-Cache-Hits: 0, 1, 7

GET
H2 200 css
fonts.googleapis.com/ Frame 6A83 2 KB
504 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700

Requested by

Host: c.salesforce.com
URL: https://c.salesforce.com/login-messages/promos.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f7d6b1c8e88874fb2696fc3128ea91fc6f47915466ea9f566ab2c39fcebffbd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://c.salesforce.com/login-messages/promos.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Thu, 30 Jan 2020 23:29:00 GMT
server: ESF
access-control-allow-origin: *
date: Thu, 30 Jan 2020 23:29:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Thu, 30 Jan 2020 23:29:00 GMT

GET
H2 200 SalesforceSans-Regular.woff2
c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/ Frame 6A83 27 KB
27 KB 62ms
20ms Font
text/html 184.31.82.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff2

Requested by

Host: c1.sfdcstatic.com
URL: https://c1.sfdcstatic.com/etc.clientlibs/clientlibs/granite/jquery.min.772fb04d4ce536dfb06c17e789ad4dbd.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.31.82.92 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-31-82-92.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

6f2251079db9fde7d456ba66a9294899f3024dac928bec71b3ce42e1568f304f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://c1.sfdcstatic.com/etc.bundles/sfdc-www/bundles/all.bundle.6b3e6f486ea44af3271b.css
Origin: https://c.salesforce.com

Response headers

date: Thu, 30 Jan 2020 23:29:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 27707
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 27 Jan 2020 20:04:58 GMT
server: Apache
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
expires: Sat, 29 Feb 2020 23:29:00 GMT

GET
H/1.1 200
OK webpack-script-manifest-config-js.bundle.6b3e6f486ea44af3271b.js Show response
c.salesforce.com/etc.bundles/sfdc-www/bundles/ Frame 6A83 5 KB
3 KB 23ms
22ms Script
text/javascript 184.31.87.156
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c.salesforce.com/etc.bundles/sfdc-www/bundles/webpack-script-manifest-config-js.bundle.6b3e6f486ea44af3271b.js

Requested by

Host: c1.sfdcstatic.com
URL: https://c1.sfdcstatic.com/etc.bundles/sfdc-www/bundles/scriptloader.bundle.6b3e6f486ea44af3271b.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.31.87.156 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-31-87-156.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

3853328ba8d7e1d38e6693942e0b0b856ae92815ba1130510e6893ce59897521

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://c.salesforce.com/login-messages/promos.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Thu, 30 Jan 2020 23:29:00 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 27 Jan 2020 19:10:35 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=49509, s-maxage=10
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2245
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK webpack-script-manifest-yall-js.bundle.6b3e6f486ea44af3271b.js Show response
c.salesforce.com/etc.bundles/sfdc-www/bundles/ Frame 6A83 2 KB
2 KB 46ms
23ms Script
text/javascript 184.31.87.156
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c.salesforce.com/etc.bundles/sfdc-www/bundles/webpack-script-manifest-yall-js.bundle.6b3e6f486ea44af3271b.js

Requested by

Host: c1.sfdcstatic.com
URL: https://c1.sfdcstatic.com/etc.bundles/sfdc-www/bundles/scriptloader.bundle.6b3e6f486ea44af3271b.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.31.87.156 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-31-87-156.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

2e4445e14b0db10a4a88c3bc143160ec9e75461c177231fc01c0fe5d74ee1a3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

Referer: https://c.salesforce.com/login-messages/promos.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Thu, 30 Jan 2020 23:29:00 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
X-Original-Content-Length: 2494
Server: Apache
ETag: W/"PSA-Iw7pbOTNqA"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0, s-maxage=10
Last-Modified: Mon, 27 Jan 2020 19:10:34 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1220
X-Content-Type-Options: nosniff, nosniff
Expires: Thu, 30 Jan 2020 23:29:00 GMT

GET
H/1.1 200
OK vendors~webpack-script-manifest-SfdcForms-js~webpack-script-manifest-SfdcWwwBase-js~webpack-script-m~09767b2d.bundle.6b3e6f486ea44af3271b.js Show response
c.salesforce.com/etc.bundles/sfdc-www/bundles/ Frame 6A83 11 KB
5 KB 61ms
21ms Script
text/javascript 184.31.87.156
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c.salesforce.com/etc.bundles/sfdc-www/bundles/vendors~webpack-script-manifest-SfdcForms-js~webpack-script-manifest-SfdcWwwBase-js~webpack-script-m~09767b2d.bundle.6b3e6f486ea44af3271b.js

Requested by

Host: c1.sfdcstatic.com
URL: https://c1.sfdcstatic.com/etc.bundles/sfdc-www/bundles/scriptloader.bundle.6b3e6f486ea44af3271b.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.31.87.156 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-31-87-156.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c078321060a1a62b73ffdd2a03e6d2d26f6a07b267198c1a00d5766491c97f43

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

Referer: https://c.salesforce.com/login-messages/promos.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Thu, 30 Jan 2020 23:29:00 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
X-Original-Content-Length: 11150
Server: Apache
ETag: W/"PSA-npaDjh--JF"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: no-cache
Last-Modified: Mon, 27 Jan 2020 19:10:35 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4767
X-Content-Type-Options: nosniff, nosniff
Expires: Thu, 30 Jan 2020 23:29:00 GMT

GET
H/1.1 200
OK vendors~webpack-script-manifest-SfdcWwwBase-js~webpack-script-manifest-SfdcWwwBaseCnc-js~webpack-scr~1902b2cd.bundle.6b3e6f486ea44af3271b.js Show response
c.salesforce.com/etc.bundles/sfdc-www/bundles/ Frame 6A83 28 KB
9 KB 61ms
22ms Script
text/javascript 184.31.87.156
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c.salesforce.com/etc.bundles/sfdc-www/bundles/vendors~webpack-script-manifest-SfdcWwwBase-js~webpack-script-manifest-SfdcWwwBaseCnc-js~webpack-scr~1902b2cd.bundle.6b3e6f486ea44af3271b.js

Requested by

Host: c1.sfdcstatic.com
URL: https://c1.sfdcstatic.com/etc.bundles/sfdc-www/bundles/scriptloader.bundle.6b3e6f486ea44af3271b.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.31.87.156 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-31-87-156.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

32bce27803a6cb38d8a74b2b11e430a256e9867b17d471fe43d266bd35aa7609

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

Referer: https://c.salesforce.com/login-messages/promos.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Thu, 30 Jan 2020 23:29:00 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
X-Original-Content-Length: 29124
Server: Apache
ETag: W/"PSA-FjS18HiHAt"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: no-cache
Last-Modified: Mon, 27 Jan 2020 19:10:32 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9056
X-Content-Type-Options: nosniff, nosniff
Expires: Thu, 30 Jan 2020 23:29:00 GMT

GET
H/1.1 200
OK vendors~webpack-script-manifest-SfdcWwwBase-js~webpack-script-manifest-SfdcWwwBaseCnc-js~webpack-scr~a93e8829.bundle.6b3e6f486ea44af3271b.js Show response
c.salesforce.com/etc.bundles/sfdc-www/bundles/ Frame 6A83 16 KB
5 KB 61ms
21ms Script
text/javascript 184.31.87.156
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c.salesforce.com/etc.bundles/sfdc-www/bundles/vendors~webpack-script-manifest-SfdcWwwBase-js~webpack-script-manifest-SfdcWwwBaseCnc-js~webpack-scr~a93e8829.bundle.6b3e6f486ea44af3271b.js

Requested by

Host: c1.sfdcstatic.com
URL: https://c1.sfdcstatic.com/etc.bundles/sfdc-www/bundles/scriptloader.bundle.6b3e6f486ea44af3271b.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.31.87.156 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-31-87-156.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ba31e655d0389a9934e508e12ac6f9225b2af2bd80b54a67a915adfe7e586655

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

Referer: https://c.salesforce.com/login-messages/promos.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Thu, 30 Jan 2020 23:29:00 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
X-Original-Content-Length: 16752
Server: Apache
ETag: W/"PSA-lzELS7Bfoz"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: no-cache
Last-Modified: Mon, 27 Jan 2020 19:10:32 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4932
X-Content-Type-Options: nosniff, nosniff
Expires: Thu, 30 Jan 2020 23:29:00 GMT

GET
H/1.1 200
OK vendors~webpack-script-manifest-SfdcWwwBase-js~webpack-script-manifest-SfdcWwwBaseCnc-js.bundle.6b3e6f486ea44af3271b.js Show response
c.salesforce.com/etc.bundles/sfdc-www/bundles/ Frame 6A83 177 KB
51 KB 74ms
34ms Script
text/javascript 184.31.87.156
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c.salesforce.com/etc.bundles/sfdc-www/bundles/vendors~webpack-script-manifest-SfdcWwwBase-js~webpack-script-manifest-SfdcWwwBaseCnc-js.bundle.6b3e6f486ea44af3271b.js

Requested by

Host: c1.sfdcstatic.com
URL: https://c1.sfdcstatic.com/etc.bundles/sfdc-www/bundles/scriptloader.bundle.6b3e6f486ea44af3271b.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.31.87.156 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-31-87-156.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0666a9228ed3f931b0e6b4fbdc79795ebe8339362482b953fb92280c9b9a07e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

Referer: https://c.salesforce.com/login-messages/promos.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Thu, 30 Jan 2020 23:29:00 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
X-Original-Content-Length: 181201
Server: Apache
ETag: W/"PSA-FyspASiLB0"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0, s-maxage=10
Last-Modified: Mon, 27 Jan 2020 19:10:34 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 51965
X-Content-Type-Options: nosniff, nosniff
Expires: Thu, 30 Jan 2020 23:29:00 GMT

GET
H/1.1 200
OK webpack-script-manifest-SfdcWwwBase-js.bundle.6b3e6f486ea44af3271b.js Show response
c.salesforce.com/etc.bundles/sfdc-www/bundles/ Frame 6A83 138 KB
38 KB 53ms
35ms Script
text/javascript 184.31.87.156
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c.salesforce.com/etc.bundles/sfdc-www/bundles/webpack-script-manifest-SfdcWwwBase-js.bundle.6b3e6f486ea44af3271b.js

Requested by

Host: c1.sfdcstatic.com
URL: https://c1.sfdcstatic.com/etc.bundles/sfdc-www/bundles/scriptloader.bundle.6b3e6f486ea44af3271b.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.31.87.156 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-31-87-156.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ebb87caf024ae53832ce53030d20165a7f950ec167fba390095e53651ff86ba5

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

Referer: https://c.salesforce.com/login-messages/promos.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Thu, 30 Jan 2020 23:29:00 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
X-Original-Content-Length: 141200
Server: Apache
ETag: W/"PSA-LoXjASFpXX"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: no-cache
Last-Modified: Mon, 27 Jan 2020 19:10:39 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 38390
X-Content-Type-Options: nosniff, nosniff
Expires: Thu, 30 Jan 2020 23:29:00 GMT

GET
H/1.1 200
OK webpack-script-manifest-aemMasterSearch-js.bundle.6b3e6f486ea44af3271b.js Show response
c.salesforce.com/etc.bundles/sfdc-www/bundles/ Frame 6A83 1 KB
1 KB 21ms
21ms Script
text/javascript 184.31.87.156
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c.salesforce.com/etc.bundles/sfdc-www/bundles/webpack-script-manifest-aemMasterSearch-js.bundle.6b3e6f486ea44af3271b.js

Requested by

Host: c1.sfdcstatic.com
URL: https://c1.sfdcstatic.com/etc.bundles/sfdc-www/bundles/scriptloader.bundle.6b3e6f486ea44af3271b.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.31.87.156 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-31-87-156.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

6801092928f237466828925f3fbeadefe070939c3a9d0f46b371f670183b7193

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

Referer: https://c.salesforce.com/login-messages/promos.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Thu, 30 Jan 2020 23:29:00 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
X-Original-Content-Length: 1205
Server: Apache
ETag: W/"PSA-T7bseHMkZ_"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: no-cache
Last-Modified: Mon, 27 Jan 2020 19:10:34 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 568
X-Content-Type-Options: nosniff, nosniff
Expires: Thu, 30 Jan 2020 23:29:00 GMT

GET
H/1.1 200
OK controltag.js.cee73ba6ab74e5caa8092ae34993bbaa Show response
cdn.krxd.net/ctjs/ Frame 6A83 249 KB
80 KB 19ms
19ms Script
application/javascript 151.101.112.175
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.cee73ba6ab74e5caa8092ae34993bbaa
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/rxr05acqt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.175 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 068bed61e83437f5e2d270cba661153f7912233b984631298cdd5ea1a2bb7fa2

Request headers

Referer: https://c.salesforce.com/login-messages/promos.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-CDN-Backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
Date: Thu, 30 Jan 2020 23:29:00 GMT
Content-Encoding: gzip
Age: 1757584
X-Cache: HIT
Connection: keep-alive
Content-Length: 81273
X-Served-By: cache-hhn4032-HHN
Last-Modified: Thu, 02 Jan 2020 17:46:59 GMT
X-Timer: S1580426940.433071,VS0,VE0
ETag: "cee73ba6ab74e5caa8092ae34993bbaa"
Content-Type: application/javascript
Via: 1.1 varnish
Expires: Sun, 30 Dec 2029 17:46:58 GMT
Cache-Control: public, max-age=315360000
Accept-Ranges: bytes
X-Cache-Hits: 1417928

GET
H2 200 SalesforceSans-Bold.woff2
c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/ Frame 6A83 27 KB
27 KB 39ms
37ms Font
text/html 184.31.82.92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Bold.woff2

Requested by

Host: a.sfdcstatic.com
URL: https://a.sfdcstatic.com/www/prod/oneTrustV3/742a15b9-6aa4-4c2f-99c1-ad4ca220cf96.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.31.82.92 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-31-82-92.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

13873c462325bd5d2b2bbb385fe971e1ced14d0d698e2eabb917fdf7a4af438a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://c1.sfdcstatic.com/etc.bundles/sfdc-www/bundles/all.bundle.6b3e6f486ea44af3271b.css
Origin: https://c.salesforce.com

Response headers

date: Thu, 30 Jan 2020 23:29:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 27671
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 27 Jan 2020 21:33:59 GMT
server: Apache
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
expires: Sat, 29 Feb 2020 23:29:00 GMT

GET
H2 200 optout_check Show response
beacon.krxd.net/ Frame 6A83 61 B
220 B 110ms
36ms Script
text/javascript 34.254.119.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.sfdc_us.kxjsonp_optOutCheck
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.cee73ba6ab74e5caa8092ae34993bbaa
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.119.250 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-119-250.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 36b0c557768fb3e65e44eea1d9a74a7373faa80913a7729871abc21b6b9f31a5

Request headers

Referer: https://c.salesforce.com/login-messages/promos.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status: 200
date: Thu, 30 Jan 2020 23:29:00 GMT
cache-control: private, max-age=0, s-max-age=0
x-request-time: D=38 t=1580426940
x-served-by: beacon-n018-dub-prod.krxd.net
content-type: text/javascript

GET
H/1.1 200
OK bac544c7-a050-4cc9-a88e-a4f67445a364 Show response
consumer.krxd.net/consent/get/ Frame 6A83 235 B
614 B 91ms
47ms Script
text/javascript 151.101.12.175
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/bac544c7-a050-4cc9-a88e-a4f67445a364?idt=device&dt=kxcookie&callback=Krux.ns.sfdc_us.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.cee73ba6ab74e5caa8092ae34993bbaa
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.175 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d569b326f0a7b55af0f8e84210b49ff8697f79df27cc2fae8a6f1edf737950f6

Request headers

Referer: https://c.salesforce.com/login-messages/promos.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Thu, 30 Jan 2020 23:29:00 GMT
Via: 1.1 varnish
Age: 0
X-Timer: S1580426941.640453,VS0,VE26
Vary: Accept-Encoding
X-Cache: MISS, MISS
Content-Type: text/javascript; charset=UTF-8
Cache-Control: max-age=1800
X-Cache-Hits: 0, 0
Connection: keep-alive
Accept-Ranges: bytes
Content-Encoding: gzip
X-Age: 0
Content-Length: 188
X-Served-By: consumer-a002-dub-prod.krxd.net, cache-fra19179-FRA

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			playful-bear-i5i7m6-dev-ed.my.salesforce.com/	1969-12-31 23:59:59	Name: QCQQ Value: 5gIQm0wjVsL
			.salesforce.com/	1970-01-19 08:26:50	Name: BrowserId Value: Sgmh-UO4EeqPoiOnTI11Iw

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://c1.sfdcstatic.com/etc.bundles/sfdc-www/bundles/scriptloader.bundle.6b3e6f486ea44af3271b.js(Line 1) Message: TypeError: Cannot read property 'util' of undefined
console-api	error	URL: https://c1.sfdcstatic.com/etc.bundles/sfdc-www/bundles/scriptloader.bundle.6b3e6f486ea44af3271b.js(Line 1) Message: TypeError: Cannot read property 'util' of undefined

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536002; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.sfdcstatic.com
beacon.krxd.net
c.salesforce.com
c1.sfdcstatic.com
cdn.krxd.net
consumer.krxd.net
fonts.googleapis.com
geolocation.onetrust.com
playful-bear-i5i7m6-dev-ed--th-con-app.visualforce.com
playful-bear-i5i7m6-dev-ed.my.salesforce.com
www.googletagmanager.com
13.110.0.212
13.110.3.85
151.101.112.175
151.101.12.175
184.31.82.92
184.31.87.156
2606:4700:10::6814:b844
2a00:1450:4001:814::2008
2a00:1450:4001:820::200a
34.254.119.250
02c47d1fb4a92fd6eca59ed828b0d0d7a8ef8285688bd27f36b1e003ffa9a52c
0666a9228ed3f931b0e6b4fbdc79795ebe8339362482b953fb92280c9b9a07e4
068bed61e83437f5e2d270cba661153f7912233b984631298cdd5ea1a2bb7fa2
0c004a8bc2e2b97498e70c2e4cd25caac120fd9b9dc75446d5e3867e741b661c
13873c462325bd5d2b2bbb385fe971e1ced14d0d698e2eabb917fdf7a4af438a
1f1752651aca663f40e45c60e182172fc426a40df042098f6e68a56db2c459f3
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e4445e14b0db10a4a88c3bc143160ec9e75461c177231fc01c0fe5d74ee1a3f
2f5e1732103b7b4ce4950f2d3886018d91e7490b74dc2bb078f38edb333f1904
300e55807abd80f68daecd8d76d2deb5aa283c2a047c593dbf1e907c7aedd5ff
32bce27803a6cb38d8a74b2b11e430a256e9867b17d471fe43d266bd35aa7609
33377a72c1b60b33c72ec1802610b7ff1f2fd5df6739d814460b5b82281b02f3
355604a949ef95ceffcd21a7e9b5ed27c95d847f95127e0ddad5aa1793f1bb74
36b0c557768fb3e65e44eea1d9a74a7373faa80913a7729871abc21b6b9f31a5
3853328ba8d7e1d38e6693942e0b0b856ae92815ba1130510e6893ce59897521
41615ee17d1db9d15b79208983db94a7668b1b97057fbdaf91f5c98d0b560006
42a531dce996297d2a03cb33044b36408821072ad24b9477a237bd8a3ed6ebf7
4bd5b50720035d13e9797b3f6b5d3eac62d1024a09d502a3431b10f5777bffe9
5641e10c8e69db39dfe833c5b4ccb69adad22192227b2bdde03b5b1126768d78
59c294268f29672a378e2fbbfd08e22d4dd24989d56226e43d66d51cdfbe466a
5c53039e1b0f4e4d1fbf70af77b7b1b24596e117bff0f38efc2a5171b2ddee9d
6076272185827d2f66ae38b24213502c9813285d70466c4ef4721167c8cb947d
665f068c50b68959f44c294630262275c0cbfa70c9ad65c64628bdf49ffdd353
6801092928f237466828925f3fbeadefe070939c3a9d0f46b371f670183b7193
6ea37511c37a9624f7eb558d3a1c5a238c34086c07b0e38776f7ea0990081867
6effaae73ce83316d1356ea984e417519743bce7a23982f053b1b8ec82135dae
6f2251079db9fde7d456ba66a9294899f3024dac928bec71b3ce42e1568f304f
8746f284dea8dd876a19ff1ff2f7808bb6eefb427ae3d0d63f6765cd4201f1af
91133ba9cca109325d8ac00d413535d05170ee6aa49c80c3d4432fa94505f999
a48f997fa23140662c20f7a46e93cefcef071fbf81ce038067582f2d822d86d5
b397476bcbcf8c9eae3f82007cc4f9495661b367e02e6d3dea6e15f0610ef20a
b5ead2d5984b5d33928c86253797aff57837306c0e6b6ba526284f27a6ec0b3c
b7df2d6cb9d0ecda707a1de1302b3c9d9bda16247dc382e696579a8308d49771
ba31e655d0389a9934e508e12ac6f9225b2af2bd80b54a67a915adfe7e586655
bd3f59df28947a3a88739102b78ad756bfaacc2bdd689a77dab6cbc132150bc6
be48eb77224cd798f343705ee369ae4c051525f46ab07c7ac123c23beabe6d2a
be87ef3e6e7c03df05a6e3fc16622a3f9de6b43d908040e13ac8177c2be5cf4d
c078321060a1a62b73ffdd2a03e6d2d26f6a07b267198c1a00d5766491c97f43
c084b47104c493fb377b6d35d8c08df67d773f6dcf8294c0a7360710cd8cacbd
c3f71d542656fa0835d15106408ec065d630c8bc05078915d8b58202ba28956e
cb63fc8dcc9a4b094cfdd118d9bc46a8ed61ad1d07faafd635e435f284508224
d569b326f0a7b55af0f8e84210b49ff8697f79df27cc2fae8a6f1edf737950f6
dd464055be78eadee2d5d3ecc5380600b788883e462d9e77372877dc04110e6d
e3fc31f7ff4e172cf230a99559537672d43115f6b69e5c0900c625ecfaac8e6a
ea687e0d8350e99dad8ed0008793847fe5d81cb57e4fd6b18b65d087a04ccc0f
eaad55e191dfa47c16e93c2ff6ad4f7bd663979f044984e7ad3c9b67b2d430f8
ebb87caf024ae53832ce53030d20165a7f950ec167fba390095e53651ff86ba5
ec034f017bcb4492890201b4e6daf9a4fd6977be9ba9b97ee5e41bc2c8e801cd
f7d6b1c8e88874fb2696fc3128ea91fc6f47915466ea9f566ab2c39fcebffbd6
fcbfcc1886467917ad6333d95a59fd92ad22c69b1509c75ebc6b2d7a10e14cf8

playful-bear-i5i7m6-dev-ed.my.salesforce.com Open in urlscan Pro 13.110.0.212 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

50 Requests

100 %HTTPS

30 %IPv6

7 Domains

11 Subdomains

9 IPs

4 Countries

730 kBTransfer

3054 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

playful-bear-i5i7m6-dev-ed.my.salesforce.com Open in urlscan Pro
13.110.0.212 Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

100 %
HTTPS

30 %
IPv6

7
Domains

11
Subdomains

9
IPs

4
Countries

730 kB
Transfer

3054 kB
Size

2
Cookies

50 HTTP transactions
0 data transactions