urlscan.io logo urlscan.io
SecurityTrails logo

vaxmgmt.force.com Open in urlscan Pro
52.61.133.15  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://vaxmgmt.force.com/authorizedEnroller/login?c=8BZQrFFu9ljNSrRI4mQnyJhc1a_mhgz6M08THzZAtboG6hn.0az0hjKbSUXm.pzMGs.eE...
Effective URL: https://vaxmgmt.force.com/authorizedEnroller/s/login/
Submission Tags: falconsandbox
Submission: On April 22 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 8 HTTP transactions. The main IP is 52.61.133.15, located in Boardman, United States and belongs to AMAZON EXPANSION, IE. The main domain is vaxmgmt.force.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on August 14th 2020. Valid for: a year.
This is the only time vaxmgmt.force.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 10 52.61.133.15 8987 (AMAZON EX...)
8 1
Apex Domain
Subdomains		 Transfer
10 force.com
vaxmgmt.force.com
1 MB
8 1
Domain Requested by
10 vaxmgmt.force.com 2 redirects vaxmgmt.force.com
8 1

This site contains no links.

Subject Issuer Validity Valid
*.na107.force.com
DigiCert SHA2 Secure Server CA		 2020-08-14 -
2021-08-14		 a year crt.sh

This page contains 1 frames:

Primary Page: https://vaxmgmt.force.com/authorizedEnroller/s/login/
Frame ID: DEF887915638DAD3C27C15CBF6256FA4
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://vaxmgmt.force.com/authorizedEnroller/login?c=8BZQrFFu9ljNSrRI4mQnyJhc1a_mhgz6M08THzZAtboG6hn.0... HTTP 302
    https://vaxmgmt.force.com/authorizedEnroller/s/login HTTP 302
    https://vaxmgmt.force.com/authorizedEnroller/s/login/ Page URL

Page Statistics

8
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

1100 kB
Transfer

4324 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://vaxmgmt.force.com/authorizedEnroller/login?c=8BZQrFFu9ljNSrRI4mQnyJhc1a_mhgz6M08THzZAtboG6hn.0az0hjKbSUXm.pzMGs.eEkyinCcs0oplTrHUvWmSyR4enrzquN.gCDfXhg6KO2Zw.CifIRL4mmbZA2933G8WuxUsLPIkhEKANLkyXDhT3IuQKQoisNY_4fomIc.JjFxOFhEbDHtlun2.EYiWG9bGSIMwkQwqELR4QrPkqQDkvZJB1Q%3D%3D HTTP 302
    https://vaxmgmt.force.com/authorizedEnroller/s/login HTTP 302
    https://vaxmgmt.force.com/authorizedEnroller/s/login/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
vaxmgmt.force.com/authorizedEnroller/s/login/
Redirect Chain
  • https://vaxmgmt.force.com/authorizedEnroller/login?c=8BZQrFFu9ljNSrRI4mQnyJhc1a_mhgz6M08THzZAtboG6hn.0az0hjKbSUXm.pzMGs.eEkyinCcs0oplTrHUvWmSyR4enrzquN.gCDfXhg6KO2Zw.CifIRL4mmbZA2933G8WuxUsLPIkhEKA...
  • https://vaxmgmt.force.com/authorizedEnroller/s/login
  • https://vaxmgmt.force.com/authorizedEnroller/s/login/
33 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vaxmgmt.force.com/authorizedEnroller/s/login/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.61.133.15 Boardman, United States, ASN8987 (AMAZON EXPANSION, IE),
Reverse DNS
dpl4-hio.na107-hio.force.com
Software
/
Resource Hash
0b5693d71d280372cedf9d3ff73c7437aa96d8be3aa09a1a21d5d3c6c4225905
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests default-src 'self'; script-src 'self' 'unsafe-eval' 'nonce-EM2of15I7OSjaw8hBsO8NuPQ2uTF1eIE' https://service.force.com/embeddedservice/ import: blob:; object-src 'self' www.google.com; style-src 'self' 'unsafe-inline' blob: https://www.google.com https://www.gstatic.com https://fonts.googleapis.com https://fonts.gstatic.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com; img-src 'self' data: blob: https://doittvaxmgmt.my.salesforce.com http://doittvaxmgmt--c.documentforce.com https://img.youtube.com https://i.ytimg.com https://i.vimeocdn.com https://login.salesforce.com/icons/ https://na107.salesforce.com/icons/ https://www.google.com https://www.gstatic.com https://fonts.googleapis.com https://fonts.gstatic.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com; media-src 'self' https://www.google.com https://www.gstatic.com https://fonts.googleapis.com https://fonts.gstatic.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com; frame-ancestors 'self'; frame-src 'self' https://service.force.com/embeddedservice/ https://na107.salesforce.com https://sfdc-link-preview-staging.sfdc.sh https://sfdc-link-preview.hk.salesforce.com https://cdn.embedly.com https://www.youtube.com https://player.vimeo.com https://play.vidyard.com https://player.cloudinary.com https://fast.wistia.net https://players.brightcove.net https://s1.adis.ws https://scormanywhere.secure.force.com https://appiniummastertrial.secure.force.com https://*.c.forceusercontent.com/lightningmaps/ https://www.google.com https://www.gstatic.com https://fonts.googleapis.com https://fonts.gstatic.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com; font-src 'self' data: https://www.google.com https://www.gstatic.com https://fonts.googleapis.com https://fonts.gstatic.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com; connect-src 'self' https://www.google.com https://www.gstatic.com https://fonts.googleapis.com https://fonts.gstatic.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com
Strict-Transport-Security max-age=31536004; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
vaxmgmt.force.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
BrowserId=GrSTXaNDEeufbxvFC98ojQ; BrowserId_sec=GrSTXaNDEeufbxvFC98ojQ; QCQQ=kHANFmaL9Oo
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Apr 2021 08:16:57 GMT
Strict-Transport-Security
max-age=31536004; includeSubDomains
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Content-Security-Policy
upgrade-insecure-requests default-src 'self'; script-src 'self' 'unsafe-eval' 'nonce-EM2of15I7OSjaw8hBsO8NuPQ2uTF1eIE' https://service.force.com/embeddedservice/ import: blob:; object-src 'self' www.google.com; style-src 'self' 'unsafe-inline' blob: https://www.google.com https://www.gstatic.com https://fonts.googleapis.com https://fonts.gstatic.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com; img-src 'self' data: blob: https://doittvaxmgmt.my.salesforce.com http://doittvaxmgmt--c.documentforce.com https://img.youtube.com https://i.ytimg.com https://i.vimeocdn.com https://login.salesforce.com/icons/ https://na107.salesforce.com/icons/ https://www.google.com https://www.gstatic.com https://fonts.googleapis.com https://fonts.gstatic.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com; media-src 'self' https://www.google.com https://www.gstatic.com https://fonts.googleapis.com https://fonts.gstatic.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com; frame-ancestors 'self'; frame-src 'self' https://service.force.com/embeddedservice/ https://na107.salesforce.com https://sfdc-link-preview-staging.sfdc.sh https://sfdc-link-preview.hk.salesforce.com https://cdn.embedly.com https://www.youtube.com https://player.vimeo.com https://play.vidyard.com https://player.cloudinary.com https://fast.wistia.net https://players.brightcove.net https://s1.adis.ws https://scormanywhere.secure.force.com https://appiniummastertrial.secure.force.com https://*.c.forceusercontent.com/lightningmaps/ https://www.google.com https://www.gstatic.com https://fonts.googleapis.com https://fonts.gstatic.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com; font-src 'self' data: https://www.google.com https://www.gstatic.com https://fonts.googleapis.com https://fonts.gstatic.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com; connect-src 'self' https://www.google.com https://www.gstatic.com https://fonts.googleapis.com https://fonts.gstatic.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com
Referrer-Policy
origin-when-cross-origin
Cache-Control
no-cache,must-revalidate,max-age=0,no-store,private
Set-Cookie
CookieConsentPolicy=0:0; domain=vaxmgmt.force.com; path=/; expires=Fri, 22-Apr-2022 08:16:57 GMT; Max-Age=31536000 renderCtx=%7B%22pageId%22%3A%22ab3fac0d-97fe-4262-b287-a73fd3a43ef4%22%2C%22schema%22%3A%22Published%22%2C%22viewType%22%3A%22Published%22%2C%22brandingSetId%22%3A%2225f5c153-f4f2-49d4-b998-ca23b1920a3f%22%2C%22audienceIds%22%3A%22%22%7D; domain=vaxmgmt.force.com; path=/authorizedEnroller/s; secure; SameSite=None
X-FRAME-OPTIONS
SAMEORIGIN
Expires
Wed, 22 Apr 2020 08:16:57 GMT
Content-Type
text/html;charset=UTF-8
Vary
Origin Accept-Encoding
Last-Modified
Wed, 22 Apr 2020 08:16:57 GMT
Link
</authorizedEnroller/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AloginApp2%22%3A%22WLXXr4ihUxFOnYqMlBh2BA%22%7D%2C%22styleContext%22%3A%7B%22c%22%3A%22webkit%22%2C%22x%22%3A%5B%22isDesktop%22%5D%2C%22tokens%22%3A%5B%22markup%3A%2F%2Fforce%3AsldsTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AnapiliAuraTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AneutralTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AserializedTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AcommunityTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AauraDynamicTokens%22%5D%2C%22tuid%22%3A%22IfEXsce1IhMIer9JnEi-hg%22%2C%22cuid%22%3A781467162%7D%2C%22pathPrefix%22%3A%22%2FauthorizedEnroller%22%7D/app.css?2>;rel=preload;as=style;nopush,</authorizedEnroller/s/sfsites/auraFW/javascript/Q8onN6EmJyGRC51_NSPc2A/aura_prod.js>;rel=preload;as=script;nopush,</authorizedEnroller/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22serializationVersion%22%3A%221-1.9.3-230.1-b%22%2C%22parts%22%3A%22f%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AloginApp2%22%3A%22WLXXr4ihUxFOnYqMlBh2BA%22%7D%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%7D/app.js>;rel=preload;as=script;nopush
Server-Timing
Total;dur=84
Content-Encoding
gzip
Transfer-Encoding
chunked

Redirect headers

Date
Thu, 22 Apr 2021 08:16:57 GMT
Strict-Transport-Security
max-age=31536004; includeSubDomains
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Content-Security-Policy
upgrade-insecure-requests
Referrer-Policy
origin-when-cross-origin
Cache-Control
no-cache,must-revalidate,max-age=0,no-store,private
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://vaxmgmt.force.com/authorizedEnroller/s/login/
Content-Length
0
app.css
vaxmgmt.force.com/authorizedEnroller/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AloginApp2%22%3A... 		886 KB
115 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vaxmgmt.force.com/authorizedEnroller/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AloginApp2%22%3A%22WLXXr4ihUxFOnYqMlBh2BA%22%7D%2C%22styleContext%22%3A%7B%22c%22%3A%22webkit%22%2C%22x%22%3A%5B%22isDesktop%22%5D%2C%22tokens%22%3A%5B%22markup%3A%2F%2Fforce%3AsldsTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AnapiliAuraTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AneutralTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AserializedTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AcommunityTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AauraDynamicTokens%22%5D%2C%22tuid%22%3A%22IfEXsce1IhMIer9JnEi-hg%22%2C%22cuid%22%3A781467162%7D%2C%22pathPrefix%22%3A%22%2FauthorizedEnroller%22%7D/app.css?2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.61.133.15 Boardman, United States, ASN8987 (AMAZON EXPANSION, IE),
Reverse DNS
dpl4-hio.na107-hio.force.com
Software
/
Resource Hash
5778a61e81af671ddca4a974023c142efaa072d751eda235ca2ec76876ce03ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536004; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vaxmgmt.force.com/authorizedEnroller/s/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Apr 2021 08:16:57 GMT
Content-Encoding
gzip
Referrer-Policy
origin-when-cross-origin
Last-Modified
Wed, 21 Apr 2021 08:16:57 GMT
Strict-Transport-Security
max-age=31536004; includeSubDomains
Content-Type
text/css;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000,public,immutable
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Cookie set aura_prod.js
vaxmgmt.force.com/authorizedEnroller/s/sfsites/auraFW/javascript/Q8onN6EmJyGRC51_NSPc2A/ 		716 KB
226 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vaxmgmt.force.com/authorizedEnroller/s/sfsites/auraFW/javascript/Q8onN6EmJyGRC51_NSPc2A/aura_prod.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.61.133.15 Boardman, United States, ASN8987 (AMAZON EXPANSION, IE),
Reverse DNS
dpl4-hio.na107-hio.force.com
Software
/
Resource Hash
1c4670c675583badc813c3cf56f6f9668acd2142260f8442fc1f425dc5884911
Security Headers
Name Value
Strict-Transport-Security max-age=31536004; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
vaxmgmt.force.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://vaxmgmt.force.com/authorizedEnroller/s/login/
Cookie
renderCtx=%7B%22pageId%22%3A%22ab3fac0d-97fe-4262-b287-a73fd3a43ef4%22%2C%22schema%22%3A%22Published%22%2C%22viewType%22%3A%22Published%22%2C%22brandingSetId%22%3A%2225f5c153-f4f2-49d4-b998-ca23b1920a3f%22%2C%22audienceIds%22%3A%22%22%7D; BrowserId=GrSTXaNDEeufbxvFC98ojQ; BrowserId_sec=GrSTXaNDEeufbxvFC98ojQ; QCQQ=kHANFmaL9Oo; CookieConsentPolicy=0:0
Connection
keep-alive
Referer
https://vaxmgmt.force.com/authorizedEnroller/s/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Apr 2021 08:16:58 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Server-Timing
Total;dur=19
X-XSS-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin
Last-Modified
Wed, 21 Apr 2021 08:16:58 GMT
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536004; includeSubDomains
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server-Timing
Cache-Control
max-age=31536000,public,immutable
Set-Cookie
force-stream=!CngL8btcCYYr5nG0KMUUUTa86Xb4cZutOC/XKh8OYxotZm39sKLrOoJJdyg554jY718hhJfq5BdhBg==; path=/;Expires=Thu, 22-Apr-2021 11:16:58 GMT; SameSite=None;Secure
Timing-Allow-Origin
*
Cookie set app.js
vaxmgmt.force.com/authorizedEnroller/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22serializationVersion%22%3A%221-1.9.3-230.1-b%22%2C%22parts%22%3A%22f%22%2C... 		2 MB
367 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vaxmgmt.force.com/authorizedEnroller/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22serializationVersion%22%3A%221-1.9.3-230.1-b%22%2C%22parts%22%3A%22f%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AloginApp2%22%3A%22WLXXr4ihUxFOnYqMlBh2BA%22%7D%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%7D/app.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.61.133.15 Boardman, United States, ASN8987 (AMAZON EXPANSION, IE),
Reverse DNS
dpl4-hio.na107-hio.force.com
Software
/
Resource Hash
fd57fffe4e1ca9775caf6326777a364c88c7d0ee88755380940742d5e286a1c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536004; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
vaxmgmt.force.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://vaxmgmt.force.com/authorizedEnroller/s/login/
Cookie
renderCtx=%7B%22pageId%22%3A%22ab3fac0d-97fe-4262-b287-a73fd3a43ef4%22%2C%22schema%22%3A%22Published%22%2C%22viewType%22%3A%22Published%22%2C%22brandingSetId%22%3A%2225f5c153-f4f2-49d4-b998-ca23b1920a3f%22%2C%22audienceIds%22%3A%22%22%7D; BrowserId=GrSTXaNDEeufbxvFC98ojQ; BrowserId_sec=GrSTXaNDEeufbxvFC98ojQ; QCQQ=kHANFmaL9Oo; CookieConsentPolicy=0:0
Connection
keep-alive
Referer
https://vaxmgmt.force.com/authorizedEnroller/s/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Apr 2021 08:16:58 GMT
Content-Encoding
gzip
Referrer-Policy
origin-when-cross-origin
Last-Modified
Wed, 21 Apr 2021 08:16:58 GMT
Strict-Transport-Security
max-age=31536004; includeSubDomains
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000,public,immutable
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
Set-Cookie
force-stream=!vi6qLMhSjutlhle0KMUUUTa86Xb4cfqddUe+WzNr5GAkHikSWHvbrQ2vAEIBtCgGtbTnCdykp2w7; path=/;Expires=Thu, 22-Apr-2021 11:16:58 GMT; SameSite=None;Secure
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
fonts.css
vaxmgmt.force.com/authorizedEnroller/s/sfsites/runtimedownload/ 		336 KB
242 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vaxmgmt.force.com/authorizedEnroller/s/sfsites/runtimedownload/fonts.css?lastMod=1619052907000&brandSet=25f5c153-f4f2-49d4-b998-ca23b1920a3f
Requested by
Host: vaxmgmt.force.com
URL: https://vaxmgmt.force.com/authorizedEnroller/s/login/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.61.133.15 Boardman, United States, ASN8987 (AMAZON EXPANSION, IE),
Reverse DNS
dpl4-hio.na107-hio.force.com
Software
/
Resource Hash
82e83554176a7646cfe2ffa649c82fe17726675e4dc7b5b40b066c543a24f828
Security Headers
Name Value
Strict-Transport-Security max-age=31536004; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
vaxmgmt.force.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://vaxmgmt.force.com/authorizedEnroller/s/login/
Cookie
renderCtx=%7B%22pageId%22%3A%22ab3fac0d-97fe-4262-b287-a73fd3a43ef4%22%2C%22schema%22%3A%22Published%22%2C%22viewType%22%3A%22Published%22%2C%22brandingSetId%22%3A%2225f5c153-f4f2-49d4-b998-ca23b1920a3f%22%2C%22audienceIds%22%3A%22%22%7D; BrowserId=GrSTXaNDEeufbxvFC98ojQ; BrowserId_sec=GrSTXaNDEeufbxvFC98ojQ; QCQQ=kHANFmaL9Oo; CookieConsentPolicy=0:0
Connection
keep-alive
Referer
https://vaxmgmt.force.com/authorizedEnroller/s/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Apr 2021 08:16:58 GMT
Content-Encoding
gzip
Referrer-Policy
origin-when-cross-origin
Last-Modified
Thu, 22 Apr 2021 00:55:07 GMT
Strict-Transport-Security
max-age=31536004; includeSubDomains
Content-Type
text/css; charset=utf-8
Cache-Control
public,max-age=31536000
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Expires
Fri, 22 Apr 2022 08:16:58 GMT
Cookie set resources.js
vaxmgmt.force.com/authorizedEnroller/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22fwuid%22%3A%22Q8onN6EmJyGRC51_NSPc2A%22%2C%22loaded%22%3A%7B%22APPLICATION... 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vaxmgmt.force.com/authorizedEnroller/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22fwuid%22%3A%22Q8onN6EmJyGRC51_NSPc2A%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AloginApp2%22%3A%22WLXXr4ihUxFOnYqMlBh2BA%22%7D%2C%22apce%22%3A1%2C%22apck%22%3A%22KGHAaMBxSZEU7kK0LKj07g%22%2C%22mlr%22%3A1%2C%22pathPrefix%22%3A%22%2FauthorizedEnroller%22%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%7D/resources.js?pv=1619053950000-1707034601&rv=1619053306000
Requested by
Host: vaxmgmt.force.com
URL: https://vaxmgmt.force.com/authorizedEnroller/s/login/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.61.133.15 Boardman, United States, ASN8987 (AMAZON EXPANSION, IE),
Reverse DNS
dpl4-hio.na107-hio.force.com
Software
/
Resource Hash
7f22d6dcc423aba54b18024b4c994015a2cdc096241403e54d06f1f5c870946a
Security Headers
Name Value
Strict-Transport-Security max-age=31536004; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
vaxmgmt.force.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://vaxmgmt.force.com/authorizedEnroller/s/login/
Cookie
renderCtx=%7B%22pageId%22%3A%22ab3fac0d-97fe-4262-b287-a73fd3a43ef4%22%2C%22schema%22%3A%22Published%22%2C%22viewType%22%3A%22Published%22%2C%22brandingSetId%22%3A%2225f5c153-f4f2-49d4-b998-ca23b1920a3f%22%2C%22audienceIds%22%3A%22%22%7D; BrowserId=GrSTXaNDEeufbxvFC98ojQ; BrowserId_sec=GrSTXaNDEeufbxvFC98ojQ; QCQQ=kHANFmaL9Oo; CookieConsentPolicy=0:0
Connection
keep-alive
Referer
https://vaxmgmt.force.com/authorizedEnroller/s/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Apr 2021 08:16:58 GMT
Content-Encoding
gzip
Referrer-Policy
origin-when-cross-origin
Last-Modified
Wed, 21 Apr 2021 08:16:58 GMT
Strict-Transport-Security
max-age=31536004; includeSubDomains
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000,private,immutable
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
Set-Cookie
force-stream=!Zsnpf2mZ0d9TWbS0KMUUUTa86Xb4cfB6+lleeiECnyijImJXvauMW+F5ZiK2QifcT6cqrahvm6D0jw==; path=/;Expires=Thu, 22-Apr-2021 11:16:58 GMT; SameSite=None;Secure
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Cookie set bootstrap.js
vaxmgmt.force.com/authorizedEnroller/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22fwuid%22%3A%22Q8onN6EmJyGRC51_NSPc2A%22%2C%22loaded%22%3A%7B%22APPLICATION... 		572 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vaxmgmt.force.com/authorizedEnroller/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22fwuid%22%3A%22Q8onN6EmJyGRC51_NSPc2A%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AloginApp2%22%3A%22WLXXr4ihUxFOnYqMlBh2BA%22%7D%2C%22apce%22%3A1%2C%22apck%22%3A%22KGHAaMBxSZEU7kK0LKj07g%22%2C%22mlr%22%3A1%2C%22pathPrefix%22%3A%22%2FauthorizedEnroller%22%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%7D/bootstrap.js?aura.attributes=%7B%22schema%22%3A%22Published%22%2C%22brandingSetId%22%3A%2225f5c153-f4f2-49d4-b998-ca23b1920a3f%22%2C%22authenticated%22%3A%22false%22%2C%22ac%22%3A%22%22%2C%22formFactor%22%3A%22LARGE%22%2C%22publishedChangelistNum%22%3A%226%22%2C%22viewType%22%3A%22Published%22%2C%22themeLayoutType%22%3A%22p2qLrtrCfc7HxgQXsYpiwiM7Zf5MfS%22%2C%22language%22%3A%22en_US%22%2C%22isHybrid%22%3A%22false%22%2C%22pageId%22%3A%22ab3fac0d-97fe-4262-b287-a73fd3a43ef4%22%7D
Requested by
Host: vaxmgmt.force.com
URL: https://vaxmgmt.force.com/authorizedEnroller/s/login/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.61.133.15 Boardman, United States, ASN8987 (AMAZON EXPANSION, IE),
Reverse DNS
dpl4-hio.na107-hio.force.com
Software
/
Resource Hash
d86040d0b159a00dc7f940b32cb1b46489ce5da849400643d393da8d4fc35ac9
Security Headers
Name Value
Strict-Transport-Security max-age=31536004; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
vaxmgmt.force.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://vaxmgmt.force.com/authorizedEnroller/s/login/
Cookie
renderCtx=%7B%22pageId%22%3A%22ab3fac0d-97fe-4262-b287-a73fd3a43ef4%22%2C%22schema%22%3A%22Published%22%2C%22viewType%22%3A%22Published%22%2C%22brandingSetId%22%3A%2225f5c153-f4f2-49d4-b998-ca23b1920a3f%22%2C%22audienceIds%22%3A%22%22%7D; BrowserId=GrSTXaNDEeufbxvFC98ojQ; BrowserId_sec=GrSTXaNDEeufbxvFC98ojQ; QCQQ=kHANFmaL9Oo; CookieConsentPolicy=0:0
Connection
keep-alive
Referer
https://vaxmgmt.force.com/authorizedEnroller/s/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Apr 2021 08:16:58 GMT
Content-Encoding
gzip
Referrer-Policy
origin-when-cross-origin
Last-Modified
Wed, 22 Apr 2020 08:16:58 GMT
Strict-Transport-Security
max-age=31536004; includeSubDomains
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache,must-revalidate,max-age=0,no-store,private
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
Set-Cookie
force-stream=!Isdes5KtdHJQ/ai0KMUUUTa86Xb4cYU9liN8yA+QjUD5lgMVn3nSxHMmV2H5iznXgEB4M4dzHU5l; path=/;Expires=Thu, 22-Apr-2021 11:16:58 GMT; SameSite=None;Secure
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Expires
Wed, 22 Apr 2020 08:16:58 GMT
aura
vaxmgmt.force.com/authorizedEnroller/s/sfsites/ 		64 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vaxmgmt.force.com/authorizedEnroller/s/sfsites/aura?message=%7B%22actions%22%3A%5B%7B%22descriptor%22%3A%22serviceComponent%3A%2F%2Fui.comm.runtime.components.aura.components.siteforce.controller.PubliclyCacheableComponentLoaderController%2FACTION%24getPageComponent%22%2C%22callingDescriptor%22%3A%22UNKNOWN%22%2C%22params%22%3A%7B%22attributes%22%3A%7B%22viewId%22%3A%22cbe789a2-2ff8-4250-aee8-c708f275ab38%22%2C%22routeType%22%3A%22login-home%22%2C%22themeLayoutType%22%3A%22p2qLrtrCfc7HxgQXsYpiwiM7Zf5MfS%22%2C%22params%22%3A%7B%22viewid%22%3A%2296cf73b3-7b79-4a99-be30-6e4554347ac5%22%2C%22view_uddid%22%3A%22%22%2C%22entity_name%22%3A%22%22%2C%22audience_name%22%3A%22%22%2C%22picasso_id%22%3A%22%22%2C%22routeId%22%3A%22%22%7D%2C%22hasAttrVaringCmps%22%3Afalse%2C%22pageLoadType%22%3A%22STANDARD_PAGE_CONTENT%22%2C%22includeLayout%22%3Atrue%7D%2C%22publishedChangelistNum%22%3A6%2C%22brandingSetId%22%3A%2225f5c153-f4f2-49d4-b998-ca23b1920a3f%22%7D%7D%5D%7D&aura.context=%7B%22mode%22%3A%22PROD%22%2C%22fwuid%22%3A%22Q8onN6EmJyGRC51_NSPc2A%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AloginApp2%22%3A%22WLXXr4ihUxFOnYqMlBh2BA%22%7D%2C%22apck%22%3A%22KGHAaMBxSZEU7kK0LKj07g%22%2C%22uad%22%3Afalse%7D&aura.isAction=true
Requested by
Host: vaxmgmt.force.com
URL: https://vaxmgmt.force.com/authorizedEnroller/s/sfsites/auraFW/javascript/Q8onN6EmJyGRC51_NSPc2A/aura_prod.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.61.133.15 Boardman, United States, ASN8987 (AMAZON EXPANSION, IE),
Reverse DNS
dpl4-hio.na107-hio.force.com
Software
/
Resource Hash
6dc5ad7631b75fc036de10444250ec32763f9ce104b07b4c2f23fafbd3a84f36
Security Headers
Name Value
Strict-Transport-Security max-age=31536004; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
vaxmgmt.force.com
Accept-Language
en-US
X-SFDC-Page-Scope-Id
8e8c64e2-689c-4f07-a68e-b236afd37aeb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
empty
Referer
https://vaxmgmt.force.com/authorizedEnroller/s/login/
Cookie
renderCtx=%7B%22pageId%22%3A%22ab3fac0d-97fe-4262-b287-a73fd3a43ef4%22%2C%22schema%22%3A%22Published%22%2C%22viewType%22%3A%22Published%22%2C%22brandingSetId%22%3A%2225f5c153-f4f2-49d4-b998-ca23b1920a3f%22%2C%22audienceIds%22%3A%22%22%7D; BrowserId=GrSTXaNDEeufbxvFC98ojQ; BrowserId_sec=GrSTXaNDEeufbxvFC98ojQ; QCQQ=kHANFmaL9Oo; CookieConsentPolicy=0:0; force-stream=!Isdes5KtdHJQ/ai0KMUUUTa86Xb4cYU9liN8yA+QjUD5lgMVn3nSxHMmV2H5iznXgEB4M4dzHU5l
Connection
keep-alive
X-SFDC-Page-Scope-Id
8e8c64e2-689c-4f07-a68e-b236afd37aeb
Referer
https://vaxmgmt.force.com/authorizedEnroller/s/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Apr 2021 08:16:59 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Server-Timing
Total;dur=73
X-XSS-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin
Last-Modified
Wed, 21 Apr 2021 08:16:59 GMT
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536004; includeSubDomains
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server-Timing
Cache-Control
max-age=1800,public
Timing-Allow-Origin
*
Expires
Wed, 22 Apr 2020 08:16:59 GMT

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| picassoSPA string| comm__attrVariationKey number| pageStartTime object| Aura object| AuraLocker object| AuraLockerDisabled object| $A object| aura function| DOMPurify function| Router

6 Cookies

Domain/Path Name / Value
vaxmgmt.force.com/ Name: force-stream
Value: !Isdes5KtdHJQ/ai0KMUUUTa86Xb4cYU9liN8yA+QjUD5lgMVn3nSxHMmV2H5iznXgEB4M4dzHU5l
.vaxmgmt.force.com/authorizedEnroller/s Name: renderCtx
Value: %7B%22pageId%22%3A%22ab3fac0d-97fe-4262-b287-a73fd3a43ef4%22%2C%22schema%22%3A%22Published%22%2C%22viewType%22%3A%22Published%22%2C%22brandingSetId%22%3A%2225f5c153-f4f2-49d4-b998-ca23b1920a3f%22%2C%22audienceIds%22%3A%22%22%7D
.vaxmgmt.force.com/ Name: QCQQ
Value: kHANFmaL9Oo
.force.com/ Name: BrowserId_sec
Value: GrSTXaNDEeufbxvFC98ojQ
.vaxmgmt.force.com/ Name: CookieConsentPolicy
Value: 0:0
.force.com/ Name: BrowserId
Value: GrSTXaNDEeufbxvFC98ojQ

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests default-src 'self'; script-src 'self' 'unsafe-eval' 'nonce-EM2of15I7OSjaw8hBsO8NuPQ2uTF1eIE' https://service.force.com/embeddedservice/ import: blob:; object-src 'self' www.google.com; style-src 'self' 'unsafe-inline' blob: https://www.google.com https://www.gstatic.com https://fonts.googleapis.com https://fonts.gstatic.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com; img-src 'self' data: blob: https://doittvaxmgmt.my.salesforce.com http://doittvaxmgmt--c.documentforce.com https://img.youtube.com https://i.ytimg.com https://i.vimeocdn.com https://login.salesforce.com/icons/ https://na107.salesforce.com/icons/ https://www.google.com https://www.gstatic.com https://fonts.googleapis.com https://fonts.gstatic.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com; media-src 'self' https://www.google.com https://www.gstatic.com https://fonts.googleapis.com https://fonts.gstatic.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com; frame-ancestors 'self'; frame-src 'self' https://service.force.com/embeddedservice/ https://na107.salesforce.com https://sfdc-link-preview-staging.sfdc.sh https://sfdc-link-preview.hk.salesforce.com https://cdn.embedly.com https://www.youtube.com https://player.vimeo.com https://play.vidyard.com https://player.cloudinary.com https://fast.wistia.net https://players.brightcove.net https://s1.adis.ws https://scormanywhere.secure.force.com https://appiniummastertrial.secure.force.com https://*.c.forceusercontent.com/lightningmaps/ https://www.google.com https://www.gstatic.com https://fonts.googleapis.com https://fonts.gstatic.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com; font-src 'self' data: https://www.google.com https://www.gstatic.com https://fonts.googleapis.com https://fonts.gstatic.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com; connect-src 'self' https://www.google.com https://www.gstatic.com https://fonts.googleapis.com https://fonts.gstatic.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com
Strict-Transport-Security max-age=31536004; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block