thdsaml.homedepot.com Open in urlscan Pro
207.11.34.177 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://thdwfm.nicecloudsvc.com/
Effective URL:
https://thdsaml.homedepot.com/idp/0mV3f/resumeSAML20/idp/SSO.ping
Submission: On August 14 via api (August 14th 2023, 6:12:29 pm UTC) from US — Scanned from DE

Summary HTTP 18 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 18 HTTP transactions. The main IP is 207.11.34.177, located in United States and belongs to HOMEDEPOTNET, US. The main domain is thdsaml.homedepot.com. The Cisco Umbrella rank of the primary domain is 309868.
TLS certificate: Issued by Entrust Certification Authority - L1K on September 6th 2022. Valid for: a year.

This is the only time thdsaml.homedepot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	13.248.201.231 13.248.201.231	16509 (AMAZON-02) (AMAZON-02)
1 8	207.11.34.177 207.11.34.177	10967 (HOMEDEPOTNET) (HOMEDEPOTNET)
18	3

11 13.248.201.231 (United States)

ASN16509 (AMAZON-02, US)
PTR: a09dfbfdc695b68f2.awsglobalaccelerator.com

thdwfm.nicecloudsvc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 207.11.34.177 (United States) 1 redirects

ASN10967 (HOMEDEPOTNET, US)

thdsaml.homedepot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	nicecloudsvc.com thdwfm.nicecloudsvc.com	797 KB
8	homedepot.com 1 redirects thdsaml.homedepot.com — Cisco Umbrella Rank: 309868	481 KB
0	Failed function sub() { [native code] }. Failed
18	3

	Domain	Requested by
11	thdwfm.nicecloudsvc.com	thdwfm.nicecloudsvc.com
8	thdsaml.homedepot.com	1 redirects thdsaml.homedepot.com
0	truncated Failed	thdwfm.nicecloudsvc.com
18	3

This site contains no links.

Subject Issuer	Validity	Valid
thdwfm.nicecloudsvc.com Amazon RSA 2048 M02	`2023-06-15` - `2024-07-13`	a year	crt.sh
identity.homedepot.com Entrust Certification Authority - L1K	`2022-09-06` - `2023-09-21`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://thdsaml.homedepot.com/idp/0mV3f/resumeSAML20/idp/SSO.ping
Frame ID: D1169AD7F0BDFBC945C517E1D149688D
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

THD Identity - THD Account Sign On

Page URL History Show full URLs

https://thdwfm.nicecloudsvc.com/ Page URL
https://thdwfm.nicecloudsvc.com/wfmws/services/rs/saml/sp/login?customerOid=customer1 Page URL
https://thdsaml.homedepot.com/idp/SSO.saml2 HTTP 302
https://thdsaml.homedepot.com/idp/0mV3f/resumeSAML20/idp/SSO.ping Page URL

Page Statistics

18
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

1277 kB
Transfer

4010 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://thdwfm.nicecloudsvc.com/ Page URL
https://thdwfm.nicecloudsvc.com/wfmws/services/rs/saml/sp/login?customerOid=customer1 Page URL
https://thdsaml.homedepot.com/idp/SSO.saml2 HTTP 302
https://thdsaml.homedepot.com/idp/0mV3f/resumeSAML20/idp/SSO.ping Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
thdwfm.nicecloudsvc.com/ 4 KB
2 KB 368ms
122ms Document
text/html 13.248.201.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://thdwfm.nicecloudsvc.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.201.231 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a09dfbfdc695b68f2.awsglobalaccelerator.com

Software

Apache /

Resource Hash

a337a7167443b868097359a250fc478d9606d042072a02a3dfb956c81cdeb702

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'; default-src 'self' ; img-src 'self' data:; media-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; frame-ancestors 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 1529
content-security-policy: object-src 'none'; default-src 'self' ; img-src 'self' data:; media-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; frame-ancestors 'self' ;
content-type: text/html
date: Mon, 14 Aug 2023 18:12:22 GMT
etag: W/"3947-1683114488000-gzip"
expires: 0
last-modified: Wed, 03 May 2023 11:48:08 GMT
referrer-policy: strict-origin-when-cross-origin
server: Apache
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 runtime.10816e60618a129322df.js Show response
thdwfm.nicecloudsvc.com/wfm/ 11 KB
6 KB 119ms
118ms Script
text/javascript 13.248.201.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://thdwfm.nicecloudsvc.com/wfm/runtime.10816e60618a129322df.js

Requested by

Host: thdwfm.nicecloudsvc.com
URL: https://thdwfm.nicecloudsvc.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.201.231 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a09dfbfdc695b68f2.awsglobalaccelerator.com

Software

Apache /

Resource Hash

098b01991fe3a680838d0080de7547ec36214cdccbd0429e9bfcd94edc49fcea

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'; default-src 'self' ; img-src 'self' data:; media-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; frame-ancestors 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thdwfm.nicecloudsvc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 18:12:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: object-src 'none'; default-src 'self' ; img-src 'self' data:; media-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; frame-ancestors 'self' ;
content-encoding: gzip
content-length: 5435
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 03 May 2023 11:48:06 GMT
server: Apache
etag: W/"10976-1683114486000-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=172800, public
accept-ranges: bytes
expires: 0

GET
H2 200 polyfills.371aca51cb443f39aee1.js Show response
thdwfm.nicecloudsvc.com/wfm/ 101 KB
33 KB 118ms
117ms Script
text/javascript 13.248.201.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://thdwfm.nicecloudsvc.com/wfm/polyfills.371aca51cb443f39aee1.js

Requested by

Host: thdwfm.nicecloudsvc.com
URL: https://thdwfm.nicecloudsvc.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.201.231 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a09dfbfdc695b68f2.awsglobalaccelerator.com

Software

Apache /

Resource Hash

8adbfb21558894e553577ef5dd9df8699c80c50c8e3e031d72fac53c5ab2f3af

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'; default-src 'self' ; img-src 'self' data:; media-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; frame-ancestors 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thdwfm.nicecloudsvc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 18:12:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: object-src 'none'; default-src 'self' ; img-src 'self' data:; media-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; frame-ancestors 'self' ;
content-encoding: gzip
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 03 May 2023 11:48:06 GMT
server: Apache
etag: W/"103196-1683114486000-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=172800, public
accept-ranges: bytes
expires: 0

GET
H2 200 main.a602120c6bb22d4532c8.js Show response
thdwfm.nicecloudsvc.com/wfm/ 3 MB
642 KB 297ms
296ms Script
text/javascript 13.248.201.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://thdwfm.nicecloudsvc.com/wfm/main.a602120c6bb22d4532c8.js

Requested by

Host: thdwfm.nicecloudsvc.com
URL: https://thdwfm.nicecloudsvc.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.201.231 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a09dfbfdc695b68f2.awsglobalaccelerator.com

Software

Apache /

Resource Hash

d2c96bd8b87b0d8dd12c45da6b41080229fffe7c12e37cb945392414b5304ce4

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'; default-src 'self' ; img-src 'self' data:; media-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; frame-ancestors 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thdwfm.nicecloudsvc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 18:12:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: object-src 'none'; default-src 'self' ; img-src 'self' data:; media-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; frame-ancestors 'self' ;
content-encoding: gzip
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 03 May 2023 11:48:06 GMT
server: Apache
etag: W/"2795566-1683114486000-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=172800, public
accept-ranges: bytes
expires: 0

GET
H2 200 styles.60f075dab4cefc35e5bd.css
thdwfm.nicecloudsvc.com/wfm/ 629 KB
95 KB 119ms
119ms Stylesheet
text/css 13.248.201.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://thdwfm.nicecloudsvc.com/wfm/styles.60f075dab4cefc35e5bd.css

Requested by

Host: thdwfm.nicecloudsvc.com
URL: https://thdwfm.nicecloudsvc.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.201.231 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a09dfbfdc695b68f2.awsglobalaccelerator.com

Software

Apache /

Resource Hash

9f96fd666fccc97cb70571289d644ba7329546abd22adea0e7459a4747366c1c

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'; default-src 'self' ; img-src 'self' data:; media-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; frame-ancestors 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thdwfm.nicecloudsvc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 18:12:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: object-src 'none'; default-src 'self' ; img-src 'self' data:; media-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; frame-ancestors 'self' ;
content-encoding: gzip
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 03 May 2023 11:48:06 GMT
server: Apache
etag: W/"644009-1683114486000-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=172800, public
accept-ranges: bytes
expires: 0

GET truncated
/ 0
0

GET
H2 200 en.json
thdwfm.nicecloudsvc.com/wfm/assets/i18n/ 57 KB
13 KB 120ms
119ms XHR
application/json 13.248.201.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://thdwfm.nicecloudsvc.com/wfm/assets/i18n/en.json

Requested by

Host: thdwfm.nicecloudsvc.com
URL: https://thdwfm.nicecloudsvc.com/wfm/polyfills.371aca51cb443f39aee1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.201.231 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a09dfbfdc695b68f2.awsglobalaccelerator.com

Software

Apache /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'; default-src 'self' ; img-src 'self' data:; media-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; frame-ancestors 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://thdwfm.nicecloudsvc.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
wfm_csrf_token

Response headers

date: Mon, 14 Aug 2023 18:12:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: object-src 'none'; default-src 'self' ; img-src 'self' data:; media-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; frame-ancestors 'self' ;
content-encoding: gzip
content-length: 12795
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 03 May 2023 11:48:08 GMT
server: Apache
etag: W/"58034-1683114488000-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
expires: 0

GET
H2 200 tenantdetail
thdwfm.nicecloudsvc.com/wfmws/services/rs/auth/ 580 B
997 B 123ms
123ms XHR
application/json 13.248.201.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://thdwfm.nicecloudsvc.com/wfmws/services/rs/auth/tenantdetail?domain=thdwfm.nicecloudsvc.com

Requested by

Host: thdwfm.nicecloudsvc.com
URL: https://thdwfm.nicecloudsvc.com/wfm/polyfills.371aca51cb443f39aee1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.201.231 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a09dfbfdc695b68f2.awsglobalaccelerator.com

Software

Apache /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'; default-src 'self' ; img-src 'self' data:; media-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; frame-ancestors 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://thdwfm.nicecloudsvc.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
wfm_csrf_token

Response headers

date: Mon, 14 Aug 2023 18:12:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
content-encoding: gzip
server: Apache
content-security-policy: object-src 'none'; default-src 'self' ; img-src 'self' data:; media-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; frame-ancestors 'self' ;
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
x-wfmws-stats: requests=405;avg=7;min=6;max=122;last=6
content-length: 380
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 i18n15.a39de0432b4036fba7ff.js
thdwfm.nicecloudsvc.com/wfm/ 1 KB
1 KB 116ms
116ms Script
text/javascript 13.248.201.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://thdwfm.nicecloudsvc.com/wfm/i18n15.a39de0432b4036fba7ff.js

Requested by

Host: thdwfm.nicecloudsvc.com
URL: https://thdwfm.nicecloudsvc.com/wfm/runtime.10816e60618a129322df.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.201.231 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a09dfbfdc695b68f2.awsglobalaccelerator.com

Software

Apache /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'; default-src 'self' ; img-src 'self' data:; media-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; frame-ancestors 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thdwfm.nicecloudsvc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 18:12:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: object-src 'none'; default-src 'self' ; img-src 'self' data:; media-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; frame-ancestors 'self' ;
content-encoding: gzip
content-length: 729
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 03 May 2023 11:48:06 GMT
server: Apache
etag: W/"1319-1683114486000-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=172800, public
accept-ranges: bytes
expires: 0

GET
H2 200 collapse-menu.png
thdwfm.nicecloudsvc.com/wfm/assets/images/icons/ 178 B
749 B 117ms
116ms Image
image/png 13.248.201.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thdwfm.nicecloudsvc.com/wfm/assets/images/icons/collapse-menu.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.201.231 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a09dfbfdc695b68f2.awsglobalaccelerator.com

Software

Apache /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'; default-src 'self' ; img-src 'self' data:; media-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; frame-ancestors 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thdwfm.nicecloudsvc.com/wfm/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 18:12:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: object-src 'none'; default-src 'self' ; img-src 'self' data:; media-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; frame-ancestors 'self' ;
content-encoding: gzip
content-length: 197
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 03 May 2023 11:48:08 GMT
server: Apache
etag: W/"178-1683114488000-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=172800, public
accept-ranges: bytes
expires: 0

GET
H2 200 menu-home.svg
thdwfm.nicecloudsvc.com/wfm/assets/images/icons/ 737 B
990 B 118ms
117ms Image
image/svg+xml 13.248.201.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thdwfm.nicecloudsvc.com/wfm/assets/images/icons/menu-home.svg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.201.231 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a09dfbfdc695b68f2.awsglobalaccelerator.com

Software

Apache /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'; default-src 'self' ; img-src 'self' data:; media-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; frame-ancestors 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thdwfm.nicecloudsvc.com/wfm/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 18:12:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: object-src 'none'; default-src 'self' ; img-src 'self' data:; media-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; frame-ancestors 'self' ;
content-encoding: gzip
content-length: 434
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 03 May 2023 11:48:08 GMT
server: Apache
etag: W/"737-1683114488000-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=172800, public
accept-ranges: bytes
expires: 0

GET
H2 200 login
thdwfm.nicecloudsvc.com/wfmws/services/rs/saml/sp/ 2 KB
2 KB 127ms
126ms Document
text/html 13.248.201.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://thdwfm.nicecloudsvc.com/wfmws/services/rs/saml/sp/login?customerOid=customer1

Requested by

Host: thdwfm.nicecloudsvc.com
URL: https://thdwfm.nicecloudsvc.com/wfm/main.a602120c6bb22d4532c8.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.201.231 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a09dfbfdc695b68f2.awsglobalaccelerator.com

Software

Apache /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'; default-src 'self' ; img-src 'self' data:; media-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; frame-ancestors 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://thdwfm.nicecloudsvc.com/wfm/login
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 1041
content-security-policy: object-src 'none'; default-src 'self' ; img-src 'self' data:; media-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; frame-ancestors 'self' ;
content-type: text/html;charset=UTF-8
date: Mon, 14 Aug 2023 18:12:23 GMT
expires: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: Apache
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-wfmws-stats: requests=209;avg=13;min=2;max=707;last=9
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

Primary Request SSO.ping Show response
thdsaml.homedepot.com/idp/0mV3f/resumeSAML20/idp/
Redirect Chain

https://thdsaml.homedepot.com/idp/SSO.saml2
https://thdsaml.homedepot.com/idp/0mV3f/resumeSAML20/idp/SSO.ping

5 KB
6 KB

165ms
164ms

Document
text/html

207.11.34.177
HOMEDEPOTNET

General

Check archive.org

Show headers Download Go to

Full URL

https://thdsaml.homedepot.com/idp/0mV3f/resumeSAML20/idp/SSO.ping

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

207.11.34.177 , United States, ASN10967 (HOMEDEPOTNET, US),

Reverse DNS

Software

Apache /

Resource Hash

5cee9cf924fc0f8c4162b765ad6d498db0a12ce52564aba94996357db7a87504

Security Headers

Name	Value
Content-Security-Policy	script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src 'self'; style-src 'self'; base-uri 'self'; object-src 'self'; frame-ancestors 'self' https://.visualforce.com https://.force.com .apps.homedepot.com https://.visual.force.com https://*.homedepot.com ;
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://thdwfm.nicecloudsvc.com
Referer: https://thdwfm.nicecloudsvc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store
Connection: Keep-Alive
Content-Length: 5467
Content-Security-Policy: script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src 'self'; style-src 'self'; base-uri 'self'; object-src 'self'; frame-ancestors 'self' https://*.visualforce.com https://*.force.com *.apps.homedepot.com https://*.visual.force.com https://*.homedepot.com ;
Content-Type: text/html;charset=utf-8
Date: Mon, 14 Aug 2023 18:12:25 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=10, max=99
Pragma: no-cache
Referrer-Policy: origin
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains;
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

Redirect headers

Cache-Control: no-cache, no-store
Connection: Keep-Alive
Content-Length: 0
Content-Security-Policy: script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src 'self'; style-src 'self'; base-uri 'self'; object-src 'self'; frame-ancestors 'self' https://*.visualforce.com https://*.force.com *.apps.homedepot.com https://*.visual.force.com https://*.homedepot.com ;
Content-Type: text/html;charset=utf-8
Date: Mon, 14 Aug 2023 18:12:25 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=10, max=100
Location: https://thdsaml.homedepot.com/idp/0mV3f/resumeSAML20/idp/SSO.ping
Pragma: no-cache
Referrer-Policy: origin
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains;
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK runtime.js Show response
thdsaml.homedepot.com/assets/thd-identity/scripts/ 1 KB
2 KB 337ms
337ms Script
application/javascript 207.11.34.177
HOMEDEPOTNET

General

Check archive.org

Show headers Download Go to

Full URL

https://thdsaml.homedepot.com/assets/thd-identity/scripts/runtime.js

Requested by

Host: thdsaml.homedepot.com
URL: https://thdsaml.homedepot.com/idp/0mV3f/resumeSAML20/idp/SSO.ping

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

207.11.34.177 , United States, ASN10967 (HOMEDEPOTNET, US),

Reverse DNS

Software

Apache /

Resource Hash

39d9c7792979adf98e35223b86bb2519c8f57cab682e71f4f435ab6a5a7f399e

Security Headers

Name	Value
Content-Security-Policy	script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src 'self'; style-src 'self'; base-uri 'self'; object-src 'self'; frame-ancestors 'self' https://.visualforce.com https://.force.com .apps.homedepot.com https://.visual.force.com https://*.homedepot.com ;
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thdsaml.homedepot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 18:12:26 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains;
Referrer-Policy: origin
Content-Security-Policy: script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src 'self'; style-src 'self'; base-uri 'self'; object-src 'self'; frame-ancestors 'self' https://*.visualforce.com https://*.force.com *.apps.homedepot.com https://*.visual.force.com https://*.homedepot.com ;
Last-Modified: Thu, 03 Aug 2023 04:07:04 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=10, max=98
Content-Length: 1471
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK core-js.js Show response
thdsaml.homedepot.com/assets/thd-identity/scripts/ 153 KB
154 KB 295ms
295ms Script
application/javascript 207.11.34.177
HOMEDEPOTNET

General

Check archive.org

Show headers Download Go to

Full URL

https://thdsaml.homedepot.com/assets/thd-identity/scripts/core-js.js

Requested by

Host: thdsaml.homedepot.com
URL: https://thdsaml.homedepot.com/idp/0mV3f/resumeSAML20/idp/SSO.ping

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

207.11.34.177 , United States, ASN10967 (HOMEDEPOTNET, US),

Reverse DNS

Software

Apache /

Resource Hash

63c554fb247650b48af05904b9050843f1f6750a12c65ebd1088208b31426208

Security Headers

Name	Value
Content-Security-Policy	script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src 'self'; style-src 'self'; base-uri 'self'; object-src 'self'; frame-ancestors 'self' https://.visualforce.com https://.force.com .apps.homedepot.com https://.visual.force.com https://*.homedepot.com ;
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thdsaml.homedepot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 18:12:26 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains;
Referrer-Policy: origin
Content-Security-Policy: script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src 'self'; style-src 'self'; base-uri 'self'; object-src 'self'; frame-ancestors 'self' https://*.visualforce.com https://*.force.com *.apps.homedepot.com https://*.visual.force.com https://*.homedepot.com ;
Last-Modified: Thu, 03 Aug 2023 04:06:48 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=10, max=100
Content-Length: 156677
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK login.js Show response
thdsaml.homedepot.com/assets/thd-identity/scripts/ 85 KB
86 KB 464ms
168ms Script
application/javascript 207.11.34.177
HOMEDEPOTNET

General

Check archive.org

Show headers Download Go to

Full URL

https://thdsaml.homedepot.com/assets/thd-identity/scripts/login.js

Requested by

Host: thdsaml.homedepot.com
URL: https://thdsaml.homedepot.com/idp/0mV3f/resumeSAML20/idp/SSO.ping

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

207.11.34.177 , United States, ASN10967 (HOMEDEPOTNET, US),

Reverse DNS

Software

Apache /

Resource Hash

56e423ff5cf12e310014bb75f29f9b62d3ee704c7a28dbc551fdb986b0421f79

Security Headers

Name	Value
Content-Security-Policy	script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src 'self'; style-src 'self'; base-uri 'self'; object-src 'self'; frame-ancestors 'self' https://.visualforce.com https://.force.com .apps.homedepot.com https://.visual.force.com https://*.homedepot.com ;
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thdsaml.homedepot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 18:12:26 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains;
Referrer-Policy: origin
Content-Security-Policy: script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src 'self'; style-src 'self'; base-uri 'self'; object-src 'self'; frame-ancestors 'self' https://*.visualforce.com https://*.force.com *.apps.homedepot.com https://*.visual.force.com https://*.homedepot.com ;
Last-Modified: Thu, 03 Aug 2023 04:08:05 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=10, max=100
Content-Length: 87072
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK login.css
thdsaml.homedepot.com/assets/thd-identity/css/ 199 KB
200 KB 607ms
308ms Stylesheet
text/css 207.11.34.177
HOMEDEPOTNET

General

Check archive.org

Show headers Download Go to

Full URL

https://thdsaml.homedepot.com/assets/thd-identity/css/login.css

Requested by

Host: thdsaml.homedepot.com
URL: https://thdsaml.homedepot.com/idp/0mV3f/resumeSAML20/idp/SSO.ping

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

207.11.34.177 , United States, ASN10967 (HOMEDEPOTNET, US),

Reverse DNS

Software

Apache /

Resource Hash

5195c95d50422264793f261ba52bf65d9c62b3221f0d701a4d0ceca8c25711d6

Security Headers

Name	Value
Content-Security-Policy	script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src 'self'; style-src 'self'; base-uri 'self'; object-src 'self'; frame-ancestors 'self' https://.visualforce.com https://.force.com .apps.homedepot.com https://.visual.force.com https://*.homedepot.com ;
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thdsaml.homedepot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 18:12:26 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains;
Referrer-Policy: origin
Content-Security-Policy: script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src 'self'; style-src 'self'; base-uri 'self'; object-src 'self'; frame-ancestors 'self' https://*.visualforce.com https://*.force.com *.apps.homedepot.com https://*.visual.force.com https://*.homedepot.com ;
Last-Modified: Thu, 03 Aug 2023 04:06:47 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=0, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=10, max=100
Content-Length: 203847
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK thd-logo.svg
thdsaml.homedepot.com/assets/thd-identity/images/ 15 KB
15 KB 676ms
372ms Image
image/svg+xml 207.11.34.177
HOMEDEPOTNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thdsaml.homedepot.com/assets/thd-identity/images/thd-logo.svg

Requested by

Host: thdsaml.homedepot.com
URL: https://thdsaml.homedepot.com/idp/0mV3f/resumeSAML20/idp/SSO.ping

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

207.11.34.177 , United States, ASN10967 (HOMEDEPOTNET, US),

Reverse DNS

Software

Apache /

Resource Hash

81812d294295c166da8a663f1c8610713c52292c3abedee1edf33fcbdef699e4

Security Headers

Name	Value
Content-Security-Policy	script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src 'self'; style-src 'self'; base-uri 'self'; object-src 'self'; frame-ancestors 'self' https://.visualforce.com https://.force.com .apps.homedepot.com https://.visual.force.com https://*.homedepot.com ;
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thdsaml.homedepot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 18:12:26 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains;
Referrer-Policy: origin
Content-Security-Policy: script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src 'self'; style-src 'self'; base-uri 'self'; object-src 'self'; frame-ancestors 'self' https://*.visualforce.com https://*.force.com *.apps.homedepot.com https://*.visual.force.com https://*.homedepot.com ;
Last-Modified: Thu, 03 Aug 2023 04:07:20 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Cache-Control: max-age=0, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=10, max=100
Content-Length: 14998
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK open-sans-latin-400-normal.woff2
thdsaml.homedepot.com/assets/thd-identity/fonts/ 16 KB
17 KB 481ms
480ms Font
font/woff2 207.11.34.177
HOMEDEPOTNET

General

Check archive.org

Show headers Download Go to

Full URL

https://thdsaml.homedepot.com/assets/thd-identity/fonts/open-sans-latin-400-normal.woff2

Requested by

Host: thdsaml.homedepot.com
URL: https://thdsaml.homedepot.com/assets/thd-identity/css/login.css

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

207.11.34.177 , United States, ASN10967 (HOMEDEPOTNET, US),

Reverse DNS

Software

Apache /

Resource Hash

cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0

Security Headers

Name	Value
Content-Security-Policy	script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src 'self'; style-src 'self'; base-uri 'self'; object-src 'self'; frame-ancestors 'self' https://.visualforce.com https://.force.com .apps.homedepot.com https://.visual.force.com https://*.homedepot.com ;
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://thdsaml.homedepot.com/
Origin: https://thdsaml.homedepot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 14 Aug 2023 18:12:28 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains;
Referrer-Policy: origin
Content-Security-Policy: script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src 'self'; style-src 'self'; base-uri 'self'; object-src 'self'; frame-ancestors 'self' https://*.visualforce.com https://*.force.com *.apps.homedepot.com https://*.visual.force.com https://*.homedepot.com ;
Last-Modified: Thu, 03 Aug 2023 04:07:21 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: font/woff2
Cache-Control: max-age=0, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=10, max=99
Content-Length: 16692
X-XSS-Protection: 1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: truncated
URL: data:truncated

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
thdwfm.nicecloudsvc.com/wfmws	1969-12-31 23:59:59	Name: JSESSIONID Value: RlEuE-KEsr2Y2koRh5fleJ2D.web14
thdwfm.nicecloudsvc.com/	1969-12-31 23:59:59	Name: wfm_cookies Value: true
.homedepot.com/	1969-12-31 23:59:59	Name: PF Value: KqstWYo2gXlwKvQUfzXIyHytk3gH9g6mPjkyj30xYwTw

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://thdwfm.nicecloudsvc.com/ Message: Refused to load the font 'data:application/font-woff;charset=utf-8;base64,d09GRgABAAAAABWoAAsAAAAAJ9AAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAABHU1VCAAABCAAAAmYAAAR2ZcBn9U9TLzIAAANwAAAAQQAAAFZWUVMIY21hcAAAA7QAAAIcAAAFnIMq5ipnbHlmAAAF0AAAC80AABVszjC1ZWhlYWQAABGgAAAANAAAADZ2zsSBaGhlYQAAEdQAAAAeAAAAJAfSBDFobXR4AAAR9AAAABcAAAE0xzj/+2xvY2EAABIMAAAAdQAAAJwYJx3EbWF4cAAAEoQAAAAfAAAAIAFjAKpuYW1lAAASpAAAATUAAAJG5xgJvXBvc3QAABPcAAAByQAAAqgIzxhUeJx9lEtyElEUhv+mm0gCJilFjRhjovEVXzF2uhuaRx4QEDJwYFkOnMSyyrKKcsQ6XIAryNAVuAAHrsAFOHDo2PK7h0ZMBuEWze3z+M9//3Mu8iT...EOs8qQI6xxlGMcZ50TnOQUpznDWc5xngtc5BKXucJVrnGdG9zkFre5w10y7nGfB2zwkEc85glPecZzXvCSV7zmDW95x3s+8JFPfOYLX/nGd37wk1/8ZpM/rYEoCqcKEbQ1HeGcnfq28LIjhZGqTOVYuDCUYyW3t+wsmwOVr+8L2uQqKFdpI4Ja25cbs9e5Im1pXVbrSFw3kqYyvi+tCU7IoPJE2nonlc5635Z+ksaTbSS58jJVsxigO7+zjZ6a1SLOypfVjsp8Kfy4HVFnpMs4Ph1p50NSOF2nhbNNncSGkJRqFDqlNjFHt7Qi16boVWKmK72rkkqZphdzL5hRs5AYa9TA2JCJsrRTlad1dFHtWpu01hMberVTE20bP3TRzGZbTQjWZHY0Wj0omNTpYhwSLyaq76tol+V2avbgv1iDBZy39RY4pg5xTWvBKXVwr8tzydbK9BqzeA+CAocioLEYpngkJWO22WIW/0ZORUPNDhNG7LZafwFegLa2AAAA' because it violates the following Content Security Policy directive: "default-src 'self'". Note that 'font-src' was not explicitly set, so 'default-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	object-src 'none'; default-src 'self' ; img-src 'self' data:; media-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'; frame-ancestors 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

thdsaml.homedepot.com
thdwfm.nicecloudsvc.com
truncated
truncated
13.248.201.231
207.11.34.177
098b01991fe3a680838d0080de7547ec36214cdccbd0429e9bfcd94edc49fcea
39d9c7792979adf98e35223b86bb2519c8f57cab682e71f4f435ab6a5a7f399e
5195c95d50422264793f261ba52bf65d9c62b3221f0d701a4d0ceca8c25711d6
56e423ff5cf12e310014bb75f29f9b62d3ee704c7a28dbc551fdb986b0421f79
5cee9cf924fc0f8c4162b765ad6d498db0a12ce52564aba94996357db7a87504
63c554fb247650b48af05904b9050843f1f6750a12c65ebd1088208b31426208
81812d294295c166da8a663f1c8610713c52292c3abedee1edf33fcbdef699e4
8adbfb21558894e553577ef5dd9df8699c80c50c8e3e031d72fac53c5ab2f3af
9f96fd666fccc97cb70571289d644ba7329546abd22adea0e7459a4747366c1c
a337a7167443b868097359a250fc478d9606d042072a02a3dfb956c81cdeb702
cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0
d2c96bd8b87b0d8dd12c45da6b41080229fffe7c12e37cb945392414b5304ce4

thdsaml.homedepot.com Open in urlscan Pro 207.11.34.177 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

18 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

1 Countries

1277 kBTransfer

4010 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

3 Cookies

1 Console Messages

Security Headers

Indicators

thdsaml.homedepot.com Open in urlscan Pro
207.11.34.177 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

1277 kB
Transfer

4010 kB
Size

3
Cookies

18 HTTP transactions
1 data transactions