clinicalink.my.site.com
Open in
urlscan Pro
2a02:26f0:1700:11::b856:6787
Public Scan
Submission Tags: falconsandbox
Submission: On November 30 via api from US — Scanned from DE
Summary
TLS certificate: Issued by DigiCert TLS Hybrid ECC SHA384 2020 CA1 on April 3rd 2022. Valid for: a year.
This is the only time clinicalink.my.site.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
11 | 2a02:26f0:170... 2a02:26f0:1700:11::b856:6787 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
11 | 1 |
ASN20940 (AKAMAI-ASN1, NL)
clinicalink.my.site.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
site.com
clinicalink.my.site.com |
2 MB |
11 | 1 |
Domain | Requested by | |
---|---|---|
11 | clinicalink.my.site.com |
clinicalink.my.site.com
|
11 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
prod.cdn.salesforce-experience.com DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-04-03 - 2023-04-04 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://clinicalink.my.site.com/survey/runtimeApp.app?invitationId=0Ki4T000000DoA4&surveyName=post_case_survey_2_0&UUID=ed1ce319-35d0-4fd4-9893-cf9d8110bfa6
Frame ID: E3A6E6357B14725D4CE2B098D162E19E
Requests: 11 HTTP requests in this frame
Screenshot
Page Title
Survey: post_case_survey_2_0Detected technologies
Akamai Bot Manager (Security) ExpandDetected patterns
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
runtimeApp.app
clinicalink.my.site.com/survey/ |
391 KB 90 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.css
clinicalink.my.site.com/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22survey%3AruntimeApp%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsurvey%3AruntimeApp%22%3A%22lyneM3PAVPni0fc5z7rxPg%2... |
1 MB 131 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aura_prod.js
clinicalink.my.site.com/auraFW/javascript/tr2UlkrAHzi37ijzEeD2UA/ |
798 KB 251 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
appcore.js
clinicalink.my.site.com/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22survey%3AruntimeApp%22%2C%22serializationVersion%22%3A%221-240.1.8-2.20.6-b%22%2C%22parts%22%3A%22t%22%2C%22loaded%22%3A%7B%22A... |
903 KB 140 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.js
clinicalink.my.site.com/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22survey%3AruntimeApp%22%2C%22serializationVersion%22%3A%221-240.1.8-2.20.6-b%22%2C%22parts%22%3A%22t%22%2C%22loaded%22%3A%7B%22A... |
4 MB 853 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
resources.js
clinicalink.my.site.com/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22survey%3AruntimeApp%22%2C%22fwuid%22%3A%22tr2UlkrAHzi37ijzEeD2UA%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsurvey%... |
32 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
aura
clinicalink.my.site.com/ |
79 KB 24 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
aura
clinicalink.my.site.com/ |
4 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
X0Lw4T000000XePSSA0c2397a8f_0c6a_4b9
clinicalink.my.site.com/file-asset-public/ |
11 KB 11 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
aura
clinicalink.my.site.com/ |
1 MB 260 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
aura
clinicalink.my.site.com/ |
2 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
9 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
number| pageStartTime object| Aura object| AuraLocker object| AuraLockerDisabled object| $A object| aura function| DOMPurify function| Router object| picassoSPA7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
clinicalink.my.site.com/ | Name: CookieConsentPolicy Value: 0:1 |
|
clinicalink.my.site.com/ | Name: LSKey-c$CookieConsentPolicy Value: 0:1 |
|
clinicalink.my.site.com/ | Name: BrowserId Value: 4Ec6dXCxEe2NQg_rM1Gdcg |
|
clinicalink.my.site.com/ | Name: BrowserId_sec Value: 4Ec6dXCxEe2NQg_rM1Gdcg |
|
clinicalink.my.site.com/ | Name: sfdc-stream Value: !FPgwI91B26LcBOn65C+XCSbdMcPRW/pSJ6KW6vbBR3HWGqz759qI0sLRUCE35avTaRqyHPOjjjCri7U= |
|
.my.site.com/ | Name: ak_bmsc Value: CA4C04AB6317DEB888817A6B4CAEAB78~000000000000000000000000000000~YAAQh2ZWuOGGJIeEAQAAzOuyyBEqIvhOF2pKgKn9RcQsk0s1IymVBRnD8LNRF2qxDqNLs/nW36FwMdy/PSOt3RAanjHByeuQbxT0+MoMgEne9R5sjVCD7zSJLZk4DB0AHUbCECKFdaF2WR9UbCiaRiPmvdAD2MtilUqXk1uMvcsUlaXE8gaiXbVxwm6hB2p6k3zNMcEe4fRkSSVQaNf3O47wr1QjfA91M3UGwB3CsqE1bp8UcP7Zk1JeuVKuL4PCgZAEb0c93kTMuyeah5vINfvkdEFC1W/gPeP6kFlfCaY3DIsj64hAa+gT7vsbBTRvBzwrDNTTjw6FUaKCnHsLCC/R59XIX5X+NsEor1Q4IvYJLRxUFoqyZbPAnhbsXRXLQSWD9Jcds/mwVh3IL9qGMg5gZgjvPZcxk8P/kZSxZDs= |
|
.my.site.com/ | Name: bm_sv Value: 389C86B67DF7244EFB7F936441534027~YAAQh2ZWuOmJJIeEAQAAOPmyyBHQR0WP90CL2xqrtKqTS1+2Ss1gy8tI8N5geqczoqrKwR/r8TKYanzbZS6GQmVniCUZM33Bch6sOerYfPgNLwISP0quocwAccGJPd9eMqQG8XHFXGpZROIXIDh4WGhHo7zRpejXHAlVYgqFJ8vvwDKxl2j5Z5nU0cqhqGin2MjdfVFlfAb/by0sr6P++OMmllyVCyxvOFfXmFDpsk3x39RQgLrk4fAacbxNfOB0zg==~1 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | upgrade-insecure-requests default-src 'self'; script-src 'self' 'nonce-XnukCyPX9JjCGrLQyC1OxXQ5fvOqg9zF' chrome-extension: 'unsafe-inline' 'unsafe-eval' *.canary.lwc.dev *.vf.force.com blob: https://ssl.gstatic.com/accessibility/; object-src 'self'; style-src 'self' blob: chrome-extension: 'unsafe-inline' https://*.clmfed.docusign.com https://*.clm.docusign.mil https://api.mixpanel.com https://*.springcm.com https://content.instrumentation.getconga.com https://data.instrumentation.getconga.com https://composer.congamerge.com *.vf.force.com; img-src 'self' http: https: data: blob: https://*.clmfed.docusign.com https://*.clm.docusign.mil https://api.mixpanel.com https://*.springcm.com https://content.instrumentation.getconga.com https://data.instrumentation.getconga.com https://composer.congamerge.com *.vf.force.com; media-src 'self' https://*.clmfed.docusign.com https://*.clm.docusign.mil https://api.mixpanel.com https://*.springcm.com https://content.instrumentation.getconga.com https://data.instrumentation.getconga.com https://composer.congamerge.com *.vf.force.com; frame-ancestors 'self'; frame-src blob: https: mailto: https://*.congaplatform.com https://*.clmfed.docusign.com https://*.clm.docusign.mil https://api.mixpanel.com https://*.springcm.com https://content.instrumentation.getconga.com https://data.instrumentation.getconga.com https://composer.congamerge.com *.vf.force.com; font-src 'self' https: data: https://*.clmfed.docusign.com https://*.clm.docusign.mil https://api.mixpanel.com https://*.springcm.com https://content.instrumentation.getconga.com https://data.instrumentation.getconga.com https://composer.congamerge.com *.vf.force.com; connect-src 'self' https://api.bluetail.salesforce.com https://staging.bluetail.salesforce.com https://preprod.bluetail.salesforce.com https://services.congamerge.com https://*.congaplatform.com https://app.launchdarkly.com https://*.clmfed.docusign.com https://*.clm.docusign.mil https://api.mixpanel.com https://*.springcm.com https://content.instrumentation.getconga.com https://data.instrumentation.getconga.com https://composer.congamerge.com blob: *.vf.force.com; base-uri 'self' |
Strict-Transport-Security | max-age=63072000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
clinicalink.my.site.com
2a02:26f0:1700:11::b856:6787
0287913b39c03c3cea0e2ab810c0f34e4a3ea6cd729c86fe970ba6868e759f28
0e438e861f71de91e2530b33ea0fefef43705e4890b31c5d7c015d7d20d158e1
26249f585d3625a87c740e0ae7b29ec47b55477e25a2b900aad136d4adfdce86
33ceb141e4e5d5ec6e4541b65a42fc1596c88a88978422056830e430b0e11670
3a018980b30017a0b8a72d28ee0a7f56909ae29237d8eff8569c1b7d2102451d
3adb223dff7f94e7de254ced8c0ea33e3a5277f4f9ddcce763d2fb12127e518e
60e1226afd6e8a5076db6d67761d20daebace9d24249c3588418e74bff5b79ca
7443b36653b03792e94526a24f523d0410f7559b14725ae394b41f4355fbbe5f
8bb9af6c07cab454d8c6f4bae7b4b64e6ceb4fb6127f9fb263121467f580b683
bba7283f2879d15d2f0307be4f4b12b076a3a79c464be02d0d559dd6a6e90dc6
dbb98d60f1bb88f203c5fc1d767c0651f2e0dcf1291252c130df02aa9d99b5eb