urlscan.io logo urlscan.io
SecurityTrails logo

na1.salesforce.com Open in urlscan Pro
13.110.252.226  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://retinaodr.com/favicon.ico
Effective URL: https://na1.salesforce.com/secur/login_portal.jsp?orgId=00D30000000KPNj
Submission: On April 13 via api from GB — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 8 HTTP transactions. The main IP is 13.110.252.226, located in United States and belongs to SALESFORCE, US. The main domain is na1.salesforce.com. The Cisco Umbrella rank of the primary domain is 398326.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on July 9th 2021. Valid for: a year.
This is the only time na1.salesforce.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 162.116.190.157 62763 (ABBVIE)
1 8 13.110.252.226 14340 (SALESFORCE)
8 2
Apex Domain
Subdomains		 Transfer
8 salesforce.com
na1.salesforce.com — Cisco Umbrella Rank: 398326
48 KB
1 retinaodr.com
retinaodr.com
174 B
8 2
Domain Requested by
8 na1.salesforce.com 1 redirects na1.salesforce.com
1 retinaodr.com 1 redirects
8 2

This site contains no links.

Subject Issuer Validity Valid
*.salesforce.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-09 -
2022-07-08		 a year crt.sh

This page contains 1 frames:

Primary Page: https://na1.salesforce.com/secur/login_portal.jsp?orgId=00D30000000KPNj
Frame ID: AB8B54D17A4D9301A4759F4C9E057215
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Secure Customer Login

Page URL History Show full URLs

  1. http://retinaodr.com/favicon.ico HTTP 301
    http://na1.salesforce.com/secur/login_portal.jsp?orgId=00D30000000KPNj HTTP 301
    https://na1.salesforce.com/secur/login_portal.jsp?orgId=00D30000000KPNj Page URL

Page Statistics

8
Requests

88 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

47 kB
Transfer

224 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://retinaodr.com/favicon.ico HTTP 301
    http://na1.salesforce.com/secur/login_portal.jsp?orgId=00D30000000KPNj HTTP 301
    https://na1.salesforce.com/secur/login_portal.jsp?orgId=00D30000000KPNj Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login_portal.jsp
na1.salesforce.com/secur/
Redirect Chain
  • http://retinaodr.com/favicon.ico
  • http://na1.salesforce.com/secur/login_portal.jsp?orgId=00D30000000KPNj
  • https://na1.salesforce.com/secur/login_portal.jsp?orgId=00D30000000KPNj
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://na1.salesforce.com/secur/login_portal.jsp?orgId=00D30000000KPNj
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.110.252.226 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl4-ncg1-c6-iad5.viv-ia5.salesforce.com
Software
/
Resource Hash
d3dae0b8d2c29c1e926bbcfb7c6910f690b55ddd03f08c1cc1a08b1961355a7c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache,must-revalidate,max-age=0,no-store,private
Content-Encoding
gzip
Content-Security-Policy
upgrade-insecure-requests
Content-Type
text/html; charset=UTF-8
Date
Wed, 13 Apr 2022 14:32:45 GMT
Referrer-Policy
origin-when-cross-origin
Strict-Transport-Security
max-age=63072000; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Robots-Tag
none
X-XSS-Protection
1; mode=block

Redirect headers

Cache-Control
no-cache,must-revalidate,max-age=0,no-store,private
Content-Security-Policy
upgrade-insecure-requests
Date
Wed, 13 Apr 2022 14:32:45 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://na1.salesforce.com/secur/login_portal.jsp?orgId=00D30000000KPNj
Referrer-Policy
origin-when-cross-origin
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Robots-Tag
none
X-XSS-Protection
1; mode=block
elements.css
na1.salesforce.com/sCSS/54.0/sprites/1641822910000/PortalDefault/default/gc/ 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://na1.salesforce.com/sCSS/54.0/sprites/1641822910000/PortalDefault/default/gc/elements.css
Requested by
Host: na1.salesforce.com
URL: https://na1.salesforce.com/secur/login_portal.jsp?orgId=00D30000000KPNj
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.110.252.226 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl4-ncg1-c6-iad5.viv-ia5.salesforce.com
Software
/
Resource Hash
2d06786c844e812828859f64bfbfe42c854347a9b6aabccaa81aeb33289bd6bb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://na1.salesforce.com/secur/login_portal.jsp?orgId=00D30000000KPNj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Wed, 13 Apr 2022 14:32:45 GMT
Content-Encoding
gzip
Referrer-Policy
origin-when-cross-origin
Last-Modified
Mon, 10 Jan 2022 13:55:10 GMT
X-Robots-Tag
none
Strict-Transport-Security
max-age=63072000; includeSubDomains
P3P
CP="CUR OTR STA"
Cache-Control
public,max-age=3888000
X-Content-Type-Options
nosniff
Content-Type
text/css
Vary
Accept-Encoding
Content-Length
4902
X-XSS-Protection
1; mode=block
Expires
Sat, 28 May 2022 14:32:45 GMT
common.css
na1.salesforce.com/sCSS/54.0/sprites/1641822910000/PortalDefault/default/gc/ 		191 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://na1.salesforce.com/sCSS/54.0/sprites/1641822910000/PortalDefault/default/gc/common.css
Requested by
Host: na1.salesforce.com
URL: https://na1.salesforce.com/secur/login_portal.jsp?orgId=00D30000000KPNj
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.110.252.226 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl4-ncg1-c6-iad5.viv-ia5.salesforce.com
Software
/
Resource Hash
8eb05ff6edd5ca95e49449798aa41c12e10c00eadb656a81162d450a532a91a2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://na1.salesforce.com/secur/login_portal.jsp?orgId=00D30000000KPNj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Wed, 13 Apr 2022 14:32:45 GMT
Content-Encoding
gzip
Referrer-Policy
origin-when-cross-origin
Last-Modified
Mon, 10 Jan 2022 13:55:10 GMT
X-Robots-Tag
none
Strict-Transport-Security
max-age=63072000; includeSubDomains
P3P
CP="CUR OTR STA"
Cache-Control
public,max-age=3888000
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
Content-Type
text/css
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Expires
Sat, 28 May 2022 14:32:45 GMT
extended.css
na1.salesforce.com/sCSS/54.0/sprites/1641822910000/PortalDefault/default/gc/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://na1.salesforce.com/sCSS/54.0/sprites/1641822910000/PortalDefault/default/gc/extended.css
Requested by
Host: na1.salesforce.com
URL: https://na1.salesforce.com/secur/login_portal.jsp?orgId=00D30000000KPNj
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.110.252.226 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl4-ncg1-c6-iad5.viv-ia5.salesforce.com
Software
/
Resource Hash
eb77f2c31d23d23a2644aeee9ab267fa02c42d9c1701ff0142042a4871fece11
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://na1.salesforce.com/secur/login_portal.jsp?orgId=00D30000000KPNj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Wed, 13 Apr 2022 14:32:46 GMT
Content-Encoding
gzip
Referrer-Policy
origin-when-cross-origin
Last-Modified
Mon, 10 Jan 2022 13:55:10 GMT
X-Robots-Tag
none
Strict-Transport-Security
max-age=63072000; includeSubDomains
P3P
CP="CUR OTR STA"
Cache-Control
public,max-age=3888000
X-Content-Type-Options
nosniff
Content-Type
text/css
Vary
Accept-Encoding
Content-Length
1484
X-XSS-Protection
1; mode=block
Expires
Sat, 28 May 2022 14:32:46 GMT
portal.css
na1.salesforce.com/sCSS/54.0/1649860365000/PortalDefault/00D30000000KPNj/000000000000000/gc/ 		0
0
login.js
na1.salesforce.com/static/111213/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://na1.salesforce.com/static/111213/js/login.js
Requested by
Host: na1.salesforce.com
URL: https://na1.salesforce.com/secur/login_portal.jsp?orgId=00D30000000KPNj
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.110.252.226 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl4-ncg1-c6-iad5.viv-ia5.salesforce.com
Software
/
Resource Hash
6308d91387bb5cd67726746e748b450c965505dfed6c31c14877c35ba4326fc5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://na1.salesforce.com/secur/login_portal.jsp?orgId=00D30000000KPNj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Wed, 13 Apr 2022 14:32:46 GMT
Content-Encoding
gzip
Referrer-Policy
origin-when-cross-origin
Last-Modified
Fri, 11 Feb 2011 15:22:36 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
application/x-javascript
Cache-Control
public,max-age=10368000
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
X-Robots-Tag
none
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Expires
Thu, 11 Aug 2022 14:32:46 GMT
s.gif
na1.salesforce.com/ 		43 B
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://na1.salesforce.com/s.gif
Requested by
Host: na1.salesforce.com
URL: https://na1.salesforce.com/secur/login_portal.jsp?orgId=00D30000000KPNj
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.110.252.226 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl4-ncg1-c6-iad5.viv-ia5.salesforce.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://na1.salesforce.com/secur/login_portal.jsp?orgId=00D30000000KPNj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Wed, 13 Apr 2022 14:32:46 GMT
Referrer-Policy
origin-when-cross-origin
Last-Modified
Tue, 27 May 2003 18:28:08 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
image/gif
Cache-Control
public,max-age=10368000
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
X-Robots-Tag
none
X-XSS-Protection
1; mode=block
Expires
Thu, 11 Aug 2022 14:32:46 GMT
bgButton.gif
na1.salesforce.com/img/ 		88 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://na1.salesforce.com/img/bgButton.gif
Requested by
Host: na1.salesforce.com
URL: https://na1.salesforce.com/sCSS/54.0/sprites/1641822910000/PortalDefault/default/gc/common.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.110.252.226 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl4-ncg1-c6-iad5.viv-ia5.salesforce.com
Software
/
Resource Hash
22977162244c7d5907f423e882e0b1d9e9eff9f56a1ea36ae563d3cad4cc1ed7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://na1.salesforce.com/sCSS/54.0/sprites/1641822910000/PortalDefault/default/gc/common.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Wed, 13 Apr 2022 14:32:46 GMT
Referrer-Policy
origin-when-cross-origin
Last-Modified
Sat, 11 Jun 2005 03:04:00 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
image/gif
Cache-Control
public,max-age=10368000
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
X-Robots-Tag
none
X-XSS-Protection
1; mode=block
Expires
Thu, 11 Aug 2022 14:32:46 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
na1.salesforce.com
URL
https://na1.salesforce.com/sCSS/54.0/1649860365000/PortalDefault/00D30000000KPNj/000000000000000/gc/portal.css

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| curPopupWindow function| loader function| handleLogin function| closePopup function| openPopupFocus function| checkCaps

4 Cookies

Domain/Path Name / Value
na1.salesforce.com/ Name: CookieConsentPolicy
Value: 0:0
na1.salesforce.com/ Name: LSKey-c$CookieConsentPolicy
Value: 0:0
.salesforce.com/ Name: BrowserId
Value: lcX337s2Eeyanr0eNgXGRg
.salesforce.com/ Name: BrowserId_sec
Value: lcX337s2Eeyanr0eNgXGRg

1 Console Messages

Source Level URL
Text
security error URL: https://na1.salesforce.com/secur/login_portal.jsp?orgId=00D30000000KPNj
Message:
Refused to apply style from 'https://na1.salesforce.com/sCSS/54.0/1649860365000/PortalDefault/00D30000000KPNj/000000000000000/gc/portal.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block