thinklp-5954.cloudforce.com Open in urlscan Pro
13.110.61.191 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://thinklp-5954.cloudforce.com/?c=Ji1m.8Pq3bxMmGURbCv9.PeDKR9cKBqKI7oGCG1.d3ksM4YDO7AGNX4cCVBzDb5Xp.fE_Gu5wf5UtLX9nEwLisxX4tgUB...
Effective URL:
https://thinklp-5954.cloudforce.com/index.jsp?ec=20037&eco=1
Submission: On February 02 via manual (February 2nd 2022, 4:12:26 pm UTC) from US — Scanned from DE

Summary HTTP 22 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 4 IPs in 1 countries across 3 domains to perform 22 HTTP transactions. The main IP is 13.110.61.191, located in United States and belongs to SALESFORCE, US. The main domain is thinklp-5954.cloudforce.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on September 22nd 2021. Valid for: a year.

This is the only time thinklp-5954.cloudforce.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 12	13.110.61.191 13.110.61.191	14340 (SALESFORCE) (SALESFORCE)
1	13.110.62.189 13.110.62.189	14340 (SALESFORCE) (SALESFORCE)
2	136.147.56.44 136.147.56.44	14340 (SALESFORCE) (SALESFORCE)
8	13.109.190.145 13.109.190.145	14340 (SALESFORCE) (SALESFORCE)
3 3	13.110.252.35 13.110.252.35	14340 (SALESFORCE) (SALESFORCE)
22	4

12 13.110.61.191 (United States) 1 redirects

ASN14340 (SALESFORCE, US)
PTR: dcl6-ncg1-c5-iad4.na163-ia4.force.com

thinklp-5954.cloudforce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.110.62.189 (United States)

ASN14340 (SALESFORCE, US)
PTR: dcl7-ncg1-c5-iad4.na163-ia4.salesforce.com

na163.salesforce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 136.147.56.44 (United States)

ASN14340 (SALESFORCE, US)
PTR: dcl1-dfw.login.salesforce.com

login.salesforce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 13.109.190.145 (United States)

ASN14340 (SALESFORCE, US)
PTR: dcl15-ncg1-c5-iad4.na149-ia4.force.com

tlp93demo.secure.force.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tlpdemo--c.na149.content.force.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.110.252.35 (United States) 3 redirects

ASN14340 (SALESFORCE, US)
PTR: dcl1-ncg1-c6-iad5.viv-ia5.force.com

tlpdemo--c.na47.content.force.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	cloudforce.com 1 redirects thinklp-5954.cloudforce.com	62 KB
11	force.com 3 redirects tlp93demo.secure.force.com tlpdemo--c.na47.content.force.com tlpdemo--c.na149.content.force.com	873 KB
3	salesforce.com na163.salesforce.com — Cisco Umbrella Rank: 325964 login.salesforce.com — Cisco Umbrella Rank: 6237	28 KB
22	3

	Domain	Requested by
12	thinklp-5954.cloudforce.com	1 redirects thinklp-5954.cloudforce.com
5	tlp93demo.secure.force.com	thinklp-5954.cloudforce.com tlp93demo.secure.force.com
3	tlpdemo--c.na149.content.force.com	tlp93demo.secure.force.com
3	tlpdemo--c.na47.content.force.com	3 redirects
2	login.salesforce.com	thinklp-5954.cloudforce.com login.salesforce.com
1	na163.salesforce.com	thinklp-5954.cloudforce.com
22	6

This site contains links to these domains. Also see Links.

Domain
www.thinklp.com
www.salesforce.com

Subject Issuer	Validity	Valid
*.na163.force.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.salesforce.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-09` - `2022-07-08`	a year	crt.sh
login.salesforce.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-29` - `2022-07-28`	a year	crt.sh
*.na149.force.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-12` - `2022-05-11`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://thinklp-5954.cloudforce.com/index.jsp?ec=20037&eco=1
Frame ID: FCD5CBAAA172F09A29AC0F76D16C7D79
Requests: 11 HTTP requests in this frame

Frame: https://tlp93demo.secure.force.com/IncidentEntry/LoginPageImages
Frame ID: 4EA22A091773F0827F079A9020366CD7
Requests: 9 HTTP requests in this frame

Frame: https://login.salesforce.com/login/sessionserver212.html
Frame ID: 5390A942D04B2F6FAF2DE4CEDE55C9B6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Anmelden | ThinkLP

Page URL History Show full URLs

https://thinklp-5954.cloudforce.com/?c=Ji1m.8Pq3bxMmGURbCv9.PeDKR9cKBqKI7oGCG1.d3ksM4YDO7AGNX4cCVBzDb5Xp.fE_Gu5w... HTTP 302
https://thinklp-5954.cloudforce.com/index.jsp?ec=20037&eco=1 Page URL

Page Statistics

22
Requests

86 %
HTTPS

0 %
IPv6

3
Domains

6
Subdomains

4
IPs

1
Countries

959 kB
Transfer

1024 kB
Size

6
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://www.thinklp.com/30-day-free-trial-sign-up/
Title: Kostenlos testen

Search URL Search Domain Scan URL

URL: https://www.salesforce.com/de/company/privacy
Title: Datenschutz

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://thinklp-5954.cloudforce.com/?c=Ji1m.8Pq3bxMmGURbCv9.PeDKR9cKBqKI7oGCG1.d3ksM4YDO7AGNX4cCVBzDb5Xp.fE_Gu5wf5UtLX9nEwLisxX4tgUBGubQ8ZlfVJTLXKd8UD72iSt7ogmddqqV3VmuqVMph_j3u2NPOoJCFDeuxlOjI.BkS_WGtj2NFAIxrmE1tcFP1rbpAXILHaiQkIWAOjGqb99 HTTP 302
https://thinklp-5954.cloudforce.com/index.jsp?ec=20037&eco=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://tlpdemo--c.na47.content.force.com/servlet/servlet.ImageServer?id=0154A000023x18A&oid=00DG0000000l29N&lastMod=1570713990000 HTTP 301
https://tlpdemo--c.na149.content.force.com/servlet/servlet.ImageServer?id=0154A000023x18A&oid=00DG0000000l29N&lastMod=1570713990000

Request Chain 18

https://tlpdemo--c.na47.content.force.com/servlet/servlet.ImageServer?id=0154A000023x185&oid=00DG0000000l29N&lastMod=1570713910000 HTTP 301
https://tlpdemo--c.na149.content.force.com/servlet/servlet.ImageServer?id=0154A000023x185&oid=00DG0000000l29N&lastMod=1570713910000

Request Chain 19

https://tlpdemo--c.na47.content.force.com/servlet/servlet.ImageServer?id=0154A000023x18F&oid=00DG0000000l29N&lastMod=1570714022000 HTTP 301
https://tlpdemo--c.na149.content.force.com/servlet/servlet.ImageServer?id=0154A000023x18F&oid=00DG0000000l29N&lastMod=1570714022000

22 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request index.jsp Show response
thinklp-5954.cloudforce.com/
Redirect Chain

https://thinklp-5954.cloudforce.com/?c=Ji1m.8Pq3bxMmGURbCv9.PeDKR9cKBqKI7oGCG1.d3ksM4YDO7AGNX4cCVBzDb5Xp.fE_Gu5wf5UtLX9nEwLisxX4tgUBGubQ8ZlfVJTLXKd8UD72iSt7ogmddqqV3VmuqVMph_j3u2NPOoJCFDeuxlOjI.BkS...
https://thinklp-5954.cloudforce.com/index.jsp?ec=20037&eco=1

9 KB
4 KB

238ms
237ms

Document
text/html

13.110.61.191
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://thinklp-5954.cloudforce.com/index.jsp?ec=20037&eco=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.61.191 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl6-ncg1-c5-iad4.na163-ia4.force.com

Software

Resource Hash

047a62e85d7521a909d3df9cb6d7c4e2e4b1a372dd383da71f2520060bb0ff7b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Wed, 02 Feb 2022 16:12:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: upgrade-insecure-requests frame-ancestors 'none'
X-Robots-Tag: none
Referrer-Policy: origin-when-cross-origin
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Content-Type: text/html; charset=UTF-8
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-FRAME-OPTIONS: DENY
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked

Redirect headers

Date: Wed, 02 Feb 2022 16:12:20 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: upgrade-insecure-requests
X-Robots-Tag: none
Referrer-Policy: origin-when-cross-origin
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Content-Type: text/html; charset=UTF-8
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://thinklp-5954.cloudforce.com/index.jsp?ec=20037&eco=1
Content-Length: 0

GET
H/1.1 200
OK sfdc_210.css
thinklp-5954.cloudforce.com/css/ 15 KB
4 KB 107ms
107ms Stylesheet
text/css 13.110.61.191
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://thinklp-5954.cloudforce.com/css/sfdc_210.css

Requested by

Host: thinklp-5954.cloudforce.com
URL: https://thinklp-5954.cloudforce.com/index.jsp?ec=20037&eco=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.61.191 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl6-ncg1-c5-iad4.na163-ia4.force.com

Software

Resource Hash

6effaae73ce83316d1356ea984e417519743bce7a23982f053b1b8ec82135dae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thinklp-5954.cloudforce.com/index.jsp?ec=20037&eco=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 02 Feb 2022 13:53:27 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 23 May 2017 21:11:38 GMT
Age: 8334
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: text/css
Cache-Control: public,max-age=10368000
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
Content-Length: 3702
X-XSS-Protection: 1; mode=block
Expires: Thu, 02 Jun 2022 13:53:27 GMT

GET
H/1.1 200
OK SfdcSessionBase208.js Show response
thinklp-5954.cloudforce.com/jslibrary/ 16 KB
6 KB 103ms
103ms Script
application/x-javascript 13.110.61.191
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://thinklp-5954.cloudforce.com/jslibrary/SfdcSessionBase208.js

Requested by

Host: thinklp-5954.cloudforce.com
URL: https://thinklp-5954.cloudforce.com/index.jsp?ec=20037&eco=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.61.191 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl6-ncg1-c5-iad4.na163-ia4.force.com

Software

Resource Hash

fb4eef3d49fc2c92b1a223c3b709a9a801d91b662bbee9aa764bd2d8f539b3ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thinklp-5954.cloudforce.com/index.jsp?ec=20037&eco=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 02 Feb 2022 14:02:42 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 01 Feb 2022 21:03:34 GMT
Age: 7779
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=10368000
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
Content-Length: 5920
X-XSS-Protection: 1; mode=block
Expires: Thu, 02 Jun 2022 14:02:42 GMT

GET
H/1.1 200
OK LoginHint208.js Show response
thinklp-5954.cloudforce.com/jslibrary/ 19 KB
6 KB 209ms
106ms Script
application/x-javascript 13.110.61.191
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://thinklp-5954.cloudforce.com/jslibrary/LoginHint208.js

Requested by

Host: thinklp-5954.cloudforce.com
URL: https://thinklp-5954.cloudforce.com/index.jsp?ec=20037&eco=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.61.191 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl6-ncg1-c5-iad4.na163-ia4.force.com

Software

Resource Hash

1f46a88cb5669637c9ff675a44518f633af75fc4f2271039b1d73c5bcce444da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thinklp-5954.cloudforce.com/index.jsp?ec=20037&eco=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 02 Feb 2022 14:02:42 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 01 Feb 2022 21:03:34 GMT
Age: 7779
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=10368000
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
Content-Length: 6032
X-XSS-Protection: 1; mode=block
Expires: Thu, 02 Jun 2022 14:02:42 GMT

GET
H/1.1 200
OK CAAAAX687MfTAAAAAAAAAAAAAAAAAAAAAAAA6l9x_ek8TTcwhUtR6rwn5enBRI-sWOL03e8Xi188OgAdqFzq2v6bb9NU_CmlLi6XVW6GHHH51OWgH-8OAI-0jg2Hc9RY5grc_l-eer498Ms-
na163.salesforce.com/brand-asset/ 16 KB
17 KB 1236ms
103ms Image
image/png 13.110.62.189
SALESFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://na163.salesforce.com/brand-asset/CAAAAX687MfTAAAAAAAAAAAAAAAAAAAAAAAA6l9x_ek8TTcwhUtR6rwn5enBRI-sWOL03e8Xi188OgAdqFzq2v6bb9NU_CmlLi6XVW6GHHH51OWgH-8OAI-0jg2Hc9RY5grc_l-eer498Ms-

Requested by

Host: thinklp-5954.cloudforce.com
URL: https://thinklp-5954.cloudforce.com/index.jsp?ec=20037&eco=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.62.189 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl7-ncg1-c5-iad4.na163-ia4.salesforce.com

Software

Resource Hash

907552ab27c13d797474d48eeeacc79d73a4763514632cc6470b5124be741ebd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thinklp-5954.cloudforce.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 02 Feb 2022 16:12:22 GMT
Referrer-Policy: origin-when-cross-origin
Last-Modified: Sun, 18 Oct 2015 01:55:18 GMT
X-Robots-Tag: none
Strict-Transport-Security: max-age=31536000; includeSubDomains
P3P: CP="CUR OTR STA"
Cache-Control: public,max-age=3888000
X-Content-Type-Options: nosniff
Content-Type: image/png
Content-Length: 16741
X-XSS-Protection: 1; mode=block
Expires: Sat, 19 Mar 2022 16:12:22 GMT

GET
H/1.1 200
OK clear.png
thinklp-5954.cloudforce.com/img/ 477 B
931 B 103ms
98ms Image
image/png 13.110.61.191
SALESFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thinklp-5954.cloudforce.com/img/clear.png

Requested by

Host: thinklp-5954.cloudforce.com
URL: https://thinklp-5954.cloudforce.com/index.jsp?ec=20037&eco=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.61.191 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl6-ncg1-c5-iad4.na163-ia4.force.com

Software

Resource Hash

dd464055be78eadee2d5d3ecc5380600b788883e462d9e77372877dc04110e6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thinklp-5954.cloudforce.com/index.jsp?ec=20037&eco=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 02 Feb 2022 14:15:28 GMT
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 21 May 2015 20:40:36 GMT
Age: 7013
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: public,max-age=10368000
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 477
X-XSS-Protection: 1; mode=block
Expires: Thu, 02 Jun 2022 14:15:28 GMT

GET
H/1.1 200
OK baselogin.js Show response
thinklp-5954.cloudforce.com/jslibrary/ 640 B
961 B 110ms
110ms Script
application/x-javascript 13.110.61.191
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://thinklp-5954.cloudforce.com/jslibrary/baselogin.js

Requested by

Host: thinklp-5954.cloudforce.com
URL: https://thinklp-5954.cloudforce.com/index.jsp?ec=20037&eco=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.61.191 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl6-ncg1-c5-iad4.na163-ia4.force.com

Software

Resource Hash

751172776daa52a326d6bc3f92d9d0f5ceb38aed171938f4a52890d39a0677bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thinklp-5954.cloudforce.com/index.jsp?ec=20037&eco=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 02 Feb 2022 14:27:22 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 01 Feb 2022 21:03:34 GMT
Age: 6299
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=10368000
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Vary: Accept-Encoding
Content-Length: 445
X-XSS-Protection: 1; mode=block
Expires: Thu, 02 Jun 2022 14:27:22 GMT

GET
H/1.1 200
OK 1386 Show response
thinklp-5954.cloudforce.com/marketing/survey/survey1/ 5 KB
2 KB 105ms
105ms Script
application/javascript 13.110.61.191
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://thinklp-5954.cloudforce.com/marketing/survey/survey1/1386

Requested by

Host: thinklp-5954.cloudforce.com
URL: https://thinklp-5954.cloudforce.com/index.jsp?ec=20037&eco=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.61.191 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl6-ncg1-c5-iad4.na163-ia4.force.com

Software

Resource Hash

42a531dce996297d2a03cb33044b36408821072ad24b9477a237bd8a3ed6ebf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thinklp-5954.cloudforce.com/index.jsp?ec=20037&eco=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 02 Feb 2022 16:12:21 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/javascript
Cache-Control: public,max-age=2592000
X-Content-Type-Options: nosniff
X-Robots-Tag: none
Vary: Accept-Encoding
Content-Length: 1979
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 1386 Show response
thinklp-5954.cloudforce.com/marketing/survey/survey4/ 18 KB
7 KB 106ms
106ms Script
application/javascript 13.110.61.191
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://thinklp-5954.cloudforce.com/marketing/survey/survey4/1386

Requested by

Host: thinklp-5954.cloudforce.com
URL: https://thinklp-5954.cloudforce.com/index.jsp?ec=20037&eco=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.61.191 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl6-ncg1-c5-iad4.na163-ia4.force.com

Software

Resource Hash

6e254c656a029b64c10f320cb325858bc578c94d7a6ec1e5703ba03abb6738c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thinklp-5954.cloudforce.com/index.jsp?ec=20037&eco=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 02 Feb 2022 16:12:21 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/javascript
Cache-Control: public,max-age=2592000
X-Content-Type-Options: nosniff
X-Robots-Tag: none
Vary: Accept-Encoding
Content-Length: 6976
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK s.gif Show response
thinklp-5954.cloudforce.com/ Frame 4EA2 43 B
454 B 197ms
97ms Document
image/gif 13.110.61.191
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://thinklp-5954.cloudforce.com/s.gif

Requested by

Host: thinklp-5954.cloudforce.com
URL: https://thinklp-5954.cloudforce.com/index.jsp?ec=20037&eco=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.61.191 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl6-ncg1-c5-iad4.na163-ia4.force.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thinklp-5954.cloudforce.com/index.jsp?ec=20037&eco=1

Response headers

Date: Tue, 01 Feb 2022 23:08:32 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Robots-Tag: none
Cache-Control: public,max-age=10368000
Expires: Wed, 01 Jun 2022 23:08:32 GMT
Last-Modified: Tue, 27 May 2003 18:28:08 GMT
Content-Type: image/gif
Accept-Ranges: bytes
Age: 61429
Content-Length: 43

GET
H/1.1 200
OK SalesforceSans-Regular.woff2
thinklp-5954.cloudforce.com/login/assets/fonts/SalesforceSans/ 27 KB
27 KB 193ms
95ms Font
font/woff2 13.110.61.191
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://thinklp-5954.cloudforce.com/login/assets/fonts/SalesforceSans/SalesforceSans-Regular.woff2

Requested by

Host: thinklp-5954.cloudforce.com
URL: https://thinklp-5954.cloudforce.com/css/sfdc_210.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.61.191 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl6-ncg1-c5-iad4.na163-ia4.force.com

Software

Resource Hash

1f1752651aca663f40e45c60e182172fc426a40df042098f6e68a56db2c459f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://thinklp-5954.cloudforce.com/css/sfdc_210.css
Origin: https://thinklp-5954.cloudforce.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 02 Feb 2022 14:02:18 GMT
Referrer-Policy: origin-when-cross-origin
Last-Modified: Fri, 24 Jul 2015 20:32:56 GMT
Age: 7803
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: font/woff2
Cache-Control: public,max-age=10368000
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 27580
X-XSS-Protection: 1; mode=block
Expires: Thu, 02 Jun 2022 14:02:18 GMT

GET
H/1.1 200
OK sessionserver212.html Show response
login.salesforce.com/login/ Frame 5390 91 B
1 KB 546ms
128ms Document
text/html 136.147.56.44
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://login.salesforce.com/login/sessionserver212.html

Requested by

Host: thinklp-5954.cloudforce.com
URL: https://thinklp-5954.cloudforce.com/jslibrary/SfdcSessionBase208.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

136.147.56.44 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl1-dfw.login.salesforce.com

Software

Resource Hash

db743dbd91a699d36f6a755ad2c8eec5ce0d1b3715df50a651b7c24de11c1811

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thinklp-5954.cloudforce.com/

Response headers

Date: Wed, 02 Feb 2022 16:12:22 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: upgrade-insecure-requests
Referrer-Policy: origin-when-cross-origin
Cache-Control: public,max-age=86400
Expires: Thu, 03 Feb 2022 16:12:22 GMT
Last-Modified: Wed, 23 Aug 2017 20:39:30 GMT
Content-Type: text/html;charset=UTF-8
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked

GET
H/1.1 200
OK SessionServer212.js Show response
login.salesforce.com/jslibrary/ Frame 5390 26 KB
9 KB 135ms
134ms Script
application/x-javascript 136.147.56.44
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://login.salesforce.com/jslibrary/SessionServer212.js

Requested by

Host: login.salesforce.com
URL: https://login.salesforce.com/login/sessionserver212.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

136.147.56.44 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl1-dfw.login.salesforce.com

Software

Resource Hash

9c988f9301ad30c76aa5250da28309d491c5513746e8ad236cce35269382dc6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.salesforce.com/login/sessionserver212.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 02 Feb 2022 16:12:22 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Tue, 01 Feb 2022 21:03:34 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=10368000
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Thu, 02 Jun 2022 16:12:22 GMT

GET
H/1.1 200
OK LoginPageImages Show response
tlp93demo.secure.force.com/IncidentEntry/ Frame 4EA2 5 KB
3 KB 922ms
146ms Document
text/html 13.109.190.145
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://tlp93demo.secure.force.com/IncidentEntry/LoginPageImages

Requested by

Host: thinklp-5954.cloudforce.com
URL: https://thinklp-5954.cloudforce.com/index.jsp?ec=20037&eco=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.109.190.145 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl15-ncg1-c5-iad4.na149-ia4.force.com

Software

/ Salesforce.com ApexPages

Resource Hash

a9fbb5c6c53e80ca7592660e7b321f977cbf9ed39c5c169d208ac3a9c59ca621

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536004; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thinklp-5954.cloudforce.com/

Response headers

Date: Wed, 02 Feb 2022 16:12:23 GMT
Strict-Transport-Security: max-age=31536004; includeSubDomains
Content-Security-Policy: upgrade-insecure-requests
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
X-Powered-By: Salesforce.com ApexPages
P3P: CP="CUR OTR STA"
Expires: Thu, 01 Jan 1970 00:00:00 GMT
origin-trial: AklbvN3zzNjVBN1btIvZVEXQottJ9SBp7rLB02aNYemdUf5Qr9j+oRJsDOjqvHP7tqihWlADjfay3d+A5Ky3xAUAAACFeyJvcmlnaW4iOiJodHRwczovL2ZvcmNlLmNvbTo0NDMiLCJmZWF0dXJlIjoiRGlzYWJsZURpZmZlcmVudE9yaWdpblN1YmZyYW1lRGlhbG9nU3VwcHJlc3Npb24iLCJleHBpcnkiOjE2Mzk1MjYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked

GET
H/1.1 200
OK capslock_blue.png
thinklp-5954.cloudforce.com/img/icon/ 559 B
1013 B 102ms
102ms Image
image/png 13.110.61.191
SALESFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thinklp-5954.cloudforce.com/img/icon/capslock_blue.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.61.191 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl6-ncg1-c5-iad4.na163-ia4.force.com

Software

Resource Hash

02c47d1fb4a92fd6eca59ed828b0d0d7a8ef8285688bd27f36b1e003ffa9a52c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thinklp-5954.cloudforce.com/index.jsp?ec=20037&eco=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 02 Feb 2022 14:02:18 GMT
Referrer-Policy: origin-when-cross-origin
Last-Modified: Sun, 30 Jun 2019 10:26:54 GMT
Age: 7804
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: public,max-age=10368000
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 559
X-XSS-Protection: 1; mode=block
Expires: Thu, 02 Jun 2022 14:02:18 GMT

GET
H/1.1 200
OK stub.js Show response
tlp93demo.secure.force.com/IncidentEntry/static/111213/js/perf/ Frame 4EA2 1 KB
1007 B 97ms
96ms Script
application/x-javascript 13.109.190.145
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://tlp93demo.secure.force.com/IncidentEntry/static/111213/js/perf/stub.js

Requested by

Host: tlp93demo.secure.force.com
URL: https://tlp93demo.secure.force.com/IncidentEntry/LoginPageImages

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.109.190.145 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl15-ncg1-c5-iad4.na149-ia4.force.com

Software

Resource Hash

5830f6b53e1ea91abd5de97ef219269702f413575cfe0dd6149712d68d7d61eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536004; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tlp93demo.secure.force.com/IncidentEntry/LoginPageImages
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 26 Jan 2022 07:52:16 GMT
Content-Encoding: gzip
Last-Modified: Thu, 18 Dec 2014 19:28:42 GMT
Age: 634807
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=10368000
Strict-Transport-Security: max-age=31536004; includeSubDomains
Accept-Ranges: bytes
Content-Length: 618
Expires: Thu, 26 May 2022 07:52:16 GMT

GET
H/1.1 200
OK NetworkTracking.js Show response
tlp93demo.secure.force.com/IncidentEntry/jslibrary/1624499168234/sfdc/ Frame 4EA2 4 KB
2 KB 94ms
94ms Script
application/x-javascript 13.109.190.145
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://tlp93demo.secure.force.com/IncidentEntry/jslibrary/1624499168234/sfdc/NetworkTracking.js

Requested by

Host: tlp93demo.secure.force.com
URL: https://tlp93demo.secure.force.com/IncidentEntry/LoginPageImages

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.109.190.145 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl15-ncg1-c5-iad4.na149-ia4.force.com

Software

Resource Hash

fda2fded11e2486f8556b5d63b5833a314df500bb95578562d7c095ba363555c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536004; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tlp93demo.secure.force.com/IncidentEntry/LoginPageImages
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 26 Jan 2022 07:55:53 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Jan 2022 20:00:08 GMT
Age: 634590
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=10368000
Strict-Transport-Security: max-age=31536004; includeSubDomains
Accept-Ranges: bytes
Content-Length: 1546
Expires: Thu, 26 May 2022 07:55:53 GMT

GET
H/1.1 200
OK servlet.FileDownload
tlp93demo.secure.force.com/IncidentEntry/servlet/ Frame 4EA2 43 KB
44 KB 124ms
124ms Image
image/png 13.109.190.145
SALESFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tlp93demo.secure.force.com/IncidentEntry/servlet/servlet.FileDownload?file=0154A00001qokin

Requested by

Host: tlp93demo.secure.force.com
URL: https://tlp93demo.secure.force.com/IncidentEntry/LoginPageImages

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.109.190.145 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl15-ncg1-c5-iad4.na149-ia4.force.com

Software

Resource Hash

56ef97dad437460d68313050b4e7db7dc4a301c421eacdb6442b87432e932309

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536004; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tlp93demo.secure.force.com/IncidentEntry/LoginPageImages
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 02 Feb 2022 16:12:24 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 12 Oct 2017 10:44:57 +0000
Content-Security-Policy: upgrade-insecure-requests
Strict-Transport-Security: max-age=31536004; includeSubDomains
Content-Type: image/png; charset=UTF-8
Cache-Control: private
Content-Disposition: inline; filename="Intelligent_logo.png"
Content-Length: 44372

GET
H/1.1

200
OK

servlet.ImageServer
tlpdemo--c.na149.content.force.com/servlet/ Frame 4EA2
Redirect Chain

https://tlpdemo--c.na47.content.force.com/servlet/servlet.ImageServer?id=0154A000023x18A&oid=00DG0000000l29N&lastMod=1570713990000
https://tlpdemo--c.na149.content.force.com/servlet/servlet.ImageServer?id=0154A000023x18A&oid=00DG0000000l29N&lastMod=1570713990000

108 KB
108 KB

580ms
97ms

Image
image/png

13.109.190.145
SALESFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tlpdemo--c.na149.content.force.com/servlet/servlet.ImageServer?id=0154A000023x18A&oid=00DG0000000l29N&lastMod=1570713990000

Requested by

Host: tlp93demo.secure.force.com
URL: https://tlp93demo.secure.force.com/IncidentEntry/LoginPageImages

Protocol

HTTP/1.1

Server

13.109.190.145 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl15-ncg1-c5-iad4.na149-ia4.force.com

Software

Resource Hash

19a323dbbe08419fed93318561ca3dd7140243df87cae729d11546d586cc87e3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tlp93demo.secure.force.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 26 Jan 2022 07:56:23 GMT
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 10 Oct 2019 13:26:30 GMT
Age: 634561
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: public,max-age=31536000
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests
X-Robots-Tag: none
Content-Length: 110211
X-XSS-Protection: 1; mode=block
Expires: Thu, 26 Jan 2023 07:56:23 GMT

Redirect headers

Date: Wed, 02 Feb 2022 16:12:24 GMT
Referrer-Policy: origin-when-cross-origin
Strict-Transport-Security: max-age=31536000; includeSubDomains
Location: https://tlpdemo--c.na149.content.force.com/servlet/servlet.ImageServer?id=0154A000023x18A&oid=00DG0000000l29N&lastMod=1570713990000
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests
X-Robots-Tag: nofollow, noindex, noarchive, nosnippet
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

servlet.ImageServer
tlpdemo--c.na149.content.force.com/servlet/ Frame 4EA2
Redirect Chain

https://tlpdemo--c.na47.content.force.com/servlet/servlet.ImageServer?id=0154A000023x185&oid=00DG0000000l29N&lastMod=1570713910000
https://tlpdemo--c.na149.content.force.com/servlet/servlet.ImageServer?id=0154A000023x185&oid=00DG0000000l29N&lastMod=1570713910000

51 KB
52 KB

577ms
98ms

Image
image/png

13.109.190.145
SALESFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tlpdemo--c.na149.content.force.com/servlet/servlet.ImageServer?id=0154A000023x185&oid=00DG0000000l29N&lastMod=1570713910000

Requested by

Host: tlp93demo.secure.force.com
URL: https://tlp93demo.secure.force.com/IncidentEntry/LoginPageImages

Protocol

HTTP/1.1

Server

13.109.190.145 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl15-ncg1-c5-iad4.na149-ia4.force.com

Software

Resource Hash

743aa2aa23721b4bc41214db1a182c21143bee7aa4a53f0240621ab247a0c5e1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tlp93demo.secure.force.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 26 Jan 2022 03:37:28 GMT
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 10 Oct 2019 13:25:10 GMT
Age: 650096
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: public,max-age=31536000
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests
X-Robots-Tag: none
Content-Length: 52283
X-XSS-Protection: 1; mode=block
Expires: Thu, 26 Jan 2023 03:37:28 GMT

Redirect headers

Date: Wed, 02 Feb 2022 16:12:24 GMT
Referrer-Policy: origin-when-cross-origin
Strict-Transport-Security: max-age=31536000; includeSubDomains
Location: https://tlpdemo--c.na149.content.force.com/servlet/servlet.ImageServer?id=0154A000023x185&oid=00DG0000000l29N&lastMod=1570713910000
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests
X-Robots-Tag: nofollow, noindex, noarchive, nosnippet
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

servlet.ImageServer
tlpdemo--c.na149.content.force.com/servlet/ Frame 4EA2
Redirect Chain

https://tlpdemo--c.na47.content.force.com/servlet/servlet.ImageServer?id=0154A000023x18F&oid=00DG0000000l29N&lastMod=1570714022000
https://tlpdemo--c.na149.content.force.com/servlet/servlet.ImageServer?id=0154A000023x18F&oid=00DG0000000l29N&lastMod=1570714022000

27 KB
28 KB

577ms
100ms

Image
image/png

13.109.190.145
SALESFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tlpdemo--c.na149.content.force.com/servlet/servlet.ImageServer?id=0154A000023x18F&oid=00DG0000000l29N&lastMod=1570714022000

Requested by

Host: tlp93demo.secure.force.com
URL: https://tlp93demo.secure.force.com/IncidentEntry/LoginPageImages

Protocol

HTTP/1.1

Server

13.109.190.145 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl15-ncg1-c5-iad4.na149-ia4.force.com

Software

Resource Hash

adaf80d75ae5078ff3e5952cd901abfb29aac0c08909c0a5ee6c254b21bb7478

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tlp93demo.secure.force.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 26 Jan 2022 03:48:43 GMT
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 10 Oct 2019 13:27:02 GMT
Age: 649421
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: public,max-age=31536000
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests
X-Robots-Tag: none
Content-Length: 27933
X-XSS-Protection: 1; mode=block
Expires: Thu, 26 Jan 2023 03:48:43 GMT

Redirect headers

Date: Wed, 02 Feb 2022 16:12:24 GMT
Referrer-Policy: origin-when-cross-origin
Strict-Transport-Security: max-age=31536000; includeSubDomains
Location: https://tlpdemo--c.na149.content.force.com/servlet/servlet.ImageServer?id=0154A000023x18F&oid=00DG0000000l29N&lastMod=1570714022000
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
X-Content-Type-Options: nosniff
Content-Security-Policy: upgrade-insecure-requests
X-Robots-Tag: nofollow, noindex, noarchive, nosnippet
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK servlet.FileDownload
tlp93demo.secure.force.com/IncidentEntry/servlet/ Frame 4EA2 633 KB
633 KB 143ms
142ms Image
image/jpeg 13.109.190.145
SALESFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tlp93demo.secure.force.com/IncidentEntry/servlet/servlet.FileDownload?file=0154A000023ePHQ

Requested by

Host: tlp93demo.secure.force.com
URL: https://tlp93demo.secure.force.com/IncidentEntry/LoginPageImages

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.109.190.145 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl15-ncg1-c5-iad4.na149-ia4.force.com

Software

Resource Hash

9509011b00e61ccc9b2d4b0f9adf9ab83318cc0c3f36031a470360b54ba71cc9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536004; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tlp93demo.secure.force.com/IncidentEntry/LoginPageImages
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 02 Feb 2022 16:12:24 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 12 Oct 2017 10:44:57 +0000
Content-Security-Policy: upgrade-insecure-requests
Strict-Transport-Security: max-age=31536004; includeSubDomains
Content-Type: image/jpeg; charset=UTF-8
Cache-Control: private
Content-Disposition: inline; filename="loginimage.jpg"
Content-Length: 647950

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.thinklp-5954.cloudforce.com/	1970-01-20 09:22:34	Name: CookieConsentPolicy Value: 0:1
.thinklp-5954.cloudforce.com/	1970-01-20 09:22:34	Name: LSKey-c$CookieConsentPolicy Value: 0:1
thinklp-5954.cloudforce.com/	1969-12-31 23:59:59	Name: QCQQ Value: 8Zhf3CFKRSE
login.salesforce.com/	1969-12-31 23:59:59	Name: session Value: 1643818342555
.salesforce.com/	1970-01-20 09:22:34	Name: BrowserId_sec Value: 54gleIRCEeyqUqNQ3rbUAQ
.force.com/	1970-01-20 09:22:34	Name: BrowserId_sec Value: 6A9-UYRCEeygWnWEhFR47A

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

login.salesforce.com
na163.salesforce.com
thinklp-5954.cloudforce.com
tlp93demo.secure.force.com
tlpdemo--c.na149.content.force.com
tlpdemo--c.na47.content.force.com
13.109.190.145
13.110.252.35
13.110.61.191
13.110.62.189
136.147.56.44
02c47d1fb4a92fd6eca59ed828b0d0d7a8ef8285688bd27f36b1e003ffa9a52c
047a62e85d7521a909d3df9cb6d7c4e2e4b1a372dd383da71f2520060bb0ff7b
19a323dbbe08419fed93318561ca3dd7140243df87cae729d11546d586cc87e3
1f1752651aca663f40e45c60e182172fc426a40df042098f6e68a56db2c459f3
1f46a88cb5669637c9ff675a44518f633af75fc4f2271039b1d73c5bcce444da
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
42a531dce996297d2a03cb33044b36408821072ad24b9477a237bd8a3ed6ebf7
56ef97dad437460d68313050b4e7db7dc4a301c421eacdb6442b87432e932309
5830f6b53e1ea91abd5de97ef219269702f413575cfe0dd6149712d68d7d61eb
6e254c656a029b64c10f320cb325858bc578c94d7a6ec1e5703ba03abb6738c0
6effaae73ce83316d1356ea984e417519743bce7a23982f053b1b8ec82135dae
743aa2aa23721b4bc41214db1a182c21143bee7aa4a53f0240621ab247a0c5e1
751172776daa52a326d6bc3f92d9d0f5ceb38aed171938f4a52890d39a0677bf
907552ab27c13d797474d48eeeacc79d73a4763514632cc6470b5124be741ebd
9509011b00e61ccc9b2d4b0f9adf9ab83318cc0c3f36031a470360b54ba71cc9
9c988f9301ad30c76aa5250da28309d491c5513746e8ad236cce35269382dc6e
a9fbb5c6c53e80ca7592660e7b321f977cbf9ed39c5c169d208ac3a9c59ca621
adaf80d75ae5078ff3e5952cd901abfb29aac0c08909c0a5ee6c254b21bb7478
db743dbd91a699d36f6a755ad2c8eec5ce0d1b3715df50a651b7c24de11c1811
dd464055be78eadee2d5d3ecc5380600b788883e462d9e77372877dc04110e6d
fb4eef3d49fc2c92b1a223c3b709a9a801d91b662bbee9aa764bd2d8f539b3ad
fda2fded11e2486f8556b5d63b5833a314df500bb95578562d7c095ba363555c

thinklp-5954.cloudforce.com Open in urlscan Pro 13.110.61.191 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

22 Requests

86 %HTTPS

0 %IPv6

3 Domains

6 Subdomains

4 IPs

1 Countries

959 kBTransfer

1024 kBSize

6 Cookies

2 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

6 Cookies

Security Headers

Indicators

thinklp-5954.cloudforce.com Open in urlscan Pro
13.110.61.191 Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

86 %
HTTPS

0 %
IPv6

3
Domains

6
Subdomains

4
IPs

1
Countries

959 kB
Transfer

1024 kB
Size

6
Cookies

22 HTTP transactions
0 data transactions