login.xactlycorp.com Open in urlscan Pro
2.16.30.40 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://secure4.xactlycorp.com/xicm/appLoginInit.do
Effective URL:
https://login.xactlycorp.com/grsservice/login
Submission: On March 01 via manual (March 1st 2023, 2:59:23 pm UTC) from US — Scanned from DE

Summary HTTP 12 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 12 HTTP transactions. The main IP is 2.16.30.40, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is login.xactlycorp.com. The Cisco Umbrella rank of the primary domain is 267904.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on December 28th 2022. Valid for: a year.

This is the only time login.xactlycorp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 13	2.16.30.40 2.16.30.40		16625 (AKAMAI-AS) (AKAMAI-AS)
12	1

13 2.16.30.40 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-30-40.deploy.static.akamaitechnologies.com

secure4.xactlycorp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
login.xactlycorp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	xactlycorp.com 1 redirects secure4.xactlycorp.com — Cisco Umbrella Rank: 278464 login.xactlycorp.com — Cisco Umbrella Rank: 267904	1 MB
12	1

	Domain	Requested by
11	login.xactlycorp.com	1 redirects secure4.xactlycorp.com login.xactlycorp.com
2	secure4.xactlycorp.com	secure4.xactlycorp.com
12	2

This site contains links to these domains. Also see Links.

Domain
www.xactlycorp.com
trust.xactlycorp.com

Subject Issuer	Validity	Valid
*.xactlycorp.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-28` - `2024-01-02`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://login.xactlycorp.com/grsservice/login
Frame ID: CEDABB94DCC6C8EE8FA435F9A29912C5
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Xactly Login

Page URL History Show full URLs

https://secure4.xactlycorp.com/xicm/appLoginInit.do Page URL
https://login.xactlycorp.com/ HTTP 302
https://login.xactlycorp.com/grsservice/login Page URL

Page Statistics

12
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

1
IPs

1
Countries

1324 kB
Transfer

1338 kB
Size

6
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.xactlycorp.com/

Search URL Search Domain Scan URL

URL: https://trust.xactlycorp.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.xactlycorp.com/legal/
Title: Legal

Search URL Search Domain Scan URL

URL: https://www.xactlycorp.com/security/
Title: Security

Search URL Search Domain Scan URL

URL: https://www.xactlycorp.com/products/predictive-sales-analytics/
Title: learn more

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://secure4.xactlycorp.com/xicm/appLoginInit.do Page URL
https://login.xactlycorp.com/ HTTP 302
https://login.xactlycorp.com/grsservice/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 appLoginInit.do Show response
secure4.xactlycorp.com/xicm/ 2 KB
2 KB 237ms
125ms Document
text/html 2.16.30.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://secure4.xactlycorp.com/xicm/appLoginInit.do

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.30.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-16-30-40.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

e5fe1222d32f08c13b1eb4d4d30238d78a396af991612b7ad3c49746a5b6c391

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .xactlycorp.com .xactlycorporation.local 'self'; script-src .xactlycorp.com https://stackpath.bootstrapcdn.com https://inlinemanual.com .pendo.io http://codeorigin.jquery.com http://www.google-analytics.com http://maps.google.com http://ajax.aspnetcdn.com https://rawgithub.com http://marijnhaverbeke.nl http://ternjs.net http://www.pureexample.com https://www.salesforce.com http://html5shim.googlecode.com http://code.jquery.com http://blueimp.github.io *.storage.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=16000000; includeSubDomains; always;
X-Content-Security-Policy	frame-ancestors .xactlycorp.com .xactlycorporation.local 'self'; script-src .xactlycorp.com https://stackpath.bootstrapcdn.com https://inlinemanual.com .pendo.io http://codeorigin.jquery.com http://www.google-analytics.com http://maps.google.com http://ajax.aspnetcdn.com https://rawgithub.com http://marijnhaverbeke.nl http://ternjs.net http://www.pureexample.com https://www.salesforce.com http://html5shim.googlecode.com http://code.jquery.com http://blueimp.github.io *.storage.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 834
content-security-policy: frame-ancestors *.xactlycorp.com *.xactlycorporation.local 'self'; script-src *.xactlycorp.com https://stackpath.bootstrapcdn.com https://inlinemanual.com *.pendo.io http://codeorigin.jquery.com http://www.google-analytics.com http://maps.google.com http://ajax.aspnetcdn.com https://rawgithub.com http://marijnhaverbeke.nl http://ternjs.net http://www.pureexample.com https://www.salesforce.com http://html5shim.googlecode.com http://code.jquery.com http://blueimp.github.io *.storage.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'
content-type: text/html;charset=UTF-8
date: Wed, 01 Mar 2023 14:59:18 GMT
front-end-https: on
pragma: no-cache
referrer-policy: origin
server: nginx
strict-transport-security: max-age=16000000; includeSubDomains; always;
vary: Accept-Encoding
x-content-security-policy: frame-ancestors *.xactlycorp.com *.xactlycorporation.local 'self'; script-src *.xactlycorp.com https://stackpath.bootstrapcdn.com https://inlinemanual.com *.pendo.io http://codeorigin.jquery.com http://www.google-analytics.com http://maps.google.com http://ajax.aspnetcdn.com https://rawgithub.com http://marijnhaverbeke.nl http://ternjs.net http://www.pureexample.com https://www.salesforce.com http://html5shim.googlecode.com http://code.jquery.com http://blueimp.github.io *.storage.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
x-frame-options: sameorigin
x-xss-protection: 1; mode=block
xinfo: %3Bname%3Dincent03-secure4.app.sec4.oraclevcn.com%3BsiteEnv%3DPRODUCTION%3BbusinessId%3D%3BrequestId%3DAA5D3C0DE693B10369448520E1E84732

GET
H2 200 pendo.js Show response
secure4.xactlycorp.com/xicm/js/ 2 KB
2 KB 37ms
37ms Script
text/javascript 2.16.30.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://secure4.xactlycorp.com/xicm/js/pendo.js

Requested by

Host: secure4.xactlycorp.com
URL: https://secure4.xactlycorp.com/xicm/appLoginInit.do

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.30.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-16-30-40.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

9b104273602f4358868b96883a62ce2d9332bf184b726ea46c63fccf1eb2a406

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .xactlycorp.com .xactlycorporation.local 'self'; script-src .xactlycorp.com https://stackpath.bootstrapcdn.com https://inlinemanual.com .pendo.io http://codeorigin.jquery.com http://www.google-analytics.com http://maps.google.com http://ajax.aspnetcdn.com https://rawgithub.com http://marijnhaverbeke.nl http://ternjs.net http://www.pureexample.com https://www.salesforce.com http://html5shim.googlecode.com http://code.jquery.com http://blueimp.github.io *.storage.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=16000000; includeSubDomains; always;
X-Content-Security-Policy	frame-ancestors .xactlycorp.com .xactlycorporation.local 'self'; script-src .xactlycorp.com https://stackpath.bootstrapcdn.com https://inlinemanual.com .pendo.io http://codeorigin.jquery.com http://www.google-analytics.com http://maps.google.com http://ajax.aspnetcdn.com https://rawgithub.com http://marijnhaverbeke.nl http://ternjs.net http://www.pureexample.com https://www.salesforce.com http://html5shim.googlecode.com http://code.jquery.com http://blueimp.github.io *.storage.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure4.xactlycorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: frame-ancestors *.xactlycorp.com *.xactlycorporation.local 'self'; script-src *.xactlycorp.com https://stackpath.bootstrapcdn.com https://inlinemanual.com *.pendo.io http://codeorigin.jquery.com http://www.google-analytics.com http://maps.google.com http://ajax.aspnetcdn.com https://rawgithub.com http://marijnhaverbeke.nl http://ternjs.net http://www.pureexample.com https://www.salesforce.com http://html5shim.googlecode.com http://code.jquery.com http://blueimp.github.io *.storage.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'
strict-transport-security: max-age=16000000; includeSubDomains; always;
x-content-type-options: nosniff
date: Wed, 01 Mar 2023 14:59:18 GMT
content-encoding: gzip
content-length: 1032
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Sat, 18 Feb 2023 15:58:57 GMT
server: nginx
etag: W/\"2226-1676735937000\"
x-frame-options: sameorigin
front-end-https: on
content-type: text/javascript
access-control-allow-origin: https://secure4.xactlycorp.com
vary: Accept-Encoding
access-control-allow-headers: sessionId, uuid, token, tokenEnv, xbase-ping, Access-Control-Allow-Headers, Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
x-content-security-policy: frame-ancestors *.xactlycorp.com *.xactlycorporation.local 'self'; script-src *.xactlycorp.com https://stackpath.bootstrapcdn.com https://inlinemanual.com *.pendo.io http://codeorigin.jquery.com http://www.google-analytics.com http://maps.google.com http://ajax.aspnetcdn.com https://rawgithub.com http://marijnhaverbeke.nl http://ternjs.net http://www.pureexample.com https://www.salesforce.com http://html5shim.googlecode.com http://code.jquery.com http://blueimp.github.io *.storage.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'

GET
H2

200

Primary Request login Show response
login.xactlycorp.com/grsservice/
Redirect Chain

https://login.xactlycorp.com/
https://login.xactlycorp.com/grsservice/login

6 KB
2 KB

121ms
121ms

Document
text/html

2.16.30.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://login.xactlycorp.com/grsservice/login

Requested by

Host: secure4.xactlycorp.com
URL: https://secure4.xactlycorp.com/xicm/appLoginInit.do

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.30.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-16-30-40.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

fd9b73705b5bd7ff6a129d4bf698fd22c6a67d0ab64d85e54d6afecf535bf7b4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .xactlycorp.com .xactlycorporation.local 'self'
Strict-Transport-Security	max-age=16000000; includeSubDomains; always;
X-Content-Security-Policy	frame-ancestors .xactlycorp.com .xactlycorporation.local 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure4.xactlycorp.com/xicm/appLoginInit.do
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private
content-encoding: gzip
content-language: de-DE
content-length: 1680
content-security-policy: frame-ancestors *.xactlycorp.com *.xactlycorporation.local 'self'
content-type: text/html;charset=UTF-8
date: Wed, 01 Mar 2023 14:59:18 GMT
front-end-https: on
referrer-policy: origin
server: nginx
strict-transport-security: max-age=16000000; includeSubDomains; always;
vary: Accept-Encoding
x-content-security-policy: frame-ancestors *.xactlycorp.com *.xactlycorporation.local 'self'
x-content-type-options: nosniff
x-frame-options: sameorigin
x-xss-protection: 1; mode=block

Redirect headers

content-length: 138
content-type: text/html
date: Wed, 01 Mar 2023 14:59:18 GMT
front-end-https: on
location: https://login.xactlycorp.com/grsservice/login
server: nginx
strict-transport-security: max-age=16000000; includeSubDomains; always;

GET
H2 200 login.css
login.xactlycorp.com/grsservice/css/ 7 KB
2 KB 23ms
22ms Stylesheet
text/css 2.16.30.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://login.xactlycorp.com/grsservice/css/login.css

Requested by

Host: login.xactlycorp.com
URL: https://login.xactlycorp.com/grsservice/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.30.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-16-30-40.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

f6c0f06cbff20670cdedd5d6bfce9db5654d23c62d007e6a45f74923031e262b

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; always;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.xactlycorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; always;
content-encoding: gzip
date: Wed, 01 Mar 2023 14:59:18 GMT
last-modified: Sat, 18 Feb 2023 09:21:54 GMT
server: nginx
front-end-https: on
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 1670

GET
H2 200 login.js Show response
login.xactlycorp.com/grsservice/js/ 12 KB
2 KB 28ms
28ms Script
application/javascript 2.16.30.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://login.xactlycorp.com/grsservice/js/login.js

Requested by

Host: login.xactlycorp.com
URL: https://login.xactlycorp.com/grsservice/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.30.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-16-30-40.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

b5165080241b5fef45f8132d67e0702615b7c588ff7dd0d3870dcefbaba3c929

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; always;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.xactlycorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; always;
content-encoding: gzip
date: Wed, 01 Mar 2023 14:59:18 GMT
last-modified: Sat, 18 Feb 2023 09:21:54 GMT
server: nginx
front-end-https: on
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 2208

GET
H2 200 xactly_logo.svg
login.xactlycorp.com/grsservice/img/ 5 KB
6 KB 249ms
249ms Image
image/svg+xml 2.16.30.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.xactlycorp.com/grsservice/img/xactly_logo.svg

Requested by

Host: login.xactlycorp.com
URL: https://login.xactlycorp.com/grsservice/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.30.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-16-30-40.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

a8872b236ad1223e7c4c17edebe1428252f3cf8fa44e8fc796dbd0f5d76cd826

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; always;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.xactlycorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; always;
date: Wed, 01 Mar 2023 14:59:18 GMT
last-modified: Sat, 18 Feb 2023 09:20:25 GMT
server: nginx
front-end-https: on
content-type: image/svg+xml
accept-ranges: bytes
content-length: 5493

GET
H2 200 productImage.png
login.xactlycorp.com/grsservice/img/ 182 KB
183 KB 31ms
31ms Image
image/png 2.16.30.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.xactlycorp.com/grsservice/img/productImage.png

Requested by

Host: login.xactlycorp.com
URL: https://login.xactlycorp.com/grsservice/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.30.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-16-30-40.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

e882650a7e0d344f1795038a1b15639fcce0b6ec82ed4c86116a2c4832938ea5

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; always;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.xactlycorp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; always;
date: Wed, 01 Mar 2023 14:59:18 GMT
last-modified: Sat, 18 Feb 2023 09:21:54 GMT
server: nginx
front-end-https: on
content-type: image/png
accept-ranges: bytes
content-length: 186457

GET
H2 200 loginBackground.png
login.xactlycorp.com/grsservice/img/ 428 KB
429 KB 74ms
74ms Image
image/png 2.16.30.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.xactlycorp.com/grsservice/img/loginBackground.png

Requested by

Host: login.xactlycorp.com
URL: https://login.xactlycorp.com/grsservice/css/login.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.30.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-16-30-40.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

d138f3c1eeabca727b7c8f88f68ae9663e31cd2c9dffb7edae67ff6ea0d2809a

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; always;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.xactlycorp.com/grsservice/css/login.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; always;
date: Wed, 01 Mar 2023 14:59:18 GMT
last-modified: Sat, 18 Feb 2023 09:21:02 GMT
server: nginx
front-end-https: on
content-type: image/png
accept-ranges: bytes
content-length: 438493

GET
H2 200 Proxima-Nova-Regular.otf
login.xactlycorp.com/grsservice/css/fonts/ 92 KB
93 KB 537ms
537ms Font
application/x-font-opentype 2.16.30.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://login.xactlycorp.com/grsservice/css/fonts/Proxima-Nova-Regular.otf

Requested by

Host: login.xactlycorp.com
URL: https://login.xactlycorp.com/grsservice/css/login.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.30.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-16-30-40.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

36b59421bdc34fd9869a7541c47d5f157ff19eb183032efff759c4d5be5d9cae

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; always;

Request headers

Referer: https://login.xactlycorp.com/grsservice/css/login.css
Origin: https://login.xactlycorp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; always;
date: Wed, 01 Mar 2023 14:59:19 GMT
last-modified: Sat, 18 Feb 2023 09:20:25 GMT
server: nginx
front-end-https: on
content-type: application/x-font-opentype
accept-ranges: bytes
content-length: 94668

GET
H2 200 heroBackground.jpg
login.xactlycorp.com/grsservice/img/ 416 KB
417 KB 65ms
64ms Image
image/jpeg 2.16.30.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.xactlycorp.com/grsservice/img/heroBackground.jpg

Requested by

Host: login.xactlycorp.com
URL: https://login.xactlycorp.com/grsservice/css/login.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.30.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-16-30-40.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

3287647607a00eed96d7d058a77b3e5c4fb368f2d7904c78aed279451d6a940c

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; always;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.xactlycorp.com/grsservice/css/login.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; always;
date: Wed, 01 Mar 2023 14:59:18 GMT
last-modified: Sat, 18 Feb 2023 09:21:54 GMT
server: nginx
front-end-https: on
content-type: image/jpeg
accept-ranges: bytes
content-length: 426388

GET
H2 200 Proxima-Nova-Semibold.otf
login.xactlycorp.com/grsservice/css/fonts/ 90 KB
90 KB 322ms
322ms Font
application/x-font-opentype 2.16.30.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://login.xactlycorp.com/grsservice/css/fonts/Proxima-Nova-Semibold.otf

Requested by

Host: login.xactlycorp.com
URL: https://login.xactlycorp.com/grsservice/css/login.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.30.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-16-30-40.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

388be1fb84d1608325ba870797519fe52ad081852a47c66aef5e90eeaf2c425d

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; always;

Request headers

Referer: https://login.xactlycorp.com/grsservice/css/login.css
Origin: https://login.xactlycorp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; always;
date: Wed, 01 Mar 2023 14:59:19 GMT
last-modified: Sat, 18 Feb 2023 09:20:25 GMT
server: nginx
front-end-https: on
content-type: application/x-font-opentype
accept-ranges: bytes
content-length: 91904

GET
H2 200 Proxima-Nova-Bold.otf
login.xactlycorp.com/grsservice/css/fonts/ 94 KB
95 KB 191ms
191ms Font
application/x-font-opentype 2.16.30.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://login.xactlycorp.com/grsservice/css/fonts/Proxima-Nova-Bold.otf

Requested by

Host: login.xactlycorp.com
URL: https://login.xactlycorp.com/grsservice/css/login.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.30.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-16-30-40.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

fa617e6195b48622cd13742f0a33f41bd0a3f8b5689424c90f6cba97d4679644

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; always;

Request headers

Referer: https://login.xactlycorp.com/grsservice/css/login.css
Origin: https://login.xactlycorp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; always;
date: Wed, 01 Mar 2023 14:59:18 GMT
last-modified: Sat, 18 Feb 2023 09:20:25 GMT
server: nginx
front-end-https: on
content-type: application/x-font-opentype
accept-ranges: bytes
content-length: 96640

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
secure4.xactlycorp.com/xicm	1969-12-31 23:59:59	Name: JSESSIONID Value: 9CA8FE888133A4B3F3225DF84A89CB1A.jvmRoute
.secure4.xactlycorp.com/	1969-12-31 23:59:59	Name: communityVerified Value: false
.xactlycorp.com/	1969-12-31 23:59:59	Name: xdomain Value: secure4.xactlycorp.com
secure4.xactlycorp.com/	1969-12-31 23:59:59	Name: xactly-incent Value: incent03
.xactlycorp.com/	1969-12-31 23:59:59	Name: xreferer Value: xactly
login.xactlycorp.com/	1969-12-31 23:59:59	Name: xactly-grs Value: grsservice02

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors .xactlycorp.com .xactlycorporation.local 'self'; script-src .xactlycorp.com https://stackpath.bootstrapcdn.com https://inlinemanual.com .pendo.io http://codeorigin.jquery.com http://www.google-analytics.com http://maps.google.com http://ajax.aspnetcdn.com https://rawgithub.com http://marijnhaverbeke.nl http://ternjs.net http://www.pureexample.com https://www.salesforce.com http://html5shim.googlecode.com http://code.jquery.com http://blueimp.github.io *.storage.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=16000000; includeSubDomains; always;
X-Content-Security-Policy	frame-ancestors .xactlycorp.com .xactlycorporation.local 'self'; script-src .xactlycorp.com https://stackpath.bootstrapcdn.com https://inlinemanual.com .pendo.io http://codeorigin.jquery.com http://www.google-analytics.com http://maps.google.com http://ajax.aspnetcdn.com https://rawgithub.com http://marijnhaverbeke.nl http://ternjs.net http://www.pureexample.com https://www.salesforce.com http://html5shim.googlecode.com http://code.jquery.com http://blueimp.github.io *.storage.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

login.xactlycorp.com
secure4.xactlycorp.com
2.16.30.40
3287647607a00eed96d7d058a77b3e5c4fb368f2d7904c78aed279451d6a940c
36b59421bdc34fd9869a7541c47d5f157ff19eb183032efff759c4d5be5d9cae
388be1fb84d1608325ba870797519fe52ad081852a47c66aef5e90eeaf2c425d
9b104273602f4358868b96883a62ce2d9332bf184b726ea46c63fccf1eb2a406
a8872b236ad1223e7c4c17edebe1428252f3cf8fa44e8fc796dbd0f5d76cd826
b5165080241b5fef45f8132d67e0702615b7c588ff7dd0d3870dcefbaba3c929
d138f3c1eeabca727b7c8f88f68ae9663e31cd2c9dffb7edae67ff6ea0d2809a
e5fe1222d32f08c13b1eb4d4d30238d78a396af991612b7ad3c49746a5b6c391
e882650a7e0d344f1795038a1b15639fcce0b6ec82ed4c86116a2c4832938ea5
f6c0f06cbff20670cdedd5d6bfce9db5654d23c62d007e6a45f74923031e262b
fa617e6195b48622cd13742f0a33f41bd0a3f8b5689424c90f6cba97d4679644
fd9b73705b5bd7ff6a129d4bf698fd22c6a67d0ab64d85e54d6afecf535bf7b4

login.xactlycorp.com Open in urlscan Pro 2.16.30.40 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

12 Requests

100 %HTTPS

0 %IPv6

1 Domains

2 Subdomains

1 IPs

1 Countries

1324 kBTransfer

1338 kBSize

6 Cookies

5 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

6 Cookies

Security Headers

Indicators

login.xactlycorp.com Open in urlscan Pro
2.16.30.40 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

1
IPs

1
Countries

1324 kB
Transfer

1338 kB
Size

6
Cookies

12 HTTP transactions
0 data transactions