urlscan.io logo urlscan.io
SecurityTrails logo

metlifeusdirectsales.my.site.com Open in urlscan Pro
2a02:26f0:6c00::210:bb72  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://usb2ccommunity.force.com/survey/runtimeApp.app?invitationId=0Ki6T000000MmjU&surveyName=ebs_customer_survey&UUID=b2fa42ed-...
Effective URL: https://metlifeusdirectsales.my.site.com/survey/runtimeApp.app?invitationId=0Ki6T000000MmjU&surveyName=ebs_customer_survey&UUID=b2fa42ed-...
Submission: On February 27 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 2 countries across 2 domains to perform 10 HTTP transactions. The main IP is 2a02:26f0:6c00::210:bb72, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is metlifeusdirectsales.my.site.com.
TLS certificate: Issued by DigiCert TLS Hybrid ECC SHA384 2020 CA1 on April 3rd 2022. Valid for: a year.
This is the only time metlifeusdirectsales.my.site.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 13.110.67.209 14340 (SALESFORCE)
10 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
10 1
Apex Domain
Subdomains		 Transfer
10 site.com
metlifeusdirectsales.my.site.com
2 MB
1 force.com
usb2ccommunity.force.com
1 KB
10 2
Domain Requested by
10 metlifeusdirectsales.my.site.com metlifeusdirectsales.my.site.com
1 usb2ccommunity.force.com 1 redirects
10 2

This site contains no links.

Subject Issuer Validity Valid
prod.cdn.salesforce-experience.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-03 -
2023-04-04		 a year crt.sh

This page contains 1 frames:

Primary Page: https://metlifeusdirectsales.my.site.com/survey/runtimeApp.app?invitationId=0Ki6T000000MmjU&surveyName=ebs_customer_survey&UUID=b2fa42ed-5f3b-4211-be97-7c1070dca670
Frame ID: B8A2C7D0C02C809102A723E20D76403E
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Survey: ebs_customer_survey

Page URL History Show full URLs

  1. https://usb2ccommunity.force.com/survey/runtimeApp.app?invitationId=0Ki6T000000MmjU&surveyName=ebs_customer_s... HTTP 301
    https://metlifeusdirectsales.my.site.com/survey/runtimeApp.app?invitationId=0Ki6T000000MmjU&surveyName=ebs_customer_s... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns

Page Statistics

10
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

2023 kB
Transfer

9240 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://usb2ccommunity.force.com/survey/runtimeApp.app?invitationId=0Ki6T000000MmjU&surveyName=ebs_customer_survey&UUID=b2fa42ed-5f3b-4211-be97-7c1070dca670 HTTP 301
    https://metlifeusdirectsales.my.site.com/survey/runtimeApp.app?invitationId=0Ki6T000000MmjU&surveyName=ebs_customer_survey&UUID=b2fa42ed-5f3b-4211-be97-7c1070dca670 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request runtimeApp.app
metlifeusdirectsales.my.site.com/survey/
Redirect Chain
  • https://usb2ccommunity.force.com/survey/runtimeApp.app?invitationId=0Ki6T000000MmjU&surveyName=ebs_customer_survey&UUID=b2fa42ed-5f3b-4211-be97-7c1070dca670
  • https://metlifeusdirectsales.my.site.com/survey/runtimeApp.app?invitationId=0Ki6T000000MmjU&surveyName=ebs_customer_survey&UUID=b2fa42ed-5f3b-4211-be97-7c1070dca670
183 KB
54 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://metlifeusdirectsales.my.site.com/survey/runtimeApp.app?invitationId=0Ki6T000000MmjU&surveyName=ebs_customer_survey&UUID=b2fa42ed-5f3b-4211-be97-7c1070dca670
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bb72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
58de00eb98b088cdf284527934f700c147e931ea3a36b27d69c5d69cb28fb6bd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests default-src 'self'; script-src 'self' 'nonce-r7P13qR8BIyLf6JCwm9dtERhDUGgr4lv' chrome-extension: 'unsafe-inline' 'unsafe-eval' *.canary.lwc.dev *.vf.force.com blob: https://ssl.gstatic.com/accessibility/; object-src 'self'; style-src 'self' blob: chrome-extension: 'unsafe-inline' *.vf.force.com; img-src 'self' http: https: data: blob: *.vf.force.com; media-src 'self' *.vf.force.com; frame-ancestors 'self'; frame-src blob: https: mailto: *.vf.force.com; font-src 'self' https: data: *.vf.force.com; connect-src 'self' https://api.bluetail.salesforce.com https://staging.bluetail.salesforce.com https://preprod.bluetail.salesforce.com blob: *.vf.force.com; base-uri 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

akamai-grn
0.6ebb1002.1677511120.2384268a
cache-control
no-cache,must-revalidate,max-age=0,no-store,private
content-encoding
gzip
content-security-policy
upgrade-insecure-requests default-src 'self'; script-src 'self' 'nonce-r7P13qR8BIyLf6JCwm9dtERhDUGgr4lv' chrome-extension: 'unsafe-inline' 'unsafe-eval' *.canary.lwc.dev *.vf.force.com blob: https://ssl.gstatic.com/accessibility/; object-src 'self'; style-src 'self' blob: chrome-extension: 'unsafe-inline' *.vf.force.com; img-src 'self' http: https: data: blob: *.vf.force.com; media-src 'self' *.vf.force.com; frame-ancestors 'self'; frame-src blob: https: mailto: *.vf.force.com; font-src 'self' https: data: *.vf.force.com; connect-src 'self' https://api.bluetail.salesforce.com https://staging.bluetail.salesforce.com https://preprod.bluetail.salesforce.com blob: *.vf.force.com; base-uri 'self'
content-type
text/html;charset=UTF-8
date
Mon, 27 Feb 2023 15:18:40 GMT
expires
Sun, 27 Feb 2022 15:18:40 GMT
last-modified
Sun, 27 Feb 2022 15:18:40 GMT
link
</l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22survey%3AruntimeApp%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsurvey%3AruntimeApp%22%3A%222_HMcS__IQqGhYv4IgNDCQ%22%7D%2C%22styleContext%22%3A%7B%22c%22%3A%22webkit%22%2C%22x%22%3A%5B%22isDesktop%22%5D%2C%22tokens%22%3A%5B%22markup%3A%2F%2Fforce%3AsldsTokens%22%2C%22markup%3A%2F%2Fforce%3Abase%22%2C%22markup%3A%2F%2Fforce%3AformFactorLarge%22%2C%22markup%3A%2F%2Fsurvey%3AsurveyNamespace%22%5D%2C%22tuid%22%3A%22v1_LlYTNpg5VK0eLD9lGRA%22%2C%22cuid%22%3A-239054401%7D%2C%22pathPrefix%22%3A%22%22%7D/app.css?2=&aura.attributes=%7B%22invitationId%22%3A%220Ki6T000000MmjU%22%2C%22surveyName%22%3A%22ebs_customer_survey%22%7D>;rel=preload;as=style;nopush,</auraFW/javascript/D7zdsGvlxZfFP0e3F1H_2A/aura_prod.js>;rel=preload;as=script;nopush,</l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22survey%3AruntimeApp%22%2C%22serializationVersion%22%3A%221-242.20.2-2.31.6-b%22%2C%22parts%22%3A%22t%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsurvey%3AruntimeApp%22%3A%222_HMcS__IQqGhYv4IgNDCQ%22%7D%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%22348087373%22%7D/appcore.js?2=>;rel=preload;as=script;nopush,</l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22survey%3AruntimeApp%22%2C%22serializationVersion%22%3A%221-242.20.2-2.31.6-b%22%2C%22parts%22%3A%22t%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsurvey%3AruntimeApp%22%3A%222_HMcS__IQqGhYv4IgNDCQ%22%7D%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%22348087373%22%7D/app.js?2=>;rel=preload;as=script;nopush
referrer-policy
origin-when-cross-origin
server-timing
Total;dur=193
strict-transport-security
max-age=63072000; includeSubDomains
timing-allow-origin
*
vary
Origin, Accept-Encoding
x-content-type-options
nosniff
x-origin-cache-control
no-cache,must-revalidate,max-age=0,no-store,private
x-xss-protection
1; mode=block

Redirect headers

Cache-Control
no-cache,must-revalidate,max-age=0,no-store,private
Content-Length
0
Content-Security-Policy
upgrade-insecure-requests
Date
Mon, 27 Feb 2023 15:18:39 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://metlifeusdirectsales.my.site.com/survey/runtimeApp.app?invitationId=0Ki6T000000MmjU&surveyName=ebs_customer_survey&UUID=b2fa42ed-5f3b-4211-be97-7c1070dca670
Referrer-Policy
origin-when-cross-origin
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
app.css
metlifeusdirectsales.my.site.com/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22survey%3AruntimeApp%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsurvey%3AruntimeApp%22%3A%222_HMcS__IQqGhYv... 		1 MB
136 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://metlifeusdirectsales.my.site.com/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22survey%3AruntimeApp%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsurvey%3AruntimeApp%22%3A%222_HMcS__IQqGhYv4IgNDCQ%22%7D%2C%22styleContext%22%3A%7B%22c%22%3A%22webkit%22%2C%22x%22%3A%5B%22isDesktop%22%5D%2C%22tokens%22%3A%5B%22markup%3A%2F%2Fforce%3AsldsTokens%22%2C%22markup%3A%2F%2Fforce%3Abase%22%2C%22markup%3A%2F%2Fforce%3AformFactorLarge%22%2C%22markup%3A%2F%2Fsurvey%3AsurveyNamespace%22%5D%2C%22tuid%22%3A%22v1_LlYTNpg5VK0eLD9lGRA%22%2C%22cuid%22%3A-239054401%7D%2C%22pathPrefix%22%3A%22%22%7D/app.css?2=&aura.attributes=%7B%22invitationId%22%3A%220Ki6T000000MmjU%22%2C%22surveyName%22%3A%22ebs_customer_survey%22%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bb72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
8e37df894b9ebe0bf48f82893dd92ff62ac12935eeb93cf6b1d59d70c69b9c49
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://metlifeusdirectsales.my.site.com/survey/runtimeApp.app?invitationId=0Ki6T000000MmjU&surveyName=ebs_customer_survey&UUID=b2fa42ed-5f3b-4211-be97-7c1070dca670
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
last-modified
Sun, 26 Feb 2023 15:18:41 GMT
date
Mon, 27 Feb 2023 15:18:41 GMT
akamai-grn
0.6ebb1002.1677511120.238427d2
x-origin-cache-control
max-age=31536000,public,immutable
vary
Origin, Accept-Encoding
content-type
text/css;charset=UTF-8
cache-control
public, max-age=31535989
x-xss-protection
1; mode=block
expires
Tue, 27 Feb 2024 15:18:30 GMT
aura_prod.js
metlifeusdirectsales.my.site.com/auraFW/javascript/D7zdsGvlxZfFP0e3F1H_2A/ 		814 KB
258 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://metlifeusdirectsales.my.site.com/auraFW/javascript/D7zdsGvlxZfFP0e3F1H_2A/aura_prod.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bb72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
15b7a32a2a18fe2ddc693c29004f6667c88d935c7714aced4d3c0c5d0394636a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://metlifeusdirectsales.my.site.com/survey/runtimeApp.app?invitationId=0Ki6T000000MmjU&surveyName=ebs_customer_survey&UUID=b2fa42ed-5f3b-4211-be97-7c1070dca670
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 27 Feb 2023 15:18:40 GMT
akamai-grn
, 0.6ebb1002.1677511120.238427d8
server-timing
Total;dur=42
content-length
263266
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
last-modified
Thu, 23 Feb 2023 00:59:23 GMT
x-origin-cache-control
max-age=31536000,public,immutable
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
Server-Timing
cache-control
public, max-age=31225149
timing-allow-origin
*
expires
Sat, 24 Feb 2024 00:57:49 GMT
appcore.js
metlifeusdirectsales.my.site.com/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22survey%3AruntimeApp%22%2C%22serializationVersion%22%3A%221-242.20.2-2.31.6-b%22%2C%22parts%22%3A%22t%22%2C%22loaded%22... 		939 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://metlifeusdirectsales.my.site.com/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22survey%3AruntimeApp%22%2C%22serializationVersion%22%3A%221-242.20.2-2.31.6-b%22%2C%22parts%22%3A%22t%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsurvey%3AruntimeApp%22%3A%222_HMcS__IQqGhYv4IgNDCQ%22%7D%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%22348087373%22%7D/appcore.js?2=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bb72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
701a2e7b828e181e9722b6cc804889e4d89c5e8f2661eb4a6ac8481c6b6be664
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://metlifeusdirectsales.my.site.com/survey/runtimeApp.app?invitationId=0Ki6T000000MmjU&surveyName=ebs_customer_survey&UUID=b2fa42ed-5f3b-4211-be97-7c1070dca670
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
last-modified
Sun, 26 Feb 2023 15:18:41 GMT
date
Mon, 27 Feb 2023 15:18:41 GMT
akamai-grn
0.6ebb1002.1677511120.238427d9
x-origin-cache-control
max-age=31536000,public,immutable
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-xss-protection
1; mode=block
expires
Tue, 27 Feb 2024 15:18:41 GMT
app.js
metlifeusdirectsales.my.site.com/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22survey%3AruntimeApp%22%2C%22serializationVersion%22%3A%221-242.20.2-2.31.6-b%22%2C%22parts%22%3A%22t%22%2C%22loaded%22... 		5 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://metlifeusdirectsales.my.site.com/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22survey%3AruntimeApp%22%2C%22serializationVersion%22%3A%221-242.20.2-2.31.6-b%22%2C%22parts%22%3A%22t%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsurvey%3AruntimeApp%22%3A%222_HMcS__IQqGhYv4IgNDCQ%22%7D%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%22348087373%22%7D/app.js?2=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bb72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
106bedba89082c37476e26cd444b5916f8af137ed842108b570172356cd87e4f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://metlifeusdirectsales.my.site.com/survey/runtimeApp.app?invitationId=0Ki6T000000MmjU&surveyName=ebs_customer_survey&UUID=b2fa42ed-5f3b-4211-be97-7c1070dca670
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
last-modified
Sun, 26 Feb 2023 15:18:41 GMT
date
Mon, 27 Feb 2023 15:18:41 GMT
akamai-grn
0.6ebb1002.1677511120.238427da
x-origin-cache-control
max-age=31536000,public,immutable
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31535991
x-xss-protection
1; mode=block
expires
Tue, 27 Feb 2024 15:18:32 GMT
resources.js
metlifeusdirectsales.my.site.com/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22survey%3AruntimeApp%22%2C%22fwuid%22%3A%22D7zdsGvlxZfFP0e3F1H_2A%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%... 		42 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://metlifeusdirectsales.my.site.com/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22survey%3AruntimeApp%22%2C%22fwuid%22%3A%22D7zdsGvlxZfFP0e3F1H_2A%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsurvey%3AruntimeApp%22%3A%222_HMcS__IQqGhYv4IgNDCQ%22%7D%2C%22apce%22%3A1%2C%22apck%22%3A%22s8Bl8cUYA_3yXD1FIB2jng%22%2C%22mlr%22%3A1%2C%22pathPrefix%22%3A%22%22%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%22348087373%22%7D/resources.js?pv=1677311656000-202072079&rv=1677123191000
Requested by
Host: metlifeusdirectsales.my.site.com
URL: https://metlifeusdirectsales.my.site.com/survey/runtimeApp.app?invitationId=0Ki6T000000MmjU&surveyName=ebs_customer_survey&UUID=b2fa42ed-5f3b-4211-be97-7c1070dca670
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bb72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
d16db57fde049bb388a9e2a4331759d800996ea815c5cf6e4b93d246b8bece6b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://metlifeusdirectsales.my.site.com/survey/runtimeApp.app?invitationId=0Ki6T000000MmjU&surveyName=ebs_customer_survey&UUID=b2fa42ed-5f3b-4211-be97-7c1070dca670
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
last-modified
Sun, 26 Feb 2023 15:18:41 GMT
date
Mon, 27 Feb 2023 15:18:41 GMT
akamai-grn
0.6ebb1002.1677511121.2384295f
x-origin-cache-control
max-age=31536000,private,immutable
vary
Origin, Accept-Encoding
content-type
text/javascript;charset=UTF-8
cache-control
max-age=31536000,private,immutable
content-length
10233
x-xss-protection
1; mode=block
expires
Tue, 27 Jun 2023 15:18:41 GMT
aura
metlifeusdirectsales.my.site.com/ 		83 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://metlifeusdirectsales.my.site.com/aura?r=0&aura.Component.getComponent=1&ui-survey-components-controller.SurveyRuntime.getFlowParameters=1
Requested by
Host: metlifeusdirectsales.my.site.com
URL: https://metlifeusdirectsales.my.site.com/auraFW/javascript/D7zdsGvlxZfFP0e3F1H_2A/aura_prod.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bb72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
661c826ad52cea8b08ec3a1aab30ca8fe5ed69a822d695681299bfe58e2d129b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://metlifeusdirectsales.my.site.com/survey/runtimeApp.app?invitationId=0Ki6T000000MmjU&surveyName=ebs_customer_survey&UUID=b2fa42ed-5f3b-4211-be97-7c1070dca670
X-SFDC-Page-Cache
1887174378de8ffa
accept-language
de-DE,de;q=0.9
X-SFDC-Request-Id
370520000090495366
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 27 Feb 2023 15:18:43 GMT
akamai-grn
0.6ebb1002.1677511122.23842f4d
server-timing
Total;dur=204
content-length
25094
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
last-modified
Sun, 27 Feb 2022 15:18:42 GMT
x-origin-cache-control
no-cache,must-revalidate,max-age=0,no-store,private
vary
Origin, Accept-Encoding
content-type
application/json;charset=UTF-8
cache-control
no-cache,must-revalidate,max-age=0,no-store,private
timing-allow-origin
*
expires
Sun, 27 Feb 2022 15:18:42 GMT
aura
metlifeusdirectsales.my.site.com/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://metlifeusdirectsales.my.site.com/aura?r=1&ui-interaction-runtime-components-controllers.FlowRuntime.runInterview=1
Requested by
Host: metlifeusdirectsales.my.site.com
URL: https://metlifeusdirectsales.my.site.com/auraFW/javascript/D7zdsGvlxZfFP0e3F1H_2A/aura_prod.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bb72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
200b56fefec7ac7c5c71e9916dd5fe01c84e14a01e5fbe0e2220779aa93f2fff
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://metlifeusdirectsales.my.site.com/survey/runtimeApp.app?invitationId=0Ki6T000000MmjU&surveyName=ebs_customer_survey&UUID=b2fa42ed-5f3b-4211-be97-7c1070dca670
X-SFDC-Page-Cache
1887174378de8ffa
accept-language
de-DE,de;q=0.9
X-SFDC-Request-Id
412700000058e25379
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 27 Feb 2023 15:18:43 GMT
akamai-grn
0.6ebb1002.1677511123.23843045
server-timing
Total;dur=76
content-length
2783
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
last-modified
Sun, 27 Feb 2022 15:18:43 GMT
x-origin-cache-control
no-cache,must-revalidate,max-age=0,no-store,private
vary
Origin, Accept-Encoding
content-type
application/json;charset=UTF-8
cache-control
no-cache,must-revalidate,max-age=0,no-store,private
timing-allow-origin
*
expires
Sun, 27 Feb 2022 15:18:43 GMT
aura
metlifeusdirectsales.my.site.com/ 		1 MB
278 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://metlifeusdirectsales.my.site.com/aura?r=2&aura.Component.getComponentDef=1
Requested by
Host: metlifeusdirectsales.my.site.com
URL: https://metlifeusdirectsales.my.site.com/auraFW/javascript/D7zdsGvlxZfFP0e3F1H_2A/aura_prod.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bb72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
fe0f859fd005c582234af28b3058a8baf5675cc9030919d3858502ac1f5e7fec
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://metlifeusdirectsales.my.site.com/survey/runtimeApp.app?invitationId=0Ki6T000000MmjU&surveyName=ebs_customer_survey&UUID=b2fa42ed-5f3b-4211-be97-7c1070dca670
X-SFDC-Page-Cache
1887174378de8ffa
accept-language
de-DE,de;q=0.9
X-SFDC-Request-Id
4444400000e36a7a2e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
last-modified
Sun, 27 Feb 2022 15:18:43 GMT
date
Mon, 27 Feb 2023 15:18:43 GMT
akamai-grn
0.6ebb1002.1677511123.23843108
x-origin-cache-control
no-cache,must-revalidate,max-age=0,no-store,private
vary
Origin, Accept-Encoding
content-type
application/json;charset=UTF-8
cache-control
no-cache,must-revalidate,max-age=0,no-store,private
x-xss-protection
1; mode=block
expires
Sun, 27 Feb 2022 15:18:43 GMT
aura
metlifeusdirectsales.my.site.com/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://metlifeusdirectsales.my.site.com/aura?r=3&ui-instrumentation-components-beacon.InstrumentationBeacon.sendData=1
Requested by
Host: metlifeusdirectsales.my.site.com
URL: https://metlifeusdirectsales.my.site.com/auraFW/javascript/D7zdsGvlxZfFP0e3F1H_2A/aura_prod.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bb72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6aa71932864163f3770e97396cb159f3d7de6e7a41a5aa4acb1608d6e7ad78b1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://metlifeusdirectsales.my.site.com/survey/runtimeApp.app?invitationId=0Ki6T000000MmjU&surveyName=ebs_customer_survey&UUID=b2fa42ed-5f3b-4211-be97-7c1070dca670
X-SFDC-Page-Cache
1887174378de8ffa
accept-language
de-DE,de;q=0.9
X-SFDC-Request-Id
51255000003bf33c92
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 27 Feb 2023 15:18:44 GMT
akamai-grn
0.6ebb1002.1677511124.2384332b
server-timing
Total;dur=45
content-length
1080
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
last-modified
Sun, 27 Feb 2022 15:18:44 GMT
x-origin-cache-control
no-cache,must-revalidate,max-age=0,no-store,private
vary
Origin, Accept-Encoding
content-type
application/json;charset=UTF-8
cache-control
no-cache,must-revalidate,max-age=0,no-store,private
timing-allow-origin
*
expires
Sun, 27 Feb 2022 15:18:44 GMT

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless number| pageStartTime object| Aura object| AuraLocker object| AuraLockerDisabled object| $A object| aura function| DOMPurify function| Router object| picassoSPA

12 Cookies

Domain/Path Name / Value
usb2ccommunity.force.com/ Name: CookieConsentPolicy
Value: 0:1
usb2ccommunity.force.com/ Name: LSKey-c$CookieConsentPolicy
Value: 0:1
usb2ccommunity.force.com/ Name: sfdc-stream
Value: !syDFPSbWZnuN/n7m1kiL/cJKZbCnotg7letf7dT9L0wY2NU8Bp1QAysVz91YNTuFST10kpm6H11ApqI=
usb2ccommunity.force.com/ Name: force-proxy-stream
Value: !Ar/SVwv/StS0qNqM3E1+B22vTjHOFUAAEyeqIhf8XaXiFH/vnw7p1yJE8k298gguaJy+UK0XqBnAvtE=
usb2ccommunity.force.com/ Name: force-stream
Value: !syDFPSbWZnuN/n7m1kiL/cJKZbCnotg7letf7dT9L0wY2NU8Bp1QAysVz91YNTuFST10kpm6H11ApqI=
metlifeusdirectsales.my.site.com/ Name: CookieConsentPolicy
Value: 0:1
metlifeusdirectsales.my.site.com/ Name: LSKey-c$CookieConsentPolicy
Value: 0:1
metlifeusdirectsales.my.site.com/ Name: BrowserId
Value: A-B5ibayEe2EppH73036AQ
metlifeusdirectsales.my.site.com/ Name: BrowserId_sec
Value: A-B5ibayEe2EppH73036AQ
metlifeusdirectsales.my.site.com/ Name: sfdc-stream
Value: !4WmntZdCbuIhY0G5KyR0tjBp6hTC4xdL5uxVTlBkIglpsQ0Koy9GXZhRj3m2Gdn2ReML48nY1rBVgw==
.my.site.com/ Name: ak_bmsc
Value: CD4AFFD0EF32EC4A0F8E98F46E113F07~000000000000000000000000000000~YAAQbrsQAqlLrFuGAQAADFd0kxJQBjdYd+w89ohbASU49la0zTiX3ikRnR5pnBp14cZ9BTPGfSWq9QGmNS+LssF4AOVx4htIUsDicfUroSVldC4aWNOlDlFn/e3lmp6IVNnhhH7ygN+VUn07fVqqwJUrPs1Q6QWrfCfwqiFExwXU+0+UFMwE31b5KP/bzDVV/CC2NAszrXf8w5Q8KggHseDGq6XHCgzBBho1WQm/Muqqioo6rb/5MMiuEcv0kgfKk6BSOJ6mGrVNIMYy21iTJ1rhCm/c9KlNGXXP3BSMSWEeGi8/9mFIrWUOxSJ3FpCdYMAb087Ai/kwEOlTFWe3Dhu90FjrsoXeY/mb6kTq5neIL0OtiSulk/w6/v/7RF0GmgBMRZxwfvnxsPFMV1gRpA==
.my.site.com/ Name: bm_sv
Value: C61910F7942D915E80D33BEAFB63A88B~YAAQbrsQAuFLrFuGAQAAZWZ0kxJcbBNM438tmVxxAkosMmbld9dn8mVbqWfynzo/VRCV5Otg4w8BJ7raFf/TxXgu70YcQclqwaWJ1/xv9NxDh4zvYAwjgCPN6U82WJHH3bd86x0/GBNP+icbaWMOZejE+g56FYdmBsrZGNvOUHBLpQsHW5wr1+GTdTumK8MBVMVkfRVrGpvtxrJSZDCbuexpO9eD5i9ZiYjFJi4mjMD5E9UmBpQpsj7TiO2LNXBd6A==~1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests default-src 'self'; script-src 'self' 'nonce-r7P13qR8BIyLf6JCwm9dtERhDUGgr4lv' chrome-extension: 'unsafe-inline' 'unsafe-eval' *.canary.lwc.dev *.vf.force.com blob: https://ssl.gstatic.com/accessibility/; object-src 'self'; style-src 'self' blob: chrome-extension: 'unsafe-inline' *.vf.force.com; img-src 'self' http: https: data: blob: *.vf.force.com; media-src 'self' *.vf.force.com; frame-ancestors 'self'; frame-src blob: https: mailto: *.vf.force.com; font-src 'self' https: data: *.vf.force.com; connect-src 'self' https://api.bluetail.salesforce.com https://staging.bluetail.salesforce.com https://preprod.bluetail.salesforce.com blob: *.vf.force.com; base-uri 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block