ges.my.site.com
Open in
urlscan Pro
203.134.85.155
Public Scan
Submission: On May 01 via manual from IN — Scanned from AU
Summary
TLS certificate: Issued by DigiCert Global G3 TLS ECC SHA384 202... on March 6th 2024. Valid for: a year.
This is the only time ges.my.site.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
12 | 203.134.85.155 203.134.85.155 | 9443 (VOCUS-RET...) (VOCUS-RETAIL-AU Vocus Retail) | |
12 | 1 |
ASN9443 (VOCUS-RETAIL-AU Vocus Retail, AU)
PTR: 155.85-134-203.akamai.cache.nsw.vocus.network
ges.my.site.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
site.com
ges.my.site.com |
2 MB |
12 | 1 |
Domain | Requested by | |
---|---|---|
12 | ges.my.site.com |
ges.my.site.com
|
12 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
prod.cdn.salesforce-experience.com DigiCert Global G3 TLS ECC SHA384 2020 CA1 |
2024-03-06 - 2025-03-04 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://ges.my.site.com/GESSFSurveys/survey/runtimeApp.app?invitationId=0KiPb0000027vzh&surveyName=ges_resolutions_survey&UUID=07a16612-cab6-4169-b9fb-ea388741d991
Frame ID: 22A7C9F547C5AFD274DE8C2D55C5E51C
Requests: 12 HTTP requests in this frame
Screenshot
Page Title
Survey: ges_resolutions_surveyDetected technologies
Akamai Bot Manager (Security) ExpandDetected patterns
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
12 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
runtimeApp.app
ges.my.site.com/GESSFSurveys/survey/ |
226 KB 68 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.css
ges.my.site.com/GESSFSurveys/l/%7B%22mode%22%3A%22PROD%22%2C%22cac%22%3A0%2C%22app%22%3A%22survey%3AruntimeApp%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsurvey%3AruntimeApp%22%3A%22LmH... |
1 MB 140 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aura_prod.js
ges.my.site.com/GESSFSurveys/auraFW/javascript/ZDROWDdLOGtXcTZqSWZiU19ZaDJFdzk4bkk0bVJhZGJCWE9mUC1IZXZRbmcyNDguMTAuNS01LjAuMTA/ |
844 KB 264 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
appcore.js
ges.my.site.com/GESSFSurveys/l/%7B%22mode%22%3A%22PROD%22%2C%22cac%22%3A0%2C%22app%22%3A%22survey%3AruntimeApp%22%2C%22serializationVersion%22%3A%221-248.10.5-5.0.10-b%22%2C%22parts%22%3A%22t%22%2C... |
992 KB 140 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.js
ges.my.site.com/GESSFSurveys/l/%7B%22mode%22%3A%22PROD%22%2C%22cac%22%3A0%2C%22app%22%3A%22survey%3AruntimeApp%22%2C%22serializationVersion%22%3A%221-248.10.5-5.0.10-b%22%2C%22parts%22%3A%22t%22%2C... |
4 MB 941 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
resources.js
ges.my.site.com/GESSFSurveys/l/%7B%22mode%22%3A%22PROD%22%2C%22cac%22%3A0%2C%22app%22%3A%22survey%3AruntimeApp%22%2C%22fwuid%22%3A%22ZDROWDdLOGtXcTZqSWZiU19ZaDJFdzk4bkk0bVJhZGJCWE9mUC1IZXZRbmcyNDgu... |
25 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
aura
ges.my.site.com/GESSFSurveys/ |
82 KB 25 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
ges.my.site.com/ |
5 KB 6 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
aura
ges.my.site.com/GESSFSurveys/ |
7 KB 5 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pebbles.jpg
ges.my.site.com/_sfdc/surveyAssets/images/ |
216 KB 217 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
aura
ges.my.site.com/GESSFSurveys/ |
13 KB 6 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
aura
ges.my.site.com/GESSFSurveys/ |
2 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
9 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
number| pageStartTime object| Aura object| AuraLocker object| AuraLockerDisabled object| $A object| aura function| DOMPurify function| Router object| picassoSPA6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
ges.my.site.com/ | Name: CookieConsentPolicy Value: 0:1 |
|
ges.my.site.com/ | Name: LSKey-c$CookieConsentPolicy Value: 0:1 |
|
ges.my.site.com/ | Name: BrowserId Value: ZJJrpwgJEe-luvuqOQmXyQ |
|
ges.my.site.com/ | Name: BrowserId_sec Value: ZJJrpwgJEe-luvuqOQmXyQ |
|
.my.site.com/ | Name: ak_bmsc Value: 5E020340DA86159535E7E7797C9AD352~000000000000000000000000000000~YAAQl1WGy59EVyyPAQAAeChBNhf6Y80bJYQwigqLZNIoopnY1dGyKB6UAVRRy+VKdiJDW2Zk5GX4i1KtHhJzhgAPoeqbx0Fo8+ua7IkkG3u6eof+2f/UA8rVnU2LJtfMMelWwNKnmD+5HO98kUOXwDcDJHdWG8rjw5cg3iPENGnAzTXUcLFh5CumvQAbk/8Okr33Hfa7k/XzrFkqwGw1XWryaKhBHuz53fjju80rj0uLlR42iidJfM5ZA6xQsqRv6PV2VoAbRB9dWH+OE6FCOikYoaKXbO+BWQVfPz8WFmWsAHGWcYXSSul9BJW1HMUil72O/KLiSH8dWBCxfRo0wr/p0Cfoz6sOHKDKGHauWkfKB9KO9th09N1GxPwO3zajNFPUWqWnnuDdhuMw |
|
.my.site.com/ | Name: bm_sv Value: 7A23CE82DAB6B30E8A0F447EBA9FE88B~YAAQl1WGy8ZEVyyPAQAA9TRBNhfYUsbbznOtHNnTFg8EVMPIaWtHZoJoZqdBl3VYvmOpTo5NV8of6jY0nU9b99fYcDZUmf9Nf0GoKReayx3NtfZZoMhUEnqC1SKcchJXH77eYbKMgCAGUuf1zymKziZzoKs6x42VbtOTke3GEl11STbg07rZraS8rXr86u7WZb3PzgGq2a4me6ejjl7rCk+AzZs07h1toQxh9yXuI/vZRQ1vd0NHK1oOglCBcur8Pw==~1 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | upgrade-insecure-requests default-src 'self'; script-src 'self' 'nonce-UARktnBJ4SIOM7LQ2h1L4Farw5tVEwUc' chrome-extension: 'unsafe-inline' 'unsafe-eval' *.canary.lwc.dev *.vf.force.com blob: https://ssl.gstatic.com/accessibility/ https://*.arcgis.com; object-src 'self'; style-src 'self' blob: chrome-extension: 'unsafe-inline' https://ges.my.salesforce-sites.com https://ges.lightning.force.com *.vf.force.com; img-src 'self' data: blob: https://*.amazonaws.com https://*.twilio.com https://*.twiliocdn.com https://ges.my.salesforce-sites.com https://ges.lightning.force.com https: *.vf.force.com; media-src 'self' https://*.amazonaws.com https://*.twilio.com https://*.twiliocdn.com https://ges.my.salesforce-sites.com https://ges.lightning.force.com *.vf.force.com; frame-ancestors 'self'; frame-src blob: mailto: https://*.amazonaws.com https://*.twilio.com https://*.twiliocdn.com https://ges.my.salesforce-sites.com https://ges.lightning.force.com https: *.vf.force.com https://*.arcgis.com; font-src 'self' https: data: https://ges.my.salesforce-sites.com https://ges.lightning.force.com *.vf.force.com; connect-src 'self' https://api.bluetail.salesforce.com https://staging.bluetail.salesforce.com https://preprod.bluetail.salesforce.com https://*.twilio.com https://*.twiliocdn.com https://ges.my.salesforce-sites.com https://ges.lightning.force.com https://ges.my.salesforce-scrt.com blob: *.vf.force.com https://o11y.sfproxy-core1.sfdc-yfeipo.svc.sfdcfc.net/ui-telemetry https://*.arcgis.com https://api.salesforce.com/ https://*.api.salesforce.com/; base-uri 'self' |
Strict-Transport-Security | max-age=63072000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ges.my.site.com
203.134.85.155
0808bf259778cd7a2fc87f3c4b2fd499f666e047c4368d09686be55384af7783
18642459f045c40bb27bac0f648923c5d4d6f73d0659ec06c61bc1a908863148
2f67c9fe32e417cead2ab76021af6ecae33f93bdd32441ce976bf75fb3e8eac8
42594e244956fdcedd0f260c1e84ffa667a1e4de198a63053c28f20bf7be51a3
48932bbf3810e0bf1c6283d525a3671148e170a17bef685f0aefbebddc6d4864
5dab25dfbc07af1a7ba54c8fbcdd8b5b09fba5792b0200a0dd14ffdff012bbe5
69d6aa469d8f7c72ffe2d2e7ee4a6282257a1b791121d8606a8c95e18e9bf149
865f4337a092e6d688337ff3dbd9eb21a2dd371cb45ad825e6016c296d8c1dfe
8ae00efccdd82bd28ad8d953305f2857a630ec51e6f16808f27b0a3f156d89a9
92842fc6c2f66b46f69458c14621fc2eca5d6c02d7937f9124fe8a3a9a55bc91
b8c309878ea18de854fc4089cbef8053e4c72f86a84fded4d856c81b1d1e911a
c06a382311f74624ea7acc1b0a0af9e6f496f41b2d9ccab53724a6511a8c5d82