urlscan.io logo urlscan.io
SecurityTrails logo

dccovid.force.com Open in urlscan Pro
52.61.132.23  Public Scan

Go To Rescan Add Verdict Report
URL: https://dccovid.force.com/overthecounter/s/login/?language=en_US
Submission: On September 28 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 15 HTTP transactions. The main IP is 52.61.132.23, located in Boardman, United States and belongs to AMAZON EXPANSION, IE. The main domain is dccovid.force.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on October 31st 2022. Valid for: a year.
This is the only time dccovid.force.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 52.61.132.23 8987 (AMAZON EX...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
15 4
Apex Domain
Subdomains		 Transfer
13 force.com
dccovid.force.com
2 MB
1 gstatic.com
www.gstatic.com
185 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 11
1 KB
15 3
Domain Requested by
13 dccovid.force.com dccovid.force.com
1 www.gstatic.com www.google.com
1 www.google.com dccovid.force.com
15 3

This site contains links to these domains. Also see Links.

Domain
forms.office.com
Subject Issuer Validity Valid
*.na215.force.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-31 -
2023-10-30		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://dccovid.force.com/overthecounter/s/login/?language=en_US
Frame ID: 6D854B253724D8C53A1EAC4E9F4E8B6B
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

15
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

1902 kB
Transfer

6592 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
dccovid.force.com/overthecounter/s/login/ 		108 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dccovid.force.com/overthecounter/s/login/?language=en_US
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.61.132.23 Boardman, United States, ASN8987 (AMAZON EXPANSION, IE),
Reverse DNS
dpl1-hio.na215-hio.force.com
Software
/
Resource Hash
8a2ebc070135442ed488d2ea7a8dd4f74c31a8448813880fd427b269e8fd1d26
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://service.force.com/embeddedservice/ https://cdn.content.aws-dev2-uswest2.aws.sfdc.cl/ https://cdn.content.aws-prod1-useast1.aws.sfdc.cl/ https://payments.salesforce.com/ https://js.stripe.com/ import: blob: https://uip.canary.lwc.dev https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/-TriQeni1Ls-Mdq_ssN2cUL5/recaptcha__en.js https://www.gstatic.com/recaptcha/releases/qljbK_DTcvY1PzbR7IG69z1r/recaptcha__en.js https://www.gstatic.com/recaptcha/releases/YhkYx1k-yvvb8OonJPmOpoJY/recaptcha__en.js https://www.gstatic.com https://www.google.com/; object-src 'self' www.google.com; style-src 'self' 'unsafe-inline' https://service.force.com/embeddedservice/ https://fonts.googleapis.com/css2 https://fonts.googleapis.com/css blob: https://www.google.com https://maps.a.forceusercontent.com; img-src 'self' data: blob: https://dccovid.my.salesforce.com https://dccovid--c.documentforce.com https://img.youtube.com https://i.ytimg.com https://i.vimeocdn.com https://login.salesforce.com/icons/ https://payments.salesforce.com/icons/ https://cdn.content.aws-prod1-useast1.aws.sfdc.cl/icons/ https://cdn.content.aws-dev2-uswest2.aws.sfdc.cl/icons/ https://na215.salesforce.com/icons/ https://www.google.com https://maps.a.forceusercontent.com; media-src 'self' blob: https://www.google.com https://maps.a.forceusercontent.com; frame-ancestors 'self'; frame-src 'self' https://service.force.com/embeddedservice/ https://na215.salesforce.com https://sfdc-link-preview-staging.sfdc.sh https://sfdc-link-preview.hk.salesforce.com https://cdn.embedly.com https://www.youtube.com https://player.vimeo.com https://play.vidyard.com https://player.cloudinary.com https://fast.wistia.net https://players.brightcove.net https://s1.adis.ws https://scormanywhere.secure.force.com https://appiniummastertrial.secure.force.com https://*.c.forceusercontent.com/lightningmaps/ https://*.c.forceusercontent.com https://location.force.com https://dccovid--c.documentforce.com https://www.google.com https://maps.a.forceusercontent.com; font-src 'self' data: https://fonts.gstatic.com/ https://www.google.com https://maps.a.forceusercontent.com; connect-src 'self' https://dccovid.my.salesforce-scrt.com https://www.google.com https://maps.a.forceusercontent.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache,must-revalidate,max-age=0,no-store,private
Content-Encoding
gzip
Content-Security-Policy
upgrade-insecure-requests default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://service.force.com/embeddedservice/ https://cdn.content.aws-dev2-uswest2.aws.sfdc.cl/ https://cdn.content.aws-prod1-useast1.aws.sfdc.cl/ https://payments.salesforce.com/ https://js.stripe.com/ import: blob: https://uip.canary.lwc.dev https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/-TriQeni1Ls-Mdq_ssN2cUL5/recaptcha__en.js https://www.gstatic.com/recaptcha/releases/qljbK_DTcvY1PzbR7IG69z1r/recaptcha__en.js https://www.gstatic.com/recaptcha/releases/YhkYx1k-yvvb8OonJPmOpoJY/recaptcha__en.js https://www.gstatic.com https://www.google.com/; object-src 'self' www.google.com; style-src 'self' 'unsafe-inline' https://service.force.com/embeddedservice/ https://fonts.googleapis.com/css2 https://fonts.googleapis.com/css blob: https://www.google.com https://maps.a.forceusercontent.com; img-src 'self' data: blob: https://dccovid.my.salesforce.com https://dccovid--c.documentforce.com https://img.youtube.com https://i.ytimg.com https://i.vimeocdn.com https://login.salesforce.com/icons/ https://payments.salesforce.com/icons/ https://cdn.content.aws-prod1-useast1.aws.sfdc.cl/icons/ https://cdn.content.aws-dev2-uswest2.aws.sfdc.cl/icons/ https://na215.salesforce.com/icons/ https://www.google.com https://maps.a.forceusercontent.com; media-src 'self' blob: https://www.google.com https://maps.a.forceusercontent.com; frame-ancestors 'self'; frame-src 'self' https://service.force.com/embeddedservice/ https://na215.salesforce.com https://sfdc-link-preview-staging.sfdc.sh https://sfdc-link-preview.hk.salesforce.com https://cdn.embedly.com https://www.youtube.com https://player.vimeo.com https://play.vidyard.com https://player.cloudinary.com https://fast.wistia.net https://players.brightcove.net https://s1.adis.ws https://scormanywhere.secure.force.com https://appiniummastertrial.secure.force.com https://*.c.forceusercontent.com/lightningmaps/ https://*.c.forceusercontent.com https://location.force.com https://dccovid--c.documentforce.com https://www.google.com https://maps.a.forceusercontent.com; font-src 'self' data: https://fonts.gstatic.com/ https://www.google.com https://maps.a.forceusercontent.com; connect-src 'self' https://dccovid.my.salesforce-scrt.com https://www.google.com https://maps.a.forceusercontent.com
Content-Type
text/html;charset=UTF-8
Date
Thu, 28 Sep 2023 16:43:23 GMT
Expires
Wed, 28 Sep 2022 16:43:23 GMT
Last-Modified
Wed, 28 Sep 2022 16:43:23 GMT
Link
</overthecounter/s/sfsites/auraFW/javascript/MlRqRU5YT3pjWFRNenJranFOMWFjQXlMaWFpdmxPSTZWeEo0bWtiN0hsaXcyNDQuMjAuNC0yLjQxLjQ/aura_prod.js>;rel=preload;as=script;nopush,</overthecounter/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22serializationVersion%22%3A%221-244.20.4-2.41.4-b%22%2C%22parts%22%3A%22f%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AloginApp2%22%3A%22PKPZPHTlf8ebFaCfu1dMVw%22%7D%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%22618546923%22%7D/app.js?2=>;rel=preload;as=script;nopush
Referrer-Policy
origin-when-cross-origin
Server-Timing
Total;dur=149
Strict-Transport-Security
max-age=31536000; includeSubDomains
Timing-Allow-Origin
*
Transfer-Encoding
chunked
Vary
Origin, Accept-Encoding
X-Content-Type-Options
nosniff
X-FRAME-OPTIONS
SAMEORIGIN
X-XSS-Protection
1; mode=block
aura_prod.js
dccovid.force.com/overthecounter/s/sfsites/auraFW/javascript/MlRqRU5YT3pjWFRNenJranFOMWFjQXlMaWFpdmxPSTZWeEo0bWtiN0hsaXcyNDQuMjAuNC0yLjQxLjQ/ 		834 KB
261 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dccovid.force.com/overthecounter/s/sfsites/auraFW/javascript/MlRqRU5YT3pjWFRNenJranFOMWFjQXlMaWFpdmxPSTZWeEo0bWtiN0hsaXcyNDQuMjAuNC0yLjQxLjQ/aura_prod.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.61.132.23 Boardman, United States, ASN8987 (AMAZON EXPANSION, IE),
Reverse DNS
dpl1-hio.na215-hio.force.com
Software
/
Resource Hash
41ffc9bd80bc2fd05acc4a7f5244eb8638b493da3f8f8c103ace06e3a608407e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dccovid.force.com/overthecounter/s/login/?language=en_US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Thu, 28 Sep 2023 16:43:23 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Wed, 27 Sep 2023 16:43:23 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server-Timing
Cache-Control
public,max-age=31536000,immutable
Server-Timing
Total;dur=11
Timing-Allow-Origin
*
X-XSS-Protection
1; mode=block
app.js
dccovid.force.com/overthecounter/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22serializationVersion%22%3A%221-244.20.4-2.41.4-b%22%2C%22parts%22%3A%22f%22%2C... 		2 MB
503 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dccovid.force.com/overthecounter/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22serializationVersion%22%3A%221-244.20.4-2.41.4-b%22%2C%22parts%22%3A%22f%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AloginApp2%22%3A%22PKPZPHTlf8ebFaCfu1dMVw%22%7D%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%22618546923%22%7D/app.js?2=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.61.132.23 Boardman, United States, ASN8987 (AMAZON EXPANSION, IE),
Reverse DNS
dpl1-hio.na215-hio.force.com
Software
/
Resource Hash
de6dd2a5a2e28e5c3c6b5f0a7eedce5174d45823973807914942ba5f747cde71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dccovid.force.com/overthecounter/s/login/?language=en_US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Thu, 28 Sep 2023 16:43:23 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Wed, 27 Sep 2023 16:43:23 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public,max-age=31536000,immutable
X-XSS-Protection
1; mode=block
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=explicit&onload=onloadCallback
Requested by
Host: dccovid.force.com
URL: https://dccovid.force.com/overthecounter/s/login/?language=en_US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3108ee121dce6e4c204db3c7c689a273fc4b9ecc381b6f3590d6a08cd4eda484
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dccovid.force.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 16:43:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 28 Sep 2023 16:43:23 GMT
fonts.css
dccovid.force.com/overthecounter/s/sfsites/runtimedownload/ 		298 KB
213 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dccovid.force.com/overthecounter/s/sfsites/runtimedownload/fonts.css?lastMod=1688649247000&brandSet=0bedabc9-2857-4afc-aaa5-dbb20fe946ee
Requested by
Host: dccovid.force.com
URL: https://dccovid.force.com/overthecounter/s/login/?language=en_US
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.61.132.23 Boardman, United States, ASN8987 (AMAZON EXPANSION, IE),
Reverse DNS
dpl1-hio.na215-hio.force.com
Software
/
Resource Hash
1be7a463dc29e2ecb736ac6bc6770798aba19e53bba80a19acc26b0a9847cf08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dccovid.force.com/overthecounter/s/login/?language=en_US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Thu, 28 Sep 2023 16:43:23 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Thu, 06 Jul 2023 13:14:07 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
text/css; charset=utf-8
Cache-Control
public,max-age=31536000
X-XSS-Protection
1; mode=block
Expires
Fri, 27 Sep 2024 16:43:23 GMT
resources.js
dccovid.force.com/overthecounter/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22fwuid%22%3A%22MlRqRU5YT3pjWFRNenJranFOMWFjQXlMaWFpdmxPSTZWeEo0bWtiN0hsaXcyNDQu... 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dccovid.force.com/overthecounter/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22fwuid%22%3A%22MlRqRU5YT3pjWFRNenJranFOMWFjQXlMaWFpdmxPSTZWeEo0bWtiN0hsaXcyNDQuMjAuNC0yLjQxLjQ%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AloginApp2%22%3A%22PKPZPHTlf8ebFaCfu1dMVw%22%7D%2C%22apce%22%3A1%2C%22apck%22%3A%22JHt0aW1lc3RhbXB9MDAwMDAwMDAwMDBlbl9VUw%22%2C%22mlr%22%3A1%2C%22pathPrefix%22%3A%22%2Foverthecounter%22%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%22618546923%22%7D/resources.js?pv=16956451180001349329221&rv=1695338360000
Requested by
Host: dccovid.force.com
URL: https://dccovid.force.com/overthecounter/s/login/?language=en_US
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.61.132.23 Boardman, United States, ASN8987 (AMAZON EXPANSION, IE),
Reverse DNS
dpl1-hio.na215-hio.force.com
Software
/
Resource Hash
0f3c62b7ff3ba363da448c9c4a61c2c7f9f7d6423acaf14047a58e3311952e6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dccovid.force.com/overthecounter/s/login/?language=en_US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Thu, 28 Sep 2023 16:43:23 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Wed, 27 Sep 2023 16:43:23 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
private,max-age=31536000,immutable
X-XSS-Protection
1; mode=block
bootstrap.js
dccovid.force.com/overthecounter/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22fwuid%22%3A%22MlRqRU5YT3pjWFRNenJranFOMWFjQXlMaWFpdmxPSTZWeEo0bWtiN0hsaXcyNDQu... 		631 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dccovid.force.com/overthecounter/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22fwuid%22%3A%22MlRqRU5YT3pjWFRNenJranFOMWFjQXlMaWFpdmxPSTZWeEo0bWtiN0hsaXcyNDQuMjAuNC0yLjQxLjQ%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AloginApp2%22%3A%22PKPZPHTlf8ebFaCfu1dMVw%22%7D%2C%22apce%22%3A1%2C%22apck%22%3A%22JHt0aW1lc3RhbXB9MDAwMDAwMDAwMDBlbl9VUw%22%2C%22mlr%22%3A1%2C%22pathPrefix%22%3A%22%2Foverthecounter%22%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%22618546923%22%7D/bootstrap.js?aura.attributes=%7B%22ac%22%3A%22%22%2C%22authenticated%22%3A%22false%22%2C%22brandingSetId%22%3A%220bedabc9-2857-4afc-aaa5-dbb20fe946ee%22%2C%22formFactor%22%3A%22LARGE%22%2C%22isHybrid%22%3A%22false%22%2C%22language%22%3A%22en_US%22%2C%22pageId%22%3A%22eb1c50e9-c75e-47f6-a3f6-3f1f0c50975c%22%2C%22publishedChangelistNum%22%3A%22107%22%2C%22schema%22%3A%22Published%22%2C%22themeLayoutType%22%3A%22Inner%22%2C%22uds%22%3A%22false%22%2C%22viewType%22%3A%22Published%22%7D
Requested by
Host: dccovid.force.com
URL: https://dccovid.force.com/overthecounter/s/login/?language=en_US
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.61.132.23 Boardman, United States, ASN8987 (AMAZON EXPANSION, IE),
Reverse DNS
dpl1-hio.na215-hio.force.com
Software
/
Resource Hash
d8f418ff9558cdde981ae598c485cb7b21774018cee68ce34e8ad8457863e00e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dccovid.force.com/overthecounter/s/login/?language=en_US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Thu, 28 Sep 2023 16:43:23 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Wed, 28 Sep 2022 16:43:23 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache,must-revalidate,max-age=0,no-store,private
X-XSS-Protection
1; mode=block
Expires
Wed, 28 Sep 2022 16:43:23 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/pxZcVU8Dk73FyvFvdCgp2MSG/ 		461 KB
185 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/pxZcVU8Dk73FyvFvdCgp2MSG/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit&onload=onloadCallback
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e001f660a1c1ebf12cde6a74dc3e6d90a1115c3e3378193e3b7c0d9d357d82ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dccovid.force.com/
Origin
https://dccovid.force.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 12:32:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15072
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
188760
x-xss-protection
0
last-modified
Fri, 22 Sep 2023 04:03:44 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 27 Sep 2024 12:32:11 GMT
app.css
dccovid.force.com/overthecounter/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AloginApp2%22%3A%22P... 		1 MB
128 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dccovid.force.com/overthecounter/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AloginApp2%22%3A%22PKPZPHTlf8ebFaCfu1dMVw%22%7D%2C%22styleContext%22%3A%7B%22c%22%3A%22webkit%22%2C%22x%22%3A%5B%22isDesktop%22%5D%2C%22tokens%22%3A%5B%22markup%3A%2F%2Fforce%3AsldsTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AnapiliAuraTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AneutralTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AserializedTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AcommunityTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AauraDynamicTokens%22%5D%2C%22tuid%22%3A%22k8mdbU_wuib32eUxmhJivg%22%2C%22cuid%22%3A-1302913616%7D%2C%22pathPrefix%22%3A%22%2Foverthecounter%22%7D/app.css?2=&aura.attributes=%7B%22ac%22%3A%22%22%2C%22authenticated%22%3A%22false%22%2C%22brandingSetId%22%3A%220bedabc9-2857-4afc-aaa5-dbb20fe946ee%22%2C%22formFactor%22%3A%22LARGE%22%2C%22isHybrid%22%3A%22false%22%2C%22language%22%3A%22en_US%22%2C%22pageId%22%3A%22eb1c50e9-c75e-47f6-a3f6-3f1f0c50975c%22%2C%22publishedChangelistNum%22%3A%22107%22%2C%22schema%22%3A%22Published%22%2C%22themeLayoutType%22%3A%22Inner%22%2C%22uds%22%3A%22false%22%2C%22viewType%22%3A%22Published%22%7D
Requested by
Host: dccovid.force.com
URL: https://dccovid.force.com/overthecounter/s/login/?language=en_US
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.61.132.23 Boardman, United States, ASN8987 (AMAZON EXPANSION, IE),
Reverse DNS
dpl1-hio.na215-hio.force.com
Software
/
Resource Hash
789e1ef011e295e2dd610be1b55ee9c91cf4b0095feacbcab4b4b87db79d1441
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dccovid.force.com/overthecounter/s/login/?language=en_US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Thu, 28 Sep 2023 16:43:24 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Wed, 27 Sep 2023 16:43:24 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
text/css;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public,max-age=31536000,immutable
X-XSS-Protection
1; mode=block
aura
dccovid.force.com/overthecounter/s/sfsites/ 		326 KB
76 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dccovid.force.com/overthecounter/s/sfsites/aura?message=%7B%22actions%22%3A%5B%7B%22descriptor%22%3A%22serviceComponent%3A%2F%2Fui.comm.runtime.components.aura.components.siteforce.controller.PubliclyCacheableComponentLoaderController%2FACTION%24getPageComponent%22%2C%22callingDescriptor%22%3A%22UNKNOWN%22%2C%22params%22%3A%7B%22attributes%22%3A%7B%22viewId%22%3A%22ba2cb979-8a02-4cb1-86d3-275c57ba4ff7%22%2C%22routeType%22%3A%22login-home%22%2C%22themeLayoutType%22%3A%22Inner%22%2C%22params%22%3A%7B%22language%22%3A%22%22%2C%22viewid%22%3A%2250d1223a-855e-42f7-b735-48bf8eb2326e%22%2C%22view_uddid%22%3A%22%22%2C%22entity_name%22%3A%22%22%2C%22audience_name%22%3A%22%22%2C%22picasso_id%22%3A%22%22%2C%22routeId%22%3A%22%22%7D%2C%22hasAttrVaringCmps%22%3Afalse%2C%22pageLoadType%22%3A%22STANDARD_PAGE_CONTENT%22%2C%22includeLayout%22%3Atrue%2C%22priority%22%3A%220%22%7D%2C%22publishedChangelistNum%22%3A107%2C%22brandingSetId%22%3A%220bedabc9-2857-4afc-aaa5-dbb20fe946ee%22%7D%7D%5D%7D&aura.context=%7B%22mode%22%3A%22PROD%22%2C%22fwuid%22%3A%22MlRqRU5YT3pjWFRNenJranFOMWFjQXlMaWFpdmxPSTZWeEo0bWtiN0hsaXcyNDQuMjAuNC0yLjQxLjQ%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AloginApp2%22%3A%22PKPZPHTlf8ebFaCfu1dMVw%22%7D%2C%22apck%22%3A%22JHt0aW1lc3RhbXB9MDAwMDAwMDAwMDBlbl9VUw%22%2C%22uad%22%3Afalse%7D&aura.isAction=true
Requested by
Host: dccovid.force.com
URL: https://dccovid.force.com/overthecounter/s/sfsites/auraFW/javascript/MlRqRU5YT3pjWFRNenJranFOMWFjQXlMaWFpdmxPSTZWeEo0bWtiN0hsaXcyNDQuMjAuNC0yLjQxLjQ/aura_prod.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.61.132.23 Boardman, United States, ASN8987 (AMAZON EXPANSION, IE),
Reverse DNS
dpl1-hio.na215-hio.force.com
Software
/
Resource Hash
c4cff8ec3c5e19f8cfcf157e83bfb7fa072d29cf550d2c6a930b78f518bb1d74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dccovid.force.com/overthecounter/s/login/?language=en_US
accept-language
de-DE,de;q=0.9
X-SFDC-Page-Scope-Id
b5fd7477-b649-4144-aa96-403bef2c8a86
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Thu, 28 Sep 2023 16:43:25 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Wed, 27 Sep 2023 16:43:25 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
public,max-age=1800
X-XSS-Protection
1; mode=block
Expires
Wed, 28 Sep 2022 16:43:25 GMT
ICP_Banner
dccovid.force.com/overthecounter/s/sfsites/c/file-asset/ 		237 KB
238 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dccovid.force.com/overthecounter/s/sfsites/c/file-asset/ICP_Banner?v=1
Requested by
Host: dccovid.force.com
URL: https://dccovid.force.com/overthecounter/s/login/?language=en_US
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.61.132.23 Boardman, United States, ASN8987 (AMAZON EXPANSION, IE),
Reverse DNS
dpl1-hio.na215-hio.force.com
Software
/
Resource Hash
38da484427911eeda1e4dc54d764673921fc7964c562cf1c52e30bab9d77a9f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dccovid.force.com/overthecounter/s/login/?language=en_US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Thu, 28 Sep 2023 16:43:25 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Fri, 30 Jun 2023 01:42:43 GMT
X-FRAME-OPTIONS
SAMEORIGIN
P3P
CP="CUR OTR STA"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
private,max-age=3888000
Content-Disposition
attachment; filename="ICP_Banner.png"; filename*=utf-8''ICP_Banner.png
Content-Length
242823
X-XSS-Protection
0
Expires
Sun, 12 Nov 2023 16:43:25 GMT
dc_logo_otc_login
dccovid.force.com/overthecounter/file-asset/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dccovid.force.com/overthecounter/file-asset/dc_logo_otc_login?v=1&height=300&width=300
Requested by
Host: dccovid.force.com
URL: https://dccovid.force.com/overthecounter/s/login/?language=en_US
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.61.132.23 Boardman, United States, ASN8987 (AMAZON EXPANSION, IE),
Reverse DNS
dpl1-hio.na215-hio.force.com
Software
/
Resource Hash
29518caea1e5c258ad2d908d660cf40baf6678230d061b107c0848d6fdbe2b22
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dccovid.force.com/overthecounter/s/login/?language=en_US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Thu, 28 Sep 2023 16:43:25 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Thu, 6 Jul 2023 13:11:28 GMT
X-FRAME-OPTIONS
SAMEORIGIN
P3P
CP="CUR OTR STA"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
private,max-age=3888000
Content-Disposition
attachment; filename="dc_logo_otc_login.png"; filename*=utf-8''dc_logo_otc_login.png
Content-Length
15895
X-XSS-Protection
1; mode=block
Expires
Sun, 12 Nov 2023 16:43:25 GMT
truncated
/ 		45 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
336e47855a2634b17ab1e87428f96b51e21a434dca8c8327b47dc0fd2e0d3b51

Request headers

Referer
https://dccovid.force.com/
Origin
https://dccovid.force.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
application/x-font-woff
aura
dccovid.force.com/overthecounter/s/sfsites/ 		9 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dccovid.force.com/overthecounter/s/sfsites/aura?r=1&ui-communities-components-aura-components-forceCommunity-navigationMenu.NavigationMenuDataProvider.getNavigationMenu=2&ui-force-components-controllers-hostConfig.HostConfig.getConfigData=1
Requested by
Host: dccovid.force.com
URL: https://dccovid.force.com/overthecounter/s/sfsites/auraFW/javascript/MlRqRU5YT3pjWFRNenJranFOMWFjQXlMaWFpdmxPSTZWeEo0bWtiN0hsaXcyNDQuMjAuNC0yLjQxLjQ/aura_prod.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.61.132.23 Boardman, United States, ASN8987 (AMAZON EXPANSION, IE),
Reverse DNS
dpl1-hio.na215-hio.force.com
Software
/
Resource Hash
a5f4985e17610a4683c9d08796a8369991b074fe955ee2426d59280f6e6944c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dccovid.force.com/overthecounter/s/login/?language=en_US
accept-language
de-DE,de;q=0.9
X-SFDC-Page-Scope-Id
b5fd7477-b649-4144-aa96-403bef2c8a86
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Thu, 28 Sep 2023 16:43:25 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Wed, 28 Sep 2022 16:43:25 GMT
Content-Encoding
gzip
Vary
Origin, Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/json
Cache-Control
no-cache,must-revalidate,max-age=0,no-store,private
Server-Timing
Total;dur=256
Timing-Allow-Origin
*
X-XSS-Protection
1; mode=block
Expires
Wed, 28 Sep 2022 16:43:25 GMT
aura
dccovid.force.com/overthecounter/s/sfsites/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dccovid.force.com/overthecounter/s/sfsites/aura?r=2&ui-communities-components-aura-components-forceCommunity-seoAssistant.SeoAssistant.getRecordAndTranslationData=1
Requested by
Host: dccovid.force.com
URL: https://dccovid.force.com/overthecounter/s/sfsites/auraFW/javascript/MlRqRU5YT3pjWFRNenJranFOMWFjQXlMaWFpdmxPSTZWeEo0bWtiN0hsaXcyNDQuMjAuNC0yLjQxLjQ/aura_prod.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.61.132.23 Boardman, United States, ASN8987 (AMAZON EXPANSION, IE),
Reverse DNS
dpl1-hio.na215-hio.force.com
Software
/
Resource Hash
be8443e001dd4bd01024bc5f8361c290852cd41d7ec9d12db28e214b532576ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dccovid.force.com/overthecounter/s/login/?language=en_US
accept-language
de-DE,de;q=0.9
X-SFDC-Page-Scope-Id
b5fd7477-b649-4144-aa96-403bef2c8a86
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Thu, 28 Sep 2023 16:43:25 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Wed, 28 Sep 2022 16:43:25 GMT
Content-Encoding
gzip
Vary
Origin, Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/json
Cache-Control
no-cache,must-revalidate,max-age=0,no-store,private
Server-Timing
Total;dur=9
Timing-Allow-Origin
*
X-XSS-Protection
1; mode=block
Expires
Wed, 28 Sep 2022 16:43:25 GMT
DSLogo_Full
dccovid.force.com/overthecounter/resource/1631837323000/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dccovid.force.com/overthecounter/resource/1631837323000/DSLogo_Full
Requested by
Host: dccovid.force.com
URL: https://dccovid.force.com/overthecounter/s/login/?language=en_US
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.61.132.23 Boardman, United States, ASN8987 (AMAZON EXPANSION, IE),
Reverse DNS
dpl1-hio.na215-hio.force.com
Software
/
Resource Hash
2cf3f16fb1e3f27fd4df18fff02990b6d791e579a63233db0e7b5eca0f1319af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dccovid.force.com/overthecounter/s/login/?language=en_US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Thu, 28 Sep 2023 16:43:25 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Fri, 17 Sep 2021 00:08:43 GMT
X-FRAME-OPTIONS
SAMEORIGIN
P3P
CP="CUR OTR STA"
Content-Type
image/png
Cache-Control
public,max-age=3888000,immutable
Content-Length
10380
X-XSS-Protection
1; mode=block
Expires
Sun, 12 Nov 2023 16:43:25 GMT
truncated
/ 		45 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
718b98352fcff4165da6f7df4efb9231c835d9fe5ffb7c38744993adb282c145

Request headers

Referer
https://dccovid.force.com/
Origin
https://dccovid.force.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
application/x-font-woff

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture boolean| grecaptchaReady function| onloadCallback function| verifyCallback function| errorCallback object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| picassoSPA string| comm__attrVariationKey number| pageStartTime object| Aura object| AuraLocker object| AuraLockerDisabled object| $A object| aura function| DOMPurify function| Router function| _moreThenOneCriteria function| _isOnlyValidTokens function| _isNoAmbiguousAndOr function| _checkAmbiguousNum function| _checkParentheses function| _filterValidation function| _validate

6 Cookies

Domain/Path Name / Value
dccovid.force.com/overthecounter/s Name: renderCtx
Value: %7B%22pageId%22%3A%22eb1c50e9-c75e-47f6-a3f6-3f1f0c50975c%22%2C%22schema%22%3A%22Published%22%2C%22viewType%22%3A%22Published%22%2C%22brandingSetId%22%3A%220bedabc9-2857-4afc-aaa5-dbb20fe946ee%22%2C%22audienceIds%22%3A%226Aut0000000KzEw%22%7D
dccovid.force.com/ Name: CookieConsentPolicy
Value: 0:1
dccovid.force.com/ Name: LSKey-c$CookieConsentPolicy
Value: 0:1
dccovid.force.com/ Name: force-stream
Value: !vNFJyGpRon4EQOMyFpKtJI4gDYEPgnn6fWFjS2qEp6j7Wl34M1V359h4676vYXbbqx8CTKzyvE6dCWw=
.force.com/ Name: BrowserId
Value: JRa5WV4eEe6Po8d7Q_Oflg
.force.com/ Name: BrowserId_sec
Value: JRa5WV4eEe6Po8d7Q_Oflg

1 Console Messages

Source Level URL
Text
security warning URL: https://dccovid.force.com/overthecounter/s/sfsites/auraFW/javascript/MlRqRU5YT3pjWFRNenJranFOMWFjQXlMaWFpdmxPSTZWeEo0bWtiN0hsaXcyNDQuMjAuNC0yLjQxLjQ/aura_prod.js(Line 12)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://service.force.com/embeddedservice/ https://cdn.content.aws-dev2-uswest2.aws.sfdc.cl/ https://cdn.content.aws-prod1-useast1.aws.sfdc.cl/ https://payments.salesforce.com/ https://js.stripe.com/ import: blob: https://uip.canary.lwc.dev https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/releases/-TriQeni1Ls-Mdq_ssN2cUL5/recaptcha__en.js https://www.gstatic.com/recaptcha/releases/qljbK_DTcvY1PzbR7IG69z1r/recaptcha__en.js https://www.gstatic.com/recaptcha/releases/YhkYx1k-yvvb8OonJPmOpoJY/recaptcha__en.js https://www.gstatic.com https://www.google.com/; object-src 'self' www.google.com; style-src 'self' 'unsafe-inline' https://service.force.com/embeddedservice/ https://fonts.googleapis.com/css2 https://fonts.googleapis.com/css blob: https://www.google.com https://maps.a.forceusercontent.com; img-src 'self' data: blob: https://dccovid.my.salesforce.com https://dccovid--c.documentforce.com https://img.youtube.com https://i.ytimg.com https://i.vimeocdn.com https://login.salesforce.com/icons/ https://payments.salesforce.com/icons/ https://cdn.content.aws-prod1-useast1.aws.sfdc.cl/icons/ https://cdn.content.aws-dev2-uswest2.aws.sfdc.cl/icons/ https://na215.salesforce.com/icons/ https://www.google.com https://maps.a.forceusercontent.com; media-src 'self' blob: https://www.google.com https://maps.a.forceusercontent.com; frame-ancestors 'self'; frame-src 'self' https://service.force.com/embeddedservice/ https://na215.salesforce.com https://sfdc-link-preview-staging.sfdc.sh https://sfdc-link-preview.hk.salesforce.com https://cdn.embedly.com https://www.youtube.com https://player.vimeo.com https://play.vidyard.com https://player.cloudinary.com https://fast.wistia.net https://players.brightcove.net https://s1.adis.ws https://scormanywhere.secure.force.com https://appiniummastertrial.secure.force.com https://*.c.forceusercontent.com/lightningmaps/ https://*.c.forceusercontent.com https://location.force.com https://dccovid--c.documentforce.com https://www.google.com https://maps.a.forceusercontent.com; font-src 'self' data: https://fonts.gstatic.com/ https://www.google.com https://maps.a.forceusercontent.com; connect-src 'self' https://dccovid.my.salesforce-scrt.com https://www.google.com https://maps.a.forceusercontent.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block