urlscan.io logo urlscan.io
SecurityTrails logo

fha-gateway.force.com Open in urlscan Pro
96.43.152.39  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://fha-gateway.force.com/nativeadvantage
Effective URL: https://fha-gateway.force.com/nativeadvantage/s/login/?ec=302&startURL=%2Fnativeadvantage%2Fs%2F
Submission: On January 17 via manual from SG — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 12 HTTP transactions. The main IP is 96.43.152.39, located in United States and belongs to SALESFORCE, US. The main domain is fha-gateway.force.com. The Cisco Umbrella rank of the primary domain is 492048.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on June 16th 2022. Valid for: a year.
This is the only time fha-gateway.force.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 14 96.43.152.39 14340 (SALESFORCE)
12 2
Apex Domain
Subdomains		 Transfer
14 force.com
fha-gateway.force.com — Cisco Umbrella Rank: 492048
1 MB
12 1
Domain Requested by
14 fha-gateway.force.com 2 redirects fha-gateway.force.com
12 1

This site contains no links.

Subject Issuer Validity Valid
*.na21.force.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-16 -
2023-06-12		 a year crt.sh

This page contains 1 frames:

Primary Page: https://fha-gateway.force.com/nativeadvantage/s/login/?ec=302&startURL=%2Fnativeadvantage%2Fs%2F
Frame ID: CA202AE5855D4B8F830A14E21907B2C1
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login

Page URL History Show full URLs

  1. https://fha-gateway.force.com/nativeadvantage HTTP 301
    https://fha-gateway.force.com/nativeadvantage/s/ Page URL
  2. https://fha-gateway.force.com/nativeadvantage/s/login?ec=302&startURL=%2Fnativeadvantage%2Fs%2F HTTP 302
    https://fha-gateway.force.com/nativeadvantage/s/login/?ec=302&startURL=%2Fnativeadvantage%2Fs%2F Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Page Statistics

12
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

1126 kB
Transfer

4618 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://fha-gateway.force.com/nativeadvantage HTTP 301
    https://fha-gateway.force.com/nativeadvantage/s/ Page URL
  2. https://fha-gateway.force.com/nativeadvantage/s/login?ec=302&startURL=%2Fnativeadvantage%2Fs%2F HTTP 302
    https://fha-gateway.force.com/nativeadvantage/s/login/?ec=302&startURL=%2Fnativeadvantage%2Fs%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://fha-gateway.force.com/nativeadvantage HTTP 301
  • https://fha-gateway.force.com/nativeadvantage/s/

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
fha-gateway.force.com/nativeadvantage/s/
Redirect Chain
  • https://fha-gateway.force.com/nativeadvantage
  • https://fha-gateway.force.com/nativeadvantage/s/
1 KB
915 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fha-gateway.force.com/nativeadvantage/s/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.43.152.39 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
na21-1-chx.force.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
must-revalidate,no-cache,no-store
Connection
close
Content-Encoding
gzip
Content-Security-Policy
upgrade-insecure-requests
Content-Type
text/html; charset=UTF-8
Referrer-Policy
origin-when-cross-origin
Strict-Transport-Security
max-age=63072000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block

Redirect headers

Cache-Control
no-cache,must-revalidate,max-age=0,no-store,private
Content-Length
0
Content-Security-Policy
upgrade-insecure-requests
Date
Tue, 17 Jan 2023 20:08:26 GMT
Location
https://fha-gateway.force.com/nativeadvantage/s/
Referrer-Policy
origin-when-cross-origin
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Primary Request /
fha-gateway.force.com/nativeadvantage/s/login/
Redirect Chain
  • https://fha-gateway.force.com/nativeadvantage/s/login?ec=302&startURL=%2Fnativeadvantage%2Fs%2F
  • https://fha-gateway.force.com/nativeadvantage/s/login/?ec=302&startURL=%2Fnativeadvantage%2Fs%2F
52 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fha-gateway.force.com/nativeadvantage/s/login/?ec=302&startURL=%2Fnativeadvantage%2Fs%2F
Requested by
Host: fha-gateway.force.com
URL: https://fha-gateway.force.com/nativeadvantage/s/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.43.152.39 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
na21-1-chx.force.com
Software
/
Resource Hash
8c6ef5f61cf9ee024ce681f0f2ff8b88a401e6dba7e67c48c564e424159fc316
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests default-src 'self'; script-src 'self' 'unsafe-eval' 'nonce-pJmeQsDxvZZZi3tga3k5Dpeu0N9Plvj9' https://service.force.com/embeddedservice/ import: blob: https://uip.canary.lwc.dev; object-src 'self' www.google.com; style-src 'self' 'unsafe-inline' https://service.force.com/embeddedservice/ https://fonts.googleapis.com/css2 https://fonts.googleapis.com/css blob: https://fhacatalyst.hud.gov https://s3.us-gov-west-1.amazonaws.com https://api.nativeadvantage.hud.gov; img-src 'self' data: blob: https://hud2.my.salesforce.com https://hud2--c.documentforce.com https://img.youtube.com https://i.ytimg.com https://i.vimeocdn.com https://login.salesforce.com/icons/ https://na21.salesforce.com/icons/ https://fhacatalyst.hud.gov https://s3.us-gov-west-1.amazonaws.com https://api.nativeadvantage.hud.gov; media-src 'self' https://fhacatalyst.hud.gov https://s3.us-gov-west-1.amazonaws.com https://api.nativeadvantage.hud.gov; frame-ancestors 'self'; frame-src 'self' https://service.force.com/embeddedservice/ https://na21.salesforce.com https://sfdc-link-preview-staging.sfdc.sh https://sfdc-link-preview.hk.salesforce.com https://cdn.embedly.com https://www.youtube.com https://player.vimeo.com https://play.vidyard.com https://player.cloudinary.com https://fast.wistia.net https://players.brightcove.net https://s1.adis.ws https://scormanywhere.secure.force.com https://appiniummastertrial.secure.force.com https://*.c.forceusercontent.com/lightningmaps/ https://location.force.com https://fhacatalyst.hud.gov https://s3.us-gov-west-1.amazonaws.com https://api.nativeadvantage.hud.gov; font-src 'self' data: https://fonts.gstatic.com/ https://fhacatalyst.hud.gov https://s3.us-gov-west-1.amazonaws.com https://api.nativeadvantage.hud.gov; connect-src 'self' https://fhacatalyst.hud.gov https://s3.us-gov-west-1.amazonaws.com https://api.nativeadvantage.hud.gov
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fha-gateway.force.com/nativeadvantage/s/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache,must-revalidate,max-age=0,no-store,private
Content-Encoding
gzip
Content-Security-Policy
upgrade-insecure-requests default-src 'self'; script-src 'self' 'unsafe-eval' 'nonce-pJmeQsDxvZZZi3tga3k5Dpeu0N9Plvj9' https://service.force.com/embeddedservice/ import: blob: https://uip.canary.lwc.dev; object-src 'self' www.google.com; style-src 'self' 'unsafe-inline' https://service.force.com/embeddedservice/ https://fonts.googleapis.com/css2 https://fonts.googleapis.com/css blob: https://fhacatalyst.hud.gov https://s3.us-gov-west-1.amazonaws.com https://api.nativeadvantage.hud.gov; img-src 'self' data: blob: https://hud2.my.salesforce.com https://hud2--c.documentforce.com https://img.youtube.com https://i.ytimg.com https://i.vimeocdn.com https://login.salesforce.com/icons/ https://na21.salesforce.com/icons/ https://fhacatalyst.hud.gov https://s3.us-gov-west-1.amazonaws.com https://api.nativeadvantage.hud.gov; media-src 'self' https://fhacatalyst.hud.gov https://s3.us-gov-west-1.amazonaws.com https://api.nativeadvantage.hud.gov; frame-ancestors 'self'; frame-src 'self' https://service.force.com/embeddedservice/ https://na21.salesforce.com https://sfdc-link-preview-staging.sfdc.sh https://sfdc-link-preview.hk.salesforce.com https://cdn.embedly.com https://www.youtube.com https://player.vimeo.com https://play.vidyard.com https://player.cloudinary.com https://fast.wistia.net https://players.brightcove.net https://s1.adis.ws https://scormanywhere.secure.force.com https://appiniummastertrial.secure.force.com https://*.c.forceusercontent.com/lightningmaps/ https://location.force.com https://fhacatalyst.hud.gov https://s3.us-gov-west-1.amazonaws.com https://api.nativeadvantage.hud.gov; font-src 'self' data: https://fonts.gstatic.com/ https://fhacatalyst.hud.gov https://s3.us-gov-west-1.amazonaws.com https://api.nativeadvantage.hud.gov; connect-src 'self' https://fhacatalyst.hud.gov https://s3.us-gov-west-1.amazonaws.com https://api.nativeadvantage.hud.gov
Content-Type
text/html;charset=UTF-8
Date
Tue, 17 Jan 2023 20:08:27 GMT
Expires
Mon, 17 Jan 2022 20:08:27 GMT
Last-Modified
Mon, 17 Jan 2022 20:08:27 GMT
Link
</nativeadvantage/s/sfsites/auraFW/javascript/Vo_clYDmAijdWOzW3-3Mow/aura_prod.js>;rel=preload;as=script;nopush,</nativeadvantage/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22serializationVersion%22%3A%221-240.1.10-2.20.7-b%22%2C%22parts%22%3A%22f%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AloginApp2%22%3A%226cWl6r2qy15opsI7zKnxIA%22%7D%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%22601638718%22%7D/app.js?2=>;rel=preload;as=script;nopush
Referrer-Policy
origin-when-cross-origin
Server-Timing
Total;dur=115
Strict-Transport-Security
max-age=63072000; includeSubDomains
Timing-Allow-Origin
*
Transfer-Encoding
chunked
Vary
Origin, Accept-Encoding
X-Content-Type-Options
nosniff
X-FRAME-OPTIONS
SAMEORIGIN
X-XSS-Protection
1; mode=block

Redirect headers

Cache-Control
no-cache,must-revalidate,max-age=0,no-store,private
Content-Length
0
Content-Security-Policy
upgrade-insecure-requests
Date
Tue, 17 Jan 2023 20:08:27 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://fha-gateway.force.com/nativeadvantage/s/login/?ec=302&startURL=%2Fnativeadvantage%2Fs%2F
Referrer-Policy
origin-when-cross-origin
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
aura_prod.js
fha-gateway.force.com/nativeadvantage/s/sfsites/auraFW/javascript/Vo_clYDmAijdWOzW3-3Mow/ 		798 KB
251 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fha-gateway.force.com/nativeadvantage/s/sfsites/auraFW/javascript/Vo_clYDmAijdWOzW3-3Mow/aura_prod.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.43.152.39 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
na21-1-chx.force.com
Software
/
Resource Hash
10998f4797518f7b81c30f57a99c9c1bd303f542f72ac91b35dd7931f85da84f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fha-gateway.force.com/nativeadvantage/s/login/?ec=302&startURL=%2Fnativeadvantage%2Fs%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Tue, 17 Jan 2023 20:08:27 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Mon, 16 Jan 2023 20:08:27 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server-Timing
Cache-Control
max-age=31536000,public,immutable
Server-Timing
Total;dur=29
Timing-Allow-Origin
*
X-XSS-Protection
1; mode=block
app.js
fha-gateway.force.com/nativeadvantage/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22serializationVersion%22%3A%221-240.1.10-2.20.7-b%22%2C%22parts%22%3A%22f%... 		2 MB
486 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fha-gateway.force.com/nativeadvantage/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22serializationVersion%22%3A%221-240.1.10-2.20.7-b%22%2C%22parts%22%3A%22f%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AloginApp2%22%3A%226cWl6r2qy15opsI7zKnxIA%22%7D%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%22601638718%22%7D/app.js?2=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.43.152.39 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
na21-1-chx.force.com
Software
/
Resource Hash
929cdec7f75893144e7ae7f74dc8d4af649247d3748fc0df1d06ad4c5e02d826
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fha-gateway.force.com/nativeadvantage/s/login/?ec=302&startURL=%2Fnativeadvantage%2Fs%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Tue, 17 Jan 2023 20:08:27 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Mon, 16 Jan 2023 20:08:27 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000,public,immutable
X-XSS-Protection
1; mode=block
fonts.css
fha-gateway.force.com/nativeadvantage/s/sfsites/runtimedownload/ 		179 KB
130 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fha-gateway.force.com/nativeadvantage/s/sfsites/runtimedownload/fonts.css?lastMod=1637371005000&brandSet=a7eb0154-8e6c-4076-88d6-5f3721c49dea
Requested by
Host: fha-gateway.force.com
URL: https://fha-gateway.force.com/nativeadvantage/s/login/?ec=302&startURL=%2Fnativeadvantage%2Fs%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.43.152.39 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
na21-1-chx.force.com
Software
/
Resource Hash
105db994404ace67fee31712322d787b5caa12ce067516eea01cc53892e877d3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fha-gateway.force.com/nativeadvantage/s/login/?ec=302&startURL=%2Fnativeadvantage%2Fs%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Tue, 17 Jan 2023 20:08:27 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Sat, 20 Nov 2021 01:16:45 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
text/css; charset=utf-8
Cache-Control
public,max-age=31536000
X-XSS-Protection
1; mode=block
Expires
Wed, 17 Jan 2024 20:08:27 GMT
resources.js
fha-gateway.force.com/nativeadvantage/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22fwuid%22%3A%22Vo_clYDmAijdWOzW3-3Mow%22%2C%22loaded%22%3A%7B%22APPLICATIO... 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fha-gateway.force.com/nativeadvantage/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22fwuid%22%3A%22Vo_clYDmAijdWOzW3-3Mow%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AloginApp2%22%3A%226cWl6r2qy15opsI7zKnxIA%22%7D%2C%22apce%22%3A1%2C%22apck%22%3A%22fSk_QEVFKd6X37wH2RD9UQ%22%2C%22mlr%22%3A1%2C%22pathPrefix%22%3A%22%2Fnativeadvantage%22%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%22601638718%22%7D/resources.js?pv=16735457320001349713703&rv=1654906349000
Requested by
Host: fha-gateway.force.com
URL: https://fha-gateway.force.com/nativeadvantage/s/login/?ec=302&startURL=%2Fnativeadvantage%2Fs%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.43.152.39 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
na21-1-chx.force.com
Software
/
Resource Hash
952d9b39cac106ee06747330deae01b3b06bfb9495c9d18a9b6ace1055d01936
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fha-gateway.force.com/nativeadvantage/s/login/?ec=302&startURL=%2Fnativeadvantage%2Fs%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Tue, 17 Jan 2023 20:08:27 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Mon, 16 Jan 2023 20:08:27 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000,private,immutable
X-XSS-Protection
1; mode=block
bootstrap.js
fha-gateway.force.com/nativeadvantage/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22fwuid%22%3A%22Vo_clYDmAijdWOzW3-3Mow%22%2C%22loaded%22%3A%7B%22APPLICATIO... 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fha-gateway.force.com/nativeadvantage/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22fwuid%22%3A%22Vo_clYDmAijdWOzW3-3Mow%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AloginApp2%22%3A%226cWl6r2qy15opsI7zKnxIA%22%7D%2C%22apce%22%3A1%2C%22apck%22%3A%22fSk_QEVFKd6X37wH2RD9UQ%22%2C%22mlr%22%3A1%2C%22pathPrefix%22%3A%22%2Fnativeadvantage%22%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%22601638718%22%7D/bootstrap.js?aura.attributes=%7B%22ac%22%3A%22%22%2C%22authenticated%22%3A%22false%22%2C%22brandingSetId%22%3A%22a7eb0154-8e6c-4076-88d6-5f3721c49dea%22%2C%22formFactor%22%3A%22LARGE%22%2C%22isHybrid%22%3A%22false%22%2C%22language%22%3A%22en_US%22%2C%22pageId%22%3A%22a11ebb37-6103-4000-bfc5-50f78ac40450%22%2C%22publishedChangelistNum%22%3A%224%22%2C%22schema%22%3A%22Published%22%2C%22themeLayoutType%22%3A%22Login%22%2C%22viewType%22%3A%22Published%22%7D
Requested by
Host: fha-gateway.force.com
URL: https://fha-gateway.force.com/nativeadvantage/s/login/?ec=302&startURL=%2Fnativeadvantage%2Fs%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.43.152.39 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
na21-1-chx.force.com
Software
/
Resource Hash
d20275ccd42a8cb53c23bb3b01b66cb3a2984462a70f5308715a058a5c36f239
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fha-gateway.force.com/nativeadvantage/s/login/?ec=302&startURL=%2Fnativeadvantage%2Fs%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Tue, 17 Jan 2023 20:08:27 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Mon, 17 Jan 2022 20:08:27 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache,must-revalidate,max-age=0,no-store,private
X-XSS-Protection
1; mode=block
Expires
Mon, 17 Jan 2022 20:08:27 GMT
app.css
fha-gateway.force.com/nativeadvantage/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AloginApp2%22%3... 		982 KB
121 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fha-gateway.force.com/nativeadvantage/s/sfsites/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AloginApp2%22%3A%226cWl6r2qy15opsI7zKnxIA%22%7D%2C%22styleContext%22%3A%7B%22c%22%3A%22webkit%22%2C%22x%22%3A%5B%22isDesktop%22%5D%2C%22tokens%22%3A%5B%22markup%3A%2F%2Fforce%3AsldsTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AnapiliAuraTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AneutralTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AserializedTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AcommunityTokens%22%2C%22markup%3A%2F%2Fsiteforce%3AauraDynamicTokens%22%5D%2C%22tuid%22%3A%22ERqTliWPMmQDv7aImeOlSQ%22%2C%22cuid%22%3A990083984%7D%2C%22pathPrefix%22%3A%22%2Fnativeadvantage%22%7D/app.css?2=&aura.attributes=%7B%22ac%22%3A%22%22%2C%22authenticated%22%3A%22false%22%2C%22brandingSetId%22%3A%22a7eb0154-8e6c-4076-88d6-5f3721c49dea%22%2C%22formFactor%22%3A%22LARGE%22%2C%22isHybrid%22%3A%22false%22%2C%22language%22%3A%22en_US%22%2C%22pageId%22%3A%22a11ebb37-6103-4000-bfc5-50f78ac40450%22%2C%22publishedChangelistNum%22%3A%224%22%2C%22schema%22%3A%22Published%22%2C%22themeLayoutType%22%3A%22Login%22%2C%22viewType%22%3A%22Published%22%7D
Requested by
Host: fha-gateway.force.com
URL: https://fha-gateway.force.com/nativeadvantage/s/login/?ec=302&startURL=%2Fnativeadvantage%2Fs%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.43.152.39 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
na21-1-chx.force.com
Software
/
Resource Hash
7fac1ebd04e0c0179795e98eb5a9beaa815793fe118d8e1a32422367afd17cfc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fha-gateway.force.com/nativeadvantage/s/login/?ec=302&startURL=%2Fnativeadvantage%2Fs%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Tue, 17 Jan 2023 20:08:28 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Mon, 16 Jan 2023 20:08:28 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
text/css;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000,public,immutable
X-XSS-Protection
1; mode=block
aura
fha-gateway.force.com/nativeadvantage/s/sfsites/ 		114 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fha-gateway.force.com/nativeadvantage/s/sfsites/aura?message=%7B%22actions%22%3A%5B%7B%22descriptor%22%3A%22serviceComponent%3A%2F%2Fui.comm.runtime.components.aura.components.siteforce.controller.PubliclyCacheableComponentLoaderController%2FACTION%24getPageComponent%22%2C%22callingDescriptor%22%3A%22UNKNOWN%22%2C%22params%22%3A%7B%22attributes%22%3A%7B%22viewId%22%3A%2290a88d3f-205a-492f-b9fd-f44cbdeda9bc%22%2C%22routeType%22%3A%22login-home%22%2C%22themeLayoutType%22%3A%22Login%22%2C%22params%22%3A%7B%22ec%22%3A%22%22%2C%22startURL%22%3A%22%22%2C%22viewid%22%3A%22bea923d9-c403-4bb2-8b9a-beccde492182%22%2C%22view_uddid%22%3A%22%22%2C%22entity_name%22%3A%22%22%2C%22audience_name%22%3A%22%22%2C%22picasso_id%22%3A%22%22%2C%22routeId%22%3A%22%22%7D%2C%22hasAttrVaringCmps%22%3Afalse%2C%22pageLoadType%22%3A%22STANDARD_PAGE_CONTENT%22%2C%22includeLayout%22%3Atrue%7D%2C%22publishedChangelistNum%22%3A4%2C%22brandingSetId%22%3A%22a7eb0154-8e6c-4076-88d6-5f3721c49dea%22%7D%7D%5D%7D&aura.context=%7B%22mode%22%3A%22PROD%22%2C%22fwuid%22%3A%22Vo_clYDmAijdWOzW3-3Mow%22%2C%22app%22%3A%22siteforce%3AloginApp2%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsiteforce%3AloginApp2%22%3A%226cWl6r2qy15opsI7zKnxIA%22%7D%2C%22apck%22%3A%22fSk_QEVFKd6X37wH2RD9UQ%22%2C%22uad%22%3Afalse%7D&aura.isAction=true
Requested by
Host: fha-gateway.force.com
URL: https://fha-gateway.force.com/nativeadvantage/s/sfsites/auraFW/javascript/Vo_clYDmAijdWOzW3-3Mow/aura_prod.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.43.152.39 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
na21-1-chx.force.com
Software
/
Resource Hash
615828e0ee36acf36fc617f8884d83274cca356a5218134aaef83896cbafba20
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fha-gateway.force.com/nativeadvantage/s/login/?ec=302&startURL=%2Fnativeadvantage%2Fs%2F
accept-language
de-DE,de;q=0.9
X-SFDC-Page-Scope-Id
ab977404-3126-4495-88b1-d94b28ee34ac
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Tue, 17 Jan 2023 20:08:28 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Mon, 16 Jan 2023 20:08:28 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
max-age=1800,public
X-XSS-Protection
1; mode=block
Expires
Mon, 17 Jan 2022 20:08:28 GMT
aura
fha-gateway.force.com/nativeadvantage/s/sfsites/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fha-gateway.force.com/nativeadvantage/s/sfsites/aura?r=1&ui-force-components-controllers-hostConfig.HostConfig.getConfigData=1
Requested by
Host: fha-gateway.force.com
URL: https://fha-gateway.force.com/nativeadvantage/s/sfsites/auraFW/javascript/Vo_clYDmAijdWOzW3-3Mow/aura_prod.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.43.152.39 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
na21-1-chx.force.com
Software
/
Resource Hash
f7fc053bf2befe93a6ca35a615bcbcbe3bf562b7f6f6551e00d396ea11eb6ac9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fha-gateway.force.com/nativeadvantage/s/login/?ec=302&startURL=%2Fnativeadvantage%2Fs%2F
accept-language
de-DE,de;q=0.9
X-SFDC-Page-Scope-Id
ab977404-3126-4495-88b1-d94b28ee34ac
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Tue, 17 Jan 2023 20:08:28 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Mon, 17 Jan 2022 20:08:28 GMT
Content-Encoding
gzip
Vary
Origin, Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/json
Cache-Control
no-cache,must-revalidate,max-age=0,no-store,private
Server-Timing
Total;dur=95
Timing-Allow-Origin
*
X-XSS-Protection
1; mode=block
Expires
Mon, 17 Jan 2022 20:08:28 GMT
aura
fha-gateway.force.com/nativeadvantage/s/sfsites/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fha-gateway.force.com/nativeadvantage/s/sfsites/aura?r=2&other.LightningLoginForm.getForgotPasswordUrl=1&other.LightningLoginForm.getIsSelfRegistrationEnabled=1&other.LightningLoginForm.getIsUsernamePasswordEnabled=1&other.LightningLoginForm.getSelfRegistrationUrl=1&ui-communities-components-aura-components-forceCommunity-richText.RichText.getParsedRichTextValue=1
Requested by
Host: fha-gateway.force.com
URL: https://fha-gateway.force.com/nativeadvantage/s/sfsites/auraFW/javascript/Vo_clYDmAijdWOzW3-3Mow/aura_prod.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.43.152.39 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
na21-1-chx.force.com
Software
/
Resource Hash
a5904d13d6b375983fd2e68e27f4b2988117bbf8b22ec554b03ccbb1b656047b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fha-gateway.force.com/nativeadvantage/s/login/?ec=302&startURL=%2Fnativeadvantage%2Fs%2F
accept-language
de-DE,de;q=0.9
X-SFDC-Page-Scope-Id
ab977404-3126-4495-88b1-d94b28ee34ac
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Tue, 17 Jan 2023 20:08:29 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Mon, 17 Jan 2022 20:08:29 GMT
Content-Encoding
gzip
Vary
Origin, Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/json
Cache-Control
no-cache,must-revalidate,max-age=0,no-store,private
Server-Timing
Total;dur=175
Timing-Allow-Origin
*
X-XSS-Protection
1; mode=block
Expires
Mon, 17 Jan 2022 20:08:29 GMT
truncated
/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
df7de1f609f36bc4f0b8c56c23ffd2dfaa78f3341e479b0a3a8a4c802f6acc80

Request headers

Referer
https://fha-gateway.force.com/
Origin
https://fha-gateway.force.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
application/x-font-woff
truncated
/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a6a5d7cbfec632fa7463ebca7babf4b1971b785cd1a26b596d58b8a831001136

Request headers

Referer
https://fha-gateway.force.com/
Origin
https://fha-gateway.force.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
application/x-font-woff
truncated
/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b7bf040554a97747ad38e592cf42546f448eab1f2f41faebcc5bc8411079324c

Request headers

Referer
https://fha-gateway.force.com/
Origin
https://fha-gateway.force.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
application/x-font-woff
NativeAdvantage_Logo_4c_Preferred
fha-gateway.force.com/nativeadvantage/file-asset/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fha-gateway.force.com/nativeadvantage/file-asset/NativeAdvantage_Logo_4c_Preferred?v=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.43.152.39 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
na21-1-chx.force.com
Software
/
Resource Hash
9d893bd154a391a9c877e2a57d3018cb10b76f553c2024aeba5e22993b15cf37
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fha-gateway.force.com/nativeadvantage/s/login/?ec=302&startURL=%2Fnativeadvantage%2Fs%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Tue, 17 Jan 2023 20:08:29 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Sat, 20 Nov 2021 01:14:01 GMT
X-FRAME-OPTIONS
SAMEORIGIN
P3P
CP="CUR OTR STA"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public,max-age=3888000
Content-Disposition
attachment; filename="NativeAdvantage_Logo_4c_Preferred.png"; filename*=utf-8''NativeAdvantage_Logo_4c_Preferred.png
Content-Length
18769
X-XSS-Protection
1; mode=block
Expires
Fri, 03 Mar 2023 20:08:29 GMT

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange object| picassoSPA string| comm__attrVariationKey number| pageStartTime object| Aura object| AuraLocker object| AuraLockerDisabled object| $A object| aura function| DOMPurify function| Router

6 Cookies

Domain/Path Name / Value
fha-gateway.force.com/nativeadvantage/s Name: renderCtx
Value: %7B%22pageId%22%3A%22a11ebb37-6103-4000-bfc5-50f78ac40450%22%2C%22schema%22%3A%22Published%22%2C%22viewType%22%3A%22Published%22%2C%22brandingSetId%22%3A%22a7eb0154-8e6c-4076-88d6-5f3721c49dea%22%2C%22audienceIds%22%3A%22%22%7D
fha-gateway.force.com/ Name: CookieConsentPolicy
Value: 0:1
fha-gateway.force.com/ Name: LSKey-c$CookieConsentPolicy
Value: 0:1
.force.com/ Name: BrowserId
Value: s-1f6paiEe2pBFvVdpujDw
.force.com/ Name: BrowserId_sec
Value: s-1f6paiEe2pBFvVdpujDw
fha-gateway.force.com/ Name: force-stream
Value: !zldKrJ35o4rT+ws1g8G50QppnTb7NbxqHOlkmdRCwTXdb2/YAMNna8/WZI5xPj8DjgeDIK15tPBT8Q==

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block