Has been given the clean bill of health here:
https://checkphish.ai/insights/url/1594728051165/8450c7d0a1781248ec8ca843a75aaf64ce455850a5691301a0bb25a2d9821e55#Redirecting to -https://salesoptimizersupport.force.com/login
With blockers ReferenceError: loader is not defined
/jslibrary/LoginHint208.js:23
CSP Evaluated CSP as seen by a browser supporting CSP Version 3
checkupgrade-insecure-requests
errorscript-src [missing]
script-src directive is missing.
expand_more
errorobject-src [missing]
Missing object-src allows the injection of plugins which can execute JavaScript. Can you set it to 'none'?
On source: Javascript 11 (external 5, inline 6)
INLINE: (function() { let alreadyInsertedMetaTag = false function __insertDappDete
1,238 bytes
INLINE: if (self == top) {document.documentElement.style.visibility = 'visible';} else {
249 bytes
INLINE: var SFDCSessionVars={"server":"https:\/\/login.salesforce.com\/login\/sessionser
588 bytes
-salesoptimizersupport.force.com/jslibrary/SfdcSessionBase208.js
-salesoptimizersupport.force.com/jslibrary/LoginHint208.js
INLINE: LoginHint.hideLoginForm();
26 bytes
INLINE: LoginHint.getSavedIdentities(false);
36 bytes
-salesoptimizersupport.force.com/jslibrary/baselogin.js
-salesoptimizersupport.force.com/marketing/survey/survey1/1384
-salesoptimizersupport.force.com/marketing/survey/survey4/1384
INLINE: function handleLogin(){document.login.un.value=document.login.username.value;doc
262 bytes
ONCLICK: /* a#edit.fr small.onclick = */ LoginHint.showEdit();
53 bytes
ONCLICK: /* button#hint_save_edit.button primary fiftyfifty right.onclick = */ LoginHint.
95 bytes
ONCLICK: /* button#hint_back_edit.button secondary fiftyfifty.onclick = */ LoginHint.show
90 bytes
ONCLICK: /* a#clear_link.clearlink.onclick = */ LoginHint.clearExistingIdentity();
73 bytes
ONCLICK: /* button#mydomainContinue.button primary fiftyfifty right.onclick = */ DomainSw
104 bytes
ONCLICK: /* button#hint_back_domain.button secondary fiftyfifty.onclick = */ DomainSwitch
140 bytes
ONCLICK: /* a#use_new_identity.onclick = */ LoginHint.useNewIdentity();
62 bytes
CSS 5 (external 1, inline 4)
salesoptimizersupport.force.com/css/sfdc_210.css
INJECTED
INLINE: html{visibility: hidden;}a{color:#0070d2;}body{background-color:#FFFFFF;}#conten
459 bytes INJECTED
INLINE: html { visibility: hidden; }
30 bytes INJECTED
INLINE: @media print {#ghostery-purple-box {display:none !important}}
61 bytes INJECTED
INLINE: :root #content > #center > .dose > .dosesingle, :root #content > #right > .dose
170 bytes INJECTED
Wait for a final verdict from an avast team member, as they are the only ones to come and unblock,
for now I do not see that particcular page being blocked by avast's. Also Zen Mate blocks zero.
polonus (volunteer 3rd party cold recon website security analyst and website error-hunter)