phishmesupport.secure.force.com
Open in
urlscan Pro
13.108.250.15
Public Scan
Effective URL: https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV
Submission: On November 20 via manual from US
Summary
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on July 5th 2018. Valid for: a year.
This is the only time phishmesupport.secure.force.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2.16.106.113 2.16.106.113 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
16 | 13.108.250.15 13.108.250.15 | 14340 (SALESFORCE) (SALESFORCE - Salesforce.com) | |
1 | 138.201.84.149 138.201.84.149 | 24940 (HETZNER-AS) (HETZNER-AS) | |
17 | 2 |
ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-106-113.deploy.static.akamaitechnologies.com
phishmesupport.force.com |
ASN14340 (SALESFORCE - Salesforce.com, Inc., US)
PTR: dcl5-ord.na46-ord.force.com
phishmesupport.secure.force.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
force.com
1 redirects
phishmesupport.force.com phishmesupport.secure.force.com |
319 KB |
1 |
startus.cc
www.startus.cc |
12 KB |
17 | 2 |
Domain | Requested by | |
---|---|---|
16 | phishmesupport.secure.force.com |
phishmesupport.secure.force.com
|
1 | www.startus.cc |
phishmesupport.secure.force.com
|
1 | phishmesupport.force.com | 1 redirects |
17 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.na46.force.com DigiCert SHA2 Secure Server CA |
2018-07-05 - 2019-12-14 |
a year | crt.sh |
www.startus.cc Let's Encrypt Authority X3 |
2019-11-11 - 2020-02-09 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV
Frame ID: 0EDCC58ECAA79B490B6732BE9AB3B025
Requests: 17 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://phishmesupport.force.com/cts?Id=a1C0H00000A1FpXUAV
HTTP 301
https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://phishmesupport.force.com/cts?Id=a1C0H00000A1FpXUAV
HTTP 301
https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
17 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
/
phishmesupport.secure.force.com/cts/ Redirect Chain
|
52 KB 24 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
stub.js
phishmesupport.secure.force.com/cts/static/111213/js/perf/ |
1 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
3_3_3.Finalorg.ajax4jsf.javascript.AjaxScript
phishmesupport.secure.force.com/cts/faces/a4j/g/ |
73 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SfdcCore.js
phishmesupport.secure.force.com/cts/jslibrary/1548902828222/ui-sfdc-javascript-impl/ |
180 KB 62 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
timetrade_sf1__jQuery_2_2_4
phishmesupport.secure.force.com/cts/resource/1550343548000/ |
84 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
timetrade_sf1__jQueryUIJs
phishmesupport.secure.force.com/cts/resource/1550343547000/ |
222 KB 60 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
timetrade_sf1__TimeZoneJS
phishmesupport.secure.force.com/cts/resource/1550343547000/ |
42 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
picklist4.js
phishmesupport.secure.force.com/cts/static/111213/js/ |
10 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
VFState.js
phishmesupport.secure.force.com/cts/jslibrary/1558397236222/sfdc/ |
6 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
timetrade_sf1__ctsStyleCSS
phishmesupport.secure.force.com/cts/resource/1550343547000/ |
14 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cofense_logo.png
www.startus.cc/sites/default/files/styles/company_profile_logo/public/company_logos/ |
12 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
timetrade_sf1__loadingGif
phishmesupport.secure.force.com/cts/resource/1550343548000/ |
24 KB 25 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
T
phishmesupport.secure.force.com/cts/profilephoto/005/ |
723 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
TimeTrade_SF1__ClickToSchedule
phishmesupport.secure.force.com/cts/ |
88 KB 28 KB |
XHR
text/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
timetrade_sf1__loadingGif
phishmesupport.secure.force.com/cts/resource/1550343548000/ |
24 KB 25 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
T
phishmesupport.secure.force.com/cts/profilephoto/005/ |
723 B 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
TimeTrade_SF1__ClickToSchedule
phishmesupport.secure.force.com/cts/ |
29 KB 22 KB |
XHR
text/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.force.com/ | Name: BrowserId Value: tfLSNQu_Eeqc-ZP31R43ow |
|
.force.com/cts | Name: debug_logs Value: debug_logs |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536004; includeSubDomains |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 0 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
phishmesupport.force.com
phishmesupport.secure.force.com
www.startus.cc
13.108.250.15
138.201.84.149
2.16.106.113
05686500121ad9c946a008a88f2c0b5d4fcfadf50a88e4c5741e6684cceaaa9e
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
1b44913e3f0a704ed5d282fdd7478e195647f9d1da13279631b1583f2831cedb
36dcdde33749e2db422c3f51eea5deb71bea800490d96c2053680bc4c6154b3d
437d2038886132ec8ea2c80542d5e7dc564a3e5f8d46db61ed1ba0e37fa1ddf1
4577d0e8eed11de5085bc3606a5745aaac36a9325700e8d032613ae6e5f0643d
5830f6b53e1ea91abd5de97ef219269702f413575cfe0dd6149712d68d7d61eb
724d434df382ad9714b8df984e7746c2c7832cdfae30eab722b45147138c965c
7da058a4e1bd6368be16eb513d108c61e9016968c859b28bc24ac2629e401773
853a5b7955e180299f3bb9c6716a7d77590898a6f363a80dd15a39bb9c0bbacb
927d34964e1b11236e03d1d3e839d1ae1603284de876ba6e7f94c1c9fade5074
d3e3dafcccafc5882b35d3bc8d7b1df48c7d5a8aec198d58e74fdade840a0569
e2caeb89b440c1260fd3105e4b1474666ee12ae51636e9464a962c9357043cb6
f007e795fc3dcb18580fac89b7d4e182dacadb4c68068e66501cd773fe41902e
f1008b7211c360c50cb3de28889d5c9e092b86c1fc5dbd4b8988a1782e56c167