Submitted URL: http://phishmesupport.force.com/cts?Id=a1C0H00000A1FpXUAV
Effective URL: https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV
Submission: On November 20 via manual from US

Summary

This website contacted 2 IPs in 3 countries across 2 domains to perform 17 HTTP transactions. The main IP is 13.108.250.15, located in United States and belongs to SALESFORCE - Salesforce.com, Inc., US. The main domain is phishmesupport.secure.force.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on July 5th 2018. Valid for: a year.
This is the only time phishmesupport.secure.force.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2.16.106.113 20940 (AKAMAI-ASN1)
16 13.108.250.15 14340 (SALESFORCE)
1 138.201.84.149 24940 (HETZNER-AS)
17 2
Apex Domain
Subdomains
Transfer
17 force.com
phishmesupport.force.com
phishmesupport.secure.force.com
319 KB
1 startus.cc
www.startus.cc
12 KB
17 2
Domain Requested by
16 phishmesupport.secure.force.com phishmesupport.secure.force.com
1 www.startus.cc phishmesupport.secure.force.com
1 phishmesupport.force.com 1 redirects
17 3

This site contains no links.

Subject Issuer Validity Valid
*.na46.force.com
DigiCert SHA2 Secure Server CA
2018-07-05 -
2019-12-14
a year crt.sh
www.startus.cc
Let's Encrypt Authority X3
2019-11-11 -
2020-02-09
3 months crt.sh

This page contains 1 frames:

Primary Page: https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV
Frame ID: 0EDCC58ECAA79B490B6732BE9AB3B025
Requests: 17 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://phishmesupport.force.com/cts?Id=a1C0H00000A1FpXUAV HTTP 301
    https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV Page URL

Page Statistics

17
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

2
IPs

3
Countries

331 kB
Transfer

862 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://phishmesupport.force.com/cts?Id=a1C0H00000A1FpXUAV HTTP 301
    https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set /
phishmesupport.secure.force.com/cts/
Redirect Chain
  • http://phishmesupport.force.com/cts?Id=a1C0H00000A1FpXUAV
  • https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV
52 KB
24 KB
Document
General
Full URL
https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.108.250.15 , United States, ASN14340 (SALESFORCE - Salesforce.com, Inc., US),
Reverse DNS
dcl5-ord.na46-ord.force.com
Software
/ Salesforce.com ApexPages
Resource Hash
4577d0e8eed11de5085bc3606a5745aaac36a9325700e8d032613ae6e5f0643d
Security Headers
Name Value
Strict-Transport-Security max-age=31536004; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Host
phishmesupport.secure.force.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Wed, 20 Nov 2019 18:01:00 GMT
Strict-Transport-Security
max-age=31536004; includeSubDomains
Public-Key-Pins-Report-Only
pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/00DA0000000HcQDm";
Expect-CT
max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/00DA0000000HcQDm"
Cache-Control
no-cache,must-revalidate,max-age=0,no-store,private
Set-Cookie
BrowserId=tfLSNQu_Eeqc-ZP31R43ow;Path=/;Domain=.force.com;Expires=Sun, 19-Jan-2020 18:01:00 GMT;Max-Age=5184000
Expires
Thu, 01 Jan 1970 00:00:00 GMT
X-Powered-By
Salesforce.com ApexPages
P3P
CP="CUR OTR STA"
X-XSS-Protection
0
X-FRAME-OPTIONS
SAMEORIGIN
Content-Type
text/html;charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Transfer-Encoding
chunked

Redirect headers

Cache-Control
no-cache,must-revalidate,max-age=0,no-store,private
Location
https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
0
Date
Wed, 20 Nov 2019 18:01:00 GMT
Connection
keep-alive
stub.js
phishmesupport.secure.force.com/cts/static/111213/js/perf/
1 KB
1 KB
Script
General
Full URL
https://phishmesupport.secure.force.com/cts/static/111213/js/perf/stub.js
Requested by
Host: phishmesupport.secure.force.com
URL: https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.108.250.15 , United States, ASN14340 (SALESFORCE - Salesforce.com, Inc., US),
Reverse DNS
dcl5-ord.na46-ord.force.com
Software
/
Resource Hash
5830f6b53e1ea91abd5de97ef219269702f413575cfe0dd6149712d68d7d61eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536004; includeSubDomains

Request headers

Referer
https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Wed, 20 Nov 2019 16:44:13 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Dec 2014 19:28:42 GMT
Age
4609
Expect-CT
max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/00DA0000000HcQDm"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=10368000
Public-Key-Pins-Report-Only
pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/00DA0000000HcQDm";
Strict-Transport-Security
max-age=31536004; includeSubDomains
Accept-Ranges
bytes
Content-Length
618
Expires
Thu, 19 Mar 2020 16:44:13 GMT
3_3_3.Finalorg.ajax4jsf.javascript.AjaxScript
phishmesupport.secure.force.com/cts/faces/a4j/g/
73 KB
20 KB
Script
General
Full URL
https://phishmesupport.secure.force.com/cts/faces/a4j/g/3_3_3.Finalorg.ajax4jsf.javascript.AjaxScript?rel=1573681730000
Requested by
Host: phishmesupport.secure.force.com
URL: https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.108.250.15 , United States, ASN14340 (SALESFORCE - Salesforce.com, Inc., US),
Reverse DNS
dcl5-ord.na46-ord.force.com
Software
/
Resource Hash
e2caeb89b440c1260fd3105e4b1474666ee12ae51636e9464a962c9357043cb6
Security Headers
Name Value
Strict-Transport-Security max-age=31536004; includeSubDomains

Request headers

Referer
https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Wed, 20 Nov 2019 18:01:02 GMT
Content-Encoding
gzip
Last-Modified
Fri, 15 Nov 2019 06:48:38 GMT
Expect-CT
max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/00DA0000000HcQDm"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
private,max-age=3888000
Transfer-Encoding
chunked
Public-Key-Pins-Report-Only
pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/00DA0000000HcQDm";
Strict-Transport-Security
max-age=31536004; includeSubDomains
Expires
Sat, 04 Jan 2020 18:01:02 GMT
SfdcCore.js
phishmesupport.secure.force.com/cts/jslibrary/1548902828222/ui-sfdc-javascript-impl/
180 KB
62 KB
Script
General
Full URL
https://phishmesupport.secure.force.com/cts/jslibrary/1548902828222/ui-sfdc-javascript-impl/SfdcCore.js
Requested by
Host: phishmesupport.secure.force.com
URL: https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.108.250.15 , United States, ASN14340 (SALESFORCE - Salesforce.com, Inc., US),
Reverse DNS
dcl5-ord.na46-ord.force.com
Software
/
Resource Hash
724d434df382ad9714b8df984e7746c2c7832cdfae30eab722b45147138c965c
Security Headers
Name Value
Strict-Transport-Security max-age=31536004; includeSubDomains

Request headers

Referer
https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Wed, 20 Nov 2019 18:01:02 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Nov 2019 22:28:24 GMT
Expect-CT
max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/00DA0000000HcQDm"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=10368000
Transfer-Encoding
chunked
Public-Key-Pins-Report-Only
pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/00DA0000000HcQDm";
Strict-Transport-Security
max-age=31536004; includeSubDomains
Accept-Ranges
bytes
Expires
Thu, 19 Mar 2020 18:01:02 GMT
timetrade_sf1__jQuery_2_2_4
phishmesupport.secure.force.com/cts/resource/1550343548000/
84 KB
30 KB
Script
General
Full URL
https://phishmesupport.secure.force.com/cts/resource/1550343548000/timetrade_sf1__jQuery_2_2_4
Requested by
Host: phishmesupport.secure.force.com
URL: https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.108.250.15 , United States, ASN14340 (SALESFORCE - Salesforce.com, Inc., US),
Reverse DNS
dcl5-ord.na46-ord.force.com
Software
/
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536004; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Wed, 20 Nov 2019 18:01:02 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Sat, 16 Feb 2019 18:59:08 GMT
Expect-CT
max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/00DA0000000HcQDm"
X-FRAME-OPTIONS
SAMEORIGIN
P3P
CP="CUR OTR STA"
Cache-Control
public,max-age=3888000,immutable
Transfer-Encoding
chunked
Public-Key-Pins-Report-Only
pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/00DA0000000HcQDm";
Strict-Transport-Security
max-age=31536004; includeSubDomains
Content-Type
application/javascript
X-XSS-Protection
0
Expires
Sat, 04 Jan 2020 18:01:02 GMT
timetrade_sf1__jQueryUIJs
phishmesupport.secure.force.com/cts/resource/1550343547000/
222 KB
60 KB
Script
General
Full URL
https://phishmesupport.secure.force.com/cts/resource/1550343547000/timetrade_sf1__jQueryUIJs
Requested by
Host: phishmesupport.secure.force.com
URL: https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.108.250.15 , United States, ASN14340 (SALESFORCE - Salesforce.com, Inc., US),
Reverse DNS
dcl5-ord.na46-ord.force.com
Software
/
Resource Hash
853a5b7955e180299f3bb9c6716a7d77590898a6f363a80dd15a39bb9c0bbacb
Security Headers
Name Value
Strict-Transport-Security max-age=31536004; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Wed, 20 Nov 2019 18:01:02 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Sat, 16 Feb 2019 18:59:07 GMT
Expect-CT
max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/00DA0000000HcQDm"
X-FRAME-OPTIONS
SAMEORIGIN
P3P
CP="CUR OTR STA"
Cache-Control
public,max-age=3888000,immutable
Transfer-Encoding
chunked
Public-Key-Pins-Report-Only
pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/00DA0000000HcQDm";
Strict-Transport-Security
max-age=31536004; includeSubDomains
Content-Type
application/javascript
X-XSS-Protection
0
Expires
Sat, 04 Jan 2020 18:01:02 GMT
timetrade_sf1__TimeZoneJS
phishmesupport.secure.force.com/cts/resource/1550343547000/
42 KB
8 KB
Script
General
Full URL
https://phishmesupport.secure.force.com/cts/resource/1550343547000/timetrade_sf1__TimeZoneJS
Requested by
Host: phishmesupport.secure.force.com
URL: https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.108.250.15 , United States, ASN14340 (SALESFORCE - Salesforce.com, Inc., US),
Reverse DNS
dcl5-ord.na46-ord.force.com
Software
/
Resource Hash
36dcdde33749e2db422c3f51eea5deb71bea800490d96c2053680bc4c6154b3d
Security Headers
Name Value
Strict-Transport-Security max-age=31536004; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Wed, 20 Nov 2019 18:01:02 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Sat, 16 Feb 2019 18:59:07 GMT
Expect-CT
max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/00DA0000000HcQDm"
X-FRAME-OPTIONS
SAMEORIGIN
P3P
CP="CUR OTR STA"
Cache-Control
public,max-age=3888000,immutable
Transfer-Encoding
chunked
Public-Key-Pins-Report-Only
pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/00DA0000000HcQDm";
Strict-Transport-Security
max-age=31536004; includeSubDomains
Content-Type
application/javascript
X-XSS-Protection
0
Expires
Sat, 04 Jan 2020 18:01:02 GMT
picklist4.js
phishmesupport.secure.force.com/cts/static/111213/js/
10 KB
4 KB
Script
General
Full URL
https://phishmesupport.secure.force.com/cts/static/111213/js/picklist4.js
Requested by
Host: phishmesupport.secure.force.com
URL: https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.108.250.15 , United States, ASN14340 (SALESFORCE - Salesforce.com, Inc., US),
Reverse DNS
dcl5-ord.na46-ord.force.com
Software
/
Resource Hash
7da058a4e1bd6368be16eb513d108c61e9016968c859b28bc24ac2629e401773
Security Headers
Name Value
Strict-Transport-Security max-age=31536004; includeSubDomains

Request headers

Referer
https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Wed, 20 Nov 2019 18:01:02 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Sep 2018 01:08:08 GMT
Expect-CT
max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/00DA0000000HcQDm"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=10368000
Transfer-Encoding
chunked
Public-Key-Pins-Report-Only
pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/00DA0000000HcQDm";
Strict-Transport-Security
max-age=31536004; includeSubDomains
Accept-Ranges
bytes
Expires
Thu, 19 Mar 2020 18:01:02 GMT
VFState.js
phishmesupport.secure.force.com/cts/jslibrary/1558397236222/sfdc/
6 KB
3 KB
Script
General
Full URL
https://phishmesupport.secure.force.com/cts/jslibrary/1558397236222/sfdc/VFState.js
Requested by
Host: phishmesupport.secure.force.com
URL: https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.108.250.15 , United States, ASN14340 (SALESFORCE - Salesforce.com, Inc., US),
Reverse DNS
dcl5-ord.na46-ord.force.com
Software
/
Resource Hash
f007e795fc3dcb18580fac89b7d4e182dacadb4c68068e66501cd773fe41902e
Security Headers
Name Value
Strict-Transport-Security max-age=31536004; includeSubDomains

Request headers

Referer
https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Wed, 20 Nov 2019 18:01:02 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Nov 2019 22:28:24 GMT
Expect-CT
max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/00DA0000000HcQDm"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=10368000
Transfer-Encoding
chunked
Public-Key-Pins-Report-Only
pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/00DA0000000HcQDm";
Strict-Transport-Security
max-age=31536004; includeSubDomains
Accept-Ranges
bytes
Expires
Thu, 19 Mar 2020 18:01:02 GMT
timetrade_sf1__ctsStyleCSS
phishmesupport.secure.force.com/cts/resource/1550343547000/
14 KB
4 KB
Stylesheet
General
Full URL
https://phishmesupport.secure.force.com/cts/resource/1550343547000/timetrade_sf1__ctsStyleCSS
Requested by
Host: phishmesupport.secure.force.com
URL: https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.108.250.15 , United States, ASN14340 (SALESFORCE - Salesforce.com, Inc., US),
Reverse DNS
dcl5-ord.na46-ord.force.com
Software
/
Resource Hash
d3e3dafcccafc5882b35d3bc8d7b1df48c7d5a8aec198d58e74fdade840a0569
Security Headers
Name Value
Strict-Transport-Security max-age=31536004; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Wed, 20 Nov 2019 18:01:02 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Sat, 16 Feb 2019 18:59:07 GMT
Expect-CT
max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/00DA0000000HcQDm"
X-FRAME-OPTIONS
SAMEORIGIN
P3P
CP="CUR OTR STA"
Cache-Control
public,max-age=3888000,immutable
Transfer-Encoding
chunked
Public-Key-Pins-Report-Only
pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/00DA0000000HcQDm";
Strict-Transport-Security
max-age=31536004; includeSubDomains
Content-Type
text/css
X-XSS-Protection
0
Expires
Sat, 04 Jan 2020 18:01:02 GMT
cofense_logo.png
www.startus.cc/sites/default/files/styles/company_profile_logo/public/company_logos/
12 KB
12 KB
Image
General
Full URL
https://www.startus.cc/sites/default/files/styles/company_profile_logo/public/company_logos/cofense_logo.png?itok=CGpxBelQ
Requested by
Host: phishmesupport.secure.force.com
URL: https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.84.149 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
app14.epiqo.com
Software
nginx /
Resource Hash
437d2038886132ec8ea2c80542d5e7dc564a3e5f8d46db61ed1ba0e37fa1ddf1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Wed, 20 Nov 2019 18:01:02 GMT
via
1.1 varnish (Varnish/6.1)
x-content-type-options
nosniff
last-modified
Mon, 23 Sep 2019 13:25:01 GMT
server
nginx
age
187223
etag
"5d88c7ad-2ea2"
content-type
image/png
status
200
cache-control
max-age=604800
x-varnish
9455990 7227196
accept-ranges
bytes
content-length
11938
x-xss-protection
1; mode=block
expires
Mon, 25 Nov 2019 14:00:38 GMT
timetrade_sf1__loadingGif
phishmesupport.secure.force.com/cts/resource/1550343548000/
24 KB
25 KB
Image
General
Full URL
https://phishmesupport.secure.force.com/cts/resource/1550343548000/timetrade_sf1__loadingGif
Requested by
Host: phishmesupport.secure.force.com
URL: https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.108.250.15 , United States, ASN14340 (SALESFORCE - Salesforce.com, Inc., US),
Reverse DNS
dcl5-ord.na46-ord.force.com
Software
/
Resource Hash
1b44913e3f0a704ed5d282fdd7478e195647f9d1da13279631b1583f2831cedb
Security Headers
Name Value
Strict-Transport-Security max-age=31536004; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Wed, 20 Nov 2019 18:01:02 GMT
Last-Modified
Sat, 16 Feb 2019 18:59:08 GMT
Expect-CT
max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/00DA0000000HcQDm"
X-FRAME-OPTIONS
SAMEORIGIN
P3P
CP="CUR OTR STA"
Cache-Control
public,max-age=3888000,immutable
Public-Key-Pins-Report-Only
pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/00DA0000000HcQDm";
Strict-Transport-Security
max-age=31536004; includeSubDomains
Content-Type
image/gif
Content-Length
24854
X-XSS-Protection
0
Expires
Sat, 04 Jan 2020 18:01:02 GMT
T
phishmesupport.secure.force.com/cts/profilephoto/005/
723 B
1 KB
Image
General
Full URL
https://phishmesupport.secure.force.com/cts/profilephoto/005/T
Requested by
Host: phishmesupport.secure.force.com
URL: https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.108.250.15 , United States, ASN14340 (SALESFORCE - Salesforce.com, Inc., US),
Reverse DNS
dcl5-ord.na46-ord.force.com
Software
/
Resource Hash
05686500121ad9c946a008a88f2c0b5d4fcfadf50a88e4c5741e6684cceaaa9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536004; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Wed, 20 Nov 2019 18:01:02 GMT
Last-Modified
Sun, 30 Jun 2019 16:00:26 GMT
Expect-CT
max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/00DA0000000HcQDm"
X-FRAME-OPTIONS
SAMEORIGIN
P3P
CP="CUR OTR STA"
Cache-Control
public,max-age=3888000
Public-Key-Pins-Report-Only
pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/00DA0000000HcQDm";
Strict-Transport-Security
max-age=31536004; includeSubDomains
Content-Type
image/png
Content-Length
723
X-XSS-Protection
0
Expires
Sat, 04 Jan 2020 18:01:02 GMT
TimeTrade_SF1__ClickToSchedule
phishmesupport.secure.force.com/cts/
88 KB
28 KB
XHR
General
Full URL
https://phishmesupport.secure.force.com/cts/TimeTrade_SF1__ClickToSchedule
Requested by
Host: phishmesupport.secure.force.com
URL: https://phishmesupport.secure.force.com/cts/faces/a4j/g/3_3_3.Finalorg.ajax4jsf.javascript.AjaxScript?rel=1573681730000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.108.250.15 , United States, ASN14340 (SALESFORCE - Salesforce.com, Inc., US),
Reverse DNS
dcl5-ord.na46-ord.force.com
Software
/ Salesforce.com ApexPages
Resource Hash
f1008b7211c360c50cb3de28889d5c9e092b86c1fc5dbd4b8988a1782e56c167
Security Headers
Name Value
Strict-Transport-Security max-age=31536004; includeSubDomains

Request headers

Referer
https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV
Origin
https://phishmesupport.secure.force.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Wed, 20 Nov 2019 18:01:03 GMT
Content-Encoding
gzip
Ajax-Response
true
X-Powered-By
Salesforce.com ApexPages
Expect-CT
max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/00DA0000000HcQDm"
Vary
Accept-Encoding
P3P
CP="CUR OTR STA"
Cache-Control
no-cache,must-revalidate,max-age=0,no-store,private
Transfer-Encoding
chunked
Public-Key-Pins-Report-Only
pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/00DA0000000HcQDm";
Strict-Transport-Security
max-age=31536004; includeSubDomains
Content-Type
text/xml;charset=UTF-8
Expires
Thu, 01 Jan 1970 00:00:00 GMT
timetrade_sf1__loadingGif
phishmesupport.secure.force.com/cts/resource/1550343548000/
24 KB
25 KB
Image
General
Full URL
https://phishmesupport.secure.force.com/cts/resource/1550343548000/timetrade_sf1__loadingGif
Requested by
Host: phishmesupport.secure.force.com
URL: https://phishmesupport.secure.force.com/cts/faces/a4j/g/3_3_3.Finalorg.ajax4jsf.javascript.AjaxScript?rel=1573681730000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.108.250.15 , United States, ASN14340 (SALESFORCE - Salesforce.com, Inc., US),
Reverse DNS
dcl5-ord.na46-ord.force.com
Software
/
Resource Hash
1b44913e3f0a704ed5d282fdd7478e195647f9d1da13279631b1583f2831cedb
Security Headers
Name Value
Strict-Transport-Security max-age=31536004; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Wed, 20 Nov 2019 16:44:13 GMT
Last-Modified
Sat, 16 Feb 2019 18:59:08 GMT
Age
4612
Expect-CT
max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/00DA0000000HcQDm"
X-FRAME-OPTIONS
SAMEORIGIN
P3P
CP="CUR OTR STA"
Cache-Control
public,max-age=3888000,immutable
Public-Key-Pins-Report-Only
pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/00DA0000000HcQDm";
Strict-Transport-Security
max-age=31536004; includeSubDomains
Content-Type
image/gif
Content-Length
24854
X-XSS-Protection
0
Expires
Sat, 04 Jan 2020 16:44:13 GMT
T
phishmesupport.secure.force.com/cts/profilephoto/005/
723 B
2 KB
Image
General
Full URL
https://phishmesupport.secure.force.com/cts/profilephoto/005/T
Requested by
Host: phishmesupport.secure.force.com
URL: https://phishmesupport.secure.force.com/cts/faces/a4j/g/3_3_3.Finalorg.ajax4jsf.javascript.AjaxScript?rel=1573681730000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.108.250.15 , United States, ASN14340 (SALESFORCE - Salesforce.com, Inc., US),
Reverse DNS
dcl5-ord.na46-ord.force.com
Software
/
Resource Hash
05686500121ad9c946a008a88f2c0b5d4fcfadf50a88e4c5741e6684cceaaa9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536004; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Wed, 20 Nov 2019 18:01:05 GMT
Last-Modified
Sun, 30 Jun 2019 16:00:26 GMT
Expect-CT
max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/00DA0000000HcQDm"
X-FRAME-OPTIONS
SAMEORIGIN
P3P
CP="CUR OTR STA"
Cache-Control
public,max-age=3888000
Public-Key-Pins-Report-Only
pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/00DA0000000HcQDm";
Strict-Transport-Security
max-age=31536004; includeSubDomains
Content-Type
image/png
Content-Length
723
X-XSS-Protection
0
Expires
Sat, 04 Jan 2020 18:01:05 GMT
TimeTrade_SF1__ClickToSchedule
phishmesupport.secure.force.com/cts/
29 KB
22 KB
XHR
General
Full URL
https://phishmesupport.secure.force.com/cts/TimeTrade_SF1__ClickToSchedule
Requested by
Host: phishmesupport.secure.force.com
URL: https://phishmesupport.secure.force.com/cts/faces/a4j/g/3_3_3.Finalorg.ajax4jsf.javascript.AjaxScript?rel=1573681730000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.108.250.15 , United States, ASN14340 (SALESFORCE - Salesforce.com, Inc., US),
Reverse DNS
dcl5-ord.na46-ord.force.com
Software
/ Salesforce.com ApexPages
Resource Hash
927d34964e1b11236e03d1d3e839d1ae1603284de876ba6e7f94c1c9fade5074
Security Headers
Name Value
Strict-Transport-Security max-age=31536004; includeSubDomains

Request headers

Referer
https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV
Origin
https://phishmesupport.secure.force.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Wed, 20 Nov 2019 18:01:05 GMT
Content-Encoding
gzip
Ajax-Response
true
X-Powered-By
Salesforce.com ApexPages
Expect-CT
max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/00DA0000000HcQDm"
Vary
Accept-Encoding
P3P
CP="CUR OTR STA"
Cache-Control
no-cache,must-revalidate,max-age=0,no-store,private
Transfer-Encoding
chunked
Public-Key-Pins-Report-Only
pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/00DA0000000HcQDm";
Strict-Transport-Security
max-age=31536004; includeSubDomains
Content-Type
text/xml;charset=UTF-8
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Domain/Path Name / Value
.force.com/ Name: BrowserId
Value: tfLSNQu_Eeqc-ZP31R43ow
.force.com/cts Name: debug_logs
Value: debug_logs

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536004; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0