phishmesupport.secure.force.com Open in urlscan Pro
13.108.250.15 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://phishmesupport.force.com/cts?Id=a1C0H00000A1FpXUAV
Effective URL:
https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV
Submission: On November 20 via manual (November 20th 2019, 6:01:18 pm UTC) from US

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 3 countries across 2 domains to perform 17 HTTP transactions. The main IP is 13.108.250.15, located in United States and belongs to SALESFORCE - Salesforce.com, Inc., US. The main domain is phishmesupport.secure.force.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on July 5th 2018. Valid for: a year.

This is the only time phishmesupport.secure.force.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2.16.106.113 2.16.106.113	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
16	13.108.250.15 13.108.250.15	14340 (SALESFORCE) (SALESFORCE - Salesforce.com)
1	138.201.84.149 138.201.84.149	24940 (HETZNER-AS) (HETZNER-AS)
17	2

1 2.16.106.113 (Ascension Island) 1 redirects

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-106-113.deploy.static.akamaitechnologies.com

phishmesupport.force.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 13.108.250.15 (United States)

ASN14340 (SALESFORCE - Salesforce.com, Inc., US)
PTR: dcl5-ord.na46-ord.force.com

phishmesupport.secure.force.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.84.149 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: app14.epiqo.com

www.startus.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	force.com 1 redirects phishmesupport.force.com phishmesupport.secure.force.com	319 KB
1	startus.cc www.startus.cc	12 KB
17	2

	Domain	Requested by
16	phishmesupport.secure.force.com	phishmesupport.secure.force.com
1	www.startus.cc	phishmesupport.secure.force.com
1	phishmesupport.force.com	1 redirects
17	3

This site contains no links.

Subject Issuer	Validity	Valid
*.na46.force.com DigiCert SHA2 Secure Server CA	`2018-07-05` - `2019-12-14`	a year	crt.sh
www.startus.cc Let's Encrypt Authority X3	`2019-11-11` - `2020-02-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV
Frame ID: 0EDCC58ECAA79B490B6732BE9AB3B025
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://phishmesupport.force.com/cts?Id=a1C0H00000A1FpXUAV HTTP 301
https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV Page URL

Page Statistics

17
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

2
IPs

3
Countries

331 kB
Transfer

862 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://phishmesupport.force.com/cts?Id=a1C0H00000A1FpXUAV HTTP 301
https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
phishmesupport.secure.force.com/cts/
Redirect Chain

http://phishmesupport.force.com/cts?Id=a1C0H00000A1FpXUAV
https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV

52 KB
24 KB

2226ms
1677ms

Document
text/html

13.108.250.15
Salesforce.com

General

Check archive.org

Show headers Download Go to

Full URL

https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.108.250.15 , United States, ASN14340 (SALESFORCE - Salesforce.com, Inc., US),

Reverse DNS

dcl5-ord.na46-ord.force.com

Software

/ Salesforce.com ApexPages

Resource Hash

4577d0e8eed11de5085bc3606a5745aaac36a9325700e8d032613ae6e5f0643d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536004; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Host: phishmesupport.secure.force.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Wed, 20 Nov 2019 18:01:00 GMT
Strict-Transport-Security: max-age=31536004; includeSubDomains
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/00DA0000000HcQDm";
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/00DA0000000HcQDm"
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Set-Cookie: BrowserId=tfLSNQu_Eeqc-ZP31R43ow;Path=/;Domain=.force.com;Expires=Sun, 19-Jan-2020 18:01:00 GMT;Max-Age=5184000
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-Powered-By: Salesforce.com ApexPages
P3P: CP="CUR OTR STA"
X-XSS-Protection: 0
X-FRAME-OPTIONS: SAMEORIGIN
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked

Redirect headers

Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Location: https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 0
Date: Wed, 20 Nov 2019 18:01:00 GMT
Connection: keep-alive

GET
H/1.1 200
OK stub.js Show response
phishmesupport.secure.force.com/cts/static/111213/js/perf/ 1 KB
1 KB 359ms
119ms Script
application/x-javascript 13.108.250.15
Salesforce.com

General

Check archive.org

Show headers Download Go to

Full URL

https://phishmesupport.secure.force.com/cts/static/111213/js/perf/stub.js

Requested by

Host: phishmesupport.secure.force.com
URL: https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.108.250.15 , United States, ASN14340 (SALESFORCE - Salesforce.com, Inc., US),

Reverse DNS

dcl5-ord.na46-ord.force.com

Software

Resource Hash

5830f6b53e1ea91abd5de97ef219269702f413575cfe0dd6149712d68d7d61eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536004; includeSubDomains

Request headers

Referer: https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Wed, 20 Nov 2019 16:44:13 GMT
Content-Encoding: gzip
Last-Modified: Thu, 18 Dec 2014 19:28:42 GMT
Age: 4609
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/00DA0000000HcQDm"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=10368000
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/00DA0000000HcQDm";
Strict-Transport-Security: max-age=31536004; includeSubDomains
Accept-Ranges: bytes
Content-Length: 618
Expires: Thu, 19 Mar 2020 16:44:13 GMT

GET
H/1.1 200
OK 3_3_3.Finalorg.ajax4jsf.javascript.AjaxScript Show response
phishmesupport.secure.force.com/cts/faces/a4j/g/ 73 KB
20 KB 387ms
147ms Script
text/javascript 13.108.250.15
Salesforce.com

General

Check archive.org

Show headers Download Go to

Full URL

https://phishmesupport.secure.force.com/cts/faces/a4j/g/3_3_3.Finalorg.ajax4jsf.javascript.AjaxScript?rel=1573681730000

Requested by

Host: phishmesupport.secure.force.com
URL: https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.108.250.15 , United States, ASN14340 (SALESFORCE - Salesforce.com, Inc., US),

Reverse DNS

dcl5-ord.na46-ord.force.com

Software

Resource Hash

e2caeb89b440c1260fd3105e4b1474666ee12ae51636e9464a962c9357043cb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536004; includeSubDomains

Request headers

Referer: https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Wed, 20 Nov 2019 18:01:02 GMT
Content-Encoding: gzip
Last-Modified: Fri, 15 Nov 2019 06:48:38 GMT
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/00DA0000000HcQDm"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private,max-age=3888000
Transfer-Encoding: chunked
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/00DA0000000HcQDm";
Strict-Transport-Security: max-age=31536004; includeSubDomains
Expires: Sat, 04 Jan 2020 18:01:02 GMT

GET
H/1.1 200
OK SfdcCore.js Show response
phishmesupport.secure.force.com/cts/jslibrary/1548902828222/ui-sfdc-javascript-impl/ 180 KB
62 KB 637ms
397ms Script
application/x-javascript 13.108.250.15
Salesforce.com

General

Check archive.org

Show headers Download Go to

Full URL

https://phishmesupport.secure.force.com/cts/jslibrary/1548902828222/ui-sfdc-javascript-impl/SfdcCore.js

Requested by

Host: phishmesupport.secure.force.com
URL: https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.108.250.15 , United States, ASN14340 (SALESFORCE - Salesforce.com, Inc., US),

Reverse DNS

dcl5-ord.na46-ord.force.com

Software

Resource Hash

724d434df382ad9714b8df984e7746c2c7832cdfae30eab722b45147138c965c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536004; includeSubDomains

Request headers

Referer: https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Wed, 20 Nov 2019 18:01:02 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Nov 2019 22:28:24 GMT
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/00DA0000000HcQDm"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=10368000
Transfer-Encoding: chunked
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/00DA0000000HcQDm";
Strict-Transport-Security: max-age=31536004; includeSubDomains
Accept-Ranges: bytes
Expires: Thu, 19 Mar 2020 18:01:02 GMT

GET
H/1.1 200
OK timetrade_sf1__jQuery_2_2_4 Show response
phishmesupport.secure.force.com/cts/resource/1550343548000/ 84 KB
30 KB 396ms
156ms Script
application/javascript 13.108.250.15
Salesforce.com

General

Check archive.org

Show headers Download Go to

Full URL

https://phishmesupport.secure.force.com/cts/resource/1550343548000/timetrade_sf1__jQuery_2_2_4

Requested by

Host: phishmesupport.secure.force.com
URL: https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.108.250.15 , United States, ASN14340 (SALESFORCE - Salesforce.com, Inc., US),

Reverse DNS

dcl5-ord.na46-ord.force.com

Software

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536004; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Wed, 20 Nov 2019 18:01:02 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Sat, 16 Feb 2019 18:59:08 GMT
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/00DA0000000HcQDm"
X-FRAME-OPTIONS: SAMEORIGIN
P3P: CP="CUR OTR STA"
Cache-Control: public,max-age=3888000,immutable
Transfer-Encoding: chunked
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/00DA0000000HcQDm";
Strict-Transport-Security: max-age=31536004; includeSubDomains
Content-Type: application/javascript
X-XSS-Protection: 0
Expires: Sat, 04 Jan 2020 18:01:02 GMT

GET
H/1.1 200
OK timetrade_sf1__jQueryUIJs Show response
phishmesupport.secure.force.com/cts/resource/1550343547000/ 222 KB
60 KB 396ms
157ms Script
application/javascript 13.108.250.15
Salesforce.com

General

Check archive.org

Show headers Download Go to

Full URL

https://phishmesupport.secure.force.com/cts/resource/1550343547000/timetrade_sf1__jQueryUIJs

Requested by

Host: phishmesupport.secure.force.com
URL: https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.108.250.15 , United States, ASN14340 (SALESFORCE - Salesforce.com, Inc., US),

Reverse DNS

dcl5-ord.na46-ord.force.com

Software

Resource Hash

853a5b7955e180299f3bb9c6716a7d77590898a6f363a80dd15a39bb9c0bbacb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536004; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Wed, 20 Nov 2019 18:01:02 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Sat, 16 Feb 2019 18:59:07 GMT
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/00DA0000000HcQDm"
X-FRAME-OPTIONS: SAMEORIGIN
P3P: CP="CUR OTR STA"
Cache-Control: public,max-age=3888000,immutable
Transfer-Encoding: chunked
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/00DA0000000HcQDm";
Strict-Transport-Security: max-age=31536004; includeSubDomains
Content-Type: application/javascript
X-XSS-Protection: 0
Expires: Sat, 04 Jan 2020 18:01:02 GMT

GET
H/1.1 200
OK timetrade_sf1__TimeZoneJS Show response
phishmesupport.secure.force.com/cts/resource/1550343547000/ 42 KB
8 KB 404ms
159ms Script
application/javascript 13.108.250.15
Salesforce.com

General

Check archive.org

Show headers Download Go to

Full URL

https://phishmesupport.secure.force.com/cts/resource/1550343547000/timetrade_sf1__TimeZoneJS

Requested by

Host: phishmesupport.secure.force.com
URL: https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.108.250.15 , United States, ASN14340 (SALESFORCE - Salesforce.com, Inc., US),

Reverse DNS

dcl5-ord.na46-ord.force.com

Software

Resource Hash

36dcdde33749e2db422c3f51eea5deb71bea800490d96c2053680bc4c6154b3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536004; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Wed, 20 Nov 2019 18:01:02 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Sat, 16 Feb 2019 18:59:07 GMT
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/00DA0000000HcQDm"
X-FRAME-OPTIONS: SAMEORIGIN
P3P: CP="CUR OTR STA"
Cache-Control: public,max-age=3888000,immutable
Transfer-Encoding: chunked
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/00DA0000000HcQDm";
Strict-Transport-Security: max-age=31536004; includeSubDomains
Content-Type: application/javascript
X-XSS-Protection: 0
Expires: Sat, 04 Jan 2020 18:01:02 GMT

GET
H/1.1 200
OK picklist4.js Show response
phishmesupport.secure.force.com/cts/static/111213/js/ 10 KB
4 KB 501ms
142ms Script
application/x-javascript 13.108.250.15
Salesforce.com

General

Check archive.org

Show headers Download Go to

Full URL

https://phishmesupport.secure.force.com/cts/static/111213/js/picklist4.js

Requested by

Host: phishmesupport.secure.force.com
URL: https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.108.250.15 , United States, ASN14340 (SALESFORCE - Salesforce.com, Inc., US),

Reverse DNS

dcl5-ord.na46-ord.force.com

Software

Resource Hash

7da058a4e1bd6368be16eb513d108c61e9016968c859b28bc24ac2629e401773

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536004; includeSubDomains

Request headers

Referer: https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Wed, 20 Nov 2019 18:01:02 GMT
Content-Encoding: gzip
Last-Modified: Fri, 28 Sep 2018 01:08:08 GMT
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/00DA0000000HcQDm"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=10368000
Transfer-Encoding: chunked
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/00DA0000000HcQDm";
Strict-Transport-Security: max-age=31536004; includeSubDomains
Accept-Ranges: bytes
Expires: Thu, 19 Mar 2020 18:01:02 GMT

GET
H/1.1 200
OK VFState.js Show response
phishmesupport.secure.force.com/cts/jslibrary/1558397236222/sfdc/ 6 KB
3 KB 540ms
134ms Script
application/x-javascript 13.108.250.15
Salesforce.com

General

Check archive.org

Show headers Download Go to

Full URL

https://phishmesupport.secure.force.com/cts/jslibrary/1558397236222/sfdc/VFState.js

Requested by

Host: phishmesupport.secure.force.com
URL: https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.108.250.15 , United States, ASN14340 (SALESFORCE - Salesforce.com, Inc., US),

Reverse DNS

dcl5-ord.na46-ord.force.com

Software

Resource Hash

f007e795fc3dcb18580fac89b7d4e182dacadb4c68068e66501cd773fe41902e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536004; includeSubDomains

Request headers

Referer: https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Wed, 20 Nov 2019 18:01:02 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Nov 2019 22:28:24 GMT
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/00DA0000000HcQDm"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=10368000
Transfer-Encoding: chunked
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/00DA0000000HcQDm";
Strict-Transport-Security: max-age=31536004; includeSubDomains
Accept-Ranges: bytes
Expires: Thu, 19 Mar 2020 18:01:02 GMT

GET
H/1.1 200
OK timetrade_sf1__ctsStyleCSS
phishmesupport.secure.force.com/cts/resource/1550343547000/ 14 KB
4 KB 244ms
148ms Stylesheet
text/css 13.108.250.15
Salesforce.com

General

Check archive.org

Show headers Download Go to

Full URL

https://phishmesupport.secure.force.com/cts/resource/1550343547000/timetrade_sf1__ctsStyleCSS

Requested by

Host: phishmesupport.secure.force.com
URL: https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.108.250.15 , United States, ASN14340 (SALESFORCE - Salesforce.com, Inc., US),

Reverse DNS

dcl5-ord.na46-ord.force.com

Software

Resource Hash

d3e3dafcccafc5882b35d3bc8d7b1df48c7d5a8aec198d58e74fdade840a0569

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536004; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Wed, 20 Nov 2019 18:01:02 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Sat, 16 Feb 2019 18:59:07 GMT
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/00DA0000000HcQDm"
X-FRAME-OPTIONS: SAMEORIGIN
P3P: CP="CUR OTR STA"
Cache-Control: public,max-age=3888000,immutable
Transfer-Encoding: chunked
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/00DA0000000HcQDm";
Strict-Transport-Security: max-age=31536004; includeSubDomains
Content-Type: text/css
X-XSS-Protection: 0
Expires: Sat, 04 Jan 2020 18:01:02 GMT

GET
H2 200 cofense_logo.png
www.startus.cc/sites/default/files/styles/company_profile_logo/public/company_logos/ 12 KB
12 KB 122ms
49ms Image
image/png 138.201.84.149
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.startus.cc/sites/default/files/styles/company_profile_logo/public/company_logos/cofense_logo.png?itok=CGpxBelQ

Requested by

Host: phishmesupport.secure.force.com
URL: https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

138.201.84.149 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

app14.epiqo.com

Software

nginx /

Resource Hash

437d2038886132ec8ea2c80542d5e7dc564a3e5f8d46db61ed1ba0e37fa1ddf1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Wed, 20 Nov 2019 18:01:02 GMT
via: 1.1 varnish (Varnish/6.1)
x-content-type-options: nosniff
last-modified: Mon, 23 Sep 2019 13:25:01 GMT
server: nginx
age: 187223
etag: "5d88c7ad-2ea2"
content-type: image/png
status: 200
cache-control: max-age=604800
x-varnish: 9455990 7227196
accept-ranges: bytes
content-length: 11938
x-xss-protection: 1; mode=block
expires: Mon, 25 Nov 2019 14:00:38 GMT

GET
H/1.1 200
OK timetrade_sf1__loadingGif
phishmesupport.secure.force.com/cts/resource/1550343548000/ 24 KB
25 KB 147ms
146ms Image
image/gif 13.108.250.15
Salesforce.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://phishmesupport.secure.force.com/cts/resource/1550343548000/timetrade_sf1__loadingGif

Requested by

Host: phishmesupport.secure.force.com
URL: https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.108.250.15 , United States, ASN14340 (SALESFORCE - Salesforce.com, Inc., US),

Reverse DNS

dcl5-ord.na46-ord.force.com

Software

Resource Hash

1b44913e3f0a704ed5d282fdd7478e195647f9d1da13279631b1583f2831cedb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536004; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Wed, 20 Nov 2019 18:01:02 GMT
Last-Modified: Sat, 16 Feb 2019 18:59:08 GMT
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/00DA0000000HcQDm"
X-FRAME-OPTIONS: SAMEORIGIN
P3P: CP="CUR OTR STA"
Cache-Control: public,max-age=3888000,immutable
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/00DA0000000HcQDm";
Strict-Transport-Security: max-age=31536004; includeSubDomains
Content-Type: image/gif
Content-Length: 24854
X-XSS-Protection: 0
Expires: Sat, 04 Jan 2020 18:01:02 GMT

GET
H/1.1 200
OK T
phishmesupport.secure.force.com/cts/profilephoto/005/ 723 B
1 KB 147ms
147ms Image
image/png 13.108.250.15
Salesforce.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://phishmesupport.secure.force.com/cts/profilephoto/005/T

Requested by

Host: phishmesupport.secure.force.com
URL: https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.108.250.15 , United States, ASN14340 (SALESFORCE - Salesforce.com, Inc., US),

Reverse DNS

dcl5-ord.na46-ord.force.com

Software

Resource Hash

05686500121ad9c946a008a88f2c0b5d4fcfadf50a88e4c5741e6684cceaaa9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536004; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Wed, 20 Nov 2019 18:01:02 GMT
Last-Modified: Sun, 30 Jun 2019 16:00:26 GMT
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/00DA0000000HcQDm"
X-FRAME-OPTIONS: SAMEORIGIN
P3P: CP="CUR OTR STA"
Cache-Control: public,max-age=3888000
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/00DA0000000HcQDm";
Strict-Transport-Security: max-age=31536004; includeSubDomains
Content-Type: image/png
Content-Length: 723
X-XSS-Protection: 0
Expires: Sat, 04 Jan 2020 18:01:02 GMT

POST
H/1.1 200
OK TimeTrade_SF1__ClickToSchedule Show response
phishmesupport.secure.force.com/cts/ 88 KB
28 KB 2368ms
2368ms XHR
text/xml 13.108.250.15
Salesforce.com

General

Check archive.org

Show headers Download Go to

Full URL

https://phishmesupport.secure.force.com/cts/TimeTrade_SF1__ClickToSchedule

Requested by

Host: phishmesupport.secure.force.com
URL: https://phishmesupport.secure.force.com/cts/faces/a4j/g/3_3_3.Finalorg.ajax4jsf.javascript.AjaxScript?rel=1573681730000

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.108.250.15 , United States, ASN14340 (SALESFORCE - Salesforce.com, Inc., US),

Reverse DNS

dcl5-ord.na46-ord.force.com

Software

/ Salesforce.com ApexPages

Resource Hash

f1008b7211c360c50cb3de28889d5c9e092b86c1fc5dbd4b8988a1782e56c167

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536004; includeSubDomains

Request headers

Referer: https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV
Origin: https://phishmesupport.secure.force.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 20 Nov 2019 18:01:03 GMT
Content-Encoding: gzip
Ajax-Response: true
X-Powered-By: Salesforce.com ApexPages
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/00DA0000000HcQDm"
Vary: Accept-Encoding
P3P: CP="CUR OTR STA"
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Transfer-Encoding: chunked
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/00DA0000000HcQDm";
Strict-Transport-Security: max-age=31536004; includeSubDomains
Content-Type: text/xml;charset=UTF-8
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK timetrade_sf1__loadingGif
phishmesupport.secure.force.com/cts/resource/1550343548000/ 24 KB
25 KB 120ms
120ms Image
image/gif 13.108.250.15
Salesforce.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://phishmesupport.secure.force.com/cts/resource/1550343548000/timetrade_sf1__loadingGif

Requested by

Host: phishmesupport.secure.force.com
URL: https://phishmesupport.secure.force.com/cts/faces/a4j/g/3_3_3.Finalorg.ajax4jsf.javascript.AjaxScript?rel=1573681730000

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.108.250.15 , United States, ASN14340 (SALESFORCE - Salesforce.com, Inc., US),

Reverse DNS

dcl5-ord.na46-ord.force.com

Software

Resource Hash

1b44913e3f0a704ed5d282fdd7478e195647f9d1da13279631b1583f2831cedb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536004; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Wed, 20 Nov 2019 16:44:13 GMT
Last-Modified: Sat, 16 Feb 2019 18:59:08 GMT
Age: 4612
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/00DA0000000HcQDm"
X-FRAME-OPTIONS: SAMEORIGIN
P3P: CP="CUR OTR STA"
Cache-Control: public,max-age=3888000,immutable
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/00DA0000000HcQDm";
Strict-Transport-Security: max-age=31536004; includeSubDomains
Content-Type: image/gif
Content-Length: 24854
X-XSS-Protection: 0
Expires: Sat, 04 Jan 2020 16:44:13 GMT

GET
H/1.1 200
OK T
phishmesupport.secure.force.com/cts/profilephoto/005/ 723 B
2 KB 143ms
143ms Image
image/png 13.108.250.15
Salesforce.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://phishmesupport.secure.force.com/cts/profilephoto/005/T

Requested by

Host: phishmesupport.secure.force.com
URL: https://phishmesupport.secure.force.com/cts/faces/a4j/g/3_3_3.Finalorg.ajax4jsf.javascript.AjaxScript?rel=1573681730000

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.108.250.15 , United States, ASN14340 (SALESFORCE - Salesforce.com, Inc., US),

Reverse DNS

dcl5-ord.na46-ord.force.com

Software

Resource Hash

05686500121ad9c946a008a88f2c0b5d4fcfadf50a88e4c5741e6684cceaaa9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536004; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Wed, 20 Nov 2019 18:01:05 GMT
Last-Modified: Sun, 30 Jun 2019 16:00:26 GMT
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/00DA0000000HcQDm"
X-FRAME-OPTIONS: SAMEORIGIN
P3P: CP="CUR OTR STA"
Cache-Control: public,max-age=3888000
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/00DA0000000HcQDm";
Strict-Transport-Security: max-age=31536004; includeSubDomains
Content-Type: image/png
Content-Length: 723
X-XSS-Protection: 0
Expires: Sat, 04 Jan 2020 18:01:05 GMT

POST
H/1.1 200
OK TimeTrade_SF1__ClickToSchedule Show response
phishmesupport.secure.force.com/cts/ 29 KB
22 KB 401ms
401ms XHR
text/xml 13.108.250.15
Salesforce.com

General

Check archive.org

Show headers Download Go to

Full URL

https://phishmesupport.secure.force.com/cts/TimeTrade_SF1__ClickToSchedule

Requested by

Host: phishmesupport.secure.force.com
URL: https://phishmesupport.secure.force.com/cts/faces/a4j/g/3_3_3.Finalorg.ajax4jsf.javascript.AjaxScript?rel=1573681730000

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.108.250.15 , United States, ASN14340 (SALESFORCE - Salesforce.com, Inc., US),

Reverse DNS

dcl5-ord.na46-ord.force.com

Software

/ Salesforce.com ApexPages

Resource Hash

927d34964e1b11236e03d1d3e839d1ae1603284de876ba6e7f94c1c9fade5074

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536004; includeSubDomains

Request headers

Referer: https://phishmesupport.secure.force.com/cts/?Id=a1C0H00000A1FpXUAV
Origin: https://phishmesupport.secure.force.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 20 Nov 2019 18:01:05 GMT
Content-Encoding: gzip
Ajax-Response: true
X-Powered-By: Salesforce.com ApexPages
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/00DA0000000HcQDm"
Vary: Accept-Encoding
P3P: CP="CUR OTR STA"
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Transfer-Encoding: chunked
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/00DA0000000HcQDm";
Strict-Transport-Security: max-age=31536004; includeSubDomains
Content-Type: text/xml;charset=UTF-8
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.force.com/	1970-01-19 06:44:16	Name: BrowserId Value: tfLSNQu_Eeqc-ZP31R43ow
			.force.com/cts	1970-01-19 05:25:04	Name: debug_logs Value: debug_logs

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536004; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

phishmesupport.force.com
phishmesupport.secure.force.com
www.startus.cc
13.108.250.15
138.201.84.149
2.16.106.113
05686500121ad9c946a008a88f2c0b5d4fcfadf50a88e4c5741e6684cceaaa9e
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
1b44913e3f0a704ed5d282fdd7478e195647f9d1da13279631b1583f2831cedb
36dcdde33749e2db422c3f51eea5deb71bea800490d96c2053680bc4c6154b3d
437d2038886132ec8ea2c80542d5e7dc564a3e5f8d46db61ed1ba0e37fa1ddf1
4577d0e8eed11de5085bc3606a5745aaac36a9325700e8d032613ae6e5f0643d
5830f6b53e1ea91abd5de97ef219269702f413575cfe0dd6149712d68d7d61eb
724d434df382ad9714b8df984e7746c2c7832cdfae30eab722b45147138c965c
7da058a4e1bd6368be16eb513d108c61e9016968c859b28bc24ac2629e401773
853a5b7955e180299f3bb9c6716a7d77590898a6f363a80dd15a39bb9c0bbacb
927d34964e1b11236e03d1d3e839d1ae1603284de876ba6e7f94c1c9fade5074
d3e3dafcccafc5882b35d3bc8d7b1df48c7d5a8aec198d58e74fdade840a0569
e2caeb89b440c1260fd3105e4b1474666ee12ae51636e9464a962c9357043cb6
f007e795fc3dcb18580fac89b7d4e182dacadb4c68068e66501cd773fe41902e
f1008b7211c360c50cb3de28889d5c9e092b86c1fc5dbd4b8988a1782e56c167

phishmesupport.secure.force.com Open in urlscan Pro 13.108.250.15 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

17 Requests

100 %HTTPS

0 %IPv6

2 Domains

3 Subdomains

2 IPs

3 Countries

331 kBTransfer

862 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

phishmesupport.secure.force.com Open in urlscan Pro
13.108.250.15 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

2
IPs

3
Countries

331 kB
Transfer

862 kB
Size

2
Cookies

17 HTTP transactions
0 data transactions