performanceevals-bavyiew1.com
Open in
urlscan Pro
54.235.59.0
Public Scan
Effective URL: https://performanceevals-bavyiew1.com:8080/secure-eval?Redirect=true&d=bmYEQm5mBTCo9GGP
Submission: On July 05 via manual from IN — Scanned from DE
Summary
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on June 17th 2022. Valid for: a year.
This is the only time performanceevals-bavyiew1.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 2 | 54.235.59.0 54.235.59.0 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 2606:4700::68... 2606:4700::6812:1734 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
14 | 34.225.103.150 34.225.103.150 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 13.108.235.135 13.108.235.135 | 14340 (SALESFORCE) (SALESFORCE) | |
1 | 13.108.233.135 13.108.233.135 | 14340 (SALESFORCE) (SALESFORCE) | |
1 | 13.110.43.170 13.110.43.170 | 14340 (SALESFORCE) (SALESFORCE) | |
21 | 7 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-235-59-0.compute-1.amazonaws.com
performanceevals-bavyiew1.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-103-150.compute-1.amazonaws.com
www.securefirmportal.com |
ASN14340 (SALESFORCE, US)
PTR: dcl8-iad.la1-c2-iad.salesforceliveagent.com
c.la1-c2-iad.salesforceliveagent.com |
ASN14340 (SALESFORCE, US)
PTR: dcl4-iad.la1-c2-iad.salesforceliveagent.com
d.la1-c2-iad.salesforceliveagent.com |
ASN14340 (SALESFORCE, US)
PTR: dcl12-ncg1-c6-iad5.la3-c1-ia5.salesforceliveagent.com
d.la3-c1-ia5.salesforceliveagent.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
securefirmportal.com
www.securefirmportal.com — Cisco Umbrella Rank: 448424 |
602 KB |
3 |
salesforceliveagent.com
c.la1-c2-iad.salesforceliveagent.com — Cisco Umbrella Rank: 103182 d.la1-c2-iad.salesforceliveagent.com — Cisco Umbrella Rank: 92541 d.la3-c1-ia5.salesforceliveagent.com — Cisco Umbrella Rank: 32626 |
43 KB |
2 |
performanceevals-bavyiew1.com
1 redirects
performanceevals-bavyiew1.com |
13 KB |
1 |
fontawesome.com
pro.fontawesome.com — Cisco Umbrella Rank: 6823 |
16 KB |
21 | 4 |
Domain | Requested by | |
---|---|---|
14 | www.securefirmportal.com |
performanceevals-bavyiew1.com
www.securefirmportal.com |
2 | performanceevals-bavyiew1.com | 1 redirects |
1 | d.la3-c1-ia5.salesforceliveagent.com |
c.la1-c2-iad.salesforceliveagent.com
|
1 | d.la1-c2-iad.salesforceliveagent.com |
c.la1-c2-iad.salesforceliveagent.com
|
1 | c.la1-c2-iad.salesforceliveagent.com |
performanceevals-bavyiew1.com
|
1 | pro.fontawesome.com |
performanceevals-bavyiew1.com
|
21 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.securefirmportal.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
performanceevals-bavyiew1.com Go Daddy Secure Certificate Authority - G2 |
2022-06-17 - 2023-07-19 |
a year | crt.sh |
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-12-01 - 2023-01-01 |
a year | crt.sh |
*.securefirmportal.com Amazon |
2021-12-07 - 2023-01-04 |
a year | crt.sh |
la1-c2-iad.salesforceliveagent.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-02-03 - 2023-02-01 |
a year | crt.sh |
la3-c1-ia5.salesforceliveagent.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-02-02 - 2023-02-01 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://performanceevals-bavyiew1.com:8080/secure-eval?Redirect=true&d=bmYEQm5mBTCo9GGP
Frame ID: CFA19972E3E6CB4093BD967DE9EFC493
Requests: 21 HTTP requests in this frame
Screenshot
Page Title
Secure Evaluation PortalPage URL History Show full URLs
-
https://performanceevals-bavyiew1.com:8080/secure-eval?d=bmYEQm5mBTCo9GGP
HTTP 302
https://performanceevals-bavyiew1.com:8080/secure-eval?Redirect=true&d=bmYEQm5mBTCo9GGP Page URL
Detected technologies
Font Awesome (Font Scripts) ExpandDetected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Secure Evaluation Portal
Search URL Search Domain Scan URL
Title: Take the 5 Minute Guided Tour
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://performanceevals-bavyiew1.com:8080/secure-eval?d=bmYEQm5mBTCo9GGP
HTTP 302
https://performanceevals-bavyiew1.com:8080/secure-eval?Redirect=true&d=bmYEQm5mBTCo9GGP Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
secure-eval
performanceevals-bavyiew1.com/ Redirect Chain
|
13 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.css
pro.fontawesome.com/releases/v5.8.1/css/ |
78 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.css
www.securefirmportal.com/dist/css/ |
62 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
html5shiv.js
www.securefirmportal.com/Content/Custom/scripts/ |
2 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery
www.securefirmportal.com/bundles/ |
90 KB 91 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jqueryui
www.securefirmportal.com/bundles/ |
222 KB 222 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jqueryval
www.securefirmportal.com/bundles/ |
27 KB 28 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
superfish
www.securefirmportal.com/bundles/ |
4 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cookies
www.securefirmportal.com/bundles/ |
1 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
CPAScripts
www.securefirmportal.com/bundles/ |
1 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
css
www.securefirmportal.com/Content/ |
90 KB 90 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
css
www.securefirmportal.com/Content/Custom/ |
54 KB 54 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
deployment.js
c.la1-c2-iad.salesforceliveagent.com/content/g/js/42.0/ |
41 KB 41 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
cJZKeOuBrn4kERxqtaUH3T8E0i7KZn-EPnyo3HZu7kw.woff
www.securefirmportal.com/Content/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.easing.js
www.securefirmportal.com/Scripts/jQueryTourPlugin/js/ |
8 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jTour.min.js
www.securefirmportal.com/Scripts/jQueryTourPlugin/js/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
www.securefirmportal.com/Scripts/jQueryTourPlugin/css/custom/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sprite.png
www.securefirmportal.com/images/ |
87 KB 87 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
k3k702ZOKiLJc3WVjuplzHhCUOGz7vYGh680lGh-uXM.woff
www.securefirmportal.com/Content/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
MultiNoun.jsonp
d.la1-c2-iad.salesforceliveagent.com/chat/rest/System/ |
226 B 591 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Settings.jsonp
d.la3-c1-ia5.salesforceliveagent.com/chat/rest/Visitor/ |
240 B 611 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.securefirmportal.com
- URL
- https://www.securefirmportal.com/Content/fonts/cJZKeOuBrn4kERxqtaUH3T8E0i7KZn-EPnyo3HZu7kw.woff
- Domain
- www.securefirmportal.com
- URL
- https://www.securefirmportal.com/Content/fonts/k3k702ZOKiLJc3WVjuplzHhCUOGz7vYGh680lGh-uXM.woff
Verdicts & Comments Add Verdict or Comment
16 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| html5 function| $ function| jQuery undefined| getCookie boolean| liveAgentDeployment object| liveagent object| _laq function| jTour6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.securefirmportal.com/ | Name: AWSELBCORS Value: 71EB155316AB0B3DF63D01BF6A8D57A36D6191398236E1D03B9309FC973AAAC044D7DC01831DAC07C28C27947AA7D7EA70AF729A23F2C53B11040E30764EF7D1669E9EC79E |
|
performanceevals-bavyiew1.com/ | Name: messaging Value: visited%2F |
|
performanceevals-bavyiew1.com/ | Name: liveagent_oref Value: |
|
performanceevals-bavyiew1.com/ | Name: liveagent_sid Value: 44f4d57c-0c48-4eca-bf09-43cf6cd41375 |
|
performanceevals-bavyiew1.com/ | Name: liveagent_vc Value: 2 |
|
performanceevals-bavyiew1.com/ | Name: liveagent_ptid Value: 44f4d57c-0c48-4eca-bf09-43cf6cd41375 |
6 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
c.la1-c2-iad.salesforceliveagent.com
d.la1-c2-iad.salesforceliveagent.com
d.la3-c1-ia5.salesforceliveagent.com
performanceevals-bavyiew1.com
pro.fontawesome.com
www.securefirmportal.com
www.securefirmportal.com
13.108.233.135
13.108.235.135
13.110.43.170
2606:4700::6812:1734
34.225.103.150
54.235.59.0
0757f7ff6e5f6a581922a5e2d42c5e0cf7475d880885a9802e8bdd5e4188dd34
0d2070dca09bffdb5d5ebbaf564f0b1bd1e9447bd108756090e9aae9ac1bdb05
15f4aa54be8ef848a8d9b2cc850c206a3339a85730a47ad76653edee2c025ff6
2541fcdcf68d8b63412f6d3a36b0a589e92ac0825e727a27163040e2b0582c3b
25b432e2b72a46f2f0012b8683cf23d377071a7d7deae0adc2070b1e00b58845
275430b1fdc2db213987576c27b025f4d4f2d856abc60905d4ec474b8d8ae1b4
439781ca5fa82054d3ecda79bed5f767eae443304c6b7c2c77420bbf73dc6730
4bcbeb592064f381529b5fa1ba8f2986c97f0ada590f7f942d5c686450acd55c
56be9b56ce53d7a954de9033576378f4dba3dcb90585acbe7a35eb649d1ba590
5c034c7c6fb0dd5bb7e8a626c040508a2cdf18308246f0a4e8dff1a729a61791
5d9112b54a53859f432d80bd2995dfc1c99e752a64dd2295bc64965dcc6c6d0d
8c7a9c0470563367ab00307b4fb9bb3052d0a27f0b94e63b9dc0bb8c369449cb
93f6dd4e1a466110542445ab4f506ccfc45c9e2523c7c2644cd69a187ccff4aa
caa4aa1f3fdf3f8cf6491b5afbf4bf6382daab4957fb8d5c3df3d789c638111b
d3bfd4d7b3f0ec22bf799999697fc126dc6da1b6d87b5c33efa22744e8c16199
e2447d4addf0d891f26e2f6b398eef3943293bd9b781eb98bca3d35bf576fb8e
e4de211ac6f1ee423a9c763ddd3effc7b33e5a2af4f5ee8ad303864e02e79f47
f4abff8434448e6f87f23ec5b025da387c9e1155709218ce74b884899acd4479
f9340b38189194ca6517b904b99a3854b5e71d02950bc090dbf510cf8c96b846