bhoroshasthol.com
Open in
urlscan Pro
2a06:98c1:3121::3
Public Scan
Submission Tags: phishing
Submission: On May 04 via api from US — Scanned from NL
Summary
TLS certificate: Issued by E1 on April 17th 2023. Valid for: 3 months.
This is the only time bhoroshasthol.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 2a06:98c1:312... 2a06:98c1:3121::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
7 | 13.110.37.36 13.110.37.36 | 14340 (SALESFORCE) (SALESFORCE) | |
2 | 85.222.155.67 85.222.155.67 | 14340 (SALESFORCE) (SALESFORCE) | |
13 | 4 |
ASN14340 (SALESFORCE, US)
PTR: dcl3-ncg0-phx3.na141-ph2.force.com
portalaccess.force.com |
ASN14340 (SALESFORCE, US)
PTR: dcl7-ncg0-fra3.login.salesforce.com
login.salesforce.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
force.com
portalaccess.force.com |
21 KB |
2 |
salesforce.com
login.salesforce.com — Cisco Umbrella Rank: 5445 |
10 KB |
2 |
bhoroshasthol.com
bhoroshasthol.com |
13 KB |
13 | 3 |
Domain | Requested by | |
---|---|---|
7 | portalaccess.force.com |
bhoroshasthol.com
portalaccess.force.com |
2 | login.salesforce.com |
portalaccess.force.com
login.salesforce.com |
2 | bhoroshasthol.com |
bhoroshasthol.com
|
13 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
portalaccess.force.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
bhoroshasthol.com E1 |
2023-04-17 - 2023-07-16 |
3 months | crt.sh |
*.na141.force.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-03-15 - 2024-03-13 |
a year | crt.sh |
login.salesforce.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-06-14 - 2023-06-13 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://bhoroshasthol.com/sa.officedepot.workspace.com/
Frame ID: C7214034D051BF6369E75240439255AA
Requests: 11 HTTP requests in this frame
Frame:
https://login.salesforce.com/login/sessionserver212.html
Frame ID: 976A7F76616CFB03B8120AB821ADF472
Requests: 2 HTTP requests in this frame
1 Outgoing links
These are links going to different origins than the main page.
Title: Forgot Your Password?
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
bhoroshasthol.com/sa.officedepot.workspace.com/ |
9 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sfdc_210.css
portalaccess.force.com/css/ |
15 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SfdcSessionBase208.js
portalaccess.force.com/jslibrary/ |
16 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
LoginHint208.js
portalaccess.force.com/jslibrary/ |
20 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
servlet.png
bhoroshasthol.com/sa.officedepot.workspace.com/foot/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clear.png
portalaccess.force.com/img/ |
477 B 805 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
baselogin4.js
portalaccess.force.com/jslibrary/ |
4 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
LoginMarketingSurveyResponse.js
portalaccess.force.com/jslibrary/ |
1 KB 1016 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
SalesforceSans-Regular.woff2
portalaccess.force.com/login/assets/fonts/SalesforceSans/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sessionserver212.html
login.salesforce.com/login/ Frame 976A |
91 B 959 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SessionServer212.js
login.salesforce.com/jslibrary/ Frame 976A |
26 KB 9 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
SalesforceSans-Regular.woff
portalaccess.force.com/login/assets/fonts/SalesforceSans/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
capslock_blue.png
portalaccess.force.com/img/icon/ |
559 B 887 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- portalaccess.force.com
- URL
- https://portalaccess.force.com/login/assets/fonts/SalesforceSans/SalesforceSans-Regular.woff2
- Domain
- portalaccess.force.com
- URL
- https://portalaccess.force.com/login/assets/fonts/SalesforceSans/SalesforceSans-Regular.woff
Verdicts & Comments Add Verdict or Comment
13 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 boolean| credentialless object| SFDCSessionVars function| SfdcFramework object| Sfdc object| SfdcApp object| DomainSwitcher object| IdpOptions object| LoginHint function| loader function| checkCaps function| handleLogin function| lazyload0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bhoroshasthol.com
login.salesforce.com
portalaccess.force.com
portalaccess.force.com
13.110.37.36
2a06:98c1:3121::3
85.222.155.67
02c47d1fb4a92fd6eca59ed828b0d0d7a8ef8285688bd27f36b1e003ffa9a52c
3fd16348fe4ca03d12f4668222ce1eab604cf1c0a8e9ee23b15cb35ebed94110
52ca1f9d5b39ac9590e45d7665d1121364d804df601330d49b19817e586d3133
7e1be85121724b45c7ac94344a70c0db1218e40b53ff78f3b2228a77929c0a56
808d5f90e26ff1cef2544ee1d3c3b0cd09ec83e67bf2d2e4268ae5b194f94b54
a44a332a5a4f24eb901f6cc0d4594e7befeaedb9717d7e3a43a5c139d0e03e6e
c225ba1069485484b90206a0c6526046c88de0505eedab79c65612e22dcac98c
d7c69aa9b8a38fd462dedb21a38aaf775d26b69a0ce81fb7e237c1e9badfbb98
db743dbd91a699d36f6a755ad2c8eec5ce0d1b3715df50a651b7c24de11c1811
dd464055be78eadee2d5d3ecc5380600b788883e462d9e77372877dc04110e6d
f746ecd9124e329bec9fb164e513522ead38c2ba0d7d29ee9422a307babdc8cf