axs-finance-salesforce-app-qa.herokuapp.com Open in urlscan Pro
50.16.128.104 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://axs-finance-salesforce-app-qa.herokuapp.com/
Submission: On March 27 via automatic, source certstream-suspicious (March 27th 2023, 12:32:05 am UTC) — Scanned from DE

Summary HTTP 8 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 8 HTTP transactions. The main IP is 50.16.128.104, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is axs-finance-salesforce-app-qa.herokuapp.com.
TLS certificate: Issued by R3 on March 26th 2023. Valid for: 3 months.

This is the only time axs-finance-salesforce-app-qa.herokuapp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	50.16.128.104 50.16.128.104	14618 (AMAZON-AES) (AMAZON-AES)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2

6 50.16.128.104 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-128-104.compute-1.amazonaws.com

axs-finance-salesforce-app-qa.herokuapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	herokuapp.com axs-finance-salesforce-app-qa.herokuapp.com	406 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 783	38 KB
8	2

	Domain	Requested by
6	axs-finance-salesforce-app-qa.herokuapp.com	axs-finance-salesforce-app-qa.herokuapp.com
2	maxcdn.bootstrapcdn.com	axs-finance-salesforce-app-qa.herokuapp.com maxcdn.bootstrapcdn.com
8	2

This site contains links to these domains. Also see Links.

Domain
devcenter.heroku.com
github.com
addons.heroku.com
www.heroku.com

Subject Issuer	Validity	Valid
axs-finance-salesforce-app-qa.herokuapp.com R3	`2023-03-26` - `2023-06-24`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://axs-finance-salesforce-app-qa.herokuapp.com/
Frame ID: B6FF832F2F6A1663E90AFE1FEE30AD3F
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Java Getting Started on Heroku

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Heroku (PaaS) Expand

Overall confidence: 100%
Detected patterns

\.herokuapp\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

Page Statistics

8
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

444 kB
Transfer

537 kB
Size

0
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://devcenter.heroku.com/articles/how-heroku-works
Title: How Heroku Works

Search URL Search Domain Scan URL

URL: https://devcenter.heroku.com/articles/getting-started-with-ruby
Title: Getting Started with Ruby on Heroku

Search URL Search Domain Scan URL

URL: https://devcenter.heroku.com/articles/getting-started-with-nodejs
Title: Getting Started with Node on Heroku

Search URL Search Domain Scan URL

URL: https://devcenter.heroku.com/articles/getting-started-with-php
Title: Getting Started with PHP on Heroku

Search URL Search Domain Scan URL

URL: https://devcenter.heroku.com/articles/getting-started-with-python
Title: Getting Started with Python on Heroku

Search URL Search Domain Scan URL

URL: https://devcenter.heroku.com/articles/getting-started-with-java
Title: Getting Started with Java on Heroku

Search URL Search Domain Scan URL

URL: https://devcenter.heroku.com/articles/getting-started-with-go
Title: Getting Started with Go on Heroku

Search URL Search Domain Scan URL

URL: https://devcenter.heroku.com/articles/getting-started-with-clojure
Title: Getting Started with Clojure on Heroku

Search URL Search Domain Scan URL

URL: https://devcenter.heroku.com/articles/getting-started-with-scala
Title: Getting Started with Scala on Heroku

Search URL Search Domain Scan URL

URL: https://devcenter.heroku.com/articles/getting-started-with-heroku-and-connect-without-local-dev
Title: Getting Started on Heroku with Heroku Connect

Search URL Search Domain Scan URL

URL: https://devcenter.heroku.com/articles/getting-started-with-jruby
Title: Getting Started with Ruby on Heroku (Microsoft Windows)

Search URL Search Domain Scan URL

URL: https://devcenter.heroku.com/
Title: Heroku Dev Center

Search URL Search Domain Scan URL

URL: https://github.com/heroku/java-getting-started
Title: Source on GitHub

Search URL Search Domain Scan URL

URL: https://github.com/heroku/java-getting-started/blob/main/pom.xml
Title: pom.xml

Search URL Search Domain Scan URL

URL: https://addons.heroku.com/
Title: 150 add-on services

Search URL Search Domain Scan URL

URL: https://devcenter.heroku.com/articles/getting-started-with-java#push-local-changes
Title: deploy changes

Search URL Search Domain Scan URL

URL: https://www.heroku.com/home
Title: Heroku

Search URL Search Domain Scan URL

URL: https://devcenter.heroku.com/articles/deploying-java
Title: Deploying Java Apps on Heroku

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
axs-finance-salesforce-app-qa.herokuapp.com/ 7 KB
7 KB 399ms
124ms Document
text/html 50.16.128.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://axs-finance-salesforce-app-qa.herokuapp.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.16.128.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-128-104.compute-1.amazonaws.com
Software: /
Resource Hash: eb639096d82f70d07e7034825c096a4d1ff217e6999d824f038142eb171dde64

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Language: de-DE
Content-Type: text/html;charset=UTF-8
Date: Mon, 27 Mar 2023 00:31:59 GMT
Transfer-Encoding: chunked
Via: 1.1 spaces-router (e46a9e002bdb)

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/ 115 KB
20 KB 144ms
48ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css

Requested by

Host: axs-finance-salesforce-app-qa.herokuapp.com
URL: https://axs-finance-salesforce-app-qa.herokuapp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://axs-finance-salesforce-app-qa.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 00:32:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 617, 617
age: 7079255
cdn-cachedat: 2021-06-08 14:01:04
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:58 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 33fc7f6c64f18e27ebb95ab9e21d92ab
timing-allow-origin: *
cdn-requestcountrycode: US
cf-ray: 7ae388a29dbf2c46-FRA
cdn-requestpullsuccess: True

GET
H/1.1 200
OK main.css
axs-finance-salesforce-app-qa.herokuapp.com/stylesheets/ 621 B
943 B 122ms
122ms Stylesheet
text/css 50.16.128.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://axs-finance-salesforce-app-qa.herokuapp.com/stylesheets/main.css
Requested by: Host: axs-finance-salesforce-app-qa.herokuapp.com
URL: https://axs-finance-salesforce-app-qa.herokuapp.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.16.128.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-128-104.compute-1.amazonaws.com
Software: /
Resource Hash: ff48a5bd9cdbc342a47983abfd86b5f0c2322c778d663d8885b95e8f2886b815

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://axs-finance-salesforce-app-qa.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Mon, 27 Mar 2023 00:31:59 GMT
Via: 1.1 spaces-router (e46a9e002bdb)
Last-Modified: Wed, 04 Jan 2023 14:12:02 GMT
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/css
Cache-Control: no-store
Accept-Ranges: bytes
Content-Length: 621

GET
H/1.1 200
OK lang-logo.png
axs-finance-salesforce-app-qa.herokuapp.com/ 4 KB
4 KB 360ms
122ms Image
image/png 50.16.128.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://axs-finance-salesforce-app-qa.herokuapp.com/lang-logo.png
Requested by: Host: axs-finance-salesforce-app-qa.herokuapp.com
URL: https://axs-finance-salesforce-app-qa.herokuapp.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.16.128.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-128-104.compute-1.amazonaws.com
Software: /
Resource Hash: 08f6b83435ca3ba12a1499484500e5569a05134843c54862c1d28e229363e4bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://axs-finance-salesforce-app-qa.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Mon, 27 Mar 2023 00:31:59 GMT
Via: 1.1 spaces-router (e46a9e002bdb)
Last-Modified: Wed, 04 Jan 2023 14:12:02 GMT
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: image/png
Cache-Control: no-store
Accept-Ranges: bytes
Content-Length: 4156

GET
H/1.1 200
OK jquery.min.js Show response
axs-finance-salesforce-app-qa.herokuapp.com/webjars/jquery/3.3.1-1/ 85 KB
85 KB 229ms
120ms Script
application/javascript 50.16.128.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://axs-finance-salesforce-app-qa.herokuapp.com/webjars/jquery/3.3.1-1/jquery.min.js
Requested by: Host: axs-finance-salesforce-app-qa.herokuapp.com
URL: https://axs-finance-salesforce-app-qa.herokuapp.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.16.128.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-128-104.compute-1.amazonaws.com
Software: /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://axs-finance-salesforce-app-qa.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Mon, 27 Mar 2023 00:31:59 GMT
Via: 1.1 spaces-router (e46a9e002bdb)
Last-Modified: Wed, 14 Dec 2022 15:05:32 GMT
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: application/javascript
Cache-Control: no-store
Accept-Ranges: bytes
Content-Length: 86927

GET
H/1.1 200
OK jquery-ui.min.js Show response
axs-finance-salesforce-app-qa.herokuapp.com/webjars/jquery-ui/1.13.1/ 249 KB
249 KB 355ms
120ms Script
application/javascript 50.16.128.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://axs-finance-salesforce-app-qa.herokuapp.com/webjars/jquery-ui/1.13.1/jquery-ui.min.js
Requested by: Host: axs-finance-salesforce-app-qa.herokuapp.com
URL: https://axs-finance-salesforce-app-qa.herokuapp.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.16.128.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-128-104.compute-1.amazonaws.com
Software: /
Resource Hash: 793cb14b4ae48e92c4a35eae5d34b4b95092e3cd7995ce342b6895a560ef7526

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://axs-finance-salesforce-app-qa.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Mon, 27 Mar 2023 00:31:59 GMT
Via: 1.1 spaces-router (e46a9e002bdb)
Last-Modified: Wed, 14 Dec 2022 15:05:32 GMT
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: application/javascript
Cache-Control: no-store
Accept-Ranges: bytes
Content-Length: 255082

GET
H/1.1 200
OK bootstrap.min.js Show response
axs-finance-salesforce-app-qa.herokuapp.com/webjars/bootstrap/5.2.0/js/ 59 KB
59 KB 360ms
121ms Script
application/javascript 50.16.128.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://axs-finance-salesforce-app-qa.herokuapp.com/webjars/bootstrap/5.2.0/js/bootstrap.min.js
Requested by: Host: axs-finance-salesforce-app-qa.herokuapp.com
URL: https://axs-finance-salesforce-app-qa.herokuapp.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.16.128.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-128-104.compute-1.amazonaws.com
Software: /
Resource Hash: 0ce9de398de7e7ec63e836b70090643c7c5a3f29ea4a519a67defdd206c13ac1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://axs-finance-salesforce-app-qa.herokuapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Mon, 27 Mar 2023 00:31:59 GMT
Via: 1.1 spaces-router (e46a9e002bdb)
Last-Modified: Wed, 14 Dec 2022 15:05:32 GMT
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: application/javascript
Cache-Control: no-store
Accept-Ranges: bytes
Content-Length: 60104

GET
H3 200 glyphicons-halflings-regular.woff2
maxcdn.bootstrapcdn.com/bootstrap/3.3.4/fonts/ 18 KB
18 KB 100ms
56ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/fonts/glyphicons-halflings-regular.woff2

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css
Origin: https://axs-finance-salesforce-app-qa.herokuapp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 00:32:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
cdn-edgestorageid: 1049
cdn-cachedat: 11/12/2022 05:25:23
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18028
last-modified: Mon, 25 Jan 2021 22:03:58 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: "448c34a56d699c29117adc64c43affeb"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 8df0c77dfbc11d2d14fca5196e2c9689
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7ae388a34979bbec-FRA
cdn-requestpullsuccess: True

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

axs-finance-salesforce-app-qa.herokuapp.com
maxcdn.bootstrapcdn.com
2606:4700::6812:bcf
50.16.128.104
08f6b83435ca3ba12a1499484500e5569a05134843c54862c1d28e229363e4bb
0ce9de398de7e7ec63e836b70090643c7c5a3f29ea4a519a67defdd206c13ac1
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
793cb14b4ae48e92c4a35eae5d34b4b95092e3cd7995ce342b6895a560ef7526
eb639096d82f70d07e7034825c096a4d1ff217e6999d824f038142eb171dde64
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
ff48a5bd9cdbc342a47983abfd86b5f0c2322c778d663d8885b95e8f2886b815

axs-finance-salesforce-app-qa.herokuapp.com Open in urlscan Pro 50.16.128.104 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

8 Requests

100 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

444 kBTransfer

537 kBSize

0 Cookies

18 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

0 Cookies

Indicators

axs-finance-salesforce-app-qa.herokuapp.com Open in urlscan Pro
50.16.128.104 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

444 kB
Transfer

537 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions