googledrive12hmagroup.herokuapp.com
Open in
urlscan Pro
107.22.57.98
Public Scan
URL:
http://googledrive12hmagroup.herokuapp.com/upload/posta/0/step?email=a.valenti%40inail.it
Submission Tags: falconsandbox
Submission: On January 13 via api from US — Scanned from DE
Submission Tags: falconsandbox
Submission: On January 13 via api from US — Scanned from DE
Summary
This website contacted 2 IPs
in 1 countries
across 2 domains to perform 5 HTTP transactions.
The main IP is 107.22.57.98, located in
Ashburn, United States and
belongs to AMAZON-AES, US.
The main domain is googledrive12hmagroup.herokuapp.com.
This is the only time googledrive12hmagroup.herokuapp.com was scanned on urlscan.io!
This is the only time googledrive12hmagroup.herokuapp.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 4 | 107.22.57.98 107.22.57.98 | 14618 (AMAZON-AES) (AMAZON-AES) | |
| 1 | 2606:4700::68... 2606:4700::6810:125e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 5 | 2 |
4
107.22.57.98
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-107-22-57-98.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-107-22-57-98.compute-1.amazonaws.com
| googledrive12hmagroup.herokuapp.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 4 |
herokuapp.com
googledrive12hmagroup.herokuapp.com |
332 KB |
| 1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 202 |
6 KB |
| 5 | 2 |
| Domain | Requested by | |
|---|---|---|
| 4 | googledrive12hmagroup.herokuapp.com |
googledrive12hmagroup.herokuapp.com
|
| 1 | cdnjs.cloudflare.com |
googledrive12hmagroup.herokuapp.com
|
| 5 | 2 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-09-21 - 2022-09-20 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
http://googledrive12hmagroup.herokuapp.com/upload/posta/0/step?email=a.valenti%40inail.it
Frame ID: A851FCB0814FD518CB7B93B355300C82
Requests: 5 HTTP requests in this frame
Screenshot
Page Title
~SHARED#D0C~,Detected technologies
Heroku
(PaaS)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- \.herokuapp\.com
Font Awesome
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
5 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
step
googledrive12hmagroup.herokuapp.com/upload/posta/0/ |
7 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-3.6.0.min.js
googledrive12hmagroup.herokuapp.com/js/ |
136 KB 136 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ |
30 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
av061.png
googledrive12hmagroup.herokuapp.com/img/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
001.png
googledrive12hmagroup.herokuapp.com/img/ |
183 KB 184 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onsecuritypolicyviolation object| onslotchange function| $ function| jQuery0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdnjs.cloudflare.com
googledrive12hmagroup.herokuapp.com
107.22.57.98
2606:4700::6810:125e
384c4614cdb7fc92a9c311a3daf15d2a78e2ce4690c7b87fc5a42ec42e8c0149
3fe2e6bec88c9dfda8a8a396ef687309fb6663b5da176f5dce730e44763e298b
41df5f4cb67802dae36851b74380b418fbf4155af71a09ab2e11fdcceb72c5d1
588b53aa7f0e1bf09bd2d7fe8d575c516d3ea1a99356357f3ee1ff58e1dba166
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd