sandbox.accounts.dev-sheba.xyz
Open in
urlscan Pro
103.197.207.58
Public Scan
Effective URL: https://sandbox.accounts.dev-sheba.xyz/login
Submission: On April 15 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by R3 on April 15th 2021. Valid for: 3 months.
This is the only time sandbox.accounts.dev-sheba.xyz was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 4 | 103.197.207.58 103.197.207.58 | 136759 (COSMOPOLI...) (COSMOPOLITAN1-AS-AP Cosmopolitan Communications Limited) | |
1 | 2606:4700::68... 2606:4700::6810:125e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 2606:4700::68... 2606:4700::6812:acf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2a00:1450:400... 2a00:1450:4001:80e::200e | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:813::200a | 15169 (GOOGLE) (GOOGLE) | |
3 | 52.219.66.33 52.219.66.33 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 52.219.62.103 52.219.62.103 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 52.219.64.119 52.219.64.119 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 2a03:2880:f01... 2a03:2880:f013:d:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK) | |
22 | 10 |
ASN136759 (COSMOPOLITAN1-AS-AP Cosmopolitan Communications Limited, BD)
sandbox.accounts.dev-sheba.xyz |
ASN16509 (AMAZON-02, US)
PTR: s3.ap-south-1.amazonaws.com
s3.ap-south-1.amazonaws.com |
ASN16509 (AMAZON-02, US)
PTR: s3-r-w.ap-south-1.amazonaws.com
cdn-shebadev.s3.ap-south-1.amazonaws.com |
ASN16509 (AMAZON-02, US)
PTR: s3-r-w.ap-south-1.amazonaws.com
cdn-shebaxyz.s3.ap-south-1.amazonaws.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
amazonaws.com
s3.ap-south-1.amazonaws.com cdn-shebadev.s3.ap-south-1.amazonaws.com cdn-shebaxyz.s3.ap-south-1.amazonaws.com |
84 KB |
4 |
dev-sheba.xyz
2 redirects
sandbox.accounts.dev-sheba.xyz |
8 KB |
3 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com |
35 KB |
2 |
facebook.net
connect.facebook.net |
67 KB |
2 |
googleapis.com
ajax.googleapis.com |
116 KB |
2 |
google.com
apis.google.com |
55 KB |
1 |
cloudflare.com
cdnjs.cloudflare.com |
6 KB |
22 | 7 |
Domain | Requested by | |
---|---|---|
4 | sandbox.accounts.dev-sheba.xyz |
2 redirects
sandbox.accounts.dev-sheba.xyz
|
3 | s3.ap-south-1.amazonaws.com |
sandbox.accounts.dev-sheba.xyz
|
3 | maxcdn.bootstrapcdn.com |
sandbox.accounts.dev-sheba.xyz
|
2 | connect.facebook.net |
sandbox.accounts.dev-sheba.xyz
connect.facebook.net |
2 | ajax.googleapis.com |
sandbox.accounts.dev-sheba.xyz
|
2 | apis.google.com |
sandbox.accounts.dev-sheba.xyz
apis.google.com |
1 | cdn-shebaxyz.s3.ap-south-1.amazonaws.com |
sandbox.accounts.dev-sheba.xyz
|
1 | cdn-shebadev.s3.ap-south-1.amazonaws.com |
sandbox.accounts.dev-sheba.xyz
|
1 | cdnjs.cloudflare.com |
sandbox.accounts.dev-sheba.xyz
|
22 | 9 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sandbox.api.dev-sheba.xyz R3 |
2021-04-15 - 2021-07-14 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-10-21 - 2021-10-20 |
a year | crt.sh |
*.apis.google.com GTS CA 1O1 |
2021-03-23 - 2021-06-15 |
3 months | crt.sh |
upload.video.google.com GTS CA 1O1 |
2021-03-16 - 2021-06-08 |
3 months | crt.sh |
*.s3.ap-south-1.amazonaws.com DigiCert Baltimore CA-2 G2 |
2021-01-12 - 2022-01-19 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2021-02-10 - 2021-05-10 |
3 months | crt.sh |
*.google.com GTS CA 1O1 |
2021-03-23 - 2021-06-15 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://sandbox.accounts.dev-sheba.xyz/login
Frame ID: 537631C79FC0F65626BB45285C7F31E2
Requests: 22 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://sandbox.accounts.dev-sheba.xyz/
HTTP 302
http://sandbox.accounts.dev-sheba.xyz/login HTTP 301
https://sandbox.accounts.dev-sheba.xyz/login Page URL
Detected technologies
Debian (Operating Systems) ExpandDetected patterns
- headers server /Debian/i
Bootstrap (Web Frameworks) Expand
Detected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Facebook (Widgets) Expand
Detected patterns
- script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Font Awesome (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Google Plus (Widgets) Expand
Detected patterns
- script /apis\.google\.com\/js\/[a-z]*\.js/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://sandbox.accounts.dev-sheba.xyz/
HTTP 302
http://sandbox.accounts.dev-sheba.xyz/login HTTP 301
https://sandbox.accounts.dev-sheba.xyz/login Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
login
sandbox.accounts.dev-sheba.xyz/ Redirect Chain
|
33 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ |
30 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ |
118 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
platform.js
apis.google.com/js/ |
54 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.3/ |
82 KB 83 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
s3.ap-south-1.amazonaws.com/cdn-shebaxyz/images/accounts/ |
77 KB 77 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
smartphone.png
sandbox.accounts.dev-sheba.xyz/assets/images/ |
568 B 673 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
facebook.png
s3.ap-south-1.amazonaws.com/cdn-shebaxyz/icons/ |
862 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
google.png
s3.ap-south-1.amazonaws.com/cdn-shebaxyz/icons/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sheba-logo-white.png
cdn-shebadev.s3.ap-south-1.amazonaws.com/partner_assets/assets/images/logo/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bangladesh.png
cdn-shebaxyz.s3.ap-south-1.amazonaws.com/partner_assets/assets/images/ |
772 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ |
94 KB 33 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ |
36 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
style.css
sandbox.accounts.dev-sheba.xyz/assets/css/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
bootstrap-datepicker3.min.css
sandbox.accounts.dev-sheba.xyz/assets/css/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
flaticon.css
sandbox.accounts.dev-sheba.xyz/assets/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
vue.js
sandbox.accounts.dev-sheba.xyz/assets/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
redirectMixin.js
sandbox.accounts.dev-sheba.xyz/assets/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/en_US/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.MWM3Xj_RD9s.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg/ |
102 KB 34 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/en_US/ |
217 KB 65 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- sandbox.accounts.dev-sheba.xyz
- URL
- http://sandbox.accounts.dev-sheba.xyz/assets/css/style.css
- Domain
- sandbox.accounts.dev-sheba.xyz
- URL
- http://sandbox.accounts.dev-sheba.xyz/assets/css/bootstrap-datepicker3.min.css
- Domain
- sandbox.accounts.dev-sheba.xyz
- URL
- http://sandbox.accounts.dev-sheba.xyz/assets/fonts/flaticon.css
- Domain
- sandbox.accounts.dev-sheba.xyz
- URL
- http://sandbox.accounts.dev-sheba.xyz/assets/js/vue.js
- Domain
- sandbox.accounts.dev-sheba.xyz
- URL
- http://sandbox.accounts.dev-sheba.xyz/assets/js/redirectMixin.js
Verdicts & Comments Add Verdict or Comment
17 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| gapi object| ___jsl function| $ function| jQuery object| jQuery111304973531004308491 function| fbAsyncInit object| osapi object| FB2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
sandbox.accounts.dev-sheba.xyz/ | Name: accounts_sheba Value: eyJpdiI6IldTU3EwZEo3V0VveEY1QVpMYjRPd3c9PSIsInZhbHVlIjoidm5mMllTRDk5VUlpWmZRaVpadHo1Tm4rdE9ud1JcL3hHR3FZWUZjV0o3YnVYbTlNb3M0S1hmSFwvY2pTV2pLUzljM2pUTGxINEorSXJ4NSsxWTd4N3drQT09IiwibWFjIjoiYTNhNTAxNmZjNDE5NDA2N2ZhYjVhZWRhNjM1OTU2ZGMwMmIyNzg1MTM4ZTM1MTg0YjE4ZDdjMWNiMTg3ZTMwMCJ9 |
|
sandbox.accounts.dev-sheba.xyz/ | Name: XSRF-TOKEN Value: eyJpdiI6Im42bHA4bHpybFpDT25CYVRZMDJrNUE9PSIsInZhbHVlIjoiRmVLQXVsUVZcL29qVkxDY3ZxOXQ3S2JFSGtaUlV0OFwvTzNpd0pJWGlKQU5QdU05RGR6ZW9vZVNuQ3BUMGpjUER1MUc5SHVYOUUwb1FcL0pJWjVESklRS2c9PSIsIm1hYyI6IjgyYTUyOWEzMTA2YTg1NzI0ZTkxYTQyOWFhODg5MzQ2ZmQyYzI2ODFlMjI4ZjIyZWZmODk5MTA5Yjg3Mzk3NjkifQ%3D%3D |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
apis.google.com
cdn-shebadev.s3.ap-south-1.amazonaws.com
cdn-shebaxyz.s3.ap-south-1.amazonaws.com
cdnjs.cloudflare.com
connect.facebook.net
maxcdn.bootstrapcdn.com
s3.ap-south-1.amazonaws.com
sandbox.accounts.dev-sheba.xyz
sandbox.accounts.dev-sheba.xyz
103.197.207.58
2606:4700::6810:125e
2606:4700::6812:acf
2a00:1450:4001:80e::200e
2a00:1450:4001:813::200a
2a03:2880:f013:d:face:b00c:0:3
52.219.62.103
52.219.64.119
52.219.66.33
130985ff67679c40253b22a2ea8315419b048410058ebad6c2327629d70d25d6
394e4f44e40d2b2caa7457d394345190b97e1b8be9a85a738310e33aebb69f8c
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
6289a67bc4acdbdafbc49c8db8bee69deaca8a0a5a9321011b96e2cc9c242eba
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8081f352321e91747e62232127cb4c4628421c531ee6e7f2492288467525562b
8182bf6eb09f1e83bba3f130026e4a90b285a7b1853a60f4386975c4d31ba934
8842819458fa6176ebf40a6459b2915a1c2b02ace9ac581fa7e47245ab99b485
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
91800887a296e209863f29a9780c4a2f9a84ed82372722acae129bd9150b65af
92a7757d484b4ae30862641fb9c6c7560e01c3c0c49578fc42764a9a21d29058
aa3813f2c658b887654334b4c091c00e2c8aca9b407f2d6691365c7eea82fced
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
b3bf5a1e90b0ec4ae3a0d64a4f6482a065d0bdb0a281505fb117320ecf625e6a
f427108a3bb3749fe663df4b7ae84de3a12794354a6c3398a26d6d32f652a8db
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c