root-sso.herokuapp.com
Open in
urlscan Pro
52.54.232.157
Public Scan
Submission Tags: @phishunt_io
Submission: On January 21 via api from ES
Summary
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on June 15th 2020. Valid for: a year.
This is the only time root-sso.herokuapp.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
4 | 52.54.232.157 52.54.232.157 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 2a00:1450:400... 2a00:1450:4001:803::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:81b::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:820::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 52.216.115.11 52.216.115.11 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 151.101.14.110 151.101.14.110 | 54113 (FASTLY) (FASTLY) | |
2 | 162.247.242.20 162.247.242.20 | 23467 (NEWRELIC-...) (NEWRELIC-AS-1) | |
11 | 7 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-232-157.compute-1.amazonaws.com
root-sso.herokuapp.com |
ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
rootincapps.s3.amazonaws.com |
ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-8.nr-data.net
bam.nr-data.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
herokuapp.com
root-sso.herokuapp.com |
705 KB |
2 |
nr-data.net
bam.nr-data.net |
464 B |
2 |
gstatic.com
fonts.gstatic.com |
26 KB |
1 |
newrelic.com
js-agent.newrelic.com |
11 KB |
1 |
amazonaws.com
rootincapps.s3.amazonaws.com |
13 KB |
1 |
googleapis.com
fonts.googleapis.com |
1 KB |
11 | 6 |
Domain | Requested by | |
---|---|---|
4 | root-sso.herokuapp.com |
root-sso.herokuapp.com
|
2 | bam.nr-data.net |
js-agent.newrelic.com
|
2 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | js-agent.newrelic.com |
root-sso.herokuapp.com
|
1 | rootincapps.s3.amazonaws.com |
root-sso.herokuapp.com
|
1 | fonts.googleapis.com |
root-sso.herokuapp.com
|
11 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.herokuapp.com DigiCert SHA2 High Assurance Server CA |
2020-06-15 - 2021-07-07 |
a year | crt.sh |
upload.video.google.com GTS CA 1O1 |
2021-01-05 - 2021-03-30 |
3 months | crt.sh |
*.gstatic.com GTS CA 1O1 |
2021-01-05 - 2021-03-30 |
3 months | crt.sh |
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2 |
2019-11-09 - 2021-03-12 |
a year | crt.sh |
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3 |
2020-12-28 - 2021-05-07 |
4 months | crt.sh |
*.nr-data.net DigiCert SHA2 Secure Server CA |
2020-02-05 - 2022-02-08 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://root-sso.herokuapp.com/login
Frame ID: 91D13C2842A91EC5ABDB42E6FED6FC41
Requests: 11 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
login
root-sso.herokuapp.com/ |
12 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.css
root-sso.herokuapp.com/css/ |
147 KB 147 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
footer-root-logo.svg
root-sso.herokuapp.com/img/ |
6 KB 6 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.js
root-sso.herokuapp.com/js/ |
539 KB 539 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
26 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
root-logo.png
rootincapps.s3.amazonaws.com/root-sso/img/ |
13 KB 13 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nr-1194.min.js
js-agent.newrelic.com/ |
27 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
NRJS-a20e460c80165c8a7fe
bam.nr-data.net/1/ |
57 B 275 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
NRJS-a20e460c80165c8a7fe
bam.nr-data.net/events/1/ |
24 B 189 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
21 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| NREUM object| newrelic function| __nr_require object| sso function| _ function| jQuery function| $ function| axios string| _genericErrorMessage object| __core-js_shared__ object| core object| scCGSHMRCache2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
root-sso.herokuapp.com/ | Name: laravel_session Value: eyJpdiI6InVTbzZxZEVaM2REd1wvcDlHQTFwV0hRPT0iLCJ2YWx1ZSI6ImlWazRzcCt2SVlsWmUrSVJFeEVqTUhpMWV4djYwNzRFR0loNFwvUDRka0ltaWtSeUFHTFh5a25HR1F3cXNJeGZKNmxnZllyNGVwbmZ1ckVlOFpiSkFpcmNvQm9NTzA2Nng2ekNtaFVzb2VnMWxoOUVPY0Q2bGVlTThxVWw2dStlMyIsIm1hYyI6ImFjNGU4OTZjNjYxYjM3NjQ4NDA2NjQzODk1MGJlNDdmMTk0ZGNjNTJkYWY0NGY2MzM2OTY1M2UyZWZjYTFhNDkifQ%3D%3D |
|
root-sso.herokuapp.com/ | Name: XSRF-TOKEN Value: eyJpdiI6IjdSc2V5RUJGVFROQ05mWHVYdmw4cVE9PSIsInZhbHVlIjoiKzBlRzZzN2lJS3FiRmhJSElFSHpWUjIyYWtHU2ZBMCtpK2tBem9pRDRFd0h6VGpQS0hKQm9yNGhFUEtuV3VtSGQ3ZWlJVmt0cFQ5ZkhZSlFqYldVTEhMbERyUFpVUVJ4Zjg1UjJOQ2pEb0RYTVNEUzRUUWloMWVmRmNmWFRVTmUiLCJtYWMiOiI0NmMyM2Q2YTQ0YTdhNjAzNDJmZGU4Yzc5MWRjNDdlYzgyMjQ2MjBlMDM3Yjg4MzJkZmU0ZjM4NzllMTQ1NmMyIn0%3D |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bam.nr-data.net
fonts.googleapis.com
fonts.gstatic.com
js-agent.newrelic.com
root-sso.herokuapp.com
rootincapps.s3.amazonaws.com
151.101.14.110
162.247.242.20
2a00:1450:4001:803::200a
2a00:1450:4001:81b::2003
2a00:1450:4001:820::2003
52.216.115.11
52.54.232.157
04446c6509e4513c239c7803cf8a8c3727e8cef843c8537e48d5e05e1fa723cd
08ef450eb05f303724deefd24a572634a78717f38bdff74b558af5119e295eb3
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
2c93495fc88fbffc9b64468686f9ce75852d7be028703d5e8978dfa7dcc1985b
3da0e4326d49f72c69a45efc72ef2466107f1a09dd1533f2080ea63c4529d5eb
487f2e9da2ff0740755a5ef01dc15a2888b89537795895203a831b13b199d8bb
66d80400f1100b6f748c810e9b8d41af1df7b1808fa9e5744075c7cc0453cf39
ba5c840639f652949f5137e8c335ac7e886845a9c452e236fa531489d136a055
d718f531a46718f243e464722c7d1c182733d0b647bc1358da68cda4f58023f7
ecf76895be1cf9e8b3edb254030e9c9c1d8f3c2efc1f9dc7e04ceff29eccae9c
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23