urlscan.io logo urlscan.io
SecurityTrails logo

id.heroku.com Open in urlscan Pro
54.84.2.221  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://dashboard.heroku.com/apps/crossey
Effective URL: https://id.heroku.com/login
Submission: On November 14 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 1 countries across 6 domains to perform 43 HTTP transactions. The main IP is 54.84.2.221, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is id.heroku.com. The Cisco Umbrella rank of the primary domain is 398210.
TLS certificate: Issued by R3 on November 11th 2022. Valid for: 3 months.
This is the only time id.heroku.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 151.101.2.133 54113 (FASTLY)
5 151.101.64.176 54113 (FASTLY)
7 2600:9000:20e... 16509 (AMAZON-02)
1 1 18.213.108.75 14618 (AMAZON-AES)
1 8 54.84.2.221 14618 (AMAZON-AES)
3 54.187.159.182 16509 (AMAZON-02)
7 13.224.214.32 16509 (AMAZON-02)
4 151.101.65.145 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
43 9
5    151.101.2.133 (United States)

ASN54113 (FASTLY, US)
dashboard.heroku.com
5    151.101.64.176 (United States)

ASN54113 (FASTLY, US)
js.stripe.com
m.stripe.network
7    2600:9000:20ed:9200:15:5f5a:e9c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.herokucdn.com
1    18.213.108.75 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-108-75.compute-1.amazonaws.com
auth.heroku.com
8    54.84.2.221 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-2-221.compute-1.amazonaws.com
id.heroku.com
3    54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com
q.stripe.com
7    13.224.214.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-32.phl50.r.cloudfront.net
www0.assets.heroku.com
4    151.101.65.145 (United States)

ASN54113 (FASTLY, US)
developer.salesforce.com
1    2606:4700::6812:1b55 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
Apex Domain
Subdomains		 Transfer
21 heroku.com
dashboard.heroku.com — Cisco Umbrella Rank: 383661
auth.heroku.com — Cisco Umbrella Rank: 467704
id.heroku.com — Cisco Umbrella Rank: 398210
www0.assets.heroku.com — Cisco Umbrella Rank: 288305
2 MB
7 herokucdn.com
www.herokucdn.com — Cisco Umbrella Rank: 139864
266 KB
6 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1156
q.stripe.com — Cisco Umbrella Rank: 6165
m.stripe.com Failed
98 KB
4 salesforce.com
developer.salesforce.com — Cisco Umbrella Rank: 71509
29 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1214
17 KB
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 690
237 B
43 6
Domain Requested by
8 id.heroku.com 1 redirects dashboard.heroku.com
id.heroku.com
7 www0.assets.heroku.com id.heroku.com
www0.assets.heroku.com
developer.salesforce.com
7 www.herokucdn.com dashboard.heroku.com
id.heroku.com
5 dashboard.heroku.com dashboard.heroku.com
4 developer.salesforce.com id.heroku.com
dashboard.heroku.com
developer.salesforce.com
3 q.stripe.com dashboard.heroku.com
3 js.stripe.com dashboard.heroku.com
js.stripe.com
2 m.stripe.network js.stripe.com
m.stripe.network
1 geolocation.onetrust.com developer.salesforce.com
1 auth.heroku.com 1 redirects
0 m.stripe.com Failed m.stripe.network
43 11

This site contains links to these domains. Also see Links.

Domain
www.heroku.com
sso.heroku.com
heroku.com
www.salesforce.com
www.onetrust.com
Subject Issuer Validity Valid
dashboard.heroku.com
R3		 2022-10-29 -
2023-01-27		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2022-10-19 -
2023-01-11		 3 months crt.sh
www.herokucdn.com
Amazon		 2022-02-23 -
2023-03-24		 a year crt.sh
id.heroku.com
R3		 2022-11-11 -
2023-02-09		 3 months crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-12 -
2023-03-09		 4 months crt.sh
*.assets.heroku.com
Amazon		 2022-07-10 -
2023-08-08		 a year crt.sh
developer.salesforce.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-20 -
2023-10-11		 a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2022-01-12 -
2023-01-12		 a year crt.sh

This page contains 3 frames:

Primary Page: https://id.heroku.com/login
Frame ID: 960808CB9FBFEDD1EB12AEF2C65BEA91
Requests: 36 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: 1D5F4E9410B38D63F8CCC5D1ACBCDB44
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 7CE3A38C06D98E6D2A8713E0F163FD7E
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Heroku | LoginBack ButtonFilter Button

Page URL History Show full URLs

  1. https://dashboard.heroku.com/apps/crossey Page URL
  2. https://auth.heroku.com/login?redirect_uri=https%3A%2F%2Fdashboard.heroku.com%2Fauth%2Fheroku%2Fcall... HTTP 302
    https://id.heroku.com/oauth/authorize?client_id=d2ef2b24-e72c-4adf-8506-28db2218547d&response_type... HTTP 302
    https://id.heroku.com/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Page Statistics

43
Requests

91 %
HTTPS

22 %
IPv6

6
Domains

11
Subdomains

9
IPs

1
Countries

2154 kB
Transfer

7364 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://dashboard.heroku.com/apps/crossey Page URL
  2. https://auth.heroku.com/login?redirect_uri=https%3A%2F%2Fdashboard.heroku.com%2Fauth%2Fheroku%2Fcallback&state=2e1d936c02bd9607e79c7a9f039e18af22f0dffaa4c0f371595f9e0dec7133ae HTTP 302
    https://id.heroku.com/oauth/authorize?client_id=d2ef2b24-e72c-4adf-8506-28db2218547d&response_type=code&scope=global%2Cplatform&state=SFMyNTY.g2gDbQAAAHhodHRwczovL2Rhc2hib2FyZC5oZXJva3UuY29tL2F1dGgvaGVyb2t1L2NhbGxiYWNrP3N0YXRlPTJlMWQ5MzZjMDJiZDk2MDdlNzljN2E5ZjAzOWUxOGFmMjJmMGRmZmFhNGMwZjM3MTU5NWY5ZTBkZWM3MTMzYWVuBgDIft53hAFiAAFRgA.eJUR_L_h_fCGv014yp7zIib9PSEItZ3CmtsyAUEKALw HTTP 302
    https://id.heroku.com/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

43 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
crossey
dashboard.heroku.com/apps/ 		60 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dashboard.heroku.com/apps/crossey
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8201368fd868df8f3542c7e55f0c2e87f064258855ddd8097b4918b0f58dd3a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
3404
cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
19663
content-type
text/html; charset=utf-8
date
Mon, 14 Nov 2022 20:39:41 GMT
etag
"db600dc83f7caa9529b6ebcec55f6572"
expires
Wed, 07 November 1917 13:00:00 GMT
last-modified
Mon, 14 Nov 2022 19:42:09 GMT
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains;
vary
Accept-Encoding
via
1.1 varnish
x-amz-version-id
4gTpJclH2e0H0AnpySh5YG4Dp84pprxu
x-cache
HIT
x-cache-hits
1
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-heroku-cdn-owner
hit
x-served-by
cache-yul12825-YUL
x-xss-protection
1; mode=block
vendor-8ede1d945f763edd520846ef57bd5833.css
dashboard.heroku.com/assets/ 		2 KB
924 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dashboard.heroku.com/assets/vendor-8ede1d945f763edd520846ef57bd5833.css
Requested by
Host: dashboard.heroku.com
URL: https://dashboard.heroku.com/apps/crossey
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
aeb98cbda6d8bba84a03bab073a9c3e9cc9334d11038d1362309427fe0bf837f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dashboard.heroku.com/apps/crossey
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-cache-hits
12
x-amz-version-id
wAL6Z.x.OPhnjRYnbot2UCgPwBh8zcJe
content-encoding
gzip
via
1.1 varnish
date
Mon, 14 Nov 2022 20:39:41 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains;
age
3390
x-cache
HIT
x-heroku-cdn-owner
hit
content-length
755
x-xss-protection
1; mode=block
x-served-by
cache-yul12825-YUL
last-modified
Mon, 14 Nov 2022 19:42:09 GMT
etag
"8ede1d945f763edd520846ef57bd5833"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
cache-control
max-age=63072000, public
accept-ranges
bytes
expires
Tue, 01 Jan 2030 00:00:00 GMT
dashboard-dd96f673982c4da147f118ec3f6ed135.css
dashboard.heroku.com/assets/ 		436 KB
71 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dashboard.heroku.com/assets/dashboard-dd96f673982c4da147f118ec3f6ed135.css
Requested by
Host: dashboard.heroku.com
URL: https://dashboard.heroku.com/apps/crossey
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
38b8caaa38c42f00157c7f12e1f9e22bfd9ac43e606ca1a764b17f6afd6660b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dashboard.heroku.com/apps/crossey
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-cache-hits
1
x-amz-version-id
GRbhlAdWl8ihJ9jSia4scLgiIhuYhVw4
content-encoding
gzip
via
1.1 varnish
date
Mon, 14 Nov 2022 20:39:41 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains;
age
3390
x-cache
HIT
x-heroku-cdn-owner
hit
content-length
72872
x-xss-protection
1; mode=block
x-served-by
cache-yul12825-YUL
last-modified
Mon, 14 Nov 2022 19:42:09 GMT
etag
"dd96f673982c4da147f118ec3f6ed135"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
cache-control
max-age=63072000, public
accept-ranges
bytes
expires
Tue, 01 Jan 2030 00:00:00 GMT
/
js.stripe.com/v3/ 		397 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: dashboard.heroku.com
URL: https://dashboard.heroku.com/apps/crossey
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
e3c2ee37f14bcd256dde31d5d39cb53efb57a71e183d12082c49e58ed5d42f80
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dashboard.heroku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 14 Nov 2022 20:39:41 GMT
via
1.1 varnish
age
4
x-cache
HIT
content-length
97228
x-request-id
b65e8228-52c3-4edf-8bfb-73d5fed2c8a4
x-served-by
cache-yul12832-YUL
last-modified
Mon, 14 Nov 2022 17:34:23 GMT
server
Fastly
etag
"bd0f0fedc9cb056b6a4db0333272a833"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
503
vendor-3326978bb96bf1600927a41422086fd4.js
dashboard.heroku.com/assets/ 		2 MB
492 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dashboard.heroku.com/assets/vendor-3326978bb96bf1600927a41422086fd4.js
Requested by
Host: dashboard.heroku.com
URL: https://dashboard.heroku.com/apps/crossey
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e1ed719f12a8f52b6f2c7af5688e7b223db3790b1aedc180324bcc79167bd870
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dashboard.heroku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-cache-hits
1
x-amz-version-id
Y0sevrMhLng4AKyBdAjv_dStt4UaYr2G
content-encoding
gzip
via
1.1 varnish
date
Mon, 14 Nov 2022 20:39:41 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains;
age
3404
x-cache
HIT
x-heroku-cdn-owner
hit
content-length
503158
x-xss-protection
1; mode=block
x-served-by
cache-yul12825-YUL
last-modified
Mon, 14 Nov 2022 19:42:09 GMT
etag
"3d1f0182c630674e00efe927a7af777a"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
max-age=63072000, public
accept-ranges
bytes
expires
Tue, 01 Jan 2030 00:00:00 GMT
dashboard-7f6340f22f498e0dbb0de4f383b16b22.js
dashboard.heroku.com/assets/ 		3 MB
592 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dashboard.heroku.com/assets/dashboard-7f6340f22f498e0dbb0de4f383b16b22.js
Requested by
Host: dashboard.heroku.com
URL: https://dashboard.heroku.com/apps/crossey
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e76dee83875cabe0363f59ff3010344e53749407d57b9a65b21e0c01979e4bdd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dashboard.heroku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-cache-hits
1
x-amz-version-id
sKq8zTn61jR4YpOiRzKf7CwuYZyPxUfk
content-encoding
gzip
via
1.1 varnish
date
Mon, 14 Nov 2022 20:39:41 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains;
age
3403
x-cache
HIT
x-heroku-cdn-owner
hit
content-length
606213
x-xss-protection
1; mode=block
x-served-by
cache-yul12825-YUL
last-modified
Mon, 14 Nov 2022 19:42:09 GMT
etag
"2bdd55658dd2a3eedf68f8533cec4503"
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
max-age=63072000, public
accept-ranges
bytes
expires
Tue, 01 Jan 2030 00:00:00 GMT
glostick-heroku-dashboard.min.js
www.herokucdn.com/glostick/2.5.0/ 		93 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.herokucdn.com/glostick/2.5.0/glostick-heroku-dashboard.min.js
Requested by
Host: dashboard.heroku.com
URL: https://dashboard.heroku.com/apps/crossey
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:9200:15:5f5a:e9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
024dd787fdb4ac4ce481ef54b823cdb9fc37c02ddcd4b0135431250ab58b46d3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dashboard.heroku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 13:58:16 GMT
content-encoding
gzip
via
1.1 193d4441ee6d312fd234f2d28e48c110.cloudfront.net (CloudFront)
last-modified
Mon, 03 Oct 2022 18:11:12 GMT
server
AmazonS3
x-amz-cf-pop
PHL50-C1
age
24086
etag
W/"3f89c97e9ebe433f57c3a51681a3c8bc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400, public
x-amz-cf-id
PgP7JXp9BPr9GI9e5mIPfCJ0ErquLJ146kxFs2RciWYafDO3FbAvcA==
expires
Mon, 31 Dec 2029 18:00:00 GMT
purple3.min.css
www.herokucdn.com/purple3/4.11.0/ 		144 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.herokucdn.com/purple3/4.11.0/purple3.min.css
Requested by
Host: dashboard.heroku.com
URL: https://dashboard.heroku.com/assets/dashboard-dd96f673982c4da147f118ec3f6ed135.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:9200:15:5f5a:e9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6b8b89e8c8d78dcbf2157760d306a89fdb6944d2d2c81bc903719f8b0cd071dd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dashboard.heroku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 11:37:29 GMT
content-encoding
gzip
via
1.1 193d4441ee6d312fd234f2d28e48c110.cloudfront.net (CloudFront)
last-modified
Mon, 03 Oct 2022 18:11:15 GMT
server
AmazonS3
x-amz-cf-pop
PHL50-C1
age
32533
etag
W/"f178dc49a8f39f742d0658b99a8ccce3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=86400, public
x-amz-cf-id
srutj3yUWvieoY7eymVwY7KM33IQRObjRkmycUzauhLuffDxDR_TFg==
expires
Mon, 31 Dec 2029 18:00:00 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
SalesforceSans-Regular.woff
www.herokucdn.com/fonts/ 		19 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://www.herokucdn.com/fonts/SalesforceSans-Regular.woff
Requested by
Host: dashboard.heroku.com
URL: https://dashboard.heroku.com/assets/dashboard-dd96f673982c4da147f118ec3f6ed135.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:9200:15:5f5a:e9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://dashboard.heroku.com/
Origin
https://dashboard.heroku.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 08:09:00 GMT
via
1.1 9a4c760031a0dcc526cc9dcd0d0940ea.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
age
45042
x-cache
Hit from cloudfront
content-length
34888
last-modified
Mon, 03 Oct 2022 18:11:10 GMT
server
AmazonS3
etag
"401b32ddc80c4c66d0558df1bc202d9b"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/font-woff
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=86400, public
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
6TBMM2q0NyohA9qMTy6nTN62as2A3q958ie9q5bwGP7rGV6wFjXtfw==
expires
Mon, 31 Dec 2029 18:00:00 GMT
sprite.svg
www.herokucdn.com/malibu/40/ 		199 KB
68 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.herokucdn.com/malibu/40/sprite.svg
Requested by
Host: dashboard.heroku.com
URL: https://dashboard.heroku.com/apps/crossey
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:9200:15:5f5a:e9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://dashboard.heroku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 07:41:40 GMT
content-encoding
gzip
via
1.1 9a4c760031a0dcc526cc9dcd0d0940ea.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
age
46682
x-cache
Hit from cloudfront
last-modified
Mon, 03 Oct 2022 18:11:13 GMT
server
AmazonS3
etag
W/"504bcfbaf3dab47cd518943ad9261214"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=86400, public
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
xzegVf60IFgnCe1HnIKNtUxdL4O9sqJO1qQRi4P4IMfapZnF54kPDQ==
expires
Mon, 31 Dec 2029 18:00:00 GMT
m-outer-93afeeb17bc37e711759584dbfc50d47.html
js.stripe.com/v3/ Frame 1D5F 		200 B
784 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://dashboard.heroku.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
88440
cache-control
max-age=31536000
content-encoding
br
content-length
122
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Mon, 14 Nov 2022 20:39:41 GMT
etag
"93afeeb17bc37e711759584dbfc50d47"
last-modified
Sun, 13 Nov 2022 20:03:40 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
95617
x-content-type-options
nosniff
x-request-id
1a808e3f-4f29-4f25-bb01-c97ce8cbdab3
x-served-by
cache-yul12832-YUL
Primary Request login
id.heroku.com/
Redirect Chain
  • https://auth.heroku.com/login?redirect_uri=https%3A%2F%2Fdashboard.heroku.com%2Fauth%2Fheroku%2Fcallback&state=2e1d936c02bd9607e79c7a9f039e18af22f0dffaa4c0f371595f9e0dec7133ae
  • https://id.heroku.com/oauth/authorize?client_id=d2ef2b24-e72c-4adf-8506-28db2218547d&response_type=code&scope=global%2Cplatform&state=SFMyNTY.g2gDbQAAAHhodHRwczovL2Rhc2hib2FyZC5oZXJva3UuY29tL2F1dGg...
  • https://id.heroku.com/login
3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://id.heroku.com/login
Requested by
Host: dashboard.heroku.com
URL: https://dashboard.heroku.com/assets/dashboard-7f6340f22f498e0dbb0de4f383b16b22.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.84.2.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-2-221.compute-1.amazonaws.com
Software
/
Resource Hash
79e91edb96cdc7c389ce1e4acca620f2d0966fe592e8f4922caa733ee55476fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dashboard.heroku.com/apps/crossey
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Content-Encoding
gzip
Content-Length
1413
Content-Type
text/html;charset=utf-8
Date
Mon, 14 Nov 2022 20:39:42 GMT
Referrer-Policy
strict-origin-when-cross-origin
Request-Id
b892d415-97ff-ff4a-a9f7-23cf0630ddf4
Strict-Transport-Security
max-age=31536000
Vary
Accept-Encoding
Via
1.1 spaces-router (e13668ca8eb7)
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Xss-Protection
1; mode=block

Redirect headers

Content-Length
0
Content-Type
text/html;charset=utf-8
Date
Mon, 14 Nov 2022 20:39:42 GMT
Location
https://id.heroku.com/login
Referrer-Policy
strict-origin-when-cross-origin
Request-Id
78cda80d-444c-c55b-9622-48a14119fdcf
Strict-Transport-Security
max-age=31536000
Via
1.1 spaces-router (e13668ca8eb7)
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Xss-Protection
1; mode=block
csp-report
q.stripe.com/ Frame 1D5F 		0
570 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: dashboard.heroku.com
URL: https://dashboard.heroku.com/apps/crossey
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 14 Nov 2022 20:39:42 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-envoy-upstream-service-time
1
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 1D5F 		0
570 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: dashboard.heroku.com
URL: https://dashboard.heroku.com/apps/crossey
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 14 Nov 2022 20:39:42 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-envoy-upstream-service-time
1
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
m-outer-8cb24ab2d649fd36a488d04d8c457933.js
js.stripe.com/v3/fingerprinted/js/ Frame 1D5F 		631 B
442 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 14 Nov 2022 20:39:41 GMT
via
1.1 varnish
age
88439
x-cache
HIT
content-length
332
x-request-id
ea350db2-317d-4bb2-9e44-18fafeb82f5c
x-served-by
cache-yul12832-YUL
last-modified
Sun, 13 Nov 2022 20:03:40 GMT
server
Fastly
etag
"f8f6a4584135f737b26927596ce6e0a7"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
85544
inner.html
m.stripe.network/ Frame 7CE3 		930 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
127
cache-control
max-age=300, public
content-encoding
gzip
content-length
527
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Mon, 14 Nov 2022 20:39:41 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding, Origin
via
1.1 varnish
x-cache
HIT
x-cache-hits
301
x-content-type-options
nosniff
x-request-id
5c6d5d22-b448-4c02-a7a0-97ea25d6a60d
x-served-by
cache-yul12832-YUL
x-timer
S1668458382.906709,VS0,VE0
csp-report
q.stripe.com/ Frame 7CE3 		0
345 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: dashboard.heroku.com
URL: https://dashboard.heroku.com/apps/crossey
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Mon, 14 Nov 2022 20:39:42 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
nginx
cross-origin-opener-policy
same-origin
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
x-robots-tag
none
content-length
0
expires
0
out-4.5.42.js
m.stripe.network/ Frame 7CE3 		86 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.42.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
date
Mon, 14 Nov 2022 20:39:41 GMT
x-content-type-options
nosniff
content-encoding
gzip
via
1.1 varnish
age
160
x-cache
HIT
content-length
16031
x-request-id
9dd8c1e2-09cc-4bce-90b5-3b3791263570
x-served-by
cache-yul12832-YUL
server
Fastly
x-timer
S1668458382.923810,VS0,VE0
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
accept-ranges
bytes
x-cache-hits
319
6
m.stripe.com/ Frame 7CE3 		0
0
SalesforceSans-Regular.ttf
www.herokucdn.com/fonts/ 		0
0
onetrust.min.css
www0.assets.heroku.com/cookies/2021.05.27/ 		15 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www0.assets.heroku.com/cookies/2021.05.27/onetrust.min.css
Requested by
Host: id.heroku.com
URL: https://id.heroku.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-32.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fa920ed2b8d0d0e8f07e8862636788e4ffa07bb3279b93e4183a12e515984bbb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://id.heroku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
ukKYEEvO7_ctsZlWp2_IxXB2UA_Eh_1K
Date
Mon, 14 Nov 2022 10:00:53 GMT
Via
1.1 aed3f8ed29085c056c75452d71b07f7e.cloudfront.net (CloudFront)
Last-Modified
Thu, 27 May 2021 14:39:56 GMT
Server
AmazonS3
X-Amz-Cf-Pop
PHL50-C1
Age
39634
ETag
"e26d08e6de04b6779020ba9e490ea4c3"
X-Cache
Hit from cloudfront
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15493
X-Amz-Cf-Id
UGysBcJbYNvRQHRrl8ZPMs-E31mr7tFgkaEicgG660tifCdvLY-Pfw==
otSDKStubPlusSfdcWwwBase.js
www0.assets.heroku.com/cookies/2021.05.27/oneTrust_production/scripttemplates/ 		23 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www0.assets.heroku.com/cookies/2021.05.27/oneTrust_production/scripttemplates/otSDKStubPlusSfdcWwwBase.js
Requested by
Host: id.heroku.com
URL: https://id.heroku.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-32.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a13617f3f74e2c9acaa81b9ecf5b3bd71611412c420c87c47d958cbb309ce558

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://id.heroku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
H8kJuzx9QYHMI4tkibX55z0xGn7A7Q4_
Date
Mon, 14 Nov 2022 10:15:07 GMT
Via
1.1 2f0b2738cc23726bda17eb28418ee9c2.cloudfront.net (CloudFront)
Last-Modified
Thu, 27 May 2021 14:39:57 GMT
Server
AmazonS3
X-Amz-Cf-Pop
PHL50-C1
Age
37476
ETag
"8734619b13d86b6aef6913c8d6ca9a6e"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23912
X-Amz-Cf-Id
C3oKF6LViflyIiOAxqNAii-1XLhfO0vQzZEBE5de5K59MCfWSM1QFg==
purple.css
id.heroku.com/assets/8/ 		44 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://id.heroku.com/assets/8/purple.css
Requested by
Host: id.heroku.com
URL: https://id.heroku.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.84.2.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-2-221.compute-1.amazonaws.com
Software
/
Resource Hash
3edf76f3c37a6f1bd12890d5b02e17b78d927994ca1d53e40aaecaec02c2789f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://id.heroku.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
Referrer-Policy
strict-origin-when-cross-origin
X-Content-Type-Options
nosniff
Last-Modified
Tue, 08 Nov 2022 19:34:28 GMT
Date
Mon, 14 Nov 2022 20:39:42 GMT
Via
1.1 spaces-router (e13668ca8eb7)
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
text/css;charset=utf-8
Cache-Control
public, max-age=2592000
Request-Id
ca9735f7-007d-a50d-8065-d7d929ff23b1
modernizr.min.js
id.heroku.com/assets/8/ 		8 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://id.heroku.com/assets/8/modernizr.min.js
Requested by
Host: id.heroku.com
URL: https://id.heroku.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.84.2.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-2-221.compute-1.amazonaws.com
Software
/
Resource Hash
d81cc127eb0f47ac4f335134dedda6e3077dadfb61a33249173912f52cc577c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://id.heroku.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
Referrer-Policy
strict-origin-when-cross-origin
X-Content-Type-Options
nosniff
Last-Modified
Tue, 08 Nov 2022 19:34:28 GMT
Date
Mon, 14 Nov 2022 20:39:42 GMT
Via
1.1 spaces-router (e13668ca8eb7)
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript;charset=utf-8
Cache-Control
public, max-age=2592000
Request-Id
f97f5819-cd86-3458-7f01-c221da01d77c
index.css
developer.salesforce.com/shared-components/css/ 		24 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://developer.salesforce.com/shared-components/css/index.css
Requested by
Host: id.heroku.com
URL: https://id.heroku.com/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.145 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
354381e232e76da43505609fcfb6b812c76d88db3eee8f4deb1285f6a5d4cccf
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.salesforce.com *.force.com
X-Frame-Options allow-from *.salesforce.com *.force.com

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://id.heroku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' *.salesforce.com *.force.com
content-encoding
gzip
via
1.1 vegur, 1.1 varnish
date
Mon, 14 Nov 2022 20:39:42 GMT
age
1588
x-cache
HIT
content-length
4418
x-request-id
27ef6a07ed1ccf7193cd2c720eff6f3da34e5385
x-served-by
cache-yul12826-YUL
last-modified
Thu, 03 Nov 2022 19:41:26 GMT
server
nginx
x-timer
S1668458382.223797,VS0,VE1
etag
W/"63641966-5ff8"
x-frame-options
allow-from *.salesforce.com *.force.com
vary
Accept-Encoding, DfcLocale
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=600
accept-ranges
bytes
x-cache-hits
5
import.js
developer.salesforce.com/shared-components/helmet/ 		65 B
449 B 		Script
General
Check archive.org
Download Go to
Full URL
https://developer.salesforce.com/shared-components/helmet/import.js
Requested by
Host: id.heroku.com
URL: https://id.heroku.com/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.145 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
be040b79ac9cc083f791fa5b713597dc7bc8db6ede8a8be8c82112f22f51e50f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.salesforce.com *.force.com
X-Frame-Options allow-from *.salesforce.com *.force.com

Request headers

Referer
https://id.heroku.com/
Origin
https://id.heroku.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' *.salesforce.com *.force.com
via
1.1 vegur, 1.1 varnish
date
Mon, 14 Nov 2022 20:39:42 GMT
age
1588
x-cache
HIT
content-length
65
x-request-id
df649d2b8a8a0c14a9521b4fabed2ad1db43bdbb
x-served-by
cache-yul12823-YUL
last-modified
Thu, 03 Nov 2022 19:41:26 GMT
server
nginx
x-timer
S1668458382.223269,VS0,VE1
etag
"63641966-41"
x-frame-options
allow-from *.salesforce.com *.force.com
vary
DfcLocale
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=600
accept-ranges
bytes
x-cache-hits
3
2273ccf8-8f23-4d20-bca7-8f0b53cd825e.json
www0.assets.heroku.com/cookies/2021.05.27/oneTrust_production/consent/2273ccf8-8f23-4d20-bca7-8f0b53cd825e/ 		5 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www0.assets.heroku.com/cookies/2021.05.27/oneTrust_production/consent/2273ccf8-8f23-4d20-bca7-8f0b53cd825e/2273ccf8-8f23-4d20-bca7-8f0b53cd825e.json
Requested by
Host: www0.assets.heroku.com
URL: https://www0.assets.heroku.com/cookies/2021.05.27/oneTrust_production/scripttemplates/otSDKStubPlusSfdcWwwBase.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-32.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
68e268099a10375c17685241cfaeceb2600ed9c84e54e5daad56921758807a2c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://id.heroku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Mon, 14 Nov 2022 06:01:24 GMT
x-amz-version-id
HvjBn4XcgP7YQ7mQUYJbWRptGJ4z2Cqa
Via
1.1 9ce56f4e43697d0136ea5de5fa923784.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
PHL50-C1
Age
52699
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
4945
Last-Modified
Thu, 27 May 2021 14:40:00 GMT
Server
AmazonS3
ETag
"e7f87492f8cd6a8b5aa334b568743aca"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/json
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
X-Amz-Cf-Id
XBxJrpgl3fa_lp7ocYqmPtk67GgjYuFgrK3BgEfJivHGfVKifAxDcQ==
entry-main-d2bc4741.js
developer.salesforce.com/shared-components/helmet/ 		233 B
342 B 		Script
General
Check archive.org
Download Go to
Full URL
https://developer.salesforce.com/shared-components/helmet/entry-main-d2bc4741.js
Requested by
Host: dashboard.heroku.com
URL: https://dashboard.heroku.com/apps/crossey
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.145 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
adcaa6e1985eacc21e30c14a15dff64f93a4c908509be07eeefbdbbd796fe959
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.salesforce.com *.force.com
X-Frame-Options allow-from *.salesforce.com *.force.com

Request headers

Referer
https://developer.salesforce.com/shared-components/helmet/import.js
Origin
https://id.heroku.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' *.salesforce.com *.force.com
via
1.1 vegur, 1.1 varnish
date
Mon, 14 Nov 2022 20:39:42 GMT
age
8907
x-cache
HIT
content-length
233
x-request-id
b04dbcf8a905419f606bb9c670e47cbce237d740
x-served-by
cache-yul12823-YUL
last-modified
Thu, 03 Nov 2022 19:41:26 GMT
server
nginx
x-timer
S1668458383.503484,VS0,VE1
etag
"63641966-e9"
x-frame-options
allow-from *.salesforce.com *.force.com
vary
DfcLocale
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
2
vendor-9b00d567.js
developer.salesforce.com/shared-components/helmet/ 		76 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://developer.salesforce.com/shared-components/helmet/vendor-9b00d567.js
Requested by
Host: dashboard.heroku.com
URL: https://dashboard.heroku.com/apps/crossey
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.145 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c236417357803654758fcb9b2cfdc692fa156258f488aeb4501b56fca0d3099e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.salesforce.com *.force.com
X-Frame-Options allow-from *.salesforce.com *.force.com

Request headers

Referer
https://developer.salesforce.com/shared-components/helmet/import.js
Origin
https://id.heroku.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' *.salesforce.com *.force.com
content-encoding
gzip
via
1.1 vegur, 1.1 varnish
date
Mon, 14 Nov 2022 20:39:42 GMT
age
8907
x-cache
HIT
content-length
23484
x-request-id
375e223b23c10672540a42fdc59c99947c3eb5d7
x-served-by
cache-yul12823-YUL
last-modified
Thu, 03 Nov 2022 19:41:26 GMT
server
nginx
x-timer
S1668458383.503493,VS0,VE1
etag
W/"63641966-12fbe"
x-frame-options
allow-from *.salesforce.com *.force.com
vary
Accept-Encoding, DfcLocale
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
2
logo-vertical.png
id.heroku.com/assets/ 		1 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.heroku.com/assets/logo-vertical.png
Requested by
Host: id.heroku.com
URL: https://id.heroku.com/assets/8/purple.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.84.2.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-2-221.compute-1.amazonaws.com
Software
/
Resource Hash
5f59cafcb60c26719f581f961ae3f19d54ab7ba2989a8db1e5a4b572ce6e9c98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://id.heroku.com/assets/8/purple.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
Referrer-Policy
strict-origin-when-cross-origin
X-Content-Type-Options
nosniff
Last-Modified
Tue, 08 Nov 2022 19:34:28 GMT
Date
Mon, 14 Nov 2022 20:39:42 GMT
Via
1.1 spaces-router (e13668ca8eb7)
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=2592000
Request-Id
e8dcb3d7-9d5a-65d2-b7e8-80908b37c219
Content-Length
1302
icon-username.png
id.heroku.com/assets/ 		287 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.heroku.com/assets/icon-username.png
Requested by
Host: id.heroku.com
URL: https://id.heroku.com/assets/8/purple.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.84.2.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-2-221.compute-1.amazonaws.com
Software
/
Resource Hash
b54df4d885604fe5678d5324db7248ea3ea507577131d5ea4e0ae46b6a49a0fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://id.heroku.com/assets/8/purple.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
Referrer-Policy
strict-origin-when-cross-origin
X-Content-Type-Options
nosniff
Last-Modified
Tue, 08 Nov 2022 19:34:28 GMT
Date
Mon, 14 Nov 2022 20:39:42 GMT
Via
1.1 spaces-router (e13668ca8eb7)
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=2592000
Request-Id
e36b76d7-7b18-0ac1-bc6e-f64669656be3
Content-Length
317
icon-password.png
id.heroku.com/assets/ 		205 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.heroku.com/assets/icon-password.png
Requested by
Host: id.heroku.com
URL: https://id.heroku.com/assets/8/purple.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.84.2.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-2-221.compute-1.amazonaws.com
Software
/
Resource Hash
3b06d84d2af9257c894a47fbea58cb27f91065158867274a7b2a52b34b26d65e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://id.heroku.com/assets/8/purple.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
Referrer-Policy
strict-origin-when-cross-origin
X-Content-Type-Options
nosniff
Last-Modified
Tue, 08 Nov 2022 19:34:28 GMT
Date
Mon, 14 Nov 2022 20:39:42 GMT
Via
1.1 spaces-router (e13668ca8eb7)
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=2592000
Request-Id
b082fedf-387d-d1fb-c619-37935af29642
Content-Length
231
logo-sfdc.png
id.heroku.com/assets/ 		3 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.heroku.com/assets/logo-sfdc.png
Requested by
Host: id.heroku.com
URL: https://id.heroku.com/assets/8/purple.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.84.2.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-2-221.compute-1.amazonaws.com
Software
/
Resource Hash
52ac624900170bd014788a565e88b5c98da9a6d4fc354e2601bf088f6d80b5a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://id.heroku.com/assets/8/purple.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
Referrer-Policy
strict-origin-when-cross-origin
X-Content-Type-Options
nosniff
Last-Modified
Tue, 08 Nov 2022 19:34:28 GMT
Date
Mon, 14 Nov 2022 20:39:42 GMT
Via
1.1 spaces-router (e13668ca8eb7)
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
image/png
Cache-Control
public, max-age=2592000
Request-Id
bc47dfb2-0c7e-d362-ed50-361674fa933e
bentonsans-book.woff
www.herokucdn.com/fonts/ 		71 KB
72 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.herokucdn.com/fonts/bentonsans-book.woff
Requested by
Host: id.heroku.com
URL: https://id.heroku.com/assets/8/purple.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:9200:15:5f5a:e9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
048416fe9c54f2f3523a23f30c6bedd1a961aa6e0c9ad169b7fd429811bf9dce

Request headers

Referer
https://id.heroku.com/
Origin
https://id.heroku.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 08:43:12 GMT
via
1.1 9a4c760031a0dcc526cc9dcd0d0940ea.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
age
42991
x-cache
Hit from cloudfront
content-length
73126
last-modified
Mon, 03 Oct 2022 18:11:11 GMT
server
AmazonS3
etag
"cb4d66cf19b9c2a847a296072bb084b7"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/font-woff
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=86400, public
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
O5XGsXgbC3bOhVI5e3TSoztQvG5EAETa199L1MdvPDOtKBsJJO9CMA==
expires
Mon, 31 Dec 2029 18:00:00 GMT
bentonsans-medium.woff
www.herokucdn.com/fonts/ 		36 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.herokucdn.com/fonts/bentonsans-medium.woff
Requested by
Host: id.heroku.com
URL: https://id.heroku.com/assets/8/purple.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:9200:15:5f5a:e9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5cd12715add2d4b76e8eac14da142662e5204b7b60ecbb6ffa78a1ca24546019

Request headers

Referer
https://id.heroku.com/
Origin
https://id.heroku.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 12:19:42 GMT
via
1.1 9a4c760031a0dcc526cc9dcd0d0940ea.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
age
32442
x-cache
Hit from cloudfront
content-length
37332
last-modified
Mon, 03 Oct 2022 18:11:11 GMT
server
AmazonS3
etag
"682dfc4bcd67cb851fa3dad68f564761"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/font-woff
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=86400, public
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
r9Hnbyf7Mg7JPZLChCD9D7Uz_2ZPQGIRGQ0njsua-TaJYxxsCMuxwA==
expires
Mon, 31 Dec 2029 18:00:00 GMT
bentonsans-regular.woff
www.herokucdn.com/fonts/ 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.herokucdn.com/fonts/bentonsans-regular.woff
Requested by
Host: id.heroku.com
URL: https://id.heroku.com/assets/8/purple.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:9200:15:5f5a:e9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
88dc7d7ac74058797aa836f73826f9a44136f71e4a4b91a6a6c04261ab98f0fd

Request headers

Referer
https://id.heroku.com/
Origin
https://id.heroku.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 12:19:42 GMT
via
1.1 9a4c760031a0dcc526cc9dcd0d0940ea.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
age
34136
x-cache
Hit from cloudfront
content-length
34288
last-modified
Mon, 03 Oct 2022 18:11:11 GMT
server
AmazonS3
etag
"a3103229fa33543d322525a5669d3b27"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/font-woff
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=86400, public
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
q0FkXP6AcKmOcN6EsSAA0lbOpDo8Xe2EsZSLbaN7Pn67322Sy6yeuA==
expires
Mon, 31 Dec 2029 18:00:00 GMT
SalesforceSans-Regular.woff2
developer.salesforce.com/assets/fonts/ 		0
0
SalesforceSans-Regular.woff
developer.salesforce.com/assets/fonts/ 		0
0
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		70 B
237 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: developer.salesforce.com
URL: https://developer.salesforce.com/shared-components/helmet/vendor-9b00d567.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1b55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48010f07fc41fc1e7daaf5c1d9d3142018ea9ed0a11bc40bc367f3c3fb3e1fd5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://id.heroku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 20:39:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
cf-ray
76a28edc8a3fc46b-EWR
vary
Accept-Encoding
content-type
text/javascript
otBannerSdk.js
www0.assets.heroku.com/cookies/2021.05.27/oneTrust_production/scripttemplates/6.17.0/ 		377 KB
377 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www0.assets.heroku.com/cookies/2021.05.27/oneTrust_production/scripttemplates/6.17.0/otBannerSdk.js
Requested by
Host: developer.salesforce.com
URL: https://developer.salesforce.com/shared-components/helmet/vendor-9b00d567.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-32.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f1f8d4204b80f61987126d563bbb88a3036f6fd55f8e98da95a8b9e542f9c495

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://id.heroku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
A9EXXjNcGVbWSkxHCMLL.ilGyoAdrseP
Date
Mon, 14 Nov 2022 10:30:11 GMT
Via
1.1 2f0b2738cc23726bda17eb28418ee9c2.cloudfront.net (CloudFront)
Last-Modified
Thu, 27 May 2021 14:39:59 GMT
Server
AmazonS3
X-Amz-Cf-Pop
PHL50-C1
Age
36572
ETag
"975f2d75e78f7db7bec50d2d8508154a"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
385853
X-Amz-Cf-Id
CeWZBcb7-CTWyqGwzp-hTmsRiPSBRFmRXj8jpzIWqm2igZVA63XYGA==
en.json
www0.assets.heroku.com/cookies/2021.05.27/oneTrust_production/consent/2273ccf8-8f23-4d20-bca7-8f0b53cd825e/e876bf1a-d16a-4d93-86f9-c927df47cfe1/ 		51 KB
52 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www0.assets.heroku.com/cookies/2021.05.27/oneTrust_production/consent/2273ccf8-8f23-4d20-bca7-8f0b53cd825e/e876bf1a-d16a-4d93-86f9-c927df47cfe1/en.json
Requested by
Host: www0.assets.heroku.com
URL: https://www0.assets.heroku.com/cookies/2021.05.27/oneTrust_production/scripttemplates/6.17.0/otBannerSdk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-32.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0f8985931055be43cd719f4c5642cbd26f5f70d9f21ecc45eef548cea2d5cc22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://id.heroku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
mjZ23qTrZxMoWKGxpTOJO7IMe5DDRFqt
Date
Mon, 14 Nov 2022 11:39:44 GMT
Via
1.1 9ce56f4e43697d0136ea5de5fa923784.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
PHL50-C1
Age
35340
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
52524
Last-Modified
Thu, 27 May 2021 14:39:02 GMT
Server
AmazonS3
ETag
"978e14b3add5c8fb31924a94abea2732"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/json
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
X-Amz-Cf-Id
1xAirifSiJQUy03firKKq_FpLNt0fapurJzPYRtzTprRKe3az3KMIw==
otCenterRounded.json
www0.assets.heroku.com/cookies/2021.05.27/oneTrust_production/scripttemplates/6.17.0/assets/ 		9 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www0.assets.heroku.com/cookies/2021.05.27/oneTrust_production/scripttemplates/6.17.0/assets/otCenterRounded.json
Requested by
Host: www0.assets.heroku.com
URL: https://www0.assets.heroku.com/cookies/2021.05.27/oneTrust_production/scripttemplates/6.17.0/otBannerSdk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-32.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cfed96db853cb6e2053513daf02c9dec0e5c052e268d2b7f47c245c17ba5cdec

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://id.heroku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Mon, 14 Nov 2022 07:23:22 GMT
x-amz-version-id
tZb3I3iNDxaDVZ6NTOlyib3aUO2U6Crm
Via
1.1 9ce56f4e43697d0136ea5de5fa923784.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
PHL50-C1
Age
47782
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
9499
Last-Modified
Thu, 27 May 2021 14:40:05 GMT
Server
AmazonS3
ETag
"d31abd208a51eeeeb42c3b64bbb3d9ca"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/json
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
X-Amz-Cf-Id
nThS1pksZE0wOyKvxYOXd2McPf0UV7gHU-g4QkR9aayivdmarHuzoA==
otPcTab.json
www0.assets.heroku.com/cookies/2021.05.27/oneTrust_production/scripttemplates/6.17.0/assets/v2/ 		46 KB
46 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www0.assets.heroku.com/cookies/2021.05.27/oneTrust_production/scripttemplates/6.17.0/assets/v2/otPcTab.json
Requested by
Host: www0.assets.heroku.com
URL: https://www0.assets.heroku.com/cookies/2021.05.27/oneTrust_production/scripttemplates/6.17.0/otBannerSdk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-32.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
85189c3a0ebc37dda89a5ef811071b5d4aeb7df093afbbe9ae58e81d96e22398

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://id.heroku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
8fAncySG9QGrwmhGxr3_rM7W.m0Rtll7
Date
Mon, 14 Nov 2022 12:08:38 GMT
Via
1.1 9ce56f4e43697d0136ea5de5fa923784.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
PHL50-C1
Age
30990
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
46989
Last-Modified
Thu, 27 May 2021 14:38:33 GMT
Server
AmazonS3
ETag
"cec337b395898b23de46cb63ea52d363"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/json
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
X-Amz-Cf-Id
0YfDLFvBvHKCcZxaYeAemocR9VlY-Ec4lqed6crdfRy0LaL7pbE5xA==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
m.stripe.com
URL
https://m.stripe.com/6
Domain
www.herokucdn.com
URL
https://www.herokucdn.com/fonts/SalesforceSans-Regular.ttf
Domain
developer.salesforce.com
URL
https://developer.salesforce.com/assets/fonts/SalesforceSans-Regular.woff2
Domain
developer.salesforce.com
URL
https://developer.salesforce.com/assets/fonts/SalesforceSans-Regular.woff

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| OneTrustStub object| SfdcWwwBase object| oneTrustComponent function| runOneTrustComponent string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer function| OptanonWrapper object| html5 object| Modernizr function| yepnope object| devtoolsFormatters function| jsonFeed object| otStubData object| Optanon object| OneTrust

3 Cookies

Domain/Path Name / Value
auth.heroku.com/ Name: _front_end_auth_key
Value: SFMyNTY.g3QAAAABbQAAABd3ZWJfc2Vzc2lvbl9oYXNoaW5nX2tleW0AAAAgGQdlaES0eLNVg3c0XkofOIYTCH3x099tOdpOoGO-Vr0.p_RnG4oyjEA-IVLf48Attj9ctuE0imoN5-0i5sqP-Ps
id.heroku.com/ Name: identity-session
Value: gAAAAABjcqeO2hrkQUfyfake4MIRwdBf-qumVDlhf25HJ0G69_Kx2BV0t-LEeuYYvyDaWSdEZhDLZ7ZlPut2x8AhXwKPnnW9YkvA3bAmERGK1rXAm4BrE4fSdR1VPQxIRad4Vf2YhUJHZZj-t_NvejYO47_cP6FCneH7m8IA3lDCgYW14EkAvL2xJ0Zadlg6MYCxym-cfKMTh8izGgDobGAwDfyyQx81hreohmDMmX4gVWpSZIivJ5jVGFoCjQkKA3hQWZWmvyd_tzTtUVcyVT_4fbD1MzRo8zcdTbIA3919USweg2giKo5ns1ujtQKaDMj9Yux8EicTaxob2PkEK60HbYSBFhqiFwZ9KH7skH_0o4yKZe8LvGkEKJp_O1mZZ3aBz0FxEeyOqE1qYzFaEkQeSkd7wtg9lM0oB1K6ePZykbVPRY2GwMKnPdqosb_y5p1OdLpcAe4nI5dr5e4MgYUke-O3D0JVFumKS9QAZgOH1MdnqjSCpy-z7uxd3r68y31ETqjHFYeGYKofCtVUF5w_HRVnT1zAES98kT2XpsVu-0qlvCX2_xscnLVHOMO_3srRaOx42SC6dDulTvVvYVIbYGg4olG5QKy6ZcX2sUgmT8crMLQIwRFdLdLoFZ3SgU2NRtO7XSp2F3rSIcVBW6G7SXtD2_DcJ6Hvebrt78braKJfAQoJviAriuUVZp15Y7Ac0u6neICnP6MgCOFPiEcKFtb4OEsruxzGxR-xIY0wIw490zZB0z3CK72xmUBuKFLAUPWsQmc8dV0ax4C6JUoIRRHGPML0HwGWbzNFqeH8ZO8USE8XgO6HAvMOppCjAFBkFbEmAythRR9s_PQ_JjAT62osotQdnu3dzxEUELkiiC226f0c4eQm3i50ZaPfibXrMPssAQhA0Xrf8IYbVeAjmyS6Ecr28Ssw8pRyisjs2cno8lW4xntwOaY-uaJlNNwz2eIp1bG1dT9SSS3NWg15H1P-deqrL9mZd68T7Ymjjv3BqBqgTghvX9J6cQ3O6XY_9Ym4OoUFAgHJZ94YZIpObk-cq6OaeCKO6-NzAVk1WG_YcsFInCON5inwgT3YK1W8-5UtOkX7zNY9Y7YnatZeN5WdcszaS7p9Rf1JBeZ2UMx0Sz_w7p1EC46rIQrcl-MiM_u2S8_WJEA2uLExEVklYGVDjq8UJnqH0dW4Cg7bt68OEsflPert9BVtpVeikiRdQmOFVH8Ppfw_Dwge_tmvrbBIB5hkY_NtZ8yVRJCrTT3g7Nqkj6ZICfaufjSiVWHMDP9jS-Ko7Og8DfvczJgpsV9HGp3qkkaPE2skkdbHZwJlYLtmIIPZ_7lyVDDkOlXUZ7naxH6fM-GmTPXyxhyx8Av7bkbC9K3m8CpN5Asw6XpcPeXaeqig91arLPpMJMx-bUZMr8LYnhgLE1M7MCj1ovBmjkgyAazgcEfRoZo8Uju0vL6_I-57X4iGZuMAEqVWUsXGUN0WPKkUZLskrnxohYmnlgtE_pId8Q6tVTLJfcViHgKOii45vAdSBzEUwWF8IG0nKqrX2drW6ZnmYe_1wcZTBozDW8EGYL-31KxPRicqu9KqVztydTy0ET9XuI0USdypS2022DekHg-SbnmcE_1M59x_JaMpLwoyX01t69BmxfOAmD6JD4uM1z8c2kJOS1EE3Nb9jLBLPevF8ERS8HN3ZZqB97PqxsUs-f27_RHj6wuo3e8bXDGFwGjdX1f1R2lZjcUuxdQnxB3F_eO1kRJhDliIV9wVrQpQvB6WAaAWlwUAgm6qRiDjJv1HQcYVH2lNnjJtNvvgSY4kERerCvB5XP8w-xFZqA5WesC2Dn0WBZvraK9IjiVAKeOVEmy7DV2JZXw8VzrB21jk-9lJZXwWiDPVTsAUXbmKaR3tgS2ryKPXF3u_N7GJD93oNWnE1XX18BJQuOMemTfuBtclRjJTHG-GLEmEOD-j0KfhmGSryjXa-H8%3D
.heroku.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Mon+Nov+14+2022+20%3A39%3A43+GMT%2B0000+(GMT)&version=6.17.0&isIABGlobal=false&hosts=&consentId=a98aacd7-dfc7-4402-93b9-0ca4d10d34aa&interactionCount=0&landingPath=https%3A%2F%2Fid.heroku.com%2Flogin&groups=1%3A1%2C3%3A1%2C4%3A1

5 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
javascript error URL: https://id.heroku.com/login
Message:
Access to font at 'https://developer.salesforce.com/assets/fonts/SalesforceSans-Regular.woff2' from origin 'https://id.heroku.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://developer.salesforce.com/assets/fonts/SalesforceSans-Regular.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://id.heroku.com/login
Message:
Access to font at 'https://developer.salesforce.com/assets/fonts/SalesforceSans-Regular.woff' from origin 'https://id.heroku.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://developer.salesforce.com/assets/fonts/SalesforceSans-Regular.woff
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth.heroku.com
dashboard.heroku.com
developer.salesforce.com
geolocation.onetrust.com
id.heroku.com
js.stripe.com
m.stripe.com
m.stripe.network
q.stripe.com
www.herokucdn.com
www0.assets.heroku.com
developer.salesforce.com
m.stripe.com
www.herokucdn.com
13.224.214.32
151.101.2.133
151.101.64.176
151.101.65.145
18.213.108.75
2600:9000:20ed:9200:15:5f5a:e9c0:93a1
2606:4700::6812:1b55
54.187.159.182
54.84.2.221
024dd787fdb4ac4ce481ef54b823cdb9fc37c02ddcd4b0135431250ab58b46d3
048416fe9c54f2f3523a23f30c6bedd1a961aa6e0c9ad169b7fd429811bf9dce
0f8985931055be43cd719f4c5642cbd26f5f70d9f21ecc45eef548cea2d5cc22
354381e232e76da43505609fcfb6b812c76d88db3eee8f4deb1285f6a5d4cccf
38b8caaa38c42f00157c7f12e1f9e22bfd9ac43e606ca1a764b17f6afd6660b0
3b06d84d2af9257c894a47fbea58cb27f91065158867274a7b2a52b34b26d65e
3edf76f3c37a6f1bd12890d5b02e17b78d927994ca1d53e40aaecaec02c2789f
48010f07fc41fc1e7daaf5c1d9d3142018ea9ed0a11bc40bc367f3c3fb3e1fd5
52ac624900170bd014788a565e88b5c98da9a6d4fc354e2601bf088f6d80b5a1
5cd12715add2d4b76e8eac14da142662e5204b7b60ecbb6ffa78a1ca24546019
5f59cafcb60c26719f581f961ae3f19d54ab7ba2989a8db1e5a4b572ce6e9c98
68e268099a10375c17685241cfaeceb2600ed9c84e54e5daad56921758807a2c
6b8b89e8c8d78dcbf2157760d306a89fdb6944d2d2c81bc903719f8b0cd071dd
79e91edb96cdc7c389ce1e4acca620f2d0966fe592e8f4922caa733ee55476fc
8201368fd868df8f3542c7e55f0c2e87f064258855ddd8097b4918b0f58dd3a2
85189c3a0ebc37dda89a5ef811071b5d4aeb7df093afbbe9ae58e81d96e22398
88dc7d7ac74058797aa836f73826f9a44136f71e4a4b91a6a6c04261ab98f0fd
a13617f3f74e2c9acaa81b9ecf5b3bd71611412c420c87c47d958cbb309ce558
adcaa6e1985eacc21e30c14a15dff64f93a4c908509be07eeefbdbbd796fe959
aeb98cbda6d8bba84a03bab073a9c3e9cc9334d11038d1362309427fe0bf837f
b54df4d885604fe5678d5324db7248ea3ea507577131d5ea4e0ae46b6a49a0fc
be040b79ac9cc083f791fa5b713597dc7bc8db6ede8a8be8c82112f22f51e50f
c236417357803654758fcb9b2cfdc692fa156258f488aeb4501b56fca0d3099e
cfed96db853cb6e2053513daf02c9dec0e5c052e268d2b7f47c245c17ba5cdec
d81cc127eb0f47ac4f335134dedda6e3077dadfb61a33249173912f52cc577c0
e1ed719f12a8f52b6f2c7af5688e7b223db3790b1aedc180324bcc79167bd870
e3c2ee37f14bcd256dde31d5d39cb53efb57a71e183d12082c49e58ed5d42f80
e76dee83875cabe0363f59ff3010344e53749407d57b9a65b21e0c01979e4bdd
f1f8d4204b80f61987126d563bbb88a3036f6fd55f8e98da95a8b9e542f9c495
fa920ed2b8d0d0e8f07e8862636788e4ffa07bb3279b93e4183a12e515984bbb